Editor's Note: In 2005, Monsanto acknowledged violations of the Foreign Corrupt Practices Act (FCPA) following its self-disclosure of inappropriate payments by former employees to Indonesian government officials. That self-disclosure led to the entry of a Deferred Prosecution Agreement (DPA) with the U.S. Department of Justice (DOJ) and a related cease-and-desist order with the Securities and Exchange Commission (SEC). Monsanto agreed to a three-year government oversight by an independent monitor to assure that the company instituted and sustained a comprehensive and effective program. Monsanto developed that program, satisfying DOJ's and SEC's strict standards to secure dismissal of the DPA, and in so doing established a model global compliance protocol.
Subsequently, Monsanto sought to acquire Delta & Pine Land Company and, in the course of its due diligence preceding that transaction, discovered that employees of Delta & Pine Land's Turkish subsidiary had made questionable payments to local officials that were not properly recorded. The SEC determined that Delta & Pine Land, as well as its subsidiary, had violated various sections of the FCPA. Coincident with the closing of the acquisition, Monsanto, on behalf of Delta & Pine Land, filed a settled Proposed Final Judgment with the SEC which contained similar provision for oversight by an independent consultant.
Mr. Avila joined Monsanto in July 2006. He is responsible for directing Monsanto's global anti-corruption compliance efforts and has agreed to share with our readers his thoughts on FCPA compliance in the context of acquisitions.
Editor: When assessing a foreign company or foreign subsidiary of a U.S. company in the context of a potential merger or acquisition, how great a "red flag" is raised if that company or subsidiary does not have a formal compliance policy in place?
Avila: Codes of conduct and compliance policies are important but are only the first step in assessing a compliance program. Monsanto believes that the biggest deterrent against unethical behavior is strong leadership. Controls alone do not do enough to create an ethical culture; strong leadership can make up for the absence of formal controls or policies, while weak leadership will amplify the effect of those absences.
Editor: Would you please describe the FCPA issues that came to light in connection with Monsanto's acquisition of Delta & Pine Land Company, and tell our readers how lessons learned from the earlier 2005 experience affected how Monsanto dealt with these issues?
Avila : As I have told our employees since then, I liken the activities of Delta & Pine Land to the expression "don't feed the bears" - once you feed the bears, they keep coming back for more, they are going to come back when you least expect them, and they are going to come back in larger packs than you originally expected. There is a long-term downside to making payments to speed things along. People talk and people gossip. Government officials will talk, and certainly in Delta & Pine Land the activities of its Turkish company and the Turkish officials had the effect of inviting still more inspectors to delay inspections and ask for improper payments.
The lessons we learned through that acquisition are applicable for every company. You need to assess risk in every acquisition. Companies operate in different countries, so the risk assessment will vary for each acquisition or merger target. For us, Delta & Pine Land was a U.S. company that had policies in place, but, as we mentioned, policies alone did not prevent these kinds of activities from happening. Whether it is a U.S.-based company or a company with no U.S. connection, we approach every acquisition with fresh eyes and we do not assume anything based on the country of operations. Our goal is to make sure that we are not surprised with liabilities we did not anticipate. You have to be diligent, you have to ask questions and you have to interview the principals and the managers. It is a question of assessing leadership, assessing policies and assessing reputation. You are buying more than buildings and assets; you are buying the reputation of each employee in each country where they operate. As soon as the deal gets approved you inherit that reputation for both good and bad. It is the hand you have been dealt, and you have to respond to that.
Editor: Could you please describe Delta & Pine Land's activities that gave rise to the SEC's findings and the subsequent settlement?
Avila: Delta & Pine Land is a cottonseed business, and it had a Turkish subsidiary. So, in Turkey, inspectors would visit their fields in order to give the local office the health certificates it needed to commercialize the seed. What started out as so-called facilitating payments that were meant to just speed up the procedural process quickly became improper payments for activities the government officials didn't perform. Additionally, these payments were not accurately recorded in their company books. Our outside counsel, Miller & Chevalier, was instrumental in helping us assess the depth of these practices and negotiating the subsequent settlement with the SEC.
Editor: What provisions do you consider essential in an acquisition purchase agreement to mitigate risk of liability from actions of the target?
Avila: There always has to be a representation and warranty that the target company is in compliance with the local laws where the entity operates. Most countries have anti-corruption laws. The degree of enforcement may vary, but it is important that the principals understand that selling an asset does not eliminate liability if they conveniently choose to look the other way. Requiring representations and warranties of compliance with local laws and a claw-back provision where the acquired company is not exempt from liability if they knew that these things were going on and did nothing to prevent them are essential.
Editor: To what extent did the recommendations of the independent oversight monitor build upon compliance programs and policies that Monsanto already had in place?
Avila : He helped us focus on the three C's; communicate, comply, and certify. If you keep poor records, if you cannot prove it on paper, then you will waste time trying to retrace the steps of the organization. The monitor forced us to look at our practices and policies from the end to the beginning rather than from the beginning to the end. In other words, did our policies actually produce the result we anticipated? We had to reevaluate our policies for petty cash, travel and entertainment, inventory, delegation of authority and so forth from the perspective of the document trail. It made us formalize some practices into policies and reevaluate policies to make sure we captured enough detail so that an independent third party could find all his inquiries answered within the four corners of a document. That forced us to reconfigure policies and also reconfigure our expense recording so that our documentation captured more information. While this takes a little bit more time on the front end, it answers many more questions on the back end and contributes to creating a transparent culture.
Editor: What can you recommend for implementing a robust auditing protocol that can adequately measure the effectiveness of the compliance program?
Avila: Collaboration is essential in this process. Audits are a company-wide issue, and while there will certainly be some grey areas - is this an audit issue? a legal issue? a compliance issue? - you need to tackle them as a company issue. Internal audit policies must reinforce and be consistent with controllers' policies and the FCPA policies. We make sure to tie all the loops together around the different teams so that we are all building on the same platform. Our internal audit program is vibrant and our auditors are dynamic. Our audit program today is even more extensive than during our DPA and monitor oversight. We wouldn't be able to do that without strong institutional support. Our audit and finance committee gives us the authority and empowerment to go out and perform audits. Our controller is very supportive of our program. Our general counsel and director of internal audit are always communicating to our audit and finance committee. Our business leaders take pride in scoring well on our audits and are very responsive in remediating deficiencies. This breeds a culture in which the business goes beyond being reactive to audits and it begins being proactive by implementing compliance components outside the audit scope. Being in corporate compliance, I have established strong connections with not only internal audit and finance groups but also the regional business leaders. It is critical that you are always connected with these other functions because it really is the only way to solve these company-wide issues. To work across different teams working towards the same goal, you have to be able to influence senior leaders and teams that don't necessarily have direct reporting responsibility to you personally.
Editor: How do you integrate FCPA due diligence into the schedule of overall due diligence?
Avila : Acquisitions, by their very nature, do not allow the luxury of time. Our management team wants assurance that they are not walking into a minefield. So, we incorporate compliance requests into the overall due diligence requests. You want to take advantage of the work that is conducted by different groups: finance, human resources, legal, and the external auditors will all make data requests. I need to stay on schedule, I need to be responsive to the overall acquisition team, I need to be engaged, and when there are meetings I need to clear my calendar and attend. I establish my credibility by making sure that I keep up with the deadlines and milestones we set as a team. Once you establish that credibility, the other team members view you as a contributing member so that if an issue comes up they will support you with extra time you might need, they will support you if you need to interview members from the target company and they will help make sure you obtain the information that you need.
Editor: Why does your due diligence program extend to post-acquisition activities?
Avila: Monsanto wants to make sure we maximize the value of our investment. Holding teams accountable for integration of the business is critical for business and people development. Most importantly, we want to make sure that our new employees understand our expectations for integrity and for transparency. Our aim is to formally assess new acquisitions against our policies quickly after closing the deal. We send out our internal auditors following each acquisition. We give the business an action plan to build up their control environment and we expect them to create a culture that meets our expectations. One of our successes has been in taking advantage of the time we spend in due diligence to design a customized program that addresses areas where the company is lacking in either policy or controls and we launch an action plan to get them up to speed with the rest of the company. We work on the integration plan together across various teams and we provide reports to various business leaders at key milestones so they can lend institutional support as needed. It is hard work; it takes a lot of energy to communicate and find solutions, so you have to be fully vested in the process.
Editor: How does Monsanto's law department position compliance as a broad business issue rather than a specific or isolated legal issue?
Avila: The law department is not the lone wolf howling in the night drawing attention to legal issues. Integrity is the core of our corporate behavior. We are committed to integrity in all our business operations. The Monsanto Law Department identifies the legal issues and collaborates with the respective business teams to get to the root of these issues. We have the support of our general counsel and senior Monsanto leadership to be lawyers and business leaders. The only way to build a compliance culture in a decentralized or matrix organization like Monsanto is for every team to embed compliance into their business activity. You cannot depend on compliance officers to build this culture - the culture is built by employees, it is built by our managers; if managers take shortcuts, their teams will accept a greater degree of risk. You need to have high expectations of behavior and performance. Our law department, like every other department at Monsanto, is expected to build high expectations of behavior and deliver on high performance.