Author: Doug Cornelius

You can find out more about Doug on the About Doug page

Extranets for Law Firm and Client Collaboration – Moving Beyond Email

project_extranet

One of the problems with collaboration between law firms and their clients is that too much of it happens through email. Email is fast, allows you to send the same message to lots of people, and is inexpensive.

But it is still a set of messages sent back and forth, much like the Pony Express. To figure out what is going on you need to comb through the messages and hope that you end up looking at the latest message. Since email is so fast and so inexpensive, you often end up with a barrage of short ineffective messages.

With email, the message ends up in a different place for the sender and recipient. If I send the email, it is in my sent items and it ends up in the inbox for the recipient. Each recipient may do something different with that email once it’s in their email in-box. Some may pile it on top of the thousands of other emails in their inbox, some may file it in another email folder, some may print and delete, and some may just delete.

There has been talk for years of using extranets to change the way law firms and their clients communicate. Unfortunately, it seems there has been more talking than there have been successful extranets.

The trouble with deploying a successful extranet is finding both an attorney team and a client team that want to share information by using an extranet.

The most common extranet for a legal team is the document war room seen in larger acquisition transactions. There is a great benefit to having the documents in one place, typically with some great security. But they lack the communications tools needed to move it beyond being merely an online fileroom.

An extranet can be poorly organized and messy, making the relevant information hard to find. But organizing the information in a meaningful way can save lots of time and money for both the law firm and the client.

One of challenges for using an extranet platform is deciding which one to use. Should it be sponsored by the law firm or the client? If it is sponsored by the law firm, a few issues arise. One, the law firm will have to allow access to the client’s other law firms working on similar matters or the client will have to work with a different extranet for each of its different law firms. If the client sponsors the extranet, then the client bears the expense and maintenance burden of the extranet platform. There also will be the expense and resources spent on showing the law firm how to use the extranet platform.

One barrier to overcome is that there are a broad variety of possible extranet platforms that operate very differently and provide information in very different ways. Some of the newer 2.0 tools show how the web can be better used as a collaboration space. They also break down some of the barriers to using an extranet. Perhaps the next generation of extranets will be more effective. The answer may be SharePoint. Microsoft is pushing its SharePoint platform causing it to become more pervasive and bringing some of the concepts of Enterprise 2.0 into many business environments. By having a common platform, you could break down some of the barriers to extranet adoption.

Bits and Pieces on Compliance

Here are a few stories and items that caught my eye this week, but I have not had time to build-out to a full post: The FCPA Enforcement Report of the First Quarter of 2009 from The FCPA Blog

We count seven Foreign Corrupt Practices Act enforcement actions since the start of the year, including indictments, pleas and settlements, along with one newly disclosed investigation. Four of the enforcement actions involve individuals, and four relate to KBR. By this time last year, there had been just a couple of new enforcement actions (2008 finished with eleven organizations and twenty-six individuals being either charged with new FCPA offenses, settling enforcement actions, or having charges amended, reinstated or affirmed). Here’s this year’s rundown so far: . . .

Profiles in Power: The 20 most influential general counsel in America from the National Law Journal

In this inaugural publication of The National Law Journal’s Most Influential General Counsel, we have highlighted 20 attorneys whose leadership has proven strong — and even creative — during the turmoil in the legal industry.

OIG Recommends Action on Reg D Issues, Form D Changes from Melissa Klein Aguilar of The Filing Cabinet

The Securities and Exchange Commission should take steps to better ensure compliance with Regulation D, to act when it finds non-compliance, and should make better use of Form D information. That’s according to a March 31 report by the SEC’s Office of Inspector General, which reviewed Corporation Finance’s process for assessing whether companies appropriately use Reg D, the rule that allows exemptions from federal registration under the Securities Act of 1933 for limited offerings of securities.

Mass. Regulator Accuses Madoff Feeder Fund of “Fraud” by Kevin LaCroix of The D&O Diary

In an April 1, 2009 administrative complaint (here), Massachusetts Secretary of the Commonwealth William Francis Galvin accused Madoff feeder fund Fairfield Greenwich Advisors and its Bermuda affiliate of “complete disregard of its fiduciary duties to its investors” and of “flagrant recurring misrepresentations” that “rise to the level of fraud.”

Landmark Agreements Clear Path for Government New Media

Answering President Obama’s call to increase citizen participation in government, the U.S. General Services Administration is making it easier for federal agencies to use new media while meeting their legal requirements. For the past six months, a coalition of agencies led by GSA has been working with new media providers to develop terms of service that can be agreed to by federal agencies. The new agreements resolve any legal concerns found in many standard terms and conditions that pose problems for federal agencies, such as liability limits, endorsements, freedom of information, and governing law.

YouTube Edu – Law Law School Lectures on YouTube

Diplomatic Immunity, Corruption and Parking Tickets

parking ticket

The Foreign Corrupt Practices Act only applies to those making bribes. It does not apply to the recipients of bribes. Since the recipient must be a “foreign official” you run into the issue of “diplomatic immunity.” Richard Cassin looked at one of the approaches to taking actions against the kleptocrats in Proclamation 7750 Unwrapped on The FCPA Blog.

The concept of diplomatic immunity is that officials should only be held accountable to the laws in their home state. We would not want our officials being courted off to a foreign country for prosecution. Other countries should not expect their officials to be courted off to the U.S. for prosecution. I am sure you have seen an episode of Law & Order or Lethal Weapon 2 where a criminal runs free under diplomatic immunity.

It should not surprise you that there is a correlation between parking violations scofflaws under diplomatic immunity and the corruption in their home country.  Ray Fishman and Edward Miguel published a paper researching parking violations and diplomatic immunity in New York City.

The Clinton-Schumer Amendment, which gave the New York City permission to tow diplomatic vehicles, revoke their official parking permits, and have 110 percent of the total amount due paid from U.S. government aid to the offending diplomats’ countries of origin, resulted in a substantial decrease in diplomatic parking scofflaws.

The authors also found that there is strong correlation between the affinity for the U.S. and the diplomat’s home country.

Here is the top ten from the study:

  • KUWAIT
  • EGYPT
  • CHAD
  • SUDAN
  • BULGARIA
  • MOZAMBIQUE
  • ALBANIA
  • ANGOLA
  • SENEGAL
  • PAKISTAN

Most of these are well known for corruption. It seems these countries also export their corruption.

See:

Compliance Policies and Email

email_icon

You should take a look at your computer use and email policies to see how they address three recent cases involving email in the workplace.

The first case involves unauthorized acces: (Van Alstyne v. Electronic Scriptorium, Inc.).  The president of the company had broken into an employee’s personal AOL email account. The employee had occasionally used that email account for business communications. To top off the bad behavior, the president of the company had propositioned the employee before firing her and then accessing that email account.

In the second case (Stengart v. Loving Care [.pdf]), Ms. Stengart resigned from Loving Care and sued the company. Before leaving she e-mailed her lawyer through her personal web-based account from her company-issued computer using the company’s internet access. Loving Care recovered temporary files stored on that computer which contained copies of Stengart’s attorney-client communications. Stengart discovered that Loving Care’s lawyers planned to use her e-mail in the litigation. She asked the trial court to decide whether the e-mail, sent during work hours on a company computer, was protected by the attorney-client privilege. The court held that it was not.

In the third case (Noonan v. Staples), Staples fired sales director Alan S. Noonan  for padding his expense report. Executive Vice President Jay Baitler sent an e-mail to approximately 1,500 employees explaining the reason for the firing. The e-mail contained no untruths, but Mr. Noonan sued for defamation anyhow. Unfortunately for Staples, truth is not a defense in Massachusetts if the challenged statement was communicated with actual malice.

Lessons? What should you have in your company’s computer policy?

First, tell employees that they should not use personal e-mail accounts for purposes of conducting company business.

Second, the company should have a policy that any message sent from a company computer is subject to disclosure and the employees should not have an expectation of privacy.

Third, employees should not access another employee’s files or email accounts, whether they are the company’s or personal.

Fourth, employees should not use email or company computers to send malicious messages.

Finally, make sure you can prove that each employee knows these rules.

See:

Conducting Investigations of Wrongful Workplace Conduct

ginsburg_roy

Roy A. Ginsburg, of Dorsey & Whitney LLP and the blog Quirky Employment Questions, penned an article in the May/June 2008 edition of Business Law Today: Conducting Investigations of Wrongful Workplace Conduct.

The first issue he tackles is whether employees are obligated to participate in a company investigation. He says the answer is yes.

That leads to the next question of whether you can fire the employee who refuses to participate. He says the answer is also yes.

Of course it is best to have a policy that clearly states that employees are are expected to participate in a company investigation and that refusing to participate is grounds for dismissal. (Check your policies.) Of course you do not need to jump directly to dismissal. You can suspend them, demote them or take other action. Again, it is best to have this in the policy.

Ginsburg ends the article with 10 general guidelines  for the investigative process:

  1. Define clearly the investigator’s role.
  2. Retain the right investigator.
  3. Act promptly.
  4. Conduct a thorough investigation.
  5. Do not promise complete confidentiality.
  6. Be nimble.
  7. Get help when needed.
  8. Respond proportionally.
  9. Respond consistently.
  10. Communicate the outcome when possible.

Yes, I realize this article is little old, but one of my reading stacks collapsed and this issue sprung to the top. I took it as a sign that I should read it.

FCPA Compliance & Investigative Due Diligence

ethicspoint-logo

EthicsPoint sponsored a webinar with Ellen Zimiles of Daylight Forensic and Advisory LLC, talking about FCPA Compliance & Investigative Due Diligence. This presentation is supposed to provide an overview of current FCPA trends and highlight elements to implement an effective FCPA compliance policy. These are my notes.

Ellen started off with a summary of current FCPA activity showing a surge in the number of enforcement actions underway by the DOJ and SEC on global corruption and bribery. There is also increased global coordination on corruption investigations and prosecutions. She also noted that there is a focus on individuals. In 2008, 60% of the FCPA defendants were individuals.

The first element of an effective FCPA compliance program is a risk assessment. You need to look at whether a foreign government is your customer or whether you need government intervention as part of your business operations. Obviously, there are some countries that are more prone to fraud. You also need to revisit this assessment periodically.

Next you want to establish and document your FCPA compliance policy. It needs to be clearly documented and understood at all levels in the company. The policies can vary from business unit to business unit and region to region.

You need a designated FCPA compliance officer. The person needs enough authority to make the sales and marketing people listen.

You need internal accounting controls. It is not just anti-bribery. There are also penalties for failure to properly maintain books and records, thereby disguising potential bribery. Your FCPA policy needs to reference the controls over accounting maintenance.

You need enterprise-wide training. Ellen thinks that your overseas employees are the ones more likely to get you in trouble. In part, some countries have a culture of corruption and your employees may have grown up in that culture.

Ellen recommends having a periodic independent audit. Large multi-nationals are increasingly having specialized FCPA compliance personnel.

Your FCPA compliance program should have a plan for dealing with investigations. Obviously, prevention is better than the cure. Make sure you have a good case management system, with document translations.

Ellen moved on to Investigative Due Diligence which is the proactive identification of risks not ordinarily apparent from financial or legal reviews.

a. Application of exploratory techniques developed by law enforcement agencies
b. Analyze large volumes of publiclly available information
c. Identification of red flags

See also:

Martindale- Hubbell Connected Opens Its Barn Door

Martindale-Hubbell Connected: Professional Networking Site for Lawyers

LexisNexis has opened the doors to Martindale-Hubbell Connected, their professional networking site for lawyers. The site has been in beta for many months and still has the beta label. If you are a lawyer you can now register and join the online community: http://www.martindale.com/connected. If you are not a lawyer, you are not invited yet.

I manage to sneak into the site several months ago and finally posted Martindale-Hubbell Connected – My Thoughts last weekend. Several other commenters have offered some harsh opinions about the site for locking them out or for the problems with registration process.

Connected has been a lonely place while I have been a member. Perhaps that will change now that they are opening the community to a larger audience.

The lure of Connected is the idea of combining an online networking community, the Martindale-Hubbell lawyer listings, and the enormous pool of data in the Lexis databases. Theoretically, your lawyer listing, articles, cases, news, and people connections would be all linked together in one place. None of that seems to be in place yet on the launch.

One problem is that Connected is targeting the majority of lawyers instead of a crowd of early adopters. They want to be the largest online community. That is a different strategy than Legal OnRamp, another professional networking site for lawyers. Legal OnRamp is focusing on people who will contribute to that community. There is a barrier to entry and you may get kicked out if you don’t contribute.

Are online communities so mainstream that you can get lots of lawyers onboard and can skip targeting early adopters? I am skeptical. I predict that there will be many lawyers who register (or try to register), see the lack of content, and never come back. Early adopters will  see that Connected is merely a mediocre social network platform lacking many of the robust features of Facebook, LinkedIn or Twitter.

Or maybe I am wrong. Register for Connected and try it out for yourself. Then come back here and leave a comment, letting us know what you thought.

See also:

Does It Pay To Be Good?

sloan_winter2009

Compliance is not just about complying with legal requirements. After all, legal requirements are just a minimum standard of behavior. Your company can (and probably should) operate at a higher level.

Sustainability and ethically produced products are are areas that some companies are spending extra resources. At some point you run into a business ethics conundrum. Are you losing too much in the way of profits for your company to justify spending the extra funds on these initiatives?

It would be great to be in the sweet spot where there is extra revenue to be made from customers willing to pay a premium for ethically produced goods. The company does good AND generates more revenue. That takes the ethical issues off the table.

Remi Trudel and June Cotte conducted some research on this topic and published the results in an article in the Winter 2009 edition of the MIT Sloan Management Review: Does It Pay To Be Good?

They ran two experiments: one on coffee purchasers and a second on t-shirts purchasers. For the coffee experiment, coffee-drinking adult consumers were divided into three groups with different ethical information manipulations.

Our results showed that the premium consumers would pay as a reward for fair trade practices was $1.40 per pound, while the punishment/discount for unfair trade practices was $2.40 per pound. Thus, negative information concerning trade practices had almost twice the impact of positive information on the coffee consumer’s willingness to pay.

For the t-shirt experiment, potential consumers of cotton T-shirts were divided at random into five groups.

The first (100% Ethical) read the following: “Conventionally grown cotton uses more insecticides than any other single crop and epitomizes the worst effects of chemically dependent agriculture. Each year cotton producers around the world use nearly $2.6 billion worth of pesticides — more than 10% of the world’s pesticides and nearly 25% of the world’s insecticides. Danisky is the leading textile and clothing company based in the European Union specializing in organic cotton outdoor wear for active people. Growing cotton organically entails using cultural practices, natural fertilizers, and biological controls rather than synthetic fertilizers and pesticides. Danisky has been recognized for its outstanding environmental record. All of Danisky’s products are 100% organic.”

The second group (50% Ethical) had the same information, except that: “All of Danisky’s products are 50% organic.”

The third group (25% Ethical) had the same information, except that: “All of Danisky’s products are 25% organic.”

The control group was given no ethical information at all.

The results?

Consumers perceived (and rewarded) all levels of ethical production similarly. They did not reward increasing levels of ethical production with increasing price premiums. Our results suggest that once a certain threshold is attained, additional ethical acts or increased ethicalness simply affirms the target company’s position within that category and will not change consumers’ willingness to pay.

So in the end it pays to be good. I am sure that is a message that all companies should hear.

These are the authors conclusions:

Consumers are willing to pay substantially more for ethically produced goods than for unethically produced goods, suggesting that there is a financial reward for socially responsible behavior. The managerial implications of these findings are clear: Act in a socially responsible manner and you may be able to charge more for your products. Perhaps it is even more important to note that consumers will punish the producer of unethically produced goods to a greater extent than they will reward a company that offers ethically produced products. The negative effects of unethical behavior have a substantially greater impact on consumer willingness to pay than the positive effects of ethical behavior. Consumers may still purchase your products if they are unethically produced, but they will only do so at a substantial discount.

So, not only does it pay to be good, you may be punished if you are bad.

See:

Stop Trading on Congressional Knowledge Act

brian_baird

How can you beat the stock market? Become a member of Congress and trade on legislative actions!

You might think that a member of Congress would be prohibited from trading on non-public information that they obtain through their official position. You might be  wrong. Members of Congress and their staff  do not owe any “duty of confidentiality” to Congress. So they can’t be held liable for insider trading based on congressional knowledge. Since they do not have inside knowledge, members of Congress and their staff can share this non-public information with their friends.

Is this a problem? There is a 2004 paper that finds a portfolio that mimics the purchases of U.S. Senators beats the market by 85 basis points per month. Federal law does require Senators to disclose their common stock transfers annually in their Financial Disclosure Reports. But that filing is long after the time of the actual stock transactions.

I will not go into the details of the report other than to note that a few Senators are more active than others. You can reach your own conclusions based on the data.

In these days with a greater focus on transparency, risk and governance, you would think that Congress would close this loophole. In January, U.S. Reps. Louise Slaughter and Brian Baird (pictured) introduced the Stop Trading on Congressional Knowledge Act (the STOCK Act)(H.R. 582). Slaughter and Baird also introduced similar bills in 2006 and 2007, without success.

If this bothers you, maybe you should call, email, or tweet your Congressman or Senator.

See also:

Compliance & Ethics Institute Announces Las Vegas Lineup

scce

The Society of Corporate Compliance & Ethics has released the schedule of programs for its Compliance & Ethics Institute to be held September 13-16 in Las Vegas: Preliminary Brochure (.pdf) I am not sure if I am going to head out to Las Vegas for this particular conference, but there are some very interesting topics on the agenda.

These are a few sessions that caught my attention:

  • 102: Facebook, LinkedIn, YouTube–Friend or Foe? How Social Networks and Web 2.0 Are Creating Risks for Companies
    Orrie Dinstein, Chief Privacy Leader, GE Capital
  • 103: Risk Management Culture: The Linkage Between Ethics & Compliance and ERM
    Barbara Kipp, Partner, PricewaterhouseCoopers
  • 303: Compliance at Siemens: A Management Change Process
    Dr. Klaus Moosmayer, Compliance Operating Officer and Chief Counsel Compliance & Investigations, Corporate Legal and Compliance, Siemens AG
  • 403: Key Recent Developments Regarding Attorney-Client Privilege, Work Product Protection, and Indemnification
    Frank Sheeder, CCEP, Partner, Jones Day
  • 505: The Post-Bailout Regulatory Scene: Implications for Your Compliance & Ethics Program
    Matt Kelly, Editor in Chief, Compliance Week
  • 604: The Ethics Gap: How Our View of Business Ethics has Gotten Out of Step with the Public’s and What We Need to Do About It
    Ed Petry, PhD, Vice President, Ethical Leadership Group, A Global Compliance Company