Internal Compliance: Is it Really about Compliance?

by Reuben Guttman

With the growth of multinationals whose business transcends geographic boundaries and whose revenue streams exceed the gross national product of some nations, legislators and regulators—at least in the United States—have looked to leverage the resources of whistleblowers to bolster compliance enforcement. Under the right circumstances whistleblowers can be an invaluable resource.

First, whistleblowers can surface information not readily available, or otherwise concealed from regulators. Second, in places like India and China they add eyes and ears with cultural and language sensitivity and skills that the enforcement agency itself may not have available, at least in these particular locales. Third, they can have technical or scientific skills in areas that will assist the enforcement agency. Fourth, they often come equipped with counsel who can spend the time translating lay complaints into cogent legal arguments.

The potential for whistleblowers to leverage global enforcement of securities, food and drug, and environmental laws, is significant. Bridging or lessening “the compliance gap,” which has occurred because it is simply not feasible to hire enough regulators to exercise adult supervision over global enterprise, is a reality. If it is an exciting prospect for some, it is apparently not one for the United States Chamber of Commerce, which has other ideas. In recent months the Chamber and its members, or counsel representing its members, have campaigned for legislation giving deference to internal corporate compliance programs as their solution to bridging the compliance enforcement gap. This is the “trust us to watch ourselves strategy” which has worked so well in the past. Really? Remember Enron, Tyco, and WorldCom? They all had internal compliance programs, none of which prevented massive harm to shareholders or consumers. The same can be said of Glaxco-Smith-Kline, Abbot Labs, and three subsidiaries of Pfizer. Their internal compliance programs did not halt conduct which ultimately resulted in guilty pleas to criminal violations of the Food Drug and Cosmetics Act stemming from marketing derelictions that placed countless patients at risk for injury or illness. In each of these situations the wrongful conduct was pervasive, and where the conduct is pervasive internal compliance will simply not correct a wrong. How do you tell a corporate official, whose pay is tied to revenue, that a large portion of the corporate revenue stream may come from illegal marketing schemes or the distribution into commerce of defective products? Do the words “claw back” go over well?

Other than then the “trust us to watch ourselves” argument, large corporations love internal compliance programs for another reason. Indeed, they love them so much that they spend oodles of money on consultants and law firms to draft manuals and develop training programs. The idea is simple; if you cannot convince Congress to favor internal compliance over whistleblowers, then why not manipulate the psyche of the workforce to believe that there is no reason to suspect wrongdoing and thus blow the whistle? Ask an employee of a pharmaceutical giant whether their company markets drugs outside the FDA approved indication, and the employee will no doubt point to a company rule that precludes such conduct or a training program where employees were counseled about the evils of “off label marketing.” Yet ask the same employee whether their company encourages sales representatives to compete their drugs against others that have different—or more expanded—FDA indications and the employee may say “of course.”

With extensive training programs given by purportedly respected professionals or counsel, compliance manuals, and company rules, the goal is—perhaps oddly enough—not to actually prevent wrongdoing, but to convince potential witnesses to wrongdoing that what they see, hear or read, cannot be possibly be wrong. Employees who are paid well and have solid benefits and prospects for retirement have no incentive to rigorously question employer conduct, and internal compliance programs give them moral comfort that there is no need to do so. These programs suppress whistleblower complaints and witness cooperation with regulators. Think of the mine inspector who asks the miner about safety conditions in the mine. “Well,” says the miner, “we have a safety program and an internal compliance officer that we can report problems to and the company posts signs that say safety first.” Does the inspector drill down deeper and inquire about the age of the safety equipment or the specifics of the safety protocol, or does he pack up and go home?

There is nothing really new about this strategy. Over the years there have been variations of the “trust us to watch ourselves” strategy. Back in 1935, when Congress began to regulate the relationship between employers and employees seeking to engage in concerted protected activity, or unionization, it recognized that employers would respond to organizing efforts by creating their own company unions. These company unions created the illusion of employee power while suppressing true oversight. Within the context of Federal Labor Law, “the trust us to watch over ourselves” argument was not only rejected by Congress but it was made illegal under the National Labor Relations Act as company dominated unions were outlawed by the NLRA’s Section 8(a)(2). In 1964, in a case known as NLRB v. Exchange Parts Co., the United States Supreme Court upheld a National Labor Relations Board ruling finding a violation of Federal Labor Law where the employer conferred benefits on employees shortly before a union election. Back then the Supreme Court understood that that the “trust us” strategy interfered with employee free choice.

Today, employers maintain that with hefty penalties under an array of statutes ranging from the Foreign Corrupt Practices Act to the False Claims Act and the Food Drug and Cosmetics Act, their call for self-oversight is sincere. Yet, while the optics of the penalties are high, when juxtaposed against the revenue secured through unlawful conduct, the penalties are in some cases no more than a fee for the license to break the law. In 2009, Pfizer paid $2.3 billion to resolve marketing derelictions that placed patients at risk. Yet the penalty was modest in comparison to the billions of dollars that the pharma giant made from unlawful sales.

Do companies “game the system” by calculating the cost of noncompliance and the likelihood that they will be caught? Undoubtedly they do. And for these culprits, internal compliance programs are a tool to further game the system by suppressing internal questioning of conduct that may indeed be questionable.

About the Author

Reuben Guttman heads the whistleblower practice and the Washington, D.C. office of the law firm of Grant & Eisenhofer. He has represented whistleblowers in cases against Abbott Labs, Pfizer, Amgen, and Glaxco-Smith-Kline, where his clients have participated in recoveries exceeding $ 5 billion. He is a Senior Fellow and Adjunct Professor at the Emory University Law School Center for Advocacy and Dispute Resolution, and the International Business Times has referred to him as one of the most prominent whistleblower lawyers in the world.