Risk-driven jobs compliment values essential to compliance role
Compliance is a moving target. But Odell Guyton has more than a little experience with tracking down a moving target. The global head of compliance at Microsoft credits his varied former careers for providing him with many of the skills he needs to keep one of the biggest companies in the world on the straight and narrow.
One of Guyton’s first jobs, long before he had ever considered a career in corporate compliance, was chasing and apprehending criminals as a bounty hunter. It is certainly not a job for the faint of heart, and neither is his current role.
Commenting on his years in that changeable and intense profession, Guyton says, ‘It was a very interesting and challenging activity and I developed a lot of my early legal skills during that time when I had to go in front of the judge to petition for the bail piece which grants me the authority to go and hunt down the fugitive.’ It really is not that different to getting authority to conduct internal investigations and identify areas of non-compliance.
As time went by, with being a bounty hunter becoming a somewhat dangerous career, Guyton decided to become a lawyer and signed up to law school. Although the lure of active law enforcement also encouraged him to apply for a position at the FBI, while he was ultimately accepted to the Bureau, he opted instead to remain at law school and become a prosecutor.
‘After finishing law school my first job was as a prosecutor at the Philadelphia District Attorney’s office. I did that for a period of about eight years during which time I rose through the ranks from assistant all the way to deputy and specialized in the area of sexual assaults and rape. I also did a lot of public corruption work as well,’ he says.
In the process of pursuing some of society’s worst offenders Guyton became very interested in the plight of the victim in the criminal justice system and was involved in establishing an organization to address victims’ rights in Philadelphia.
Eight years at the Philadelphia DA’s office led to a job at the US Attorney’s office. At that time the focus of his work was organized crime and drug gangs. ‘We worked on coming up with the first federal death penalty in an ongoing criminal enterprise case.’ Guyton was a particularly successful prosecutor and during his time in this role he ended up prosecuting about 200 individuals, convicting all of them, most of whom got life in prison.
Around that time the now infamous savings and loans scandal started unfolding. One of the largest of the S&L institutions to collapse was in Philadelphia and Guyton was assigned to prosecuting it. A big challenge prosecutors faced was determining what statutes to apply because the S&L business was largely unregulated. Eventually they settled on trying the cases under the money laundering and racketeering statutes that were most often used against drug dealers.
That investigation focused on the key executives. Interestingly, prosecutors employed the types of surveillance techniques that were usually used by the FBI for high-level organized crime figures. This experience informed future compliance positions when it became necessary to conduct investigations with companies and look for any wrongdoing or fraudulent activity.
His role at the US Attorney’s office led to employment in private practice with Guyton joining a firm of former prosecutors. The firm focused its efforts on health fraud and money laundering. It was during this time that Guyton’s perspective on legal process changed.
‘We found that by the time we got the defendants – we were a conflict firm that represented individuals – there was usually very little money left to defend the individual; the corporation would use most of the pool of funds defending itself.
Sometime during this period I had something of a change of attitude and realized that, hypothetically, if I had gotten into trouble, I could not afford to defend myself.’
Working on prevention
‘We started to take a different approach, and the philosophy of going into corporations and setting up compliance programs for the purpose of making sure the senior executives never became the focus of a government prosecution. We were fortunate at that time to be dealing with a lot of the top name, blue shield corporations in putting the first compliance programs into effect,’ says Guyton.
The reason that the firm was so successful at developing effective compliance programs was that, as former prosecutors, they were intimately familiar with the tactics and thought-processes the government used during its investigations and prosecutions. Knowing where the government was going with certain investigations and identifying the weaknesses in the cases allowed for the compliance programs to be focused in exactly the right areas.
It is important in understanding these issues that there is a pattern and practice of wrongdoing that can be proven by the government and what areas and people are likely to be targets. The reality is that it is not so much about the truth but about what the government can prove. ‘Whether or not you think you did something wrong is not really the question.’
This was really the starting point for Guyton becoming an in-house compliance officer. The University of Pennsylvania recruited him as compliance office for the university and its health system, reporting to the board of trustees. ‘This was interesting for me because I had effectively stepped out of the practice of law and had in effect become an internal auditor.’
Shades of grey
‘This was the first time that I realized what is material and what relates to the governance of an organization,’ Guyton continues. ‘As a prosecutor, things are very black and white, there is no grey. You are not interested in the impacts of an investigation or trial to the company or the individual but in what statute was violated and what is your proof element. As a defense attorney you insert the grey. You tend to interject things that the prosecutor hasn’t thought of, and, once you understand the system, it is a much more difficult position to be in.’
After several years at the university Guyton become the first-ever compliance officer at Microsoft. ‘Looking back now if I had to understand what got me the job at Microsoft it was the first question that was ever asked of me by the then general counsel of Microsoft, Bill Newcombe. He asked: What do you think of prosecutorial discretion? I pointed out that I had two former careers as a prosecutor and my answer was: It is the greatest tool that a prosecutor has in his arsenal but the problem is that most of them don’t know how to use it.
As a prosecutor what I always tried to do was to make sure that I only prosecuted the people that really needed it. What disenchanted me about being a prosecutor was the move away from this justice element and the move toward making statistics. Once you have to meet a number (of successful prosecutions) in order to justify your budgets and your existence it takes away your ability to truly look at a case and ask: Does this individual really need to be prosecuted?’
‘There is another important element to it as well,’ adds Guyton. ‘There is an impact when a person is prosecuted, investigated or even just named as a witness and that is a reputation risk, whether it be to the company or the individual. This often causes the greatest harm,’ he says, reasoning, ‘A prosecutor doesn’t look at the impact of that on the individual, their family and career. It is irrelevant to the role but as a defense attorney or a compliance officer these become very real considerations.’
When you come to work as a compliance officer you have two titles. There is the title the company gives you but you also have your personal responsibility, you could make a business decision that will impact your personal liberty and this is happening more and more every day, particularly with federal prosecutions. Ever since the Arthur Anderson case where the government was heavily criticized for going after that company and basically bringing it down they have turned their focus to individuals. No one is going to complain about an individual being prosecuted.
This means that now you have to look at compliance programs as protecting you as well as the company. Every day that I go in to work I say who is involved here. Lets look at their role and make sure that we really understand it and look at what processes will keep not only the company out of trouble but what will protect the individual who is trying to be compliant.’
Guyton has some sage advice gained from this continuous monitoring: ‘So what I say to all, as you perform your roles, is to always consider the strength of your processes. Don’t take it all on your own. Bring as many people who are accountable within your organization to the table. Don’t walk alone through this minefield because the consequences can be very traumatic to your career or to your personal liberty.’
The government has made its attitudes to corporate compliance extremely clear. It is looking at systems and processes and wants to see that compliance programs are not just a paper tiger. A company must be able to demonstrate to the government’s satisfaction that these programs are effective. They are looking at internal audit and the board and want to know that the audit committee is really active and looking at what is happening and not just a rubberstamp.
The corporate minutes are a very important part of the process and should always reflect what work is being done by the board and committees about monitoring governance and other activities at a company. The government has de-emphasized corporate liability in many areas. They are now focusing more on individual conduct particularly with regard to those who have some power or responsibility within a company.
That doesn’t mean there is any less attention on corporate wrongdoing. ‘One of the really powerful tools the government has at the moment are non and deferred prosecution agreements because you don’t have to prove anything. It is never going to go before a grand jury and yet it is an enforcement action.’
You can bring more cases without having to really scrutinize the proof because the company is agreeing to implement certain programs and do certain things in exchange for the prosecutor taking no action.
Companies entering into these agreements should be cautious and consider that they may well be exposing themselves more than they thought because they are effectively opening the door to whistleblowers who have a direct line to inform the government about what you are and are not doing in that program. If this is in violation of the agreement then the company can be in very big trouble.
Standing out from the crowd
One function of a compliance program is to deter the government from indicting you. If you are doing things better than your peers this would be an indication that you have an effective program. By the time it gets to the point of going to trial, it really comes down to the judge.
‘The judge is going to look at it in terms of: Who is running the program? Do they have the right credentials? Are they truly independent and effective? You have to be aware of the landscape and make sure you are using all the tools that are available and look at what your peers are doing.’
Compliance is extremely important but it is also important to remember that it is not the fundamental objective of a company. They are in business to make money and therefore it is not possible to have compliance at any cost attitude all the time. Achieving a good operating balance between the business and compliance aspects is ‘an interesting dance’, says Guyton. ‘You have compliance with the law and with rules and procedures, but you also have a business to run. The hard part is knowing as a lawyer when to sit back and when to tell the business guys, No you absolutely can’t do that. And that decision comes on a case-by-case basis.’
For the most part, because of some of the lightening bolts that have struck corporations in the past, business is more and more looking to the lawyers to help guide them through the minefield. ‘Sometimes we get it wrong but the business side is now more open to flexibility to say: Well if we can’t do it that way then we will do it this way.
One approach we have taken at Microsoft is making employees stakeholders. As senior employees we are all shareholders and there is very much a feeling that no one wants to be responsible for the next antitrust lawsuit. Even if you are the best sales person in the company there are consequences for breaking the rules. The rule at the company, which is communicated to all our operations and employees around the world is: If you break the law you are out. If you lie to the auditors you are out. There is no compromise in that.’
‘Collaboration between the business and the lawyers has gotten a lot better,’ says Guyton. ‘It used to be that the business would do things and then the lawyers came in afterward.’ That is one of the main situations that led to some of the more serious problems at Microsoft, he says. Now, in taking time to consult first, before they act, the potential for problems to occur has significantly dropped. This considerably more communicative approach, in tandem with an increase in checks and balances, has meant that the autonomy for one person to make the kinds of decisions that would have a negative impact on the company are greatly reduced. Guyton feels these multi-layered safeguards in place have equipped Microsoft with a compliance structure strong enough to withstand the modern trials and tribulations all big companies must face.
