investigations quarterly, issue 13

INVESTIGATIONS QUARTERLY

2012 » VOLUME 1 » ISSUE 13

3 If You Think You’re Done Looking…Keep Looking

9 “Walking a Beat” To Reduce Corruption

13 A Troubling Bank Balance

3 If You Think You’re Done Looking…Keep Looking

9 “Walking a Beat” To Reduce Corruption

13 A Troubling Bank Balance

6 All Eyes on the Independent Investigation

6 All Eyes on the Independent Investigation

Keeping a Razor Sharp Perspective on the Regulatory LandscapeAnticorruption rules and regulations play a critical role in societies and countries around the globe. They help guide us in how we think and operate our businesses and conduct ourselves in a variety of business situations with vendors, business partners, customers, and foreign officials, etc. They are designed to protect, but they also create significant financial and legal obligations for corporations who do business on a domestic and/or international scale. Rarely are rules and regulations repealed, and they only seem to get tougher over time. But in the grand scheme of things, regulatory enforcers challenge all of us to think and innovate in new ways and to continue to strive toward conducting business more effectively and efficiently.

In this issue of IQ Magazine, the authors discuss the competing challenges organizations face in meeting their regulatory obligations while trying to manage profitable businesses. A common theme is repeated throughout all the articles – corporations need to remain vigilant in managing business risks and to reinforce an organizational culture of integrity, transpar-ency, and accountability.

In our cover story, “All Eyes on the Independent Investigation,” the authors discuss the competing challenges organizations face in effectively managing internal investigations. In-ternal investigations have far-reaching implications and the authors stress the importance of conducting investigations thoroughly while communicating with appropriate stakeholders in order to ensure a well-run investigation.

In “Investigating Financial Statement Frauds: If You Think You’re Done Looking…Keep Looking,” the authors uncover common elements that comprise a financial statement fraud. It behooves company stakeholders to understand a fraudster’s motives and recognize the typical and atypical schemes they create in order to hide their crimes. The authors advise companies to conduct fraud investigations beyond the area where the fraud was directed (typically the inflation of net income). Recognizing where the gaps or weaknesses lie within the financial reporting process can go a long way in avoiding potential regulatory violations or having to reissue a financial statement.

Preventing fraud doesn’t always begin with catching a thief or conducting a post review or investigation. In many cases, companies can save themselves a lot of grief and expense by conducting due diligence assessments before they enter into business relationships with em-ployees, business partners or vendors and other high-risk relationships. In many instances, due diligence begins simply with building better communication channels with internal clients and third parties. “Walking a Beat” To Reduce Corruption: Rethinking Due Dili-gence in the Age of Anti-Corruption” offers readers a unique perspective on due diligence investigations and third party risk assessments and asks readers to rethink the role of com-munication in today’s global marketplace.

Regardless of how regulations are implemented around the globe, countries face similar challenges in meeting competing stakeholder expectations. In “A Troubling Bank Balance – Competing Duties for Banks When Making Suspicious Activity Reports,” the authors discuss balancing the expectations of customer instructions and meeting regulatory report-ing requirements with the UK’s Serious Organised Crime Agency (SOCA). The authors remind us the delicate balance global institutions face in overseeing legal, regulatory and financial obligations with multiple stakeholders.

We hope you find this issue of IQ Magazine to be informative and enlightening and welcome your comments and questions.

PUBLISHERSJeff Green +1.202.973.2441 [email protected] Zimiles +1.212.554.2602 [email protected]

EDITORSDarcy Healy Jeffrey Locke

DESIGNElliott Robinson

FEEDBACK AND INQUIRIESInvestigations Quarterly welcomes all letters, comments and inquiries to the authors. Please address all correspondence to:Darcy Healy (U.S.) +1.202.973.3128 [email protected] Gendler (U.K.) +44.207.469.1120 [email protected] Flannery (Asia) +1.202.481.7305 [email protected] manuscripts on matters dealing with fraud and investigations are welcome and will be considered for publication.

Investigations Quarterly is published by Navigant. Copyright ©2012.

The opinions expressed here in are those of the authors and editors.

Investigations Quarterly (IQ) is not published with the intention of rendering legal, professional or account-ing advice or services.

The media are welcome to quote from the contents if properly attributed. Any substantial reproduction of the content of Investigations Quarterly requires the permission of the publishers and authors of the articles.

Cover illustration by Josh Leipciger

Letter from the publishers Jeff Green, [email protected] Ellen Zimiles, [email protected]

www.navigant.com


3


» Every fraud has to be hidden somewhere on a company’s books. Most financial statement frauds start small but eventually grow in size, scope and duration.

» According to confessed fraudsters, committing the initial fraud is easy; the hard part is concealing and ending it.

» When performing a fraud investigation or a post-mortem on a financial statement fraud in a litigation context, it is important to focus on the area where the fraud was directed but also on seemingly unrelated areas.

This article focuses on financial state-ment frauds used to manage or increase earnings. These are frauds committed not for financial personal gain (such as steal-ing cash) but for other incentives, such as continued employment/advancement, fear of delivering bad news to investors or an intimidating supervisor, or a desire to increase the value of performance-related bonuses. Most frauds, regardless of their form, start small and inevitably grow. In the beginning, fraudsters typically be-lieve the fraud will be short lived or can be reversed when “things turn around.” Yet, in most cases, neither the fraudsters’ personal motivations nor the company’s financial results change or “turn around.” Often, future earnings expectations in-crease as a result of the false positive or inflated performance. The fraudsters are then forced to continue and likely escalate the fraud in order to avoid exposure.

How Earnings Fraud Results in Balance Sheet FraudOne of the primary goals of a financial statement fraud is to make the compa-ny’s earnings or net income appear better than reality. Since revenues - expenses = net income, the fraudster must either record fake revenue or artificially lower expenses to improve earnings on the in-come statement. However, because of the basic concept of double-entry bookkeep-

ing or accounting, each fraudulent entry to revenue or expense needs an equal and opposite entry either somewhere else on the income statement or on one of the three parts of the balance sheet – assets, liabilities, or equity. For example, if revenue is falsely inflated, the fraudster has four choices: 1) increase expenses; 2) increase assets; 3) decrease liabilities; or 4) decrease equity. Increasing expenses is not an option, because that defeats the fraudsters’ purpose – to increase net in-come. The other side of the fraud has to be concealed in assets, liabilities, or equity on the balance sheet.

If You Think You’re Done Looking…Keep LookingInvestigating financial statement fraud

EILEEN M. FELSON, [email protected] NICOLE E. WRIGLEY, ESQ., [email protected]

Every income statement fraud necessar-ily has an impact on the balance sheet. A fundamental challenge for the fraud-ster is just where on the balance sheet to hide the fraud. This decision will have a trickle-down effect for periods to come. Income statement fraud eventually must be reversed out of earnings in some future period. Indeed, financial statement fraud is sometimes referred to as stealing from tomorrow to pay for today. Current earn-ings are inflated at the price of having to take losses in the future. When inevitably “things don’t turn around,” the fraud must remain hidden on the balance sheet in

Illustration by Peter Giesbrecht


4

order to postpone tomorrow, avoid detec-tion, or risk reporting even lower earnings in a later period.

Why the Hiding Place of Balance Sheet Fraud MattersConsider the asset side of the balance sheet. Fake assets cannot live forever. A fake asset today means booking expenses such as depreciation, amortization, im-pairment charges, or write-offs tomorrow. This poses the following challenge to the fraudster going forward: because the fake assets are only temporary and result in future hits to earnings, the fraudster must continue to record fraud to offset the eventual income statement drain.

Consider the liability side of the balance sheet. In general, hiding fraud in liability accounts can be more difficult. As dis-cussed above, hiding fraud in a liability account requires the fraudster to lower the balance. Fraudulent entries to liability accounts are the opposite of the normal direction; they are the “wrong sign.” When revenue increases (or expenses decrease), a liability account decreases. As a result, if

the fraudster inflates revenue, the fraud-ster needs to understate liabilities.

As shown in the chart below, whatev-er balance sheet account the fraudster chooses as the hiding place for the fraud presents various challenges and risks of detection.

The fraudster’s choice of hiding place may necessarily lead to the next challenge of expanding the fraud and involving an ad-ditional person or persons, i.e., collusion. Collusion can make a fraud much more difficult to detect while it is occurring be-cause the fraudsters can circumvent the company’s internal controls. In theory, a lone fraudster will eventually be discovered by a properly designed system of internal controls including strong segregation of duties (i.e., the separation of key respon-sibilities for the company’s books and re-cords among various employees). As a re-sult, in order to avoid detection, fraudsters often need to recruit accomplices to assist with their scheme.

Consider the following real-life scenario in which internal controls played a role in detecting a fraud. A midlevel divisional

accounting manager used inventory-in-transit and accounts payable accounts on the balance sheet to offset fraudulent rev-enue he had put on the income statement. Like most fraudsters, the manager believed that he would be able to reverse the bal-ance sheet fraud in the next period when results improved. Of course, results did not improve, the manager continued to inflate revenues, and the fraud grew.

Since he had limited balance sheet ac-counts within his purview in which to hide the fraud, the manager continued to use the same balance sheet scheme. Eventu-ally, however, the corporate accounting department questioned why: 1) an inven-tory-in-transit account had an old balance that did not go away – by definition, goods in transit in one period should have arrived by the following period; and 2) an accounts payable account had a negative balance – the opposite of its natural balance, indicat-ing the division was actually owed money by its vendors. There was no legitimate explanation, and the fraud was uncovered because of the company’s existing moni-toring controls. The discovery of the fraud could have played out much differently if collusion had played a role.

How a Collusive Fraud Scheme Can EscalateCollusion can and does occur at even the most respected companies; someone will be willing to either participate or over-look a perceived error, mistake or even an obvious fraud. In contrast to the exam-ple above, in a collusive fraud, fraudsters work together to manipulate the balance sheet and to actually launder the fraud through various accounts. The origina-tors or ringleaders of the fraud are usually those: 1) most knowledgeable about the company’s actual results; 2) with the most authority; and 3) in the best position to circumvent internal controls. They typi-cally have key responsibilities for com-ponents of financial reporting and have financial and accounting backgrounds.

Account Potential Risk

Cash May be discovered when book balance is compared to bank balance

Accounts ReceivableNeeds to be converted to cash within a reasonable timeframe or written off; creates need to falsify detailed customer receivable listing

Prepaid Expense Needs to be expensed over a pre-set time period, usually within a year

InventorySubject to physical count and needs to be turned over (sold) within the company’s normal sales cycle or written off

Fixed AssetsSubject to depreciation over the life of the asset and/or impairment charges if not supported by the company’s cash flows

Intangible AssetsSubject to amortization over the life of the asset and/or impairment charges if not supported by the company’s cash flows

Accounts PayableUsually wholly subject to computer-generated rather than manual en-tries; creates need to falsify detailed vendor payable listing

Accrued Expenses May be discovered if over-used and account balance is the “wrong sign”

Long-Term DebtRequires detailed footnote disclosures and is generally verifiable with financial institutions

5


They know which parts of the balance sheet have been infected and can deflect inquiries for each other. Nevertheless, because there can be unintended conse-quences on the financial statements as a fraud escalates, the fraud schemes may need to become increasingly complex and require the involvement of still others.

Consider the following example where the fraudsters decide to bury the fraud in the fixed assets account on the balance sheet. They need to figure out means of dealing with various unforeseen conse-quences, such as:

1. Is depreciation expense reasonable in comparison to the balance in fixed assets?

2. Is the increase in fixed assets in line with the growth of the company – the number of physical locations, employees, customers, etc.?

3. Do the company’s forecasted cash flows support the level of fixed assets – can an impairment charge be avoided?

4. Do the fraudulent increases in earnings and assets cause unreasonable changes in period-over-period comparisons of common financial ratios?

5. Are the fake fixed assets subject to property taxes?

Each one of these questions presents a unique challenge to the fraudsters. Yet, fraudsters have gone and will continue to go to extraordinary lengths to sustain their fraud schemes and to overcome the unfavorable after-effects.

For example, the authors investigated a matter where fake assets were put onto the books to offset fake revenue. With regards to Question 1 above, the fraud-sters found what seemed to be a simple solution: depreciate the fake fixed assets. However, that apparent solution created the need to record more fraud in future periods to offset the additional expense.

Perhaps the most unpredictable escala-tion of this particular scheme was that the fraudsters actually paid property taxes on the fake fixed assets. Consider some of the after-effects of that decision alone, which:

» required using cash from the company’s true operations to essentially “fund” the fraud;

» expanded the reach of the fraud by requiring the filing of fraudulent tax returns in numerous jurisdictions;

» increased the drain on the income statement by increasing property tax expense;

» involved recruiting members of the tax department into the fraud, either as active or unknowing participants; and

» required lying to field personnel about unexpected increases in property tax expense.

The fraudsters in this example went to great lengths to hide the fixed asset fraud on the balance sheet. Their schemes were successful for a time, because their meth-ods were both counterintuitive and in-volved substantial collusion to perpetrate and conceal the fraud. The ringleaders of the fraud eventually recruited employees in the fixed asset department to: 1) enter false fixed assets into the books and re-cords; 2) prepare false invoices to support the false fixed assets when questioned; 3) use special codes and names when refer-ring to the fake assets; 4) create a software program to exclude the fake assets when printing reports; and 5) lie to others who were not part of the scheme.

When is a Fraud Investigation CompleteA logical start-off point in conducting a forensic investigation of how a fraud was committed includes a detailed review of revenue and expense account activity. In the example discussed above, the primary

goal of the fraud was typical: the artificial inflation of net income by recording fake revenue. But, it is significant that burying the impact of the income statement fraud in fixed assets on the balance sheet and the later follow-on schemes (depreciating fake assets, paying property taxes on fake assets, creating false documents, and re-cruiting others into the fraud) – had noth-ing to do with the primary fraud scheme.

Forensic investigators cannot assume that, if fraud is found in one place or if a whistleblower raises one issue, the whole fraud scheme has been revealed. Other parts of the fraud may have been con-cealed in completely unrelated balance sheet accounts. These hiding places may have caused both unintended and unpre-dictable impacts on the company’s finan-cial statements. Sophisticated fraudsters use complex schemes to respond to these impacts. What may appear at first blush to be a simple income statement scheme could have unexpected results. A com-prehensive forensic investigation should therefore analyze not only the predictable accounts but also the seemingly unrelat-ed accounts that may have been infected by the fraudsters’ various concealment schemes.


6

RICK OSTILLER, [email protected] JOHN C. TANG, ESQ., [email protected]

» The credibility of the investigation is of paramount importance.

» Accuracy, efficiency, proportionality, sound processes and judgment, active committee and Board involvement, and responsiveness to the company’s various constituencies are all characteristics of a well-run investigation.

» The minimum investigation necessary to satisfy the business judgment rule in a court of law may not be enough to satisfy the court of public opinion or other interested third-party constituents such as the Securities and Exchange Commission (SEC), US Department of Justice (DOJ), and the company’s outside auditors.

The financial crisis that started in late 2008 has led to a heightened focus on corpo-rate governance and financial transparency, including the passage of the Dodd-Frank Act in 2010 and the implementation by the SEC of its whistleblower award program in 2011, not to mention corresponding litiga-tion and criminal prosecution activity. These and other related developments have un-

All Eyes on the Independent InvestigationEffectively managing an independent investigation

derscored the need for companies to have a plan in place to investigate and resolve issues promptly and effectively should prob-lems arise.

When circumstances dictate that a company conduct a probe independently of man-agement, the Board of Directors or a Board committee typically takes responsibility for managing the investigation with the assis-tance of outside advisors. Since an investi-gation can have far-reaching implications for an organization, the company’s directors have an obligation to manage the project effectively, balancing often-competing con-siderations in the best interests of the com-pany’s stakeholders.

This article discusses several topics related to investigations, namely: 1) the factors a company should consider when determin-ing whether to perform an independent investigation; 2) the initial steps a Board of Directors should take when an issue arises that merits an independent investigation; 3) keys to a well-run investigation; 4) com-mon investigative challenges; and 5) re-porting considerations.

Factors To Consider When Determining Whether To Perform an Independent InvestigationDepending upon the circumstances, man-agement may advocate conducting an “inter-nal” investigation by itself, rather than hav-ing the Board’s independent directors and outside advisors perform an “independent” investigation. Understandable concerns about cost containment often influence management’s desire to conduct an internal investigation. However, while an indepen-dent investigation may involve more time and expense, it undoubtedly carries signifi-cantly greater weight in the eyes of courts, regulators, auditors, and other interested third parties, such as the press, who may lat-er judge the investigation with the benefit of hindsight. Consistent with the value placed on independent investigations, the Sarbanes Oxley Act of 2002 contains provisions per-mitting (although not requiring) companies to empower the audit committee and other independent Board committees to retain independent counsel and other advisors.

Who conducts the investigation can make a significant difference to regulators or other interested third parties. For example, in exercising their charging discretion, both the SEC and the DOJ give strong consid-eration to the company’s investigation. A reliable and properly conducted investiga-tion that is shared with the government can lead not only to reduced charges but even to no charges being filed at all.1 However, the government can be a skeptical consumer. If it perceives an investigation is insuffi-ciently independent because the person(s) conducting it is(are) deemed too familiar or too aligned with the potential subjects of the investigation, the investigators’ work may not receive the full benefits that would oth-erwise accrue to an independent investiga-tion. Similarly, while an investigation may provide the basis for a motion to dismiss a shareholder derivative lawsuit in its prelimi-nary stages, the independence of the investi-gators is a key factor in the court’s consider-

1. S.E.C. Enforcement Manual § 6.1.2; U.S. Attorney’s Manual § 9-28.720.

Illustration by Josh Leipciger

7


ation of whether to defer to the findings of the company’s investigation.2

The company’s outside auditors, who gen-erally work in parallel with the company’s investigators, may also take a dim view of an investigation that isn’t sufficiently inde-pendent. Maintaining the confidence of the outside auditors is obviously a critical objec-tive. Often, the audit firm will have its own forensic accountants conduct a “shadow” investigation that is intended to monitor the work of the company’s investigators. The primary goal of the shadow investigation is to ensure that the scope and process of the independent investigation is adequate and sufficiently robust to allow the auditors to rely on the findings.

In summary, the credibility of the investiga-tion is of paramount importance. While an independent investigation can be more cost-ly than a management-led process, it has greater impact, and if handled appropriately can be managed to keep costs under control.

Initial Steps a Board Should TakeIf the Board decides to undertake an inde-pendent investigation, it often will form a special committee of independent (i.e., non-employee) directors to manage and oversee the investigation. For the reasons discussed above, it is essential that the members of the committee be disinterested and inde-pendent of any of the people, companies, and issues that could be the subject of the investigation. Although some types of con-nections between members of the commit-tee and the subject(s) of the investigation (for example, common membership in a trade organization or social club) may not be legally disabling, the Board should identify and objectively consider all connections, however modest, at the time the special committee is formed.

Indeed, it is not unusual for a Board to ap-point additional directors with no prior con-nection to the company, primarily for the purpose of constituting the special com-mittee charged with conducting the inde-

pendent investigation. Alternatively, the company’s audit committee may lead the investigation (provided its members are not associated with the people, companies, and issues that prompted the investigation).

If the Board decides to form a special com-mittee, the Board should establish a char-ter or resolutions that clearly delineate the committee’s charge and authority. Among the matters that the charter or resolutions should specifically address are the commit-tee’s authority to retain outside advisors, incur costs, gain access to company informa-tion and personnel, and whether the com-mittee is empowered with the full decision-making authority of the Board, or rather is empowered to recommend a course of ac-tion to the Board based upon the investiga-tion’s findings and conclusions.

The committee should promptly check that the appropriate persons have been directed to preserve relevant documents and in-formation, and the committee should also evaluate the need to engage outside advisors to assist with the investigation. In addition, the committee should communicate with the company’s outside auditors and work with the appropriate resources within the company (for example, the investor relations department) to plan for external communi-cations regarding the investigation and the matters that prompted it. The recipients of such external communications will depend upon the circumstances, but often will in-clude various regulators (SEC, DOJ, Finan-cial Industry Regulatory Authority (FINRA), listing agencies, etc.), investors (individuals and institutional holders), market analysts, the press, and other interested third parties.

Keys to a Well-Run InvestigationAccuracy, efficiency, proportionality, sound processes and judgment, active committee and Board involvement, and responsiveness to the company’s various constituencies are all characteristics of a well-run investigation. In addition to their fact-finding mission, the committee and its advisors must also con-

sider the company’s business, legal, reputa-tional, and other interests surrounding the matters under investigation.

To the extent that the Board does delegate the investigation process to a committee or rely on the work of internal or external personnel, it is important to remember that in the end it is the Board’s investigation, and the Board is the ultimate fact finder and decisionmaker (bearing in mind that, as cir-cumstances warrant, a Board may decide to empower a committee with the Board’s de-cisionmaking authority).

It is certainly appropriate for the directors to utilize and rely upon the help of others (such as outside advisors) in the investigation pro-cess. It is not expected or legally required that individual directors or committee mem-bers personally conduct the investigation without assistance. But, by the same token, the directors cannot discharge their fiduciary duties by “over-delegating” their responsi-bilities to the point of abdicating them. It is important to strike the right balance.

The Board, through its committee, should stay informed and remain actively involved throughout the investigation, by monitor-ing, overseeing, and directing the course of the work. Examples of oversight and direc-tion include: meeting regularly with and obtaining regular reports from the outside advisors; providing feedback on the inves-tigation; challenging the committee’s advi-sors by raising questions and participating in decisionmaking; in certain circumstances, reviewing key documents and interview summaries prepared by the investigators; and formally making final findings of fact and decisions about any disciplinary actions, reporting, process remediation, or other measures arising from the investigation.

At a minimum, the investigation must be sufficiently thorough to satisfy the directors’ fiduciary duty to ensure that the Board ad-equately investigates problematic issues that come to the Board’s attention, and to make any remedial or process and control adjust-ments based upon the results of the investi-gation.3 In this regard, the typical evaluation standard for the committee’s investigation,

2. Zapata Corp. v. Maldonado, 430 A.2d 779 (Del. 1981).3. In re Caremark Int’l Inc. Derivative Litig., 698 A.2d 959 (Del. Ch. 1996).


8

whether carried out using internal resources or independent outside personnel, is the business judgment standard, which gives significant deference to a Board’s considered judgment regarding the cost and scope of the investigation, as long as that decision is made in good faith and on an informed and disinterested basis. It is important to bear in mind, however, that the minimum inves-tigation necessary to satisfy the business judgment rule in a court of law, may not be enough to satisfy the court of public opin-ion, or other interested third-party constit-uents such as the SEC, DOJ, and the compa-ny’s outside auditors.

The investigative team should establish a work plan and be prepared to adjust it as the facts emerge and circumstances change. It is important for the committee and its advisors to be disciplined and thorough in identifying areas of inquiry and designing and carry-ing out the appropriate investigative steps. In addition, the team should remain flexible and willing to follow the investigation into additional areas as it learns information. At the same time, the committee should main-tain its focus on the core investigation issues, and avoid unnecessary and expensive “scope creep.” Therefore, the investigative team should carefully consider significant scope changes, and obtain Board or committee ap-proval (as the case may be) before imple-menting them. If unrelated allegations arise during the investigation, the committee may responsibly determine to refer those matters to other constituencies within the company (including management and the legal de-partment) for appropriate consideration.

In addition to interviews of relevant per-sonnel, the team should preserve, collect, and review relevant documents (includ-ing electronic data) and perform financial or accounting analyses as needed. It is also very important to meet regularly with the company’s outside auditors, who (as noted above) will ultimately need to concur with the scope and process of the investigation, particularly if it relates to internal controls over financial reporting or results in a finan-cial restatement.

Common Investigative ChallengesNumerous challenges are bound to arise during the course of every investigation, no matter how well managed. One com-mon investigative challenge is balancing the company’s attorney-client privilege against responding to appropriate information re-quests from important third parties (such as regulators, auditors, and courts) about the investigation. Government regulators are generally prohibited from asking for privi-leged material and basing their charging de-cisions on whether the company will waive work product and the attorney-client privi-lege as part of its cooperation, although they will expect the company to provide “factual information.”4 This balance is often achieved by providing high-level status reports that convey the progress or results of the inves-tigation without disclosing privileged details.

Another common challenge is for the com-mittee to conduct its investigation while the company preserves its position with respect to threatened or pending litigation stem-ming from the matters under investigation. In addition to allocating limited resources and managing the company’s ongoing re-sponsibilities to its personnel, customers, and shareholders, the Board needs to remain attentive to coordinating the (at times con-flicting) demands and strategies on both the litigation and non-litigation fronts. When and what steps are taken – or not taken – in one arena can have an unintended collateral impact on the other.

Yet another common challenge lies in the fact that the Board committee and its ad-visors conducting the investigation lack subpoena power. This circumstance can significantly hinder the investigators’ ability to obtain cooperation and information from important third parties. An additional chal-lenge for investigations that involve obtain-ing information from third parties outside the United States is the need to navigate the applicable laws and practices in the local jurisdiction. For example, state secrecy laws

(such as those in China) or prohibitions on “US-style” discovery may pose a significant obstacle to gaining access (let alone timely access) to necessary information. A number of jurisdictions outside the United States also have expansive privacy statutes and data security laws that may limit the ability of a company’s investigators to take docu-ments and other information (including, for example, information obtained during interviews) out of that country – sometimes upon pain of criminal penalties. Therefore, it is essential to understand in advance and plan for the requirements and restrictions of non-US jurisdictions.

Reporting ConsiderationsWith respect to reporting on the investiga-tion, certainly the company must provide sufficient information about the investiga-tion to meet applicable public reporting ob-ligations. Beyond that, the company should consider the implications of disclosure about the investigation on potential shareholder or derivative litigation and regulatory ac-tion. Two of the most important reporting considerations are the report’s format (oral vs. written, detailed vs. summary, exhibits vs. no exhibits, etc.) and the intended audience. Regulator and external auditor expectations, as well as the scope and nature of the find-ings (among other considerations), will all affect those decisions. The range of potential outcomes from an investigation will vary depending on the circumstances, but typical potential outcomes include:

» financial reporting restatements;

» corporate governance changes and internal controls enhancements;

» remedial actions, including termination/reassignment of and pursuing financial reimbursement from wrongdoers;

» regulator attention and monitoring; and

» shareholder litigation.

After the investigation, directors should fol-low up to ensure that recommended actions are implemented.

4. S.E.C. Enforcement Manual § 4.3; U.S. Attorney’s Manual, § 9.28.720.

9


» Performing traditional due diligence investigations of thousands of third parties is cost-prohibitive and inefficient.

» Alternative approaches to managing third-party risk utilize risk-scoring criteria in conjunction with list matching.

» In order for anti-corruption programs to be truly effective, they must create communication channels between compliance, its internal clients within the organization and third parties.

Due diligence investigations have long been an invaluable tool used to assist companies and their counsel in evaluating the risks posed by prospective commer-cial relationships with third-party busi-ness partners, customers, suppliers and other potentially high-risk relationships. The traditional approach to due diligence for many years has consisted of the per-formance of field investigations utilizing in-country investigators and human intel-ligence resources. While still a very viable and important investigative approach under certain scenarios, global companies have had to rethink this approach when seeking to address the potential risks that large numbers of third parties with whom they do business may represent. Much of this rethinking is simply economic real-ity. Performing traditional due diligence investigations of thousands of third par-ties across the globe is cost-prohibitive and can be grossly inefficient. By apply-ing more moderate depth investigations across a large population and coupling them with productive, two-way commu-nication with third parties, leading com-panies have been tremendously successful in mitigating their overall corruption risk.

Discussed below are the various ways companies have sought to narrow their focus on high-risk relationships and implement effective, two-way communi-cations between them and their high-risk third parties.

SCOTT MORITz, [email protected]

Risk-Appropriate Due Diligence When Dealing with Large Numbers of Third PartiesIncreasingly, global companies are em-bracing alternative approaches when considering how to manage their third-

party risk. Some companies focus most of their energy and resources on particu-larly high-risk relationships such as sales agents, distributors and freight forward-ers. Others bifurcate their third-party populations in an effort to distinguish upstream suppliers and vendors who do not act on behalf of the company from commercial entities who represent the


“Walking a Beat” To Reduce CorruptionRethinking due diligence in the age of anti-corruption


10

such as those outlawing aggressive pan-handling and other petty crimes, it sent a signal that people do care. This same concept can be applied to anti-corruption. Indeed, where community policing and anti-corruption converge relates to one of the major underpinnings of how the NYPD successfully applied the broken windows theory to reduce crime. In an effort to build trust between the police of-ficers that enforce the law in high-crime neighborhoods and the residents and business owners in those communities, the NYPD reverted back to the early days of their existence and reinstituted foot pa-trols. By taking police officers out of their patrol cars and significantly increasing the numbers of uniform officers “walking a beat,” they took the first very important step to signal to the community that they cared. This very successful practice built personal relationships between commu-nity police officers and the residents and business owners comprising the com-munities they were policing. Over time, the police officers, residents and business owners began to get to know and trust one another. Once trust is established, people exchange information more read-ily and begin to understand one another’s perspective.

Cultural Change Starts with CommunicationCompliance at its most elemental starts when people understand their obligations under the compliance program and do

its third parties. Indeed, another way that companies are rethinking due diligence relates to how they engage directly with their third parties in the furtherance of the due diligence and compliance pro-cesses. In the past, a company sought to perform due diligence with a certain de-gree of reticence to keep the third party they were investigating from finding out. It was almost as if the company was doing something wrong or delivering a message to the third party that the company dis-trusted them.

While this mindset regarding due dili-gence investigations still exists to a de-gree, it is giving way to a growing corpo-rate culture of mutual transparency that is having a very positive effect on overall awareness regarding anti-corruption. This new archetype is similar to the concept of community policing that has been used to reduce crime in many major cities across the world. Innovated by the New York City Police Department (NYPD), the concept of community policing is based upon the “broken windows theory” that leaving broken windows unrepaired in a high-crime neighborhood is a signal that no one cares and leads to more vandalism and crime.

This can easily be related to a company’s “community” of third parties. If a third party perceives that a company “doesn’t care”, they may take this as a signal that they can conduct business unethically without fear of reprisal. When the NYPD began enforcing quality of life, crimes

company in some way and may act as in-termediary on behalf of the company in dealings with other companies, govern-ment agencies or state-owned companies.

Still others focus on their third-party pop-ulations more broadly utilizing sophisti-cated risk-scoring criteria in conjunction with performing automated comparisons of their third-party data to a wide array of watchlists. This risk scoring and list matching are both a form of background screening and a means of narrowing focus to only those third parties that represent a disproportionately high degree of risk relative to the total population of third parties. Under this scenario, they then uti-lize a form of due diligence that is based upon open source, publicly available in-formation and subscription database re-search to further winnow the population. Companies who have implemented this approach “clear” large numbers of their third parties utilizing moderate depth investigations thereby enabling them to significantly limit their spend by focusing on those remaining entities for which ei-ther significant issues have been raised or insufficient information has been found preventing informed decisions.

No matter which of these options a com-pany applies, in order for their efforts to be truly effective, these investigative due diligence and compliance techniques must be coupled with an effective com-munication strategy across the company and out to the third parties themselves. That communication strategy centers on providing a framework for two-way com-munication between the company and its third parties.

Engage Directly with Third Parties To Build TrustAs important as applying due diligence economically is the notion that success-ful third-party anti-corruption programs depend upon effective two-way com-munication between the company and

11


what is required out of a sense of obliga-tion. Indeed, many compliance programs are aimed at this minimum standard. However, meeting this minimum stan-dard is not likely to create cultural change and successful anti-corruption programs need to strive to affect cultural change across their companies and out to the third parties with and through whom they do business. In order for an anti-corruption program to be truly effective, it must create communication channels between compliance, its internal clients within the organization and the third par-ties whose actions could lead to corrup-tion liability. This communication starts with sensitizing the organization’s key employees whose responsibilities include engagement with third parties to the po-tential risks of these commercial relation-ships, how to recognize them, what they may mean in terms of their continuing compliance obligations and how to con-vey this information to the third parties in a way that is not construed to be offen-sive in any way. This last part is easier said than done.

A Questionnaire Is Not Supposed To Be a Warning ShotUse of questionnaires is a highly effective way to collect information from prospec-tive or existing third-party business part-ners. How that questionnaire is distribut-ed and the communications that precede its transmittal will set the tone for all future communications between the par-ties. If the first time the third party learns about your third-party anti-corruption program is when a questionnaire arrives in their inbox, you have missed an op-portunity to begin the process of building trust and you may have set the relation-ship back by putting the third party on the defensive if the questionnaire is construed as a warning shot fired by the company. Under the best of circumstances, asking

people to share sensitive information about themselves, their colleagues and business can be uncomfortable and cause the recipient of the questionnaire to recoil and to feel as if they are being unfairly subjected to what they consider to be an invasive process. That is why it is so im-portant to designate a business sponsor to serve as your company’s ambassador for each third party with which you do busi-ness. It then becomes the business spon-sor’s responsibility to explain the compa-ny’s third-party anti-corruption program, the rationale behind it, to emphasize the mutual benefits of the relationship and to serve as the company liaison going forward. That initial conversation should also highlight the fact that the vast major-ity of such steps result in a strengthening of the relationship between the company and its third parties. During this initial conversation, it is important to stress that this program is similar to those in place at an increased number of organizations and it would be reasonable to expect it to be part of the process whenever their company engages with a global company. It is of critical importance to emphasize that asking them to complete a question-naire is not in any way an indication that they are not trusted – quite the contrary. It actually signals the importance of the re-lationship and the company’s willingness to make a substantial investment in it to ensure that any issues that may be out

there are put to rest at the outset thereby eliminating any future barriers to the re-lationship between the parties. Spending a fair amount of time setting the tone will provide a solid foundation for the rela-tionship going forward.

Those initial conversations will inevitably be followed by many others wherein the parties continue to exchange information, build trust and foster understanding of one another’s perspectives.

Business Sponsors Act as Your Cops on a BeatCommunity policing fosters positive, two-way communication between members of the community and the police officers that are imbedded in that community to protect them from harm. By designating business sponsors as part of your overall third-party anti-corruption program, you are effectively taking the police officers out of their patrol cars and having them “walk a beat” among your community of third parties. Much like patrol officers who spend many years in a community building relationships and trust in the community, your business sponsors are on the front lines of your anti-corruption program building long-term relationships that are critically important components of your anti-corruption program and your commercial success as a whole.


12

FCPA COMPLIANCE PROGRAMS • BEST PRACTICESOn December 19, 1977, four years after Watergate first exposed corporate corruption, President Jimmy Carter signed the Foreign Corrupt Practices Act into law. This statute’s anti-bribery provision makes it unlawful for a U.S. person and foreign issuers of securities to make corrupt payment to a foreign official for the purpose of obtaining or retaining business for or with, or directing business to any person. This law also mandates publicly traded companies to maintain records that accurately and fairly represent the company’s transactions. Additionally, it requires these companies to have an adequate system of internal accounting controls.

In November 1991, Congress enacted the Federal Sentencing Guidelines to prevent and detect organizational wrongdoing. These guidelines articulate the elements of an organization’s compliance program that are required to receive consideration for eligibility for a reduced sentence if convicted of a crime. The Federal Sentencing Guidelines require organizations to create standards to reflect government regulations and industry standards that apply to most organizations. In essence, compliance programs, when “effective,” identify and define legal and ethical behavior, establish controls to alert management of potential illegal activity and significantly improve the overall performance of an organization.

The United States Sentencing Commission amended its existing guidelines in 2004. These amended guidelines clearly expressed the expectations that senior level executives of organizations should be directly involved in overseeing its compliance program, and that they would create an organizational culture that is compliant with the law. The Foreign Corrupt Practices Act (“FCPA”) presents additional standards that must be considered when designing and implementing compliance programs. Global organizations must now develop a program that effectively addresses laws and regulations in multiple jurisdictions as well as industry standards. Compliance officers at global organizations are now, more than ever before, accentuating the need to review and monitor existing standards and educating employees to create a culture internally that is ethical and corruption free, and which will include reviews of all entertainment and meals for

foreign business officials as well as facilitating payments. Training and education must be provided at all levels – from the Board down to the third-party intermediaries such as consultants, agents, vendors, suppliers, distributors, and joint-venture partners so that everyone understands what constitutes FCPA violations.

Since 2005, the Department of Justice has been brought more prosecutions than in the almost thirty years between the enactment of FCPA in 1977 and 2005. On January 26, 2011, Assistant Attorney General Larry Breuer stated, “In the Criminal Division, we have dramatically increased our enforcement of the Foreign Corrupt Practices Act in recent years. That statute, which was once seen as slumbering, is now very much alive and well. In fact, over the last two years, we have charged more than 50 individuals with FCPA-related offenses and collected nearly $2 billion in FCPA-related fines and penalties – by far the most people charged and penalties imposed in any similar period.”

Global organizations are currently seeking guidance regarding what constitutes a “Best Practices” FCPA program. Chief compliance officers and general counsels have discovered that each resolved FCPA settlement agreement imposed in the last several years contained compliance requirements that represent what constitutes a Best Practice FCPA Compliance Program.

The Department of Justice advised that the suggestions contained in each FCPA settlement agreement should be incorporated into an organization’s compliance program.

It is important to keep in mind that the purpose of designing and implementing an “effective” FCPA Compliance Program is not to pacify the regulators. It is one of the most critical ways for your organization to promote the values of your organization and operational excellence. Your compliance program must be a significant part of the overall business strategy and permeate the entire organization.

To view a list of key best practices for FCPA compliance programs, please visit www.navigant.com/iq.

Questions or comments to the author can be directed to [email protected].

13


» UK financial institutions are obligated to report suspected anti-money laundering activity to the UK’s Serious Organised Crime Agency (“SOCA”).

» UK courts have demonstrated a willingness to protect financial institutions from civil liability resulting from a breach of contract.

» UK financial institutions can protect themselves from potential civil liability if they maintain detailed records supporting their report to SOCA.

Unlike in the US and other jurisdictions, UK financial institutions and other firms in the UK regulated sector not only have to report suspicions of money launder-ing (including suspicions about their own clients) but they must also seek con-sent from the authorities to carry out any transactions that relate to the proceeds of the crime. Until a reporting firm receives actual or deemed consent under the legis-lation, it is not in a position to carry out a customer’s instructions without the risk of committing a criminal offence.

The criminal consequences of a failure to report and obtain consent, and the low subjective threshold of suspicion required to trigger a disclosure,1 under the Pro-ceeds of Crime Act 2002 (“POCA”), have inevitably led to increased reporting by firms to SOCA. Making a report and ob-taining the relevant consents from SOCA will generally protect the firm from crimi-nal liability under the money laundering regime (“the regime”).2 As this brief-ing considers, however, reporting to, and obtaining consent from, SOCA does not necessarily protect against the risk of civil action based on a breach of mandate, or constructive trust liability, when firms fail to follow customer instructions.

PETER BURRELL, [email protected] RITA MITCHELL, [email protected] DAvID SAvELL, [email protected]

Shah v HSBC3

The courts have demonstrated a willing-ness to protect banks from civil actions, which allege violations of the duty of confidentiality and duty of care, by relying on the criminal sanctions that banks face if they do not comply with the regime, specifically highlighting the low level of suspicion that is required before a Suspi-cious Activity Report (“SAR”) to SOCA must be made.

Last year, HSBC (“the bank”) was suc-cessful in obtaining summary judgment on a claim brought by one of its custom-ers, Mr. Shah, and his wife. In summary, Mr. Shah sought damages for breaches of duty and failure to follow his instructions to process transactions while requests for consent under the POCA were pend-ing with the SOCA. On 4 February 2010, however, the Court of Appeal allowed in part Mr. Shah’s appeal against summary judgment. The key points from the judg-ments prior to trial can be summarised as follows:

» The test for “suspicion” remains of low threshold and is subjective.4

» Where a firm relies upon having made a SAR and awaits consent from SOCA in defence of a damages claim for breach of duty to a customer, the defendant firm can be put to proof at trial of the suspicion of money laundering.

» A failure to make a SAR sufficiently promptly could give rise to liability.

» Financial institutions will have to consider what duties they have to inform their customers about their affairs. They cannot seek to rely on tipping off concerns once there is no risk of prejudice to an investigation.

» Customers can obtain relevant disclosures from a firm in order to


A Troubling Bank BalanceCompeting duties for banks when making suspicious activity reports

ascertain the reasons for the making of a SAR.

The trial concluded in February 2012 fol-lowing evidence from the bank’s Money Laundering Reporting Officer (“MLRO”), its Nominated Officer (“NO”), who was also the head of the money laundering reporting office, and, separately, a former officer of the Metropolitan Police.

Banks frequently rely on “tipping off” is-sues to avoid informing a customer of what is happening on a frozen account. In other circumstances banks wish to explain why an account is frozen but are fearful that such an explanation could give rise to a tipping off offence. The for-mer officer of the Metropolitan Police was asked, during the hearing, to consider thirteen circumstances in which disclo-sure of information to a client would not amount to prejudicing an investigation. In ten circumstances he said it would amount to tipping off, namely:

» where a client is told that he is under investigation;

» where a client is told he is being followed;

» where a client is told that his transactions were being monitored by the authorities

» where a client is told that the decision to remit monies had raised a suspicion that had led to an investigation;

1. A firm need only suspect that the property concerned is criminal property to trigger its obligation to report, contrary to Part 7 of POCA.2. A firm will normally be exempt from breaching any duty of confidentiality owed to its customer by making an authorised disclosure, contrary to s338 of POCA.3. Shah and Anor v HSBC Private Bank (UK) Limited [2010].4. See, K Ltd v National Westminster Bank plc (Revenue and Customs Commissioners and another intervening) [2006] 4 All ER 907.


14

» where a client is told that the reason his account is blocked was a government issue or mission;

» where the client is told that the reason his account is blocked was a statutory obligation;

» where a client is told that there was a possibility for a money laundering investigation;

» where a client is told that they were under investigation by government agencies for money laundering, drug-related or terrorist matters;

» where the client is told that the reason his account is blocked was a banking statute, and;

» where a client is told that disclosures had been made under The Proceeds of Crime Act 2002.

In only three circumstances did the officer concede that he could not be sure that the disclosure of information to a client would amount to prejudicing an investigation or tipping off:

» where a client is told that the bank would have a decision in seven days;

» where a client is told that there had been an investigation; and

» where a client is told that there had been an investigation and he had been cleared.

While the comments of the former officer of the Metropolitan Police should not be taken as general guidance on what does/does not amount to tipping off in any par-ticular case, his comments may assist.

The judgment in the case has now been handed down.5 Amongst the notable highlights are:

1. the court has read in an implied agreement into the terms and conditions governing the relationship between a client and regulated business that a business can refuse to

execute instructions in the absence of appropriate consent under s335 of POCA, where it suspected a transaction constituted money laundering. Despite this ruling, we consider it would be more prudent to include specific clauses in terms and conditions governing the relationship with the client, particularly where global transactions are taking place which originate outside the UK but touch the UK, as they may not be subject to the jurisdiction of local courts which may be unwilling to imply such a term;

2. the Money Laundering Reporting Officer (“MLRO”) employed a deputy Money Laundering Officer (“MLO”) whose duties allowed him to make “SARs” on behalf of the bank. It was gleaned from the evidence that in practice reports would be made to the bank’s deputy MLO and he was the one who independently exercised his judgment in relation to suspicion and would make reports if necessary. The Court considered that, irrespective of the job title, where individuals involved in the decision making process submit reports independently, they will also be seen as an MLRO and will be subject to the applicable criminal sanctions. Financial institutions will need to therefore consider the roles of those individuals within its money laundering function and specifically: › who within its reporting

department will make the final decisions on reports;

› does this person change dependent on the nature of the internal referral or value of the transaction;

› have those individuals within the money laundering function had sufficient training to perform their roles; and

› who processes SARs when the MLRO is not available.

3. as expected, the case of Da Silva,6 and the test of reasonable suspicion, has been confirmed and the court has ruled out, certainly in the facts before it in this case, the claim of bad faith on the basis that the suspicion was honestly and genuinely held. It is clear that in a prosecution for non-reporting, it is material if a person had a suspicion but nevertheless then changed their mind, as the suspicion is usually the trigger for the report. Here a report was made when there was a suspicion and the court was satisfied that in fact there was a settled and continuing suspicion. It is therefore recommended that an MLRO clearly document the basis for their suspicion and to put those factors into the SAR, to help defeat allegations of reporting in bad faith;

4. the case also highlights the need for an MLRO to be aware of their legal obligations in making a report, to take into account of all information held on the client and to consider whether any answers to simple questions or an investigation might allay concerns prior to making a SAR;

5. the court determined that the causation of the customer’s loss, which was very fact specific and possibly unique to this case, was caused, in some part, by government authorities from another country acting in a manner which may not have been lawful. It was also apparent that Mr. Shah had failed to mitigate his own losses by not using other sources of funds to pay his debtor;

6. unfortunately, the court failed to answer the question posed by the Court of Appeal: at any point does the risk of tipping off cease sufficiently such that information can be

5. http://www.bailii.org/ew/cases/EWHC/QB/2012/1283.html6. R v Da Silva, para 16, [2006] EWCA Crim 1654.

15


provided by the business. In relation to the linked question of whether, if information had been disclosed it would have been likely to prejudice the investigation, the court placed weight on the fact that an investigation was taking place and that had the bank asked law enforcement for permission to disclose, law enforcement would have been concerned if the client was told. Clearly each case will still turn on its own facts, but the decision confirms that while a client does not have a contractual right to demand information about a SAR, there is nothing in this judgment which suggests that a business should lie to their clients, send employees on holiday, refuse to answer phone calls or cut off all communication with clients while awaiting consent; and

7. finally, the court considered liability exemption clauses were unlikely to have helped the bank had they been found liable because they did not lead evidence as to their reasonableness. We would still recommend that suitable exemption clauses are in place and are drawn to the customer’s attention at the time of agreeing to them. Such clauses, together with proper systems and controls, which we deal with below can help protect the institution.

Clearly, the case highlights the delicate balancing act that banks and other busi-nesses in the regulated sector must per-form in evaluating their duties to their customers, the potential criminal and civil liability they face in fulfilling those obligations and the potential for reputa-tional damage.

Further Problems – Constructive Trust LiabilityReporting to and obtaining consent from SOCA gives no protection with respect to the risk of constructive trust liability. In-deed, there is a serious risk that, in mak-ing disclosures to SOCA, an institution will increase its risk of liability, given that a disclosure will prove the existence of suspicion on the part of the firm, which in turn may assist in proving the existence of constructive trustee knowledge in respect of those funds.

Liability as a constructive trustee can arise in two main ways:

1. Liability for knowing receipt A firm can be liable for knowing receipt if (1) a person disposes of assets in breach of trust or fiduciary duty; (2) the firm beneficially receives those assets or assets that are traceable to them; and (3) the firm has knowledge that the assets received are traceable to a breach of trust or fiduciary duty. The requisite state of “knowledge” is such that it must be unconscionable for the firm to retain the benefit of the property received.7

2. Liability for dishonest assistance A firm can be liable for dishonest assistance if: (1) there is a breach of trust or fiduciary duty, causing or resulting in loss; (2) the firm assisted in that breach of trust or fiduciary duty; and (3) there is dishonesty on the part of the firm. “Dishonesty” takes into account the relevant subjective considerations such as a firm’s experience, intelligence, and actual state of knowledge at the relevant time and whether the firm’s conduct was objectively dishonest by the ordinary standards of reasonable and honest people.8

There has been very little guidance about what an institution should do when it has no grounds for refusing to comply with its customers’ instructions (e.g., where SOCA consent has been granted). However, the courts have said (a) that it would be “almost inconceivable” that an institu-tion that takes the initiative in seeking the court’s guidance (rather than SOCA’s) would subsequently be held to have acted dishonestly, and; (b) that if an institu-tion complies with guidance given by the courts and does not pay the proceeds away (either to the customer or to a third-party account), then the risk of liability is “wholly unrealistic.”9

There will be many cases in which a firm may act on the basis of SOCA consent rather than formal guidance from the court. However, as stated above, SOCA consent will not, in and of itself, provide a defence to a liability claim.

RecommendationsIn most respects, HSBC v Shah simply confirms the position that an institution is exposed to the risk of a claim if it freezes a customer’s accounts. However, the case does not alter the fact that the test for sus-picion is low and, therefore, provided that the institution properly records its reasons for making the SAR, it is unlikely to incur liability. HSBC v Shah in short reiterates the need for detailed recordkeeping.

For further advice or information on how report-ing obligations might affect your business, please contact Peter Burrell (+44 207 153 1206, [email protected]), Rita Mitchell (+44 207 153 1214, [email protected]), David Savell (+44 207 153 1204, [email protected]), or the Willkie attorney with whom you regularly work.

Willkie Farr & Gallagher LLP is headquartered at 787 Seventh Avenue, New York, NY 10019-6099. Our telephone number is (212) 728-8000 and our facsimile number is (212) 728-8111. Our website is located at www.willkie.com.

7. BCCI v Akindele [2001] Ch 437.8. Abou-Rahmah v Abacha [2007] J.I.B.L.R.9. Bank of Scotland v A Limited [2001] 1 WLR 751, Tayeb v HSBC Bank plc [2004] 4 All ER 1024.


16

1. Goldman Sachs’ Next 11 Report, issued on December 12, 2005, cited 11 emerging markets that would fuel the next wave of economic growth: Bangladesh, Egypt, Indonesia, Iran, Mexico, Nigeria, Pakistan, Philippines, South Korea, Turkey, and Vietnam.

2. “Corruption Cop: A Conversation with Nuhu Ribadu, Anti-Corruption Crusader,” Washington Post, May 24, 2009, www.washingtonpost.com/wp-dyn/content/article/2009/05/22/AR2009052202025.html.3. Michael Wines, “Graft Inquiry in Namibia Finds Clues in China,” New York Times, July 21, 2009, A6.4. “Corruption Cop: A Conversation with Nuhu Ribadu, Anti-Corruption Crusader,” Washington Post, May 24, 2009, www.washingtonpost.com/wp-dyn/content/article/2009/05/22/AR2009052202025.html.5. Edward Harris, “Corruption Leaves Nigeria in the Dark,” Associated Press, March 2, 2007, accessed via http://www.washingtonpost.com/wp-dyn/content/article/2007/03/02/AR2007030200673.html. 6. Sam Kennedy, “Nigeria: The Hidden Cost of Corruption,” Frontline World, April 24, 2009, www.pbs.org/frontlineworld/stories/bribe/2009/04/nigeria-the-hidden-cost-of-corruption.html.

www.navigant.com

DECISIVE ImpaCtavoid the pitfalls of bribery and corruption risks with the expert guidance and global perspective of Navigant anti-corruption specialists. We help clients resolve sensitive

investigations and strengthen global anti-corruption compliance

programs. Understand your risks and opportunities – make

decisive impact.