I speculate that the Governance, Compliance and Risk Management issue of Bribery and Anti-Corruption will go from a dusty item entered in to board minutes, to a material agenda item. This is not necessarily a good thing because none of the other agenda items can be easily de-weighted.
As mentioned in previous blogs, CFPOA, Corruption of Foreign Public Officials Act, only recently started receiving press based on the enforcement action against Niko Resources, here, here, here and here.
A March 2011 OECD, report, here, suggested the RCMP was had 20 active CFPOA enforcement investigations. Based on the CFPOA being sleepy legislation for most of its 13 year history, and considering that only two cases, Hydro Kleen and Niko, have seen the light of day, it can be extrapolated that there have been any new investigations launched in the last ten months.
With the inconsistent Canadian legal precedent on disclosure obligations for public issuers, and with few to no announcements by such public issuers disclosing any RCMP investigations, it can also be assumed that many of the 20+ companies have no idea they are being investigated.
With there being such little press and such small financial consequences (until Niko), it would also be a fair statement to suggest that Anti-Bribery, Anti-Corruption compliance programs within individual Canadian companies might not be receiving substantial resources or significant board/executive attention.
My strong recommendation is that this needs to change and change quickly. The best defence (to an investigation or enforcement action) is a good offence. This offence needs to be well worded, aggressively communicated, strongly enforced and meticulously documented.
The FCPA, the use counterpart, has seen very active enforcement. This enforcement has resulted in many follow-on claims including class action securities claims. Since we only have one enforcement action in Canada, that has been brought after the inception of Bill 198 (secondary market liability legislation), and it is too early to determine the risk of follow-on litigation, the only thing Canadian directors and executives can do is assume the financial, market and reputational risk of an CFPOA Enforcement Action will be material to the organization.
There is no doubt that more enforcement actions will soon become public. This means there will be a lot of Directors, Creditors and Shareholders receiving an unpleasant surprise in the new year. When the issue becomes public every company decision, announcement, prospectus and even individual discussions and emails will become the subject of scrutiny and conjecture.
It is usually at this point of crisis that risk management and insurance are raised. Insurance coverage will become a critical question. Directors and officers will want to know if their D&O insurance policy will respond. But they may not recognize that there is no such thing as a “standard” D&O insurance policy. They also might not realize that early response of the D&O policy to a CFPOA enforcement action or investigation may put these directors at a considerable personal risk.
The issues of policy limit adequacy, limit erosion or exhaustion, “notice” obligations, exclusions and continuity are too detailed for this blog post. These issues are also too specific to the specific to the actual insurance program in place and the unique investigative order and potential litigation.
There are dedicated Investigation Costs insurance products available and in the works. These policies are designed specifically for investigation costs, and in most cases they provided limits of liability that will not erode the limits available under the D&O program.
The only way to extract value from the risk management activity of “risk transfer to insurance” is to identify risk, develop loss control tools, determine coverage priorities and negotiate and buy insurance prior to “smelling smoke.”
Greg Shields is a D&O, Professional Liability and Crime insurance specialist and a Partner at the University and Dundas (Toronto) branch of Mitchell Sandham Insurance Services. He can be reached at email@example.com, 416 862-5626, or Skype at risk.first. And more details of risk and loss control can be found on the Mitchell Sandham blog at https://mitchellsandham.wordpress.com/
CAUTION: This article does not constitute a legal opinion or insurance advice and must not be construed as such. It is important to always consult a registered and truly independent insurance broker and a lawyer who is a member of the Bar or Law Society of the relevant jurisdiction with regard to this material before making any insurance or legal decisions. All material is copyrighted by Mitchell Sandham Inc. and may not be reproduced in any form for commercial purposes without the express written consent of Mitchell Sandham Inc. Anyone seeking to link this document from any external website must receive the consent of Mitchell Sandham Inc. by sending an e-mail to firstname.lastname@example.org.