As we learn that AT&T, Novartis, and other large companies paid millions of dollars to Michael Cohen’s company while he was serving as President Trump’s legal counsel, it’s worth remembering that there is a whole subset of professionals embedded in every headquarters in corporate America who work to prevent exactly this type of shady business.
These ethics and compliance officers exist to keep corporations on the right side of a strict anti-corruption law. A big portion of their work is specifically to prevent companies from paying money to intermediaries — like, say, the personal lawyer and long-time confidant of a government official — to influence government officials’ behavior in favor of the company.
But there’s a catch: The law outlined above applies to foreign governments. It’s called the Foreign Corrupt Practices Act, and the Justice Department enforces it on a regular basis. And if AT&T had paid $200,000 to the personal lawyer of Xi Jinping — while, say, it was in the middle of a giant transaction requiring Chinese government approval — the company would be facing fierce scrutiny from the United States government.
The Justice Department would be investigating potential criminal violations of the FCPA, while the Securities and Exchange Commission would be investigating “books and records” violations to see whether the company masked those payments as something else, thereby deceiving investors. Shareholders would inevitably file lawsuits. The company’s legal costs would soar.
That’s why big American businesses now spend a fortune employing people to avoid the wrong side of the law. Walmart, for example, admitted to possible FCPA violations in Latin America in 2011. Since then, the company has spent more than $800 million to improve its compliance program and to wrangle with Justice Department prosecutors — and the case still isn’t settled.
You can bet that if a mid-level executive at Novartis, AT&T, or any other large company ever reached out to their compliance department to clear a proposal — “Hi, we’re thinking of paying $500,000 to the Indonesian president’s personal lawyer, because we want advice on a big contract and he just opened a consulting firm” — that idea would come under intense in-house scrutiny.
Our mid-level executive would need to supply reams of paperwork to show that the company is a legitimate consulting operation. The compliance team would need to pore over the consultancy’s ownership and bank accounts, to confirm in a dozen different ways that it isn’t somehow a back-door channel to put that $500,000 in the president’s pocket in exchange for a favorable ruling.
Or, much more likely, the company’s compliance officer would tell the mid-level executive that he’s nuts, and then hang up the phone.
That’s how modern anti-corruption works in large businesses today. It’s an exhausting system of policies, attestations, background checks, management approvals, invoice matching, and more.
Is it a pain? Yes. Could the process be simpler? Sure. But last time I checked, fighting corruption was a good thing, and we’re supposed to do good things because they’re good, not because they’re easy. All those corny lessons from Sunday school and Harry Potter movies came from some kernel of truth, after all.
Where things get bizarre, however, is that the bar for proving criminal bribery of an American official is now much higher than it is for a foreign one, thanks to a 2016 US Supreme Court ruling.
That ruling, in McDonnell v. United States, spelled out an expansive definition of what an “official act” of a US government official can be — and therefore, many gifts and payments given to those officials (or their friends, ex-counsel, and fixers) wouldn’t qualify as bribery. At least, they wouldn’t qualify enough for prosecutors to bother trying the case.
This means US companies can now face more legal jeopardy for trying to influence foreign governments than they would trying to influence the president of the United States.
That said, there’s still plenty of legal, political, and reputational jeopardy to go around here. And the compliance chiefs — and board members — of the companies that gave money to Michael Cohen should be reaching for gallon-sized jugs of Pepto-Bismol right now.
For example, did AT&T, Novartis, and others perform any due diligence on Cohen's company, Essential Consultants? It was a Delaware shell company set up in October 2016 with one employee, and just a few months later these companies are sending six-figure sums to it.
Is that typically allowed under company policy? Who signs the check? Does more than one executive need to sign for amounts that large? Did the companies get an itemized invoice for services Cohen provided? Was his billing rate comparable to other consultants?
Or if these companies don’t typically recruit new vendors that quickly, who decided to override that policy in Cohen’s case? What was the rationale behind that decision?
Those are all questions that would routinely be asked of a company under investigation for accounting fraud or FCPA violations. If Democrats take control of the House this November, we can rest assured they will open an investigation into Cohen’s business dealings immediately, and they’ll ask corporate America all these questions, too.
What’s more, if any foreign companies paid money to Cohen, and their home countries have similar laws against overseas bribery, they could face investigation at home for attempts to bribe what is, to them, a foreign government. And we haven’t even begun to ask about any other shell companies Cohen may run, or that other people in Trump’s orbit run, and who’s been funding those.
In other words, this is a new, freshly opened can of worms for Michael Cohen, Donald Trump, and corporate America — and it’s a mighty big can.
Let’s hope all these companies that paid Cohen can provide solid proof of why they did what they did. Because right now none of it passes the smell test, and if it happened anywhere else in the world these companies would be in a lot more trouble.
Matt Kelly is the editor of Radical Compliance, a blog that explores corporate governance, compliance, and ethics issues. He can be reached at firstname.lastname@example.org.