BoardAndFraud

Herbalife – “Quis Custodiet Ipsos Custodes” – Translated: Who Will Guard the Guards Themselves, or Who will Watch the Watchmen?

Background

Herbalife Nutrition Ltd (Herbalife), a direct selling company incorporated in the Cayman Islands with headquarters in the United States, recently concluded its Foreign Corrupt Practices Act (FCPA) enforcement action with both the Department of Justice (DOJ) and Securities and Exchange Commission (SEC). Herbalife China is a group of wholly-owned, China-based subsidiaries of Herbalife. Herbalife China’s financial statements were consolidated with those of Herbalife.  Last year, China contributed about 16% of its total net sales, according to its 2019 annual report.

Herbalife settled with the DOJ via a Deferred Prosecution Agreement (DPA) and with the SEC via a Cease and Desist Order (Order). The corrupt activity lasted for over ten (10) years between at least 2006 and 2016 and was initially disclosed in the Indictments of Jerry Li and Mary Yang in November 2019. The SEC also brought civil charges against Li at the time of his Indictment, via a Civil Complaint. Repercussion of these findings include:

Scorecard

Herbalife China’s former Managing Director

From the very beginning, Herbalife’s business relationship in China was committed to illegal activity, which it knew or should have known violated the FCPA. Specifically,  beginning in late 2006, Herbalife China provided improper benefits and payments to government officials to obtain direct selling licenses for two cities.

Herbalife paid out millions of dollars in bribes. Fraudulent expense reimbursements were used to fund the bribes, which is is a common tactic for these types of bribes. Specifically, the SEC found that Herbalife China paid bribes through extravagant meals, gifts, and other benefits given to Chinese officials to obtain sales licenses and remove negative media coverage in China. Managers at the subsidiary asked employees to falsify expense report documents, for example, adding names to meal receipts to get below the company’s per head spending limit. It also found that the payments and benefits were inaccurately recorded and that Herbalife failed to maintain a sound system of internal controls.

In the last six months of 2012 alone, the EA Director independently submitted expenses claiming to have “attended 239 meals, with 4,312 participants, averaging $3,232 per meal.” In the same report, the entire subsidiary claimed to have treated 30,076  officials. It was reimbursed a total of “approximately $3.7 million for claimed gifts, meals and entertainment of government officials and media, including state-owned media officials.” Similar reports, with even increased number of meals and entertainment expenses, were presented in 2016.

SEC found that Herbalife executives received reports of high travel and entertainment spending in China and violations of its internal FCPA policies, yet still failed to detect and prevent these improper benefits and falsified expense reports.

Internal Audit reports showed large meal expenses and even identified fake meal receipts and verbal approval of expenses, even though the policy required written approval.

The Board, Internal Audit, and Compliance

Usually, this amount of spending would have triggered alarm bells, and in fact, it raised questions from the Board that were supposedly answered by the company’s Internal Audit function.   These expenses also would have been in the eyesight and vision of compliance.  Sadly, during this time, Herbalife did not feel the need to have a Chief Compliance Officer (CCO).

The Internal Audit Reports were presented to the Board of Directors: however, I wonder if audit findings were changed?

Nearly one out of four internal auditors around the world face pressures to either suppress or change their audit findings, according to a global survey on ethics and pressure conduct by the IIA’s research foundation.

One Board member emailed the Audit Committee and the Senior Vice President, Internal Audit (“IA Director”), who reported directly to Herbalife’s Audit Committee, asking whether the high spending by China Director of External Affairs was reasonable. Another Board member responded:

“Please note I have questioned this every year I have been on the board, and the company has defended its position that these are reasonable within FCPA guidelines.”

Amazingly, the IA Director responded that “the findings are the typical issues in these audits” and are within “tolerance.” It’s hard to imagine the two board members were satisfied with that answer.  The response could imply the Director of IA was complicit, under pressure, feared reprisal, or perhaps the most uninformed Director of IA ever. The company approved over $7.2 million in expense reimbursements from China from 2012 to 2016.

Both the Board and the Internal Audit Director failed to follow up to resolve the red flags or initiate an investigation into these expenses and “fake receipts.”

Herbalife China’s Internal Auditors audited the subsidiary’s external affairs function twice a year. They reported directly to the IA director, who failed to acknowledge any issue and denied any possible wrongdoing when asked by the Board.

Below is a discussion on risk, policies, and oversight.

Risk – Chinese “Gift-Giving Culture”

China is known for its abuse of gifts, meals, and entertainment expenditures due to the number of state-owned entities across many industries.  Interactions within China often involve government officials.  Commonly, government officials demand gifts, meals, and entertainment.  A company operating in this environment must have an appropriate compliance program, notwithstanding the apparent negative impact on its business.  If the company makes it clear from the beginning that it will not tolerate such improper payments, the company will eventually gain breathing room as Chinese officials will back off. Cash payments were usually made via large withdrawals from individual employees’ bank accounts and then paid to the officials as a method of obtaining licenses. As the saying goes, ”cash is king” and is typically the number one method for bribing officials in China.

Gifts, Meals, and Entertainment Policies

Global companies have to design and implement carefully constructed controls for gifts, meals, and entertainment expenses.  Even with the best internal controls, employees will figure ways to circumvent or override internal controls.

Herbalife’s controls included pre-approval requirements, that were routinely ignored, and a strict limitation of six (6) events each year for a government official.  This latter control was disregarded at the direction and approval of a Herbalife senior executive who instructed a China executive to make false entries of names of government officials because no one would check the identities to ensure an accurate listing of attendees. Policies and controls existed requiring certain maximum per head spending amounts, but by adding names to the receipts, the subsidiary was able to bypass these controls.

Oversight

With the ongoing expenditures of millions of dollars in gifts, meals, and entertainment apparently necessary to expand Herbalife’s China business, Herbalife had no meaningful oversight from Internal Audit and Compliance functions. Herbalife’s culture was not committed to any notion of compliance. Herbalife’s culture appears committed to the business at all costs culture.  Even when detected by Internal Audit, there was no effort made to investigate and restrict China from continuing its criminal conduct.  Business was significant in China. Thus Herbalife had no intention of halting its ongoing activities.

Herbalife did not commit to compliance.  Indeed, its remediation included the hiring of a dedicated Chief Compliance Officer.  Surprisingly, a public company with global operations failed to maintain any compliance function.  In the future, even with a new dedicated CCO, Herbalife faces numerous high-risk activities and will require regular reviews and compliance audits, as well as monitoring of compliance data.

Let’s now explore the organizational culture and ways to detect potential problems.

Organizational Culture

Organizational Culture can be defined as the total of the psychology and attitudes which are communicated by the leadership team to the employees and the ethics, values, and beliefs which are incorporated for execution of work and obtaining business objectives.

After reading about this Herbalife matter, one can only wonder about the culture. A lot of what I read seemed to indicate the culture at Herbalife was good.

Can a culture be too good?

According to Herbalife, the culture is vibrant, exciting, and inclusive: a great place to build a career. We’re a fast-paced organization, fielding challenges and opportunities around the world every day, and our employees are passionate about their work.

We’re located in more than 90 countries, but no matter which office or facility our employees are based, we look for some common qualities in those seeking to join Team Herbalife. People who thrive here are curious, flexible, resilient self-starters with high personal standards and are great team players.

Organizational situations that encourage harmful behavior

Organizational Red Flags

Closing Questions and Thoughts

Do you believe internal audit has transformed from an independent watchdog to a protector of top management?

The IIA defines internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.

Can internal audit be a finger pointer and still be viewed as a “value-adding” department?

Who is auditing the internal auditor?  Do External Quality Assessments help? What else can be done?

Can the culture of an organization be too good, so that trust overrides skepticism?

I welcome your thoughts, comments, and suggestions.

Stay safe, and be well.

Jonathan T. Marks, CPA, CFF, CFE

 

The outlook for improved business ethics in governance depends in no small measure on understanding institutional and human limitations.  We must remember the lessons learned and understand that organizational and human vigilance (regardless of the laws on the books and director reputation for integrity and experience) seem to vanish when markets rise. We need to be able to spot warning signs or red flags.

 

Sources and Attribution

Ali Rampurawala, Baker Tilly US

Michael Volkov, Volkov Law

ACCOUNTING AND AUDITING ENFORCEMENT Release No. 4165 / August 28, 2020 ADMINISTRATIVE PROCEEDING File No. 3-19948 – https://www.sec.gov/litigation/admin/2020/34-89704.pdf

 

 

Skip to toolbar