Outsourcing Law & Business Journal™ – July 2012

July 25, 2012 by

OUTSOURCING LAW & BUSINESS JOURNAL™ : Strategies and rules for adding value and improving legal and regulation compliance through business process management techniques in strategic alliances, joint ventures, shared services and cost-effective, durable and flexible sourcing of services. www.outsourcing-law.com. Visit our blog at http://blog.outsourcing-law.com.

Insights by Bierce & Kenerson, P.C. Editorwww.biercekenerson.com.

Vol. 12,  No. 6,  July 2012

__________________________________________

1.   Outsourced Call Center Violates Consumer Protection Laws: Bank Liable for $200 Million.

2.  Humor.

3.  Conferences.

_________________________________________

1.  Outsourced Call Center Violates Consumer Protection Laws: Bank Liable for $200 Million. Do you have a “Compliance Management System” to prevent “unfair deceptive abusive acts and practices” (UDAAP) by your call centers? You might need one now, especially for credit cards, and other consumer financial products.

Businesses that use, manage or deliver call center services (and other “service providers” to financial institutions such as transaction processors) now have a new roadmap for operational excellence. If they neglect the roadmap, they risk legal enforcement action against unfair trade practices, illegal sales scripts, booking sales to unqualified buyers, deceptive bill collection services and abuses in marketing credit cards and other consumer financial products.  The roadmap was set forth in a Stipulation and Consent Order against Capital One Bank (U.S.A.), N.A. (the “bank”) in July 2012.  For details, click here.

2.  Humor.

Script, n.  (1) the wording of a planned conversation to guide call center agent’s conversation with a consumer; (2) a tool for unfair deceptive and abusive acts and practices; (3) the path to the consumer’s demand to speak to a call center manager, since the call center agent has no discretion or authority to deviate from the plan.

Compliance Management Program, n.  (1) a program to guide the Compliance Officer and all others to avoid deviant, deceptive or illegal behavior; (2) a cottage industry for managing one’s “monkey business” through efficiency experts, process designers, software developers, dashboard readers, process monitors, lawyers, accountants, business advisors, internal and external auditors, whistleblowers, regulators and class-action plaintiffs.

3.  Conferences.

September 10-12, 2012, IQPC presents its 13th Annual eDiscovery West Coast Summit, San Francisco, California. Across all industries corporations are experiencing exponential growth in the ESI volumes that must be collected, reviewed, and in some cases, produced in litigation.  Requesting, preserving, collecting, processing, and reviewing social media content presents new challenges for organizations of all sizes in litigation and day-to-day records management. IQPC has paid particular attention to these dynamics in crafting this year’s program. You will benefit from an unparalleled mix of thought leaders and industry movers who will shape the future of E-Discovery for years to come.  This is a must attend event to keep your organization up to speed on the developments and new horizons in this critical field.  For more information on speakers and sessions, click heredownload the brochure here or email zachary.weiner@iqpc.com to have it sent straight to your inbox.

October 21-23, 2012, SSON 7th Annual Shared Services Exchange, California. The Shared Services Exchange is the elite event for senior level shared services and sourcing practitioners who are evolving their service delivery strategies, capabilities and operations. The content agenda goes far beyond the typical cost cutting transaction machine to a program designed with transformation in mind and adding value to the business.  With tremendous growth and interest in Shared Services, IQPC Exchange will be continuing its ongoing tradition of offering cutting-edge, interactive learning opportunities for pre-qualified practitioners. This unique event combines topical sessions, one-on-one business meetings and strategic networking opportunities allowing you to maximize your time out of the office.  Request your invitation by emailing naexchange@iqpc.com or calling 1-800-398-1966.  Visit their website for  more info by clicking here.

Oct 25, 2012, Global Sourcing Council presents 3S Awards 2012, New York, New York.
The Sustainable and Socially responsible Sourcing Awards, was conceived by the Global Sourcing Council, a non-profit organization, to honor and celebrate 3S actions taken by the sourcing industry. The GSC 3S Awards recognize exceptional achievements in the global sourcing marketplace by individuals and organizations who exhibit a combination of positive social and economic leadership. The 3S awards will bring to the forefront individuals, start-ups, and companies (e.g. suppliers, buyers and advisory organizations) that have worked to innovate, implement and improve communities/peoples and the environment through Sustainable and Socially Responsible Sourcing practices. Submissions will be accepted until September 1, 2012.  Click here for more information.

**********************************

FEEDBACK: Since 2001, Outsourcing Law & Business Journal™ has been addressing legal issues in operational excellence in business services through effective sourcing practices and service integration for global and globalizing enterprises.  Covered operations include business services in IT, HR, finance and accounting, procurement, logistics, manufacturing and customer relationship management. Send us your suggestions for article topics, or report a broken link at wbierce@biercekenerson.com. The information provided herein does not necessarily constitute the opinion of Bierce & Kenerson, P.C. or any author or its clients. This newsletter is not legal advice and does not create an attorney-client relationship. Reproductions must include our copyright notice. For reprint permission, please contact: wbierce@biercekenerson.com. Edited by Bierce & Kenerson, P.C. Copyright (c) 2012, Outsourcing Law Global, LLC. All rights reserved. Editor-in-Chief: William Bierce of Bierce & Kenerson, P.C., located at 420 Lexington Avenue, Suite 2920, New York, NY 10170, 212-840-0080.

Impact of UK Bribery Act, 2011 on Best Practices in Global Sourcing

July 14, 2011 by

The package of documents for outsourcing contracts has grown to include a copy of the customer’s “code of conduct.” The service provider contractually agrees to respect the customer’s code of contract. Such codes of conduct pose tricky legal issues for both global business organizations and their service providers.

Such codes of conduct have immediate and compelling roots in the U.S. Sarbanes-Oxley Act of 2002. The “anti- bribery” component has roots in the U.S. Foreign Corrupt Practices Act of 1974 (“FCPA”), the United Nations’ Code of Conduct for Multinational Corporations and the OECD Convention on Combating Bribery of Public Officials in International Business Transactions. Like the U.S. FCPA, the U.K. Bribery Act, 2010, prohibits businesses from bribing foreign officials. The Bribery Act becomes effective July 1, 2011.

This article provides a brief overview of the core, generic principles of such legislation and recommends “best practices.” For enterprise customers hiring service providers, such practices should apply regardless whether the immediate services are to be rendered outside the customer’s country. For service providers, such practices will not only facilitate getting hired, but also avoiding painful surprises.

Business Compliance Mandates. Both the FCPA and the Anti-Bribery Act make it illegal to bribe a public official. The U.K. law goes farther than the U.S. law because the U.K. law also prohibits “private-to-private” commercial bribery (such as kickbacks and undisclosed payments to gatekeepers).

Bribery. There are different definitions of “bribery.”

  • Under the FCPA, it involves the “corrupt” payment (money or any thing of value) to a foreign governmental official for the exercise of judgment. Illegal bribery does not include payments that are:
    • “facilitation” payments (“grease” payments) that merely accelerate governmental approval of a right to which the service provider is entitled under local law; and
    • not also illegal under foreign local law; and
    • made in good faith for “promotion, demonstration or explanation of products or services” or “execution or performance” of a contract with a foreign government
  • Under the UK Bribery Act, “bribery” offense include:
    • “the bribery or attempted bribery” of a foreign public official to obtain business or to obtain an advantage in the conduct of business,” where such an “advantage” could include any inducements to secure business or to “help” the business; and
    • The failure of a commercial organization to prevent bribes being paid by anyone “associated with” the organization, creating vicarious criminal liability for executives of UK companies for deeds of anyone performing services “for” the organization, including outsourcers, unless the business organization has adopted “adequate procedures” in a compliance program to escape strict vicarious liability for such deeds.

Bribable Persons. The Bribery Act defines a “bribable” person more broadly than the FCPA. In the US, a bribable public official must have sufficient authority to exercise discretion in the grant or denial of governmental action. In the UK, any level of public official is a bribable target.

Organizations Covered by the Laws; Extraterritoriality. Both laws cover foreign companies having a jurisdictional nexus within the UK or US borders, as applicable. Each law has extraterritorial conduct.

  • For US purposes, the law applies to foreign companies with U.S.-listed securities. The 2010 Dodd-Frank law grants enforcement jurisdiction to the SEC and promotes whistleblowing.  For monetary penalties over $1.0 million, a whistleblower can be entitled to a reward from 10% to 30% of the monetary sanctions actually recovered.
  • For UK purposes, the law applies to any company that does business in the U.K., even if its securities are not listed on UK exchanges or if it conducts business there, regardless whether that UK business has any relationship to the non-UK bribery activity.

Lobbying Expenses. The entertainment and lobbying of governmental officials raises the most difficult issues. Hospitality in one setting might be considered bribery in another.

Penalties for Business Executives. Penalties under the UK Bribery Act exceed the penalties under the FPCA. Under the Bribery Act, executives are subject to criminal (with jail time of up to 10 years) but not civil liability. Under the FCPA, the liability is either civil or criminal. The amount of organizational liability is unlimited under the Bribery Act.

Best Practices in Global Sourcing after the UK Anti-Bribery Act. The UK’s Secretary of State for Justice has issued interpretative “guidance,” but the UK’s Serious Fraud Office has announced its commitment to fully enforce the new law. Such guidance adopts best practices under FCPA and Sarbanes-Oxley. All such laws do not specify specific tests but start with a culture of transparency, accountability and compliance. For the UK, such guidance includes:

  • Tone at the Top: Liability of Leadership. Anti-bribery programs begin with the “tone” in the executive suite. Business executives (including the Board of Directors, officers and owners) must set that tone to assist subordinates in making appropriate decisions. A clear policy statement (Code of Conduct) must be communicated to all internal and external “resources.”
  • Transparency and Enforcement. The procedures adopted by a business organization must be clear, practical, accessible, effectively implemented and enforce. This enforcement process imposes new burdens on global enterprise customers since merely adopting a Code of Conduct will not suffice.,/li>
  • Risk-Assessment and Risk-Adjusted Proportional Procedures. The commercial organization should first identify the risks and then adopt anti-bribery procedures that are proportional to the risks. A balance must take into account the nature, scale and complexity of the commercial organization’s normal business operations.
    • Risk Assessments – General. The risk-assessment process needs to be periodically re-done by persons having extensive understanding of the business organization’s risk profile. Risk reports are recommended. Such risk assessments should consider specific areas where bribery might be a problem. These include situations for obtaining governmental permits for new facilities, governmental certificates of compliance with local building, zoning and fire codes, obtaining new telecom circuits from governmentally owned telecom providers and other cases where “facilitation” or “grease” payments.
    • Risk Assessments – Due Diligence. To mitigate bribery risks identified in the general risk assessments, the business organization must apply due diligence procedures to its internal and external resources and supply chain. It remains somewhat unclear how deep into the supply chain one must delve, since the “associated” business organization supplying goods or services may have its own issues.
    • Risk Assessment – Compliance Officers. Risk assessment requires an ongoing role for a compliance officer.
  • Implementation of Policies.
    • Communication and Training. As with any other corporate policy, anti-bribery policies must be communicated to all employees. Periodic refresher training is suggested to update the policies and attune the employees (and external resources) to newly identified risks of bribery. As with the other forms of vigilance, the communications and training need not be exhaustive, but should be designed to be proportionate to the risks of bribery occurrences.
    • Continuous Process Improvement. The business organization must engage in continuous review of the bribery risks, the anti-bribery policies and the procedures to prevent bribery by employees and others “associated with” the organization. In short, this invites a continuing dialogue with service providers, who should have answers and demonstrable programs that provide risk-adjusted assurances to the enterprise customer.

Examples of Some Best Practices. The critical path to compliance starts with steps to identify the business’s legal and social responsibilities that flow from doing business with, or in, the United States and/or the United Kingdom. These are key markets for any global services provider.

The “compliance checklist” will require policies, procedures and governance in the following areas, both for enterprise customers and for their service providers who wish to be “world class” in a world that includes serving U.S. and U.K. business organizations (or entities that are subject to such laws even if they are not based in such countries):

  • Code of Conduct. “World class” companies need codes of conduct to embody the compliance component of their business mission.
  • Contract Terms for the Supply Chain. Master services agreements need to include anti-bribery clauses that resonate with both US and UK laws.
  • Managerial Guidelines. Bribery issues are now on a par with human resources and labor laws. Managers need effective guidelines.
  • Chain of Command: Compliance Officers. World-class businesses need to designate individuals who have compliance roles for risk assessment, policy design and internal audit and enforcement. Governance models for relationship management in all sourcing contracts should reflect such roles.
  • Financial Transparency and Controls. The FCPA requires companies with securities listed on the U.S. stock market to implement U.S. accounting principles. Such principles require accurate classification of payments including whether the payments are validly deductible for income tax purposes. (Under the U.S. tax code, bribes of government officials are not deductible). The FCPA’s legal requirements relating to “books and records” are easy to implement and enforce since there is no component of “criminal intent” (scienter).
  • Audits of Service Providers. Remember SAS 70, Type II audits? The anti-bribery auditing business has just begun. The author and the publishers of this article can advise on how to identify and hire such new auditors, how to develop and implement effective, compliant audit programs (both for global enterprises and for world-class service providers).

Outsourcing Law & Business Journal™: July 2010

July 30, 2010 by

OUTSOURCING LAW & BUSINESS JOURNAL (™) : Strategies and rules for adding value and improving legal and regulation compliance through business process management techniques in strategic alliances, joint ventures, shared services and cost-effective, durable and flexible sourcing of services.  www.outsourcing-law.com. Visit our blog at http://blog.outsourcing-law.com for commentary on current events.

Insights by Bierce & Kenerson, P.C., Editors.  www.biercekenerson.com

Vol. 10, No. 7 (July 2010)
_______________________________

1.   Dodd-Frank Financial Reform: New “Systemic Risks” for the BPO Industry.

2.  Humor.

3.  Conferences.

____________________________

1. Dodd-Frank Financial Reform: New “Systemic Risks” for the BPO Industry. The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, H.R. 4173, signed by President Obama on July 21, 2010, invites a rethinking of the traditional outsourcing model in the financial services sector.   The new law adopts new requirements to limit systemic financial risks.  It calls for new regulations to delineate prohibited transactions and to implement new certain reporting and operational restrictions.   The regulations apply to broker-dealers, banks dealing with hedge funds, commodity brokers, swap dealers and participants and credit rating agencies.  It establishes a Bureau of Consumer Financial Protection to ensure compliance.

The traditional outsourcing model does not involve legal liability of service providers for legal wrongdoing by their enterprise customers.  The Dodd-Frank law shifts the risk profile of service providers in the financial services sector.  This could have a chilling effect on outsourcing for financial services companies and their external service providers.  For more, click here.

2.  Humor.

Whistleblower, n. (1) in sports, the umpire; (2) in law enforcement, the policeman; (3) in business process management, the employee who sees the emperor is wearing no clothes; (4) in false advertising in the tobacco industry, a retired researcher; (5) under Sarbanes-Oxley, a self-appointed member of a spy network; (6) under Dodd-Frank, a bounty-hunter.

Aiding and abetting, n.  In LPO, a “regulatory process” transformation that automatically converts the back office transaction provider into a  front-office crook.

3.  Conferences.

September 13-15, 2010.  5th eDiscovery for Pharma, Biotech and Medical Device Industries, Philadelphia, Pennsylvania.  Presented by IQPC, this event will bring together industry leaders from in-house eDiscovery teams, expert judges and outside counsel as they discuss:

  • How the new Pension Committee decision will effect eDiscovery professionals in the life science industries
  • The unique challenges biopharmaceutical and medical device companies face with respect to social media content
  • Preparing and responding to FDA inquiries, patent issues, and other types of pharmaceutical litigation
  • A progress report on the 7th circuit eDiscovery pilot program and its implications for Pharma and Biotech
  • Reducing patient privacy risks and unnecessary disclosures due to indiscriminate document retention
  • Discovering new technologies to reach your goal of gaining proactive control over all your data

To register and view the whole program, click here.

September 26-28, 2010.  IQPC Shared Services Exchange™ Event, 2nd Annual, to be held in The Hague, Netherlands. Shared Service Centres have long been seen as the cost saving centre of HR, Finance & Accounting and IT processes, but with changing employment trends and global challenges facing organisations, how can SSC’s continually offer service value?

Unlike typical conferences, the Shared Services Exchange™, which will be co-located with the Corporate Finance Exchange™, focuses on networking, strategic conference sessions and one-on-one meetings with solution providers. The Exchange invites strategic decision makers to take a step back from their current operations, see what strategies and solutions others are adopting, develop new partnerships and make investment choices that deliver innovative solutions and benefits to their businesses.

To request your complimentary delegate invitation or for information on solution provider packages, please contact: exchangeinfo@iqpc.com, call +44 (0) 207 368 9709, or visit their website at http://www.sharedservicesexchange.co.uk/Event.aspx?id=263014

September 28-30, 2010, SSON presents Finance Transformation 2010, Chicago, Illinois. If you are facing challenges to meet your finance end-to-end and top quartile requirements, consider Finance Transformation 2010 – the most comprehensive event for anyone managing finance back office operations looking for end-to-end capability.

The main themes explore the strategic views of true transformation across the entire finance supply chain and highlight the roadmaps which will help you to achieve top quartile business outcomes you aspire to. Sessions will cover the key tenets that all of you in the industry – large and small, beginner and established, vendor and buyer, private and public – are required to confront. For more information and to register, visit Finance Transformation.

October 21-22, 2010, American Conference Institute’s 5th National Forum on Reducing Legal Costs, Philadelphia, Pennsylvania.

The essential cross-industry forum for corporate and outside counsel who are truly motivated to create value and reduce legal costs through innovative fee arrangements, enhanced relationships, and streamlined operations

Come join senior corporate counsel responsible for cost-reduction success stories, as well as leaders from law firms that have pioneered the use of alternative fee arrangements and other innovative cost-reduction initiatives, as they provide a roadmap for navigating the complexities of keeping legal department costs in check. Now in its fifth installment, this event offers unique networking opportunities with senior practitioners from around the nation, including in-house counsel from a wide range of companies and industries.

Reference discount code “outlaw” for the discounted rate of $1695!  To get more information, visit www.americanconference.com/legalcosts

October 25-27, 2010, The 8th Annual HR Shared Services and Outsourcing Summit, Orlando, Florida. This will be a gathering for corporate HR & shared services executives from companies across North America to exchange ideas, develop new partnerships and discuss the latest tools, technologies and strategies being employed in the profession to enhance departmental efficiencies and propel corporate growth. The event will focus on the most current topics in the HR shared services industry including metrics, automation, outsourcing, globalization, compensation & rewards, benefits and an overall focus on the new strategic role of HR shared services.  We will review how to tackle change management, analyze current and future projects and further develop the instrumental key areas within HR shared services. Outsourcing Law contacts can receive 20% off the standard all access price when they register with the code HRSS5. Register by calling 212-885-2738. View the program brochure for more details by clicking here.

******************************************

FEEDBACK: This newsletter addresses legal issues in sourcing of IT, HR, finance and accounting, procurement, logistics, manufacturing, customer relationship management including outsourcing, shared services, BOT and strategic acquisitions for sourcing. Send us your suggestions for article topics, or report a broken link at: wbierce@biercekenerson.com. The information provided herein does not necessarily constitute the opinion of Bierce & Kenerson, P.C. or any author or its clients. This newsletter is not legal advice and does not create an attorney-client relationship. Reproductions must include our copyright notice. For reprint permission, please contact: wbierce@biercekenerson.com . Edited by Bierce & Kenerson, P.C. Copyright (c) 2010, Outsourcing Law Global LLC. All rights reserved.  Editor in Chief: William Bierce of Bierce & Kenerson, P.C. located at 420 Lexington Avenue, Suite 2920, New York, NY 10170, 212-840-0080.

Dodd-Frank Financial Reform: New “Systemic Risks” for the BPO Industry

July 30, 2010 by

The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, H.R. 4173, signed by President Obama on July 21, 2010, invites a rethinking of the traditional outsourcing model in the financial services sector.   The new law adopts new requirements to limit systemic financial risks.  It calls for new regulations to delineate prohibited transactions and to implement new certain reporting and operational restrictions.   The regulations apply to broker-dealers, banks dealing with hedge funds, commodity brokers, swap dealers and participants and credit rating agencies.  It establishes a Bureau of Consumer Financial Protection to ensure compliance.

The traditional outsourcing model does not involve legal liability of service providers for legal wrongdoing by their enterprise customers.  The Dodd-Frank law shifts the risk profile of service providers in the financial services sector.  This could have a chilling effect on outsourcing for financial services companies and their external service providers.

Vicarious Liability for Service Providers. The Dodd-Frank law raises the standards for external service providers who support any regulated financial services.

o    It imposes vicarious liability on any service provider processing consumer financial transactions as “aiders and abettors” for operational support in some cases.
o    It encourages employees of shared service centers and outsourcers to file claims of violation so that they can reap a bounty in an enforcement case.
o    It makes mere “recklessness” the equivalent of a “knowing” violation of:

o    the Securities and Exchange Act of 1934, Dodd-Frank, Sec. 929O, amending 15 USc 78t(e);
o    the Investment Company Act, Dodd-Frank, Sec. 929M, amending 15 USC 77o; and
o    the Investment Advisers Act of 1940, Dodd-Frank, Sec. 929N, amending 15 USC 80b-9.

o    It extends the extraterritorial jurisdiction of U.S. courts in enforcement of U.S. securities laws.

Whistleblowers Beyond Sarbanes-Oxley. The Sarbanes-Oxley Act of 2002 protects the employment of “whistleblowers” who report to governmental authorities the employer’s violations of the SOX law.   Section 922 of the Dodd-Frank law extends protection of “whistleblowers” by appointing them as bounty hunters against securities law violations by banks, financial services companies, insurance companies (BFSI) and by others including credit rating agencies, investment advisers, investment companies (mutual funds), commodities future dealers and others.

The bounty would be manditorily paid, where the Securities and Exchange Commission (SEC) brings any administrative or judicial proceeding that results in monetary sanctions exceeding $1.0 million.  15 USC 78a, Sec. 21F, per Dodd-Frank, Sec. 922.   Under future SEC regulations to be adopted, bounties will be awarded to individuals for “original information” not known to the SEC from any other source in an aggregate amount of between 10% and 30% of the total amount collected from SEC-imposed monetary sanctions on the wrongdoer.   In deciding how much to award, the SEC must consider the significance of the information to the success of the SEC, the degree of assistance by the whistleblower and his or her “legal representative” and the “programmatic interest” of the SEC in deterring future violations of the securities laws.

The new statute explicitly promotes anonymous whistleblowing by contemplating a scenario where the whistleblower is represented by legal counsel.   However, identification of the whistleblower is required, but only “prior to payment of the award.”

The statute extends the usual prohibitions against retaliation for initiating, testifying in or assisting in any judicial or administrative proceeding.   Specifically, “no employer may discharge, demote, suspend, threaten, harass, directly or indirectly, or in any other manner, discriminate against a whistleblower” in terms of employment, by reason of the whistleblowing.  The protection applies to any employer, even if the employer is not the violator of the Dodd-Frank law.  This protection expires with a new statute of limitations of six years, but not more than ten years if the “materials facts” were not immediately discovered till later.  The whistleblower is entitled to reinstatement of employment, 200% of back pay lost plus litigation costs including attorneys’ fees.

The bounty-hunting whistleblower is a new phenomenon.   It invites anyone having insider knowledge, including those who process financial transactions under a confidentiality (non-disclosure) agreement, to breach the duty of confidentiality and pursue a bounty by reason of wrongdoing by the client enterprise.

This new law raises the risks for both outsourcers and captives that an employee might become embroiled in whistleblowing.  It is not difficult to imagine that an outsourcer’s employee (or captive financial service center’s employee) might identify patterns of trading, and might indeed hear conversations in the course of transactions processing, that might provide evidence of breaches of the new Dodd-Frank restrictions and future SEC implementing regulations.

The bounty-hunting awards were payable for securities violations before the Dodd-Frank act became law.  Dodd-Frank, Sec. 924(c).

Aiders and Abettors. The Dodd-Frank law also imposes penalties under the Investment Advisers Act of 1940 (IAA) for anyone who assists a securities violation by a registered investment adviser.  Thus, anyone who “knowingly or recklessly has aided, abetted, counseled, commanded, induced or procured a violation of any provision” of the IAA shall be deemed in violation to the same extent as the direct violator.   Dodd-Frank, Sec. 929N, amending 15 USC 80b-9, new Sect. 209.

Extraterritorial Jurisdiction of U.S. Courts. The Dodd-Frank law focused on international transactions that could result in violations of U.S. securities laws, even though the “bad acts” are conducted offshore.  The new law clarifies and, some would say, extends, the statutory jurisdiction of U.S. federal District Courts to adjudicate any SEC enforcement proceeding alleging a violation of fraud to two international contexts that were somewhat controversial under existing judicial precedents:

o    Conduct within the USA that constitutes significant steps in furtherance of the violation, even if the securities transactions occurs outside the USA and involves only foreign investors (i.e., domestic activities); and
o    Conduct occurring outside the USA that has a foreseeable substantial effect within the USA (i.e., foreign activities).

In this case, the foreign activities of business intelligence, research, analytics, transaction processing and reporting, customer relationship management, and other tasks could have such a “foreseeable substantial effect.”   Thus, foreign activities are thus subject to US judicial jurisdiction, and the foreign service providers engaged in supporting violations by US persons could be governed by US enforcement jurisdiction for direct wrongdoing, recklessness or “aiding and abetting.”

Shared Services Center or Outsourcer’s Risks under Consumer Financial Protection Laws. Outsourcing contracts allocate the risks and responsibilities for compliance with applicable laws.   The Dodd-Frank law puts financial services outsourcing on the radar for possible direct enforcement action against the shared services center or outsourcer.

The Dodd-Frank law enumerates the consumer laws that are covered:  These consist of:

(A) the Alternative Mortgage Transaction Parity Act of 1982 (12 U.S.C. 3801 et seq.);
(B) the Consumer Leasing Act of 1976 (15 U.S.C. 1667 et seq.);
(C) the Electronic Fund Transfer Act (15 U.S.C. 1693 et seq.), except with respect to section 920 of that Act;
(D) the Equal Credit Opportunity Act (15 U.S.C. 1691 et seq.);
(E) the Fair Credit Billing Act (15 U.S.C. 1666 et seq.);
(F) the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.), except with respect to sections 615(e) and 628 of that Act (15 U.S.C. 1681m(e), 1681w);
(G) the Home Owners Protection Act of 1998 (12 U.S.C. 4901 et seq.);
(H) the Fair Debt Collection Practices Act (15 U.S.C. 1692 et seq.);
(I) subsections (b) through (f) of section 43 of the Federal Deposit Insurance Act (12 U.S.C. 1831t(c)-(f));
(J) sections 502 through 509 of the Gramm-Leach-Bliley Act (15 U.S.C. 6802-6809) except for section 505 as it applies to section 501(b);
(K) the Home Mortgage Disclosure Act of 1975 (12 U.S.C. 2801 et seq.);
(L) the Home Ownership and Equity Protection Act of 1994 (15 U.S.C. 1601 note);
(M) the Real Estate Settlement Procedures Act of 1974 (12 U.S.C. 2601 et seq.);
(N) the S.A.F.E. Mortgage Licensing Act of 2008 (12 U.S.C. 5101 et seq.);
(O) the Truth in Lending Act (15 U.S.C. 1601 et seq.);
(P) the Truth in Savings Act (12 U.S.C. 4301 et seq.);
(Q) section 626 of the Omnibus Appropriations Act, 2009 (Public Law 111-8); and
(R) the Interstate Land Sales Full Disclosure Act (15 U.S.C. 1701).

BFSI outsourcers and shared services centers will be deemed to be providing regulated “financial products or services” if they provide any one or more of the following functions.   (There are some exceptions, but for general discussion, the key elements can be summarized here.)

(i) extending credit and servicing loans, including acquiring, purchasing, selling, brokering, or other extensions of credit;
(ii) extending or brokering leases of personal or real property that are the functional equivalent of purchase finance arrangements
(iii) providing real estate settlement services (other than appraisals);
(iv) engaging in deposit-taking activities, transmitting or exchanging funds, or otherwise acting as a custodian of funds or any financial instrument for use by or on behalf of a consumer;
(v) selling, providing, or issuing stored value or payment instruments
(vi) providing check cashing, check collection, or check guaranty services;
(vii) providing payments or other financial data processing products or services to a consumer by any technological means, including processing or storing financial or banking data for any payment instrument, or through any payments systems or network used for processing payments data;
(viii) providing financial advisory to consumers on individual financial matters or relating to proprietary financial products, including–

(I) providing credit counseling to any consumer; and
(II) providing services to assist a consumer with debt management or debt settlement, modifying the terms of any extension of credit, or avoiding foreclosure;

(ix) for others, collecting, analyzing, maintaining, or providing consumer report information or other account information, including information relating to the credit history of consumers, used or expected to be used in connection with any decision regarding the offering or provision of a consumer financial product or service.

Conclusion. The Dodd-Frank law requires further regulations, which could be retroactive.

1.    Expanding Scope of Vicarious Liability.   Service providers and shared service centers face new risks of direct and vicarious liability for performing certain covered financial service activities.  As a matter of policy, the Dodd-Frank act raises the policy question whether, in future laws and regulations, service providers be exposed to more scenarios of vicarious liability.

2.    Living in a Climate Protecting Whistleblowers.  Whistleblower laws already protect persons who report violations of tax laws and securities laws.  The Dodd-Frank act expands the concept of whistleblowers as tools for law enforcement.

o    Employment Law.  The Dodd-Frank law pushes the boundaries in the field of employer-employee relations.   Every employer now has a duty to avoid discrimination against its employees who become whistleblowers as private spies for governmental enforcement of violations of law.  Service providers cannot simply adopt a policy of prohibiting whistleblowing.  Rather, they now have to define their policies, procedures and contractual risk management in cases where their customers are potentially violating the laws.

o    Contractual Design and Risk Allocation.  What should a service provider do if an employee poses questions about a financial service company’s operational compliance with Dodd-Frank? Should the service provider encourage the employee to be a whistleblower?

o    Relationship Governance.  Can the provider deal with the problem through the existing “relationship governance” framework?  What are the possible outcomes and costs of dealing with a “whistleblowing” situation in business process management?

o    Termination Management.  Does the provider have any contractual rights or remedies to terminate the relationship?  What process should be initiated before any such right becomes enforceable?  Who pays for transition costs in case of termination for alleged breach by the customer of laws that could inveigle the service provider as an “aider and abettor”?

3.    The Service Provider’s Price for Moving up the Value Chain.  Today, service providers are moving up the value chain by providing end-to-end transaction processing across business functions that are increasingly regulated.   Service providers’ business intelligence (BI), deductive and predictive analytics, knowledge-process outsourcing (KPO), legal process outsourcing (LPO) and core finance and accounting functions.   In this context, service providers need to put  “aiding and abetting” and whistleblower management on their radar for risk assessment, policy development and actions to mitigate risks.  This will require investment in compliance analytics, workflow definition and contractual reallocation of risk.

4.    Insurance.   The increased risk profile for servicing the back-office needs of the BFSI market exposes service providers (and their directors and officers) to significant financial liability.  Typically, insurance products are developed to spread risks to cover losses from the rare occasion of catastrophic liability.  It is time for risk managers to discuss this issue with their legal counsel, insurance brokers and insurance carriers.

Accordingly, in the consumer financial services sector (and other consumer sectors), it is time for reassessment of the business models for outsourcing and shared services.  Redesign of the business models will reflect these pinpoint areas of primary legal risks, identify possible avenues for eliminating or mitigating those risks, and redesign the services and contractual risk allocations.

For further discussion of this article, contact  William Bierce in New York.