Home Company News & Events WPA in the News Human Resource’s Proactive Role in Workplace Ethical Issues

WPA in the News

Human Resource’s Proactive Role in Workplace Ethical Issues

June 1, 2008
Employment Relations Today: Questions-and Answers Column
By Lynn Lieber, Esq.

Employment Relations Today: Questions-and Answers Column (Vol. 34, Issue 3) By Lynn Lieber, Esq.

This article was published in the journal Employment Relations Today.
Reprints are available online at Wiley InterScience.

Responsibility for corporate compliance with complex, ethical, financial, international regulations and laws used to reside primarily with organizations’ legal and financial departments. Our increasingly global economy – coupled with the enormous liability, publicity and even criminal charges and jail time for corporate wrongdoing – makes it imperative for human resources practitioners to have knowledge of ethics-related laws and play an pivotal role in their everyday enforcement in the workplace.

This article addresses four major ethical-related laws – the Sarbanes-Oxley Act, the Gramm Leach Bliley Act, the Foreign Corrupt Practices Act and the antitrust laws. Each of these laws is very detailed and complex. This article is intended to introduce the laws to HR professionals and notify them the various ways HR can assist in reducing ethical violations and liability at their organizations.

What Should HR Professionals Know about the Sarbanes-Oxley Act?

The Sarbanes-Oxley Act, commonly referred to as “SOX” or “Sarbox,” was signed into law in 2002. SOX is intended to ensure the reliability of publicly reported financial information and restore confidence in U.S. capital markets.

Although SOX is technically mandatory only for public companies that file a Form 10-K with the Securities and Exchange Commission (SEC), many private and non-profit companies are complying with SOX voluntarily. Privately-held companies are facing increasing market pressure to adopt SOX-type governance and internal controls procedures and may face higher insurance premiums, more difficulty raising capital, heighted potential liability and reduced stature in their industries if they do not adopt SOX-like structures.

What is the Purpose of SOX?

The Act has been described as the most dramatic change to federal securities laws in recent history, as it radically redesigns the federal regulation of the corporate governance and reporting obligations for public companies. It also significantly tightens accountability standards for directors and officers, auditors, securities analysts and legal counsel.

The Act is a result of the accounting scandals that began with the collapse of Enron, a Houston-based energy trading company, and the ensuing indictment by the Department of Justice of Arthur Andersen, LLP, one of the Big 5 public accounting firms.

What are SOX’s Reporting Requirements & Accountabilities?

SOX expands reporting requirements and accountabilities for public companies by requiring the following:

  • CEO and CFO attestations to all SEC registrants, which are subject to civil and criminal penalties;
  • An internal control report to be filed with the annual report;
  • Real time disclosures of material changes in financial condition or operations;
  • Disclosure as to whether registrants have established a Code of Ethics/Conduct, or an explanation of why they have not; and
  • Immediate disclosure of waivers from the established Code of Ethics/Conduct.

What is HR’s Role in SOX Compliance?

By leveraging its unique position as the crucial interface between an organization’s human element and its financial bottom line, HR substantially drive efforts to meet SOX’s regulatory requirements – and can even change the organization’s culture and profitability in the process.

HR has many responsibilities that should be rigorously analyzed for possible exposure under SOX. For example, incorrectly calculated benefits could lead to lawsuits under ERISA or force the company to restate earnings. Improper calculations of commissions, which are paid out over time and are difficult to audit, are also a source of potential liability. Improper network access could lead to fraud, embezzlement or identity theft. Managing access to sensitive information and intellectual property is a critical HR function, especially when employees are transferred, leave or are promoted.

It is incumbent upon HR to act vigorously in its ‘checks and balances’ role by identifying and addressing any ethical violations before they occur and to supply training to staff on SOX compliance. By tracking that the workforce has been educated on their SOX-related responsibilities, HR can further demonstrate compliance during the annual SOX audit. HR needs to be in close contact with very senior organization executives regarding the organization’s code of conduct, auditing process and financial expenditures.

What Should HR Professionals Know about the Gramm Leach Bliley Act?

The Gramm Leach Bliley Act of 1999 (“GLBA”) removed barriers that prevented the merger of banks, stock brokerage companies and insurance companies. Without these barriers in place, merged companies would have access to significant amounts of personal information. Therefore, the GLBA also addressed concerns about consumer financial privacy, by requiring financial institutions to protect consumers’ non-public personal information (“NPI”).

What is the Purpose of the GLBA?

In the late 1990s, U.S. citizens were increasingly concerned about privacy and how their information was being shared without their knowledge. Studies indicated that consumers worried about ineffectual bank privacy standards and lack of protection against unwanted information sharing.

Public trust regarding consumer privacy in the banking industry was further eroded by a series of high profile cases involving banks selling consumer information with adverse consequences for customers – including marketing, credit fraud and identity theft.

What Organizations are Covered by the GLBA?

The GLBA applies not only to banks, securities firms and insurance companies, but also to other providers of financial products and services. This includes retailers issuing credit cards, money transmitters, tax preparation services and even online companies that offer aggregation, funds transfer or payment services.

What are the Pertinent Provisions of the GLBA?

A financial institution’s obligations to safeguard certain information depend on whether their clients are “customers” or “consumers.” “Consumers” are individuals – or individuals’ legal representatives – who obtain or have obtained a financial product or service from a financial institution to be used primarily for personal, family or household purposes. “Customers” are a subclass of consumers who have a continuing relationship with a financial institution.

Under the GLBA, financial institutions must give notice to all of their customers about the institution's privacy practices. If their information is shared in certain ways, the institution must also provide consumers with notice of its privacy practices.

The GLBA protects a consumer’s “nonpublic personal information” (NPI). NPI is “any personally identifiable financial information” that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise “publicly available.”

Customers’ NPI cannot be shared with unaffiliated third parties unless customers are informed annually about who will see their NPI and for what purpose. Customers must also be given the opportunity to opt out of NPI sharing. Privacy notices must be conspicuous and clearly written. There is specific information that must be included in the notice, including types of NPI collected, how that NPI is protected and to whom that NPI might be disclosed. NPI may be shared with affiliated parties, in order to conduct ordinary business activities and when legally required. In these cases, notice is not necessary.

What Can HR Do to Ensure Compliance with the GLBA?

HR plays a critical role in safeguarding NPI. Risks to NPI can be administrative, technical and physical. The law requires that organizations develop, implement and maintain comprehensive written programs to protect NPI against all risks.

All employees in an organization that handles NPI – especially those with access to NPI – should be trained on how to protect NPI. This rule applies to every employee, even a custodian. HR should train employees in how to safeguard NPI – such as locking rooms or file cabinets containing records with NPI and referring requests for customer NPI to specifically trained employees. Safeguards should also be in place to protect against unauthorized electronic access of NPI. If NPI leaves an organization for any allowable reason, it should be properly documented.

What Should HR Professionals Know about the Foreign Corrupt Practices Act?

The U.S. Foreign Corrupt Practices Act of 1977 ("FCPA") prohibits U.S. companies and their subsidiaries, as well as their officers, directors, employees and agents, from bribing "foreign officials." It also requires U.S. companies that issue debt or equity to maintain internal accounting controls and to keep books and records that accurately reflect all transactions.

Both the anti-bribery and the record-keeping and internal accounting controls provisions apply to worldwide operations. The FCPA is enforced jointly by the Securities & Exchange Commission (SEC) and the U.S. Department of Justice (DOJ). Both agencies have dramatically increased enforcement of the FCPA. Penalties can include large fines – up to twice the benefit the company sought to obtain from its illegal actions – and suspension or debarment from federal procurement contracting. Company officers and employees may face jail time for violations.

What is the Purpose of the FCPA?

As a result of SEC investigations in the mid-1970s, over 400 U.S. companies admitted to making questionable or illegal payments in excess of $300 million to foreign government officials, politicians and political parties. The abuses ran the gamut from bribery of high foreign officials to secure some type of favorable action by a foreign government to so-called "facilitating payments" that were allegedly made to ensure that government functionaries discharged certain ministerial or clerical duties. Congress enacted the FCPA to bring a halt to the bribery of foreign officials and to restore public confidence in the integrity of the American business system.

What Does the FCPA Prohibit?

The FCPA has two principal components: anti-bribery provisions and “books and records”/”internal accounting controls” provisions. The anti-bribery provisions prohibit payments, offers of payment or authorization of payments by U.S. persons or entities to foreign officials for business purposes.

A U.S. entity or person can also violate the FCPA by acting directly or indirectly through a subsidiary or third party to make a corrupt payment. Business relationships with third parties, agents and joint ventures can also result in FCPA violations for which the organization could be liable. The FCPA contains an exception to the bribery provision for “facilitating payments” for “routine governmental action.” Many organizations have policies regarding facilitating payments or prohibit them altogether.

The “books and records”/”internal accounting controls” provisions require entities and individuals to maintain accurate and detailed records. Individuals can be prosecuted for violations of the accounting provisions of the FCPA.

“Affirmative defenses” may be asserted by those accused of FCPA violations; however, the accused must bear the burden of proof that the payment was not illegal. One defense is the “business and promotional defense” – the monies spent were reasonable and bona fide business expenses. Another defense is the “local law” defense – payments that are acceptable under a country’s local laws are not an FCPA violation.

What Can HR Do to Ensure Compliance with the FCPA?

HR professionals can help protect their organizations by training employees in FCPA violations and potential violations. Such training should cover topics such as:

  • Doing due diligence on third parties;
  • Obtaining pre-approvals where required;
  • Taking rumors of improper payments or "red flags" seriously;
  • Monitoring the actions of third parties;
  • Recording and documenting all payments and other dispositions of company assets; and
  • Complying with all local laws.

HR should also inform employees about what to do when receiving a request for an improper payment and what to do when third parties are involved in such transactions. The training should also clearly inform employees (many whom might work abroad) about the organization’s policies and procedures regarding reporting suspicious payments or transactions or potential FCPA violations.

What Should HR Professionals Know about Antitrust Laws?

Competition law, known in the United States as antitrust law, has three main elements:

  • Prohibiting agreements or practices that restrict free trade and competition between business entities;
  • Banning abusive behavior by a company dominating a market or anti-competitive practices that tend to lead to such a dominant position; and
  • Supervising the mergers and acquisitions of large corporations, including some joint ventures.
The globalization of the international economies has significantly impacted antitrust laws. Many organizations are currently not only being investigated and prosecuted under U.S. law for antitrust violations, but also simultaneously under the laws of numerous foreign countries. The legal and publicity costs of such investigations and prosecutions can be staggering.

What is the Purpose of the Antitrust Laws?

Protecting the interests of consumers and ensuring that entrepreneurs have an opportunity to compete in the market economy are important objectives of the antitrust laws. Competition law is closely connected with law on deregulation of access to markets, state aids and subsidies, the privatization of state-owned assets and the establishment of independent sector regulators. In recent decades, competition law has been viewed as a way to provide better public services.

What Do the Antitrust Laws Prohibit?

The antitrust laws make illegal any agreement that affects interstate commerce and restrains trade. There are two basic kinds of violations that unreasonably restrain trade:

“Per Se” Violations: Certain anticompetitive acts or agreements (e.g. price-fixing, market allocations and group boycotts) are considered to be so injurious to the public that there is no need to determine whether competition is actually reduced or otherwise injured – they are violations of the law.

“Rule of Reason” Violations: Acts or agreements that are not considered to be illegal “per se” are analyzed by comparing their positive effects against their potentially anticompetitive effects. If the act or agreement is found not to unreasonably restrain trade, it will not be considered a violation.

Certain group activities by associations, standard-setting organizations and joint activities by competitors can also be illegal. In the context of antitrust law, an agreement between competitors can be an explicit, written agreement, but is more frequently an implied, and even unspoken, agreement. Agreements can be demonstrated by the totality of actions of the competitors.

What Can HR Do to Ensure Compliance with the Antitrust Laws?

Again, training employees in antitrust violations and potential violations is critical. Salespeople should be given specific training as many antitrust violations may not intuitively seem improper or illegal.

Training provided for employees by HR should include the following topics:

  • Don't discuss pricing with competitors. Never attend a meeting at which pricing will be discussed. If it comes up at a meeting, protest (and follow this up in writing) and leave immediately;
  • Don't discuss dividing or allocating customers, markets or territories with a competitor;
  • Don't restrict the resale activity of a customer or attempt to control the customer's resale price;
  • Don't talk to retailers about the prices they charge for your products;
  • Don't talk to your retailer-customers about other customers or about how you sell to other customers;
  • Don't require a customer to buy exclusively from your company or require them to buy one product to obtain another;
  • Don't make sales or purchases conditional on reciprocal sales or purchases;
  • Don't suggest that a purchaser should buy from your company because your firm buys from the purchaser's company;
  • Don't charge different prices for the same volume of product to customers who may compete with each other; and
  • Don't disparage a competitor's product, verbally or in writing, unless you can prove your charges.

It is also critically important that as part of the training and continuing education to employees regarding the antitrust laws, HR communicate the organization’s procedure for asking questions regarding antitrust laws and reporting potential or actual violations.

In Conclusion

HR professionals can take a leading role in assisting their organizations in complying with the numerous and challenging ethical laws that, if violated, can create devastating financial and publicity ramifications for the organization.

HR practitioners need to know the basics of these laws and create and/or familiarize themselves with their organizations’ related policies and coordinate with appropriate company executives. HR representatives then need to take proactive steps to train employees regarding these laws – both to educate the workforce in proper conduct, but also to show that the organization made best practice efforts to train should a violation occur.

Back

Company

Copyright © 2010 Workplace Answers. All Rights Reserved.