Hurricane Katrina - What Does Your Security Look Like?

Ethics and BP: Corporate Governance - Part 1

As an investor, it is important to understand the type of Corporate Governance framework established within the corporation before handing over your hard earned saving to the family broker. Corporate Governance, in its simplest form, can be described as the relationship between shareholders and management. When Corporate Governance goes bad, this relationship spoils and all stakeholders can be hurt in the process. For example, BP America (BP) has taken a massive reputational hit due to the April 20th explosion of the deep sea drilling platform, Deepwater Horizon, which killed 11 employees while spilling untold amounts of oil into the Gulf of Mexico (Casselman, 2010). Investigations into the explosions may not be finalized at the moment, however, we can take a look at this event and similar past incidents to reveal a pattern that can lead a prudent person to wonder if BP’s Corporate Governance is effective enough to mitigate risks and prevent other disasters from occurring in the future.

Introducing a new model for board effectiveness, Leblanc and Gillies (2003) established a model that attempts to measure the effectiveness of the Board of Directors. Their research points out that the majority of previous works use the “board structure” approach to corporate governance reform. What this correlates to is that board effectiveness is measured based off the corporation’s board structure. Leblanc and Gillies’ model indicates that the most important element is “board process,” which is the ability of Boards to come together and make decisions, and not “board structure,” which many are currently using for reform. The underlying foundation of the model has two types of effectiveness built into it: Board Effectiveness (BE) and Director Effectiveness (DE). I will attempt to use the model proposed by Leblanc and Gillies to further analyze BP America and their Corporate Governance Framework.

Board Effectiveness

To achieve board effectiveness, within the framework of this model, three elements are required: (i) board structure (BS), (ii) board membership (BM), and (iii) board process (BPr) (this was shortened to BP in the actual model; however BP is the corporation in this writing). Each element should be measured then added together to form a final tally showing the overall board effectiveness.

Board Structure

There are three separate items to consider when analyzing “board structure:” (i) leadership, (ii) composition, and (iii) size. With board structure being the basis for many debates concerning board effectiveness, it is important to understand what makes a board effective.


Leadership is described as having either a non executive chair or the same person occupies the posts of Chairman of the Board (COB) and Chief Executive Officer (CEO), or what is known as CEO and COB Duality. Concerns over the effectiveness of CEO duality and its ability to create change within the firm are seen within two separate theories: agency theory and stewardship theory (Dickins, 2010).

Dickins (2010) describes agency theory as “emphasiz[ing] the importance of monitoring manageragents who seek to maximize their personal utility by maximizing their pay, or reducing their workload (shrinking).” Within the confines of agency theory the separation of CEO from the COB allow for better monitoring which decreases management’s ability to act in their own interests over that of shareholders.

Stewardship theory “emphasizes accountability and the importance of minimizing information-sharing costs.” This theory merges the two roles to make it easier to assign responsibility and minimizes the cost of sharing information.

Both, Leblanc and Gillies (2003) and Dicken (2010), suggest that there is inconsistent evidence to indicate which of the two theories are most effective. So, which theory does BP fall into? At a glance one could easily say that BP falls into the first theory, agency theory. A conclusion of this sort would be derived from the appearance of having both a CEO, Tony Hayward and a COB, Carl-Henric Svenberg. This separation of duty would allow for an increase of oversight of management by the COB.

However, upon further inspection of BP’s Corporate Governance framework we see evidence that the COB relinquishes his duty as the “overseer of management” to the CEO. BP’s Board Governance Principals state, “The Board believes that the governance of BP is best achieved by the delegation of its authority for the executive management of BP to the Group Chief Executive (GCE) subject to defined limits and monitoring by the Board (BP p.l.c.).” Using what looks to be a hybrid of theories it appears that BP has the best of both worlds; the appearance of agency theory by having both a CEO and COB but with governance being created by the CEO which is a concept of stewardship theory.

Composition and Size

Composition can be seen as the number of outside directors vs. the number of insider directors that make up the board members. According to Leblanc and Gillies (2003) the greatest concern associated with board structure has been the “independence” of directors. They further conclude that the evidence linking board structure and independence shows that 20 years of research find little evidence to its effectiveness. This does not mean that board independence is ineffective; it just means we need to develop more efficient tools to track the effectiveness of board structures. BP’s board composition can be seen in section 3.4 of BP’s Board Governance Principles (BP p.l.c.), Composition, Size, Independence and Tenure. BP maintains, “Over half of the directors, excluding the Chairman, will comprise Non-Executive directors who are determined by the Board to be independent in character and judgment and free from any business or other relationship which could materially interfere with the exercise of their judgment.” Non executive directors will occupy over half of the board seats which will not normally exceed sixteen. With the board holding sixteen seats, “Size,” should not create an issue.

Board Membership

Board membership analyzes the processes that determine how a corporation recruits its members for their board. According to Leblanc and Gillies (2003), “[b]oard membership includes the full panoply and balancing of all director competencies in matching the strategic needs of the company.” The board members need to be balanced in order to be effective as a group. BP’s board members are expected to have:

(a) Experience in dealing with strategic issues and long-term perspectives;

(b) Leadership experience, a supervisor knowledge of business principles and capacity for independent thought;

(c) An ability to participate constructively in deliberations; and

(d) A willingness to exercise authority in a collective manner.

The Nomination committee will oversee the mix of skills required for board members and make the appropriate recommendations (BP p.l.c.).

Board Process

The day-to-day operations of a corporation are carried out by management. As management styles differ from corporation to corporation and on an individual basis, a framework needs to exist to ensure management acts with the corporation’s best interests in mind. The unethical acts of management can be detrimental to the corporation and their stakeholders, which bring up the issue, as to, what are the corporation’s obligations to its stakeholders? Can we truly determine if a corporation is acting in an ethical manner?

A study, conducted by Management & Excellence (2008), lists BP as number three of the world’s most sustainable and ethical oil companies of 2008. The criteria for rating each oil company looks to be based substantially off board structure and the policies & procedures governing the corporation. However, the ratings do not take into account the ethical actions taken by the management team. How the Board of Directors oversees these ethical actions and creates corporate strategies for management to carryout is the basis of board process.

Board of Directors and Board Process

The ability of the Board of Directors to oversee management is a key goal in corporate governance. Shareholders rely on this oversight to ensure management acts appropriately. According to Vallabhaneni (2008), the Board of Directors is responsible for setting ethical standards as well as overseeing their compliance. Each board may look at corporate governance differently and have separate business views on how to govern.

One newly emerging business view that is on the rise is taking place globally. This view incorporates a set of core values that include: human rights; environmental protection; anti-corruption measures; board oversight; relationships with management, and accountability to share-owners (UN Global Compact, 2009). Central to this view, in accomplishing these objectives, is the Board of Directors that governs corporations. Two leading initiatives are trying to change the way we think about boards and their responsibilities. These two initiatives are the Organisation for Economic Co-Operation and Development’s (OECD) Principles of Corporate Governance and the United Nations Global Compact (global framework). The underlying framework, of these two emerging think-tanks, build upon research that shows responsible corporate governance creates a business ethos and environment capable of building integrity and trust within society and to share-owners. Focusing on board responsibilities, the global framework includes three fundamental strategies for boards and their directors: (i) Protecting Stakeholder rights and interests; (ii) Managing Risk; and (iii) Creating long-term business value.

As directors, fiduciary duties are imposed “on them to act in good faith, with reasonable care, and in the best interest of the corporation and its shareholders (Senate, 2002).” An investigative committee for the U.S. Senate (2002) named three broad fiduciary duties that corporate directors operate under: obedience, loyalty, and due care. Operating under this umbrella of trust, the board must balance their delegation of power with the right about of oversight.

By: Joseph Dustin
1 2 3
read more “Ethics and BP: Corporate Governance - Part 1”

Ethics and BP: Corporate Governance - Part 2

Delegation of Duty
For boards to effectively carryout these strategies they must delegate to the CEO, who in turn delegates to other senior management the authority to manage the day-to-day affairs of the corporation. Although the board delegates authority to oversee the day-to-day operations, the board is still responsible for monitoring of management on behalf of the shareholders (Vallabhaneni, 2008).

According to Vallabhaneni (2008), senior management is charged with the following tasks: (i) Operating the Corporation; (ii) Strategic Planning; (iii) Annual Operating Plans and Budgets; (iv) Selecting Qualified Management and Establishing an Effective Organizational Structure; (v) Identifying and Managing Risk; and (vi) Accurate and Transparent Financial Reporting and Disclosures. BP has policies in place that meet these tasks; making a better corporate governance program. BP’s policy matching Vallabhaneni’s tasks were taken from BP’s Board Governance Principles and Annual Report and Accounts 2009 as shown below (BP p.l.c.) (Svanberg, 2009).

(a) Operating the Corporation - The Board delegates its authority for the executive management of BP to the Group Chief Executive subject to the defined limits and monitoring by the Board and all GCE actions must be carried out and practiced in a professional and ethical manner;

(b) Strategic Planning - The GCE is authorized to establish any policy, make any decision, enter into any obligation, take any action and develop any activity that will achieve the BP Goal and which is within a reasonable interpretation of the Executive Limitations;

(c) Annual Operating Plans and Budgets - The GCE will propose for Board consideration, the GCE’s Strategy for achieving the BP Goal. Annually the GCE will propose the Plan together with specific results to be achieved during the financial year in pursuit of the BP Goal;

(d) Selecting Qualified Management and Establishing an Effective Organizational Structure - Not directly addressed within BP’s Board Governance Principles;

(e) Identifying and Managing Risk - The GCE will not cause or permit BP to operate without a comprehensive system of controls that manages the risks to protect BP’s assets;

(f) Accurate and Transparent Financial Reporting and Disclosures - The GCE will not cause or permit BP to operate in a manner which would or would be likely, to result in BP becoming financially distressed.

Occupational Fraud

Finding effectiveness in the boardroom has emerged as a popular topic after the financial collapse of, once highly regarded, corporations like those of Enron, Tyco and Adelphia. Finding effectiveness may sound like an easy task to accomplish, however, in today’s complex corporations there are far too many variables to identify, monitor, and measure when assessing effectiveness. Carolyn Iglesias (2008) states, “The absence of a universal model for effective board governance creates a significant challenge, and companies often find it difficult to know where to start.” Michael Ross (2008) makes note that effective directors are those who take their fraud-detection responsibility seriously and focus on fraud’s telltale “red flags.” DiNapoli describes “red flags” as, “a set of circumstances that are unusual in nature or vary from the normal activity.” Directors should not solely focus on the identification of red flags, they should focus on identifing “effective red flags.” Thus, improving the effectiveness of red flags should lead to a more effective boardroom.

The Association of Certified Fraud Examiners (ACFE) defines Occupational Fraud as, “The use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” Preventing Occupational Fraud can save organizations a substantial amount of revenue; an estimated 5% of an organizations’ annual revenue is lost to fraud in a given year. The median loss across all fraud schemes were reported to be $160,000, one-third reported a loss of more than $500,000 and one-quarter reported losses of $1,000,000 or more (ACFE, 2010). Organizations engaging in fraudulent activities often suffer from long-term consequences. An analysis of U.S. Public Companies, conducted by the Committee of Sponsoring Organization of the Treadway Commission (COSO) indicates corporate fraud often leads to bankruptcy, delisting from a stock exchange, and an average initial drop of 16.7 percent in stock prices after an alleged fraud makes it to the press. Of course this is not a complete list of the consequences of fraudulent activities; only a small sample is necessary to recognize the devastation that fraud can have on an organization (COSO, 2010).

Cressey’s Fraud Triangle

Corporations looking to mitigate the damages caused by fraudulent activities must first understand the psychology of fraudsters. The importance in identifying the motives of criminals committing these fraudulent acts is in the ability to devise initiatives to prevent, deter, or stop occupational fraud from occurring. While working on his PH.D in criminology at Indiana University, Donald Cressey’s hypothesis became, what is now known as, the Fraud Triangle. Dr. Cressey’s Fraud Triangle highlights three elements that must be present in order for fraud to occur: Opportunity, Incentive (Pressure), and Rationalization (Wells, 2008).

The first element of the fraud triangle is opportunity, which occurs when an individual has the ability to commit a fraudulent activity. According to Joseph T. Wells (2008), opportunity can be broken down into two separate parts: general information and technical skill. General information is, knowing that a fraud can be carried out and technical skill is the ability to execute the fraud. The second element, Incentive (Pressure), can occur when an individual: (i) feels pressure to keep a certain social status, (ii) feels pressure to keep up with peers at work, or (iii) incur a financial burden that must be alleviated. The third element, Rationalization, is the justification of the crime that the perpetrator wishes to attempt. The fraudster might feel like their employer owes them something, justifying their position as not being a criminal. If we can eliminate any one of these three elements, theoretically we will stop the fraud from occurring.

Effectiveness of Red Flags

According to the ACFE (2010), the top four effective detection methods for identifying fraud schemes are: Tip, Internal Audit, Management Review, and Account Reconciliation. Notice the absence of External Audits from the ACFE list; external audits are important, but they should not be relied upon exclusively for fraud detection (ACFE, 2010). If we are not to rely on external sources for fraud detection, it becomes important that management and employee receive red flag training to better understand the red flags in their area of expertise.

Most red flags dealing with fraudulent activity are categorized as employee or management red flags. Employees commit fraud on a more frequent basis (41.2%), however fraud conducted by management was three times as costly ($218,000) then those perpetrated by employees (DiNapoli, 2010).

Red flags should be built around all three elements of the fraud triangle. Risk assessments should be conducted to establish areas of high risk for fraud. Once these “opportunities” are identified you can start building roles that identify those with the technical ability or in trusted positions to perpetrate the fraud scheme. These roles can then be monitored for behavioral red flags indicating an elevated rate for fraudulent activities to occur. The effectiveness of red flags depends upon the effectiveness of those who identify, monitor, and measure red flags.

1 2 3


read more “Ethics and BP: Corporate Governance - Part 2”

Ethics and BP: Corporate Governance - Part 3

BP looks to have all three elements of an effective board structure in place. They have incorporated or addressed leadership, composition, and size. If board structure acts as the lever that controls the firm’s effectiveness, then it looks like the lever is turned on. So, why does BP effectiveness not flow when the board structure is fully operational? I believe this suggest that the model described by Leblanc and Gillies might take us closer into measuring the effectiveness of Corporate Governance, which identifies board process as the key element of good governance; not board structure.

As you can see, on paper, it looks like BP addressed the management team’s responsibilities in their corporate governance program. It is this same program that is being rated by Management & Excellence and ranked accordingly as shown on the list. With BP raked number three on the list; one might want to know, what is it about BP’s ethics that they achieve the third highest ranking in the world’s most ethical oil companies? I believe BP’s ethics were based solely on board structure and policies. If the rating were based on management actions then we would have a new raking, as ethics should be based on the “verbs” that management take in the day-to-day operations of the company; not the policies.

As far as actions go, Olsen (2005) points to BP having more fatalities than any other oil company. BP continues to accumulate an even higher death rate, which includes the 11 deaths in the resent April 20, 2010 explosion of the Deepwater Horizon (Casselman, 2010). Considering just the death toll of BP and not disaster like the Texas Refinery explostion, pipeline leaks, illegal duming, and the Gulf Coast oil leak, we start to see something out of place. How many ethical points did BP lose per death? Or, do deaths not count in the ethical rating system. I think the rating system has it wrong as ethics can not be measured by looking at the policy and procedures alone. We must incorporate the “Verbs” of the corporation and how they act upon their day-to-day activities to guage ethical behavior.

Effective boardrooms need to be able to detect fraud and misdeeds within their organization. To accomplish this, directors need to ensure they have internal controls that monitor, detect, and measure the effectiveness of red flags. Employees and management must be properly trained to identify red flags within the scope of their job functions. Properly trained employees and management should be able to spot red flags sooner; leading to a reduction in cost per incident for fraudulent activities within the organization.

Creating an effective board, by utilizing Leblanc and Gillies’ (2003) model, can strengthen the overall sustainability of an organization. Effective boards have to understand the ethical risks, red flags, and internal controls within their organization. As failure to do so, often leads to a road, no one wishes to go down.


ACFE. (2010). Report to the Nations on Occupational Fraud and Abuse. Austin, TX: ACFE.

BP p.l.c. (n.d.). BP p.l.c. Board Governance Principles. Retrieved September 20, 2010, from
Casselman, B. (2010, September 11). Rig Workers Had Chance to Prevent Explosion. Retrieved September 23, 2010, from Wall Street Journal:

COSO. (2010). An Analysis of U.S. Public Companies. Retrieved October 5, 2010, from

Dickins, D. (2010, Jul/Aug). CEO AND COB DUALITY: DOES IT MATTER? Internal Auditing. Boston: Jul/Aug 2010. Vol. 25, Iss. 4 , pp. pg. 35, 4 pgs.

DiNapoli, T. P. (2010). Red Flags for Fraud. New York: State of New York Office of the State Comptroller.

Iglesias, C. (2008, May). Finding Effectiveness in the Boardroom. Retrieved October 7, 2010, from

Leblanc, R., & Gillies, J. (2003). The Coming Revolution in Corporate Governance. Ivey Business Journal .

Management & Excellence. (2008). World's Most Sustainable and Ethical Oil Companies 2008. Management & Excellence.

OLSEN, L. (2005, May 15). BP leads nation in refinery fatalities. Retrieved Oct 1, 2010, from

Ross, M. (2008, April 1). Fraud's Red Flags. Retrieved October 5, 2010, from

Senate, P. S. (2002). Report 107-70 The Role of The Board of Directors in Enron's Collapse.

Svanberg, C.-H. (2009). BP Annual Report and Accounts 2009. BP.

UN Global Compact. (2009). Corporate Governance - The Foundation for Corporate Citizenship and Sustainable Businesses. Retrieved Oct 1, 2010, from

Vallabhaneni, S. R. (2008). Corporate Management, Governance, and Ethics Best Practices. Hoboken, New Jersey: Wiley & Sons, Inc.

Wells, J. T. (2008). Principles of Fraud Examination 2nd edition. Hoboken, New Jersey: John Wiley & Sons, Inc.

By: Joseph Dustin

1 2 3
read more “Ethics and BP: Corporate Governance - Part 3”

History and Emergence of Ethics and Compliance

The past twenty years has seen an explosion of corporations, across the United States, creating new business programs that deal with ethics and compliance. One survey showed that eighty-three percent of corporations, that completed the survey, have developed a formal code of ethics or conduct (Deloitte and Corporate Board Member Magazine, 2003). It can be said that corporations generally don’t add extra personnel and undue expenses without justification. Why then are corporations creating these added expenses? Who, within the corporation, is developing these codes of ethics and compliance programs and why are they doing it? To answer these questions we must look at the history and emergence of the field of Ethics and Compliance.

Discovering the birthplace or emergence of “business ethics” is not an easy task. One reason for this lies deeply buried within the history of business ethics. Richard De George (2005) describes the history of business ethics as having three separate paths. The three separate paths or synergies of business ethics build upon each other in a way that makes the sum stronger than any other individual path.

Three Synergies of Business Ethics

The first path refers to “ethics in business,” which can be seen as “the application of everyday moral or ethical norms to business (De George, 2005).” Early examples of ethics in business can be seen in the Bible’s Ten Commandments, Plato’s Republic, and Aristotle’s Politic. As ethical philosophies took a more modern approach other views began to arise like that of Adam Smith and Karl Marx.

The second path refers to “business ethics” as it applies to the academic field. The 1960’s brought forth a new generation of social consciousness toward business. Viet Nam, Civil Rights, and Environmental Issues all became targets, for this new generation, to protest. Corporations looking to minimize public outcries formed social responsibility programs. Business schools began developing courses designed to address these social responsibilities. De George (2005) describes these courses as first having an emphasis on law with no systematic approach to ethical theory as empirical studies were the norm, as they developed or defended corporate actions. In the 1970’s the birth of “Business Ethics” as an academic field came into its own and by 1990 business ethics was deeply rooted in academia.

Ethics as a movement, the final path, shows how a business interweaves ethics into the structures of the organization through the creation of ethics codes, officers, committees and training. The business ethics movement began when new legislation was passed that targeted businesses. These laws included the Civil Rights Act of 1964, Occupational Safety and Health Act of 1970, and the Environmental Protection Act. Non-compliance with these laws could bring lawsuits upon organizations. Naturally, businesses wanting to mitigate their risks will need to comply with the laws. As more laws were passed, companies needed ways to keep abreast of each law.

Rise of the Corporate Ethics & Compliance Officer

The rise of the Corporate Ethics & Compliance Officer came in three phases (Swartz, 2003). The first phase came after scandles during the Reagan era. The next phase came in the early 1990’s after the Federal Sentencing Guidelines promised reduce fines for implementing an Effecive Compliance and Ethics Program (ECEP). The last phase came from a number of high profile corporate corruption case that include companies such as Enron, MCI/WorldCom, and Tyco.

Ethics and Compliance professionals come from vastly different backgrounds. Imagine each of the different types of organizations (businesses, corporations, partnerships, etc.) in the world and each one having their own view of what ethics and compliance means to their organization. The combinations are endless, making the path to becoming an ethics and compliance professional a daunting one. However, there are a number of key elements that play a role in determining what goes into the ethics and compliance program. How organizations interpret these key elements can shape what an organization looks for in an ethics and compliance professional, and with it, what the professional’s day-to-day activities will be.

One element lending a hand, in shaping “ethics and compliance” into a profession, is the Federal Sentencing Guidelines for Organizations (FSOG). In 1984 Congress established the U.S. Sentencing Commission. The commission set out to establish guidelines that federal judges could use when handing out convictions to criminals. It wasn’t until 1991 before chapter eight was added; creating sentencing standards for organizational defendants (Association of Corporate Counsel, 2005). The 1991 manual has undergone many changes over the years. Organizations can use the guidelines to decrease the amount of punishment by up to 95% (De George, 2005). One important element of the FSOG is instituting an “Effective Compliance and Ethics Program” (ECEP).

Companies now have guidelines to model their E&C programs after, within the ECEP seven element need to be addressed to mitigate an organization’s punishment, they are: (1) standards and procedures; (2) oversight by high-level personnel; (3) due care when delegating authority; (4) effective communication of standards and procedures; (5) auditing/monitoring systems and reporting mechanisms; (6) enforcement of disciplinary mechanisms; and (7) appropriate response after detection (Izraeli & Schwartz).

Compliance professionals interact with other departments within an organization. How compliance professionals interact with each department depends on what department is accountable for compliance within the organization. Some organizations place ethics and compliance responsibilities on the shoulder of the general counsel to ensure that, “[h]igh-level personnel of the organization shall ensure that the organization has an effective compliance and ethics program” and to stay compliant with the FSOG (Salmon-Byrne & Frederickson, 2010). However, Ethisphere (2010) builds the case that by placing the ethics and compliance function with the general counsel creates a conflict of interest.

Compliance professional’s interaction between departments is conducted through a variety of communication medians. Interaction can take place in work groups that help facilitate collaboration between different departments. Other obvious means of communication would include e-mail, phone, face-to-face conversations, text messages and even social media networks. Some E&C professionals act as a help-desk for ethical and compliant related issues, while other E&C professionals might facilitate training throughout the corporation.

A Corporate Ethics & Compliance Professional should also have a code of professional ethics; one such code was adopted by the Society of Corporate Compliance and Ethics (SCCE). The code of ethics has three main obligations, they are: (a) to the Public, (b) to the Employing Organization, and (c) to the Profession (Murphy, Walker, Anderson, Horowitz, Milano, & Doyle).


Over the last few decades the ethics and compliance profession has grown up from a philosophical idea to high-level personnel within corporate America. Guidelines, like the FSOG, have helped the E&C profession grow by leaps and bounds. Ethics and Compliance professionals must always be looking for new ways to reinvent their craft. Ethical values can change due to idealistic views perceived by the public; these changing views set the tone for acceptable values and standards in ethical thinking. As an ethics and compliance professional, the answer is not always found in the law books, it’s found when thinking beyond the words of law.


Association of Corporate Counsel. (2005, March). The New Federal Sentencing guidelines for Organizations: Great for Prosecutors, Tough on Organizations, Deadly for the Privilege. Retrieved August 20, 2010, from

De George, R. T. (2005, February 19). A History of Business Ethics. Retrieved August 13, 2010, from

Deloitte and Corporate Board Member Magazine. (2003, July). Business Ethics and Compliance in the Sarbanes-Oxley Era. Retrieved Auguest 20, 2010, from

Izraeli, D., & Schwartz, M. S. (n.d.). Retrieved August 22, 2010, from What Can We Learn From the U.S. Federal Sentencing Guidelines for Organizational Ethics?:

Murphy, J. E., Walker, R., Anderson, U., Horowitz, M., Milano, S., & Doyle, J. M. (n.d.). Code of Professional Ethics for Compliance and Ethics Professionals. Retrieved August 20, 2010, from

Salmon-Byrne, E., & Frederickson, J. (2010, May 25). The Business Case for Creating a Standalone Chief Compliance Officer Position. Retrieved August 21, 2010, from

Swartz, N. (2003, January 1). Rise of the corporate ethics officer. (Up front: news, trends & analysis). Retrieved August 19, 2010, from

read more “History and Emergence of Ethics and Compliance”

Violations of Reg O & the Federal Sentencing Guidelines

In 1973, the U.S. National Bank of San Diego went down in the history books as the first financial institution holding assets in excess of 1 billion dollars. Investigations into the U.S. National Bank discovered that over 400 million dollars in financial loans went to its chief executive officer and his related interests (Osborne, 1998). In the following years other banks began to fail with similar insider dealings being blamed. In 1977, the Safe Banking Act was introduced to deal with some of these cases. After repeated amendments and some eighteen new titles added, the Safe Banking Act of 1977 became known as the financial Institutions Regulatory and Interest Rate Control Act (FIRA). FIRA became a major upgrade to what is known as Regulation O (Reg O). More modifications to Reg O came with the passing of:

  • The Federal Deposit Insurance Corporation Improvement Act of 1991 (FDICIA);
  • The Housing and Community Development Act of 1992;
  • The Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA).

The FDICIA requires that management of certain financial institutions must provide an assessment of their compliance with insider laws and regulations. Regulation O was designed to discourage insider’s from using their positions to secure self serving credit extensions (Osborne, 1998). Violations of Reg O can cost financial institutions a lot of money making non-compliance of Reg O not a suitable option.

Regulation O Violations

Section 215.11 of Regulation O, titled Civil Penalties, states, “Any member bank, or any officer, director, employee, agent, or other person participating in the conduct of the affairs of the bank, that violates and provision of the part (other than section 215.9) is subject to civil penalties as specified in section 29 of the Federal Reserve Act (12 U.S.C. 504) (Federal Register, 2010). Section 29, titled Civil Money Penalty, breaks down violations into three tiers and sets a maximum monetary penalty, per day, for each of the three tiers (Federal Reserve, 2008).

  • Tier 1 - Any member bank which, and any institution-affiliated party with respect to such member bank who, violates any provision of section 22, 23A, or 23B, or any regulation issued pursuant thereto, shall forfeit and pay a civil penalty of not more than $5,000 for each day during which such violation continues.
  • Tier 2 - any member bank who commits any violation that recklessly engages in an unsafe or unsound practice in conducting the affairs of such member bank; or breaches any fiduciary duty; which violation, practice, or breach is part of a pattern of misconduct; causes or is likely to cause more than a minimal loss to such member bank; or results in pecuniary gain or other benefit to such party, shall forfeit and pay a civil penalty of not more than $25,000 for each day during which such violation, practice, or breach continues.
  • Tier 3 - any member bank that engages in any unsafe or unsound practice in conducting the affairs of such credit union; or breaches any fiduciary duty; and knowingly or recklessly causes a substantial loss to such credit union or a substantial pecuniary gain or other benefit to such party by reason of such violation, practice, or breach, shall forfeit and pay a civil penalty in an amount not to exceed the applicable maximum amount of $1,000,000.

Section 29 also sets a maximum fine of no more than 1 million dollars, per day, for any of the three tiers. Each of the three tiers can be used as a measurement of risk based assessments for non-compliance. If an employee within your financial institution knowing places your operations in violation to regulation O then the price for non-compliance can be a very expensive price to pay.

Federal Sentencing Guidelines Section 8

The Federal Sentencing Guidelines Section 8 has a similar structure to Section 29. However, Section 8 goes into much more detail than Section 29. While Section 29’s tiers show how much one has to pay, Section 8 helps determine what tier an organization should fall under buy using what is known as a culpability report. (United States Sentencing Commission, 2004) Section 8, titled Sentencing of Organizations, outlines how the Judicial System should review an organization in violation of law and then determines the level at which they are culpable. This can come in handy when someone within the organization commits a crime. If the organization placed into account internal controls that would have otherwise discovered the crime then the organization could be less culpable than if the organization didn’t show due diligence or due care.


Both Section 29 and Chapter 8 allow organizations the ability to measure their risk by allowing them to understand what the monetary penalties are and what they can do to ensure they are not culpable for non-compliance. These two pieces of legislation are far from perfect and a review should be performed. For now, as compliance officers, knowing the monetary risk for violations and addressing each issue to limit your culpability is a great asset to have and can save the organization a substantial amount of money if a crime was to occur.


Federal Register. (2010, July 1). Title 12: Banks and Banking. Retrieved July 6, 2010, from

Federal Reserve. (2008, August 13). Section 29. Civil Money Penalty. Retrieved July 6, 2010, from

Osborne, P. R. (1998, June). Managing regulation O. Retrieved July 6, 2010, from;col1

United States Sentencing Commission. (2004). 2004 Federal Sentencing Guidelines. Retrieved July 6, 2010, from

By: Joseph Dustin

read more “Violations of Reg O & the Federal Sentencing Guidelines”