Following Siemens' whistleblowing case and rapid shifts in the global regulatory environment, what are the implications for investor activism and director liability?
After agreeing to pay a record fine of more than $1 billion to settle allegations by US and German authorities that it paid bribes to win contracts, Siemens set up an anonymous hotline that employees could use to report irregularities, urged rivals to join its anti-corruption efforts, and trained an army of whistleblowers and managers on payment and accounting flows.
The German engineering and electronics company’s efforts to hold its top leaders responsible and ramp up its compliance regime are setting an example for governments and companies in Europe and Asia. The UK has introduced a number of laws and regulations pertaining to fiduciaries that mimic the US Federal Sentencing Guidelines (USFSG). The Philippine Stock Exchange and the Philippine Securities and Exchange Commission have jointly issued rules for board members, while in Dubai the government is mandating a 20-year sentence for people found guilty of corruption.
‘The international regulatory environment is moving toward making it easier for corporations to do business globally because the regulatory environments are getting closer to what US-based organizations have come to expect,’ says Gretchen Winter, executive director of the Center for Professional Responsibility in Business and Society in Chicago. US laws underlying the shifting international regulatory environment include the Foreign Corrupt Practices Act of 1977 (FCPA), its sister act Sarbanes-Oxley (SOX) and the 1991 USFSG.
‘The regulatory environment has tightened for everyone, but particularly for US firms doing business abroad and foreign companies that have securities listed here in the US, because of the heightened emphasis on the FCPA,’ says Baker Donelson board governance attorney Gary Brown. The FCPA is a federal law known primarily for provisions addressing accounting transparency requirements and bribery of foreign officials.
‘Capital formation flows most easily to nations with sound macroeconomic data, where markets have integrity, and there are laws that are enforceable and good corporate governance,’ says Keith Darcy, executive director of the Ethics & Compliance Officer Association. ‘That’s why the US and its stock markets are where the greatest source of capital formation happens.’
Structures that ensure compliance include a code of conduct and high-level individuals within the company with direct reporting access to the board of directors. ‘You’re looking for some kind of corporate values and for policies, procedures and systems that will allow individuals to raise issues without fear of retaliation,’ explains Winter. ‘There are several French, German, UK and Asian firms that have established programs that correspond to those of their US parent organizations.’
Culture clashes
Some countries rebel against certain FCPA compliance initiatives because of cultural differences, however. ‘We need uniformity, but the problem is cultural resistance,’ says Brown. ‘The French culture, for example, rebels against hotlines because of anonymity concerns born out of the Nazi occupation of France. US compliance rules potentially conflict with regulations in certain parts of the world, depending on their history and political regimes.’
SOX was enacted in 2002 in response to corporate and accounting scandals at companies such as Enron and WorldCom, which cost investors billions of dollars and shook public confidence in the securities market. The legislation set new and enhanced standards for all US public company boards, management and public accounting firms.
‘SOX lends itself to the idea that your public filings are transparent and accurate,’ says Odell Guyton, global compliance officer at Microsoft. ‘With the onus on external auditors to follow guidelines, most companies need an internal control framework. Risk is well managed at US companies operating abroad; it’s pretty standard to have those regulatory requirements in place.’
While SOX is often perceived as an extension of the FCPA, the US sentencing guidelines create incentives for corporations to create or modify their own compliance programs, and these actions carry over to compliance programs worldwide. ‘The complicating factor is that the laws of every jurisdiction may be different, so it’s hard to have a uniform set of standards,’ says Guyton. ‘The guidelines not only audit the effectiveness of our international compliance program but are also used in moving concerns up the management chain and in proposing changes to control structures so we have a more effective, controlled environment.’
Control structures at Microsoft include benchmarking with other companies, developing a community of compliance throughout the company, online training, a functioning hotline and recording system, and having legal teams in place in specific regions and countries with an eye toward complying with laws in geographies and jurisdictions in which the company is operating.
Microsoft doesn’t have separate accounting rules for offices operating in different countries. Instead, the company strictly follows US GAAP because even when income statements of subsidiaries are rolled into the parent company’s US income statements, failure to report is subject to SEC jurisdiction, according to Guyton. ‘The bottom line is that if you are publicly traded in the US, you still have to follow US laws even though you are reporting income from different geographies,’ he says. ‘Culture is an important part of the work we do, but at the end of the day we have to comply with US rules.’
Different strokes
GAAP focuses on the needs of shareholders and is different from accounting systems used in Europe and Asia. ‘It’s hard for US companies abroad because there isn’t a consistent European way,’ says Mark Goyder, founding director of Tomorrow’s Company, a business-led, not-for-profit think tank based in London. ‘National frameworks tend to predominate, and there’s an underlying clash of philosophies born out of different approaches to accounting.’
The UK-based International Accounting Standards Board (IASB) is working toward developing a single set of global accounting standards. Its nine member nations include China, Japan, the UK, France and Sweden. ‘Some say neither the IASB system nor GAAP can capture the intangible side of the balance sheet,’ says Goyder. ‘You can’t get the regulation consistent if the attitudes that underlie national rules are very different.’
Accounting and fraud prevention are far from the sole areas companies are dealing with in the international arena, however. Despite differences between GAAP and the IASB, there still tends to be greater cooperation, progress and uniformity in the accounting area than, for example, on international say-on-pay policies, according to Brown. Say-on-pay rules have to do with disclosure of a board’s oversight of its company’s risk policy and its effects on compensation. ‘European shareholders have had an advisory vote on compensation for a few years, so they may be ahead of the US in that area,’ says Brown.
Relative success
Whether US companies operating in Europe or Asia must comply with the host country’s compensation rules depends on the company’s priority regulator and the listing requirements of the country where the company is incorporated or formed.
‘We’re not collaborating internationally yet on compensation rules, but I see it happening in five to 10 years,’ says Brown. ‘The more uniform the regulations are worldwide, the more companies benefit, to the extent that we are just one world, one global economy.’
In addition, US-style investor activism is starting to infect the rest of the world. Corporate governance abuse and accounting scandals have prompted investors to see proxy voting as the primary avenue for activism, an apparently democratic platform for shareholders to voice their support or opposition to management initiatives.
International proxy voting can be difficult to execute and monitor, however, partly because the regulatory environment may not be as shareholder-friendly. ‘When votes come cross-border from outside shareholders, every cross-border transaction is in danger because the votes may get lost and not be counted on significant issues,’ says Hans Martin Buhlmann, CEO and founder of Vereinigung Institutionelle Privatanleger (VIP), a proxy voting agency and institutional shareholder association in Germany. ‘New practices are needed in the custody chain.’
Quorum issues
Those new practices include requesting a receipt and calling for additional votes. ‘A receipt of execution of votes after the day of the annual general meeting would either be a confirmation or a note that the vote didn’t arrive,’ Buhlmann says. ‘Or asking for a second call – very often you see companies in Spain, France, Italy and Luxembourg calling for one, two and sometimes three votes.’ While the US shareholder of a North American company operating abroad may believe voting is fine, the operating company in Europe sees that the quorum is low, according to Buhlmann.
A quorum is the requisite number of shareholders present in order to hold an annual meeting, and it varies from country to country. According to VIP, Austria and Germany don’t have a minimum quorum, for example, while Italy, Spain and France all do.
‘Typically, North American companies have no regard for regulation outside of North America,’ says Buhlmann. ‘If there’s consideration for a regulatory framework, it happens by accident. That’s my personal experience with North American companies operating abroad.’
Coordination of enforcement efforts is more prevalent in Europe than in Asia; Asian governments need to develop a set of regulatory standards that are applicable across the board, according to Winter.
‘My understanding is that the Asian environment from an enforcement perspective may not be in the same place as Europe in terms of cooperation, but a number of Asian governments are beginning to reconsider their regulatory schemes,’ she says. ‘One of the things they need to do is develop a set of regulatory standards that’s applicable across the board, because you can’t implement enforcement until you develop a regulatory expectation.’
