Please enter your email below to subscribe
Last week I had the privilege of participating in the European Symposium on Ethics and Governance at the Organisation for Economic Co-operation and Development (OECD) in Paris. It was quite a gathering under the tutelage and supervision of Dean Roxana Family of Cergy-Pontoise School of Law in Paris, France. She did a fantastic job bringing together experts, government officials, business people and students from many countries to hear from similarly diverse groups of panel members.
I discussed the difference between the “soft law” compliance requirements found in France, the UK and many other countries compared to the “hard law” in the United States. The soft law, known as “comply or explain’, means that listed companies must defend any deviation from the standard. But, if the explanation is accepted then the deviation is accepted. I’m over simplifying it a bit, but that is the gravamen of the program. I compared that to our system, which has no government models and relies to a great extent on law enforcement. I dubbed it “comply or confess.”
In fact, I believe there is a fair amount of guidance from the government in the United States. There is, of course, the Federal Sentencing Guidelines for Organizations. But, I think that most will agree that the Guidelines are quite broad and vague. However, the growing number of deferred and non-prosecution agreements provides more detailed guidance. These agreements include a statement from the entity equivalent to a confession. This means you know what was done, or not done, and what went wrong. (This provides the basis for bringing charges should the company violate its agreement.) More importantly, often the agreements spell out the changes the company is to make and thus gives us insight into what the government thinks belongs in an acceptable compliance program.
There were so many effective and experienced speakers present that we ran out of time to discuss all the issues or any one issue in depth. Here are two concerns that I have about Comply or Explain which I didn’t get a chance to address.
First, it seems to me it favors a one size fits all approach to compliance instead of the rigorous risk assessments we use in the United States. Risk assessments enable companies to apply their limited resources in the most effective way.
Second, it also seems to me that too much relies on individual relationships and trust between the regulators and the companies. Not that there isn’t a place for trust; but it is difficult to achieve sustainability if the program relies on personalities. And, sustainability may be the single biggest challenge for any company, whether in trouble or not.
I’d like to hear from anyone on those points.
Once again, the OECD and particularly Dean Roxana Family did a great job and public service in organizing this conference. Thank you.
Bart M. Schwartz is the chairman of Guidepost Solutions LLC, a global leader in investigations, due diligence, security and technology consulting, immigration and cross-border consulting, and monitoring and compliance solutions. Bart can be reached at email@example.com.