Over at the excellent FCPA Compliance & Ethics Blog, Tom Fox has a plug for email monitoring software disguised as a blog post. He’s even doing a “webinar” with the software developers — completely free, of course — presumably to push the sales of this product.
Notwithstanding what might not be his completely objective take on this software product, Fox raises a good issue that might warrant consideration for incorporation into your export compliance program. I assume everyone reading my blog and this post is acutely aware that a robust compliance plan is the best insurance against getting taken to the cleaners by the DoJ and the export agencies after it is discovered that an employee in your Hamburg office has been shipping your U.S. origin night vision to Iran. But what does your compliance program do proactively to ferret out such problems? Fox suggests that companies should consider periodic email sweeps for keywords
The concept is straightforward; at regular intervals you can sweep through your company email database for identified key words that can be flagged for further investigation, if required.
So, should you consider sweeping all emails for keywords such as “Iran” or “Syria”? What other keywords might help pinpoint export compliance problems? “Jail”? “Orange Jumpsuit”? “Export License,” as in “let’s avoid fussing with that stupid export license requirement”? Are there keywords that can identify times when employees say something like “Call me, since we shouldn’t put this in writing”?
While I think such an approach is a nice shiny bauble that can be dangled in front of prosecutors and enforcement agencies and therefore is worth considering, I also wonder whether such sweeps will actually be effective in detecting violations. First, in my experience, most of the problems come from sales employees outside the United States who don’t think U.S. laws should interfere with their commissions. Foreign privacy laws, particularly in the E.U., often pose barriers to rifling through foreign employees’ emails. Second, in my experience, employees, particularly those with mischief in their hearts, are much too savvy to talk openly in emails about their transshipment schemes. They almost always use code of some kind to conceal what they are up to. These employees and their code words are normally not clever enough to fool prosecutors, but those code words — like “the country we discussed” or “Middle Earth” — will easily evade keyword email sweeps.
Any thoughts on this? Share your experiences (anonymously if you wish) in the comments section.
Photo Credit: Internet Email by twitter.com/mattwi1s0n [CC-BY-SA-2.0 (http://creativecommons.org/licenses/by-sa/2.0)], via Flickr https://flic.kr/p/75rLY [cropped and processed]. Copyright 2003 twitter.com/mattwi1s0n