Commerzbank is in the news again this year over violations of U.S. economic sanctions on Iran. According to a Reuters exclusive, New York regulators want employees fired for processing unlawful transactions involving the Iranian regime.
An unnamed source with New York’s Department of Financial Services told Reuters that he or she wants a lot more than a slap on the wrist:
“If you’re not holding individuals accountable, you’re not going to get the full effects of deterrence … “
Who to reprimand in these cases can become a sticky widget. Executives and board members begin to ask a whole lot of questions.
Who knows what? How pervasive is the behavior within the organization? Will there be political fallout within or outside the organization? What is the legal exposure? And more.
We may know soon enough all the details of the Commerzbank matter and folks may be able to glean possible lessons from it. But from the little that is out there, that unnamed New York regulator is correct, someone or some group of folks need to be held accountable for what transpired.
Over at the FCPA Compliance and Ethics blog, Tom Fox has some solid advice for organizations to avoid these situations. Avoid them to begin with, for starters. While he’s talking about it in the FCPA context, it is equally applicable to economic sanctions and just about any compliance issue:
In almost every circumstance where a significant compliance matter has arisen, if the issue had been reported or at least sent up the chain for consideration, there is a good chance that the incident would not have exploded
When Congressional Committees review economic sanctions or export control programs, this issue of who the government has held accountable arises frequently. I’ve been told by senior Congressional officials throughout the years that a lot of the time not enough people are held to account or, worse, the wrong people are penalized.
You can’t build a compliance culture on scapegoats. U.S. policy suffers. So does good business.