The Complete Compliance and Ethics Manual 2021

Overview

We like to believe that, as adults, we make decisions independently and are far beyond succumbing to peer pressure. But social science research tells us that is simply not the case. Study after study confirms it: the vast majority of people act based on the circumstances in their environment and the standards set by their leaders and peers, even if it means compromising their personal moral ideals. “Good” people do bad things if they are put in an environment that doesn’t value values, if pressured to believe that they don’t have any choice but to get the job done—whatever it takes (emphasis added).

— The Importance of Ethical Culture: Increasing Trust and Driving Down Risks, The Ethics Resource Center (2010)

Quite startling findings to say the least to think that one’s environment in and of itself could actually cause someone to act unethically or even commit fraud. Yet, “study after study” validates this premise. More importantly, my experience as a white collar criminal defense attorney and former federal prosecutor has shown me that in “case after case” it really is true. I often tell my family and friends when challenged as to “how can you represent those people” that it is no way as black and white as that simplistic generalization and characterization. Many times I have stood before a federal district judge extolling the many virtues of my client, while candidly acknowledging the most certain failing that gave cause for us to be standing before the court in the first place to be sentenced. All the while I endeavor to explain that there are clearly criminal sociopaths in the criminal justice system, yet the vast majority of white collar offenders are your neighbors and colleagues sitting next to you in church on any given Sunday. They are, quite candidly, not inherently bad people, but relatively good people that have done something bad. I often say that they sometimes rationalize their unethical conduct by thinking “Fraud on Monday, Church on Sunday.” Certainly, that fact should be worth noting, shouldn’t it?

In the context of organizational effectiveness, the goal of any organization is to be successful, and to be successful it must first be effective in its operations. In 1970 economist Milton Friedman espoused his infamous contention that the sole responsibility of any business is to generate shareholder value or profit. Friedman’s “profits are everything” philosophy maintained that a competitive disadvantage exists in organizations that deviate from this core mission through the adoption of corporate responsibility attitudes due to the additional constraints placed upon their organizational operations. An ethical organization, it followed, would be competitively disadvantaged in business. The organizational ethics landscape has dramatically changed in the forty years since Friedman uttered his famous words with the most notable change being the perceived competitive advantage to those organizations that enjoy a robust culture of ethics and integrity.

The study of culture as it relates to organizational effectiveness is a relatively recent phenomenon but has developed into perhaps the most important characteristic of any organization. It offers the bridge between everyday organizational activities and the organization’s member’s daily reality. All organizations are made up of people, and these people interpret everything around them no matter how subtle. Typical business functions (e.g., meetings, strategic goals, financial plans, marketing and training programs) are all simple “cues” or “messages about the climate and culture of the organization.”^[2] The importance of culture in organizational effectiveness is that these cues determine how an organization’s members interpret these business functions. Culture is the lens through which everything is perceived and interpreted in the organization. It defines the organizational members’ daily paradigm.

Identification of Risks

You all are on the front lines each and every day. You all are the stewards of good corporate citizenship within your organizations—working to ensure compliance with the law, adherence to sound ethical practices, and, more than anything, the maintenance of a living, breathing culture of compliance. You all are, in a very real sense, in the business of prevention. And never before has it been as important.

It is important not only because there is intrinsic value in being a good corporate citizen. It is important because of the globalization of business and the complexity of our financial markets—both of which combine to present serious risks for your organizations. These risks are only magnified by what I believe is a new era of heightened white-collar crime enforcement—an era marked by increased resources, increased information-sharing, increased cooperation and coordination, and tough penalties for corporations and individuals alike,” (emphasis added).

— DOJ Criminal Division Assistant Attorney General Lanny A. Beuer (Prepared Remarks to Compliance Week 2010—5th Annual Conference for Corporate Financial, Legal, Risk, Audit & Compliance Officers (May 27, 2010)

We are living in an era of heightened and unprecedented white collar crime enforcement showing an extraordinary commitment by regulators and law enforcement to identify and prosecute fraudulent conduct. This era of enforcement creates unparalleled risk that must be addressed by all organizations if they are to attain any measure of organizational success. To ignore these risks, quite simply, is to subject the organization, its governing body, officers and employees, as well as all stakeholders to financial disaster arising from the exorbitant costs associated with responding and defending any government investigation not to mention the lost value associated with the risk of losing organizational reputation.

Potential risk factors arise from a variety of legislative and executive reforms including:

• Legislative reforms intended to address and remedy opportunities for fraud including the detection and prosecution of fraud including:

  • The Patient Protection and Affordable Care Act of 2010 (PPACA) containing enhanced provisions to combat fraud, abuse and waste in the U.S. health care system including:

    • Amending the False Claims Act (FCA) again to expand FCA liability by modifying the “public disclosure bar” and “original source” rule to make it easier for whistleblowers to bring cases and providing that overpayments not reported and returned within 60 days after being identified are considered an “obligation” under the FCA and are the basis for civil monetary penalties;

    • Amending the Anti-Kickback statute (AKS) to decrease the required level intent from “knowingly and willfully” by stating that “a person need not have actual knowledge or specific intent to commit a violation” and codifying the false certification theory increasing provider exposure by specifically providing that an AKS violation constitutes a false or fraudulent claim under the FCA;

    • Requiring the Secretary of Health and Human Services (HHS) to establish a new self-referral disclosure protocol, while permitting HHS to accept reduced payment of less than the full Stark Law measure of damages in appropriate circumstances;

    • Authorizing the Centers for Medicare and Medicaid Services (CMS) to suspend Medicare payments to providers pending investigation of credible allegations of fraud;

    • Mandating providers implement effective compliance programs as determined by the Secretary of HHS.

  • The Fraud Enforcement and Recovery Act of 2009 (FERA), which:

    • Amended the definition of “financial institution” to make it easier to prosecute mortgage fraud offenses involving various types of mortgage lenders which previously were not included under the federal bank fraud and false loan documents statutes;

    • Amended the definition of “securities fraud” in 18 U.S.C. § 1348 to include fraud related to commodities futures and options to enhance securities fraud enforcement;

    • Amended the FCA, which is DOJ’s principal weapon to combat health care fraud;

    • Strengthened the ability of federal prosecutors to pursue charges under the federal money laundering statute, 18 U.S.C. § 1956 , by expanding the definition of “proceeds” to include gross receipts of unlawful activity;

    • Amended the crime of major fraud against the United States under 18 U.S.C. § 1031 to expand its scope beyond fraud in government procurement and contracts for services to include grants under the American Recovery and Reinvestment Act of 2009 and transactions under the Troubled Assets Relief Program or any “other form of Federal assistance” mainly encompassed under legislative initiatives to save the economy; and

    • Authorized additional one-time funding for various federal law enforcement agencies to detect and prosecute fraud, including the Department of Justice (DOJ), the Housing and Urban Development Office of Inspector General (HUD-OIG), the Postal Inspection Service, the Secret Service and the Securities and Exchange Commission (SEC).

  • The Deficit Reduction Act of 2005, which encourages all states to enact acceptable false claims statutes modeled after the FCA by offering a 10 percent incentive in a state’s share of Medicaid false claim recoveries.

• The establishment of interagency task forces and working groups^[3] designed to leverage resources, expertise, and authorities to share information, spot fraud trends, coordinate prevention and enforcement strategies, and develop new fraud prevention tools:

  • The federal interagency Financial Fraud Enforcement Task Force chaired by DOJ’s Attorney General, created in November 2009 to bring together the government’s strongest tools to fight financial fraud;

  • DOJ Corporate Fraud Task Force, established in 2002 in the wake of a multitude of corporate accounting scandals;

  • The DOJ-FBI and state and local law enforcement mortgage fraud task force;

  • The DOJ and HHS-OIG Health Care Fraud Prevention and Enforcement Action Team (HEAT), created in May 2009 to prevent fraud and abuse in Medicare and Medicaid;

  • The multiagency National Procurement Fraud Task Force, created to intensify the government’s detection efforts and to enhance prosecution of fraud involving corrupt contractors;

  • The Securities and Commodities Fraud Working Group, created to provide a forum for the enforcement community to exchange information on developing trends, new laws and regulations, and law enforcement issues and techniques;

  • The Interagency Bank Fraud Enforcement Working Group (BFWG), created to promote enhanced coordination and communication between the federal law enforcement and regulatory communities;

  • The Mortgage Fraud Working Group, created in 2007 as a subgroup of BFWG to be a coordinating body that explores important issues regarding mortgage and subprime lending fraud and, as appropriate, refers issues to the BFWG for further consideration;

  • New U.S.-E.U. mutual legal assistance and extradition agreements effective February 2010, which “offer significant new tools that will streamline cross-border investigations and allow for even greater cooperation with our counterparts abroad.”^[4]

• Significant changes at DOJ Criminal Division’s largest litigation unit including:^[5]

  • The high profile recruitment of a “superstar” and “rock star” leader of the DOJ Criminal Division Fraud Section (former federal prosecutor Denis McInerney) to be “at the forefront of the Department’s efforts” to hold companies and individuals responsible and play a “key role” in developing Justice policy and fraud enforcement initiatives;

  • Adding a number of attorneys to DOJ’s “rapid response team” to prosecute fraud cases, which with “additional resources and the strong backing of Justice higher-ups... should become the bane of defense lawyers’ existence nationwide.”

• Commitment of additional law enforcement resources and personnel to address financial fraud:

  • In the President’s Fiscal Year 2010 budget, there is significant additional funding for prosecutors and support personnel:

  • The President’s 2011 budget request goes even further by seeking a 23 percent increase over 2010 levels for economic fraud enforcement:

  • PPACA increases funding for the Health Care Fraud and Abuse Control (HCFAC) program, which is HHS-OIG’s primary funding source to combat fraud, abuse and waste.

• More aggressive law enforcement techniques, including:

  • Various undercover techniques, including court-authorized wiretaps;^[6]

  • The utilization of “strike forces” as an effective model to investigate and prosecute migratory “hot crimes of the moment” in geographical areas throughout the nation, including the DOJ and HHS-OIG Healthcare fraud strike force.

• Implementing innovative, proactive methods of identifying financial fraud cases:

  • The development of the Financial Intelligence Center (FIC) in 2009 by providing intelligence data analysis to identify the most egregious criminal offenders and emerging economic threats.

• Agency administrative guidelines intended to further facilitate greater cooperation such as the Securities and Exchange Commission’s (SEC’s) announcement in January 2010 of its Enforcement Cooperation Initiative through the use of DOJ staples such as voluntary disclosures, cooperation agreements and non-prosecution agreements.^[7]

• Increased focus on holding responsible corporate officials accountable for fraud under the “responsible corporate officer” doctrine, which provides that corporate officers are subject to both civil and criminal liability for corporate violations of statutes affecting public welfare not because of their approval of wrongdoing, but rather because of his or her position in the corporation, responsibility and authority either to prevent, or promptly correct, the violation at issue, and the failure of the officer to do so.^[8]

As you can see, we have surely entered an era of heightened white collar crime enforcement and there is great risk associated with engaging in unethical conduct in today’s highly regulated environment. But who is at risk? Obviously, individuals that engage in criminal conduct are at risk of criminal prosecution, but what about the organization itself? Organizations are made up of and act through people, and both those people and the organization can be charged with criminal conduct. The essence of identifying organizational risk is the analysis of potential organizational criminal liability.