This article was written in collaboration with Kaufmann & Company.
Following a severe compliance breach or an incident of misconduct, Europe-based multinational companies with a substantial US connection could be ordered by US enforcement agencies to install an independent compliance monitor. The monitor's role, among others, would be to oversee the company's remediation efforts and provide regular progress updates to the relevant US agencies. The company would select the monitor, subject to confirmation by the relevant agencies.
When selecting a monitor candidate and an external support team, Europe-based companies and US agencies should recognize the nuances of the transatlantic divide. US monitors and their teams need to be proficient in navigating the confluence of US legal enforcement and European business cultures, legal frameworks, and corporate governance practices. Extensive experience in these aspects of the European environment significantly improves monitors’ starting position and equips them to tackle potential conflicts before they materialize.
It is essential to note that although monitors oversee US-related matters, they do not necessarily need to be from the US. Indeed, European legal experts—preferably with an in-house track record in European compliance, legal, and business culture and with strong ties to the US legal system—are often better positioned to lead successful US monitorships in Europe-based multinational companies. Their experience is especially valuable for devising solutions that meet both European and US regulatory expectations.
The Basics of US Monitorships
US government enforcement authorities (such as the Department of Justice, Securities and Exchange Commission, and Environmental Protection Agency) often require monitorships within the context of a deferred prosecution agreement, nonprosecution agreement, or plea agreement. Companies pledge to work cooperatively with the monitors and to carry out the measures detailed in such agreements.
From the US agencies’ perspective, the goal of such monitorships is to reduce the likelihood of a recurrence of compliance breaches or misconduct. This is achieved by developing or enhancing a comprehensive compliance program and fostering a culture of ethics and integrity within the company under scrutiny. For the company, a successful monitorship should ideally lead to enhanced governance, an improved risk and compliance management system, and a deeply ingrained culture of integrity. These improvements will make the company more resilient and sustainable in the future.
The company is solely responsible for remediating the breach or misconduct and preventing its recurrence in line with the requirements of the agreement with the government enforcement authorities. The monitor provides guidance and support by overseeing the remedial actions within the company’s corporate compliance and ethics program. Consequently, the monitor’s specific role and responsibilities may vary extensively depending on the circumstances leading to the appointment. Potential roles include being a facilitator, a sounding board for management, a constructive critic, a provider of specific guidance, or, in the event that the company acts reluctantly, a watchdog. In all cases, monitors seek to ensure swift and effective compliance with the agreement. Throughout this process, the ability to judge the relative importance of issues that arise is essential. Successful monitorships can help companies benefit from the process, become more resilient and sustainable, and avert government actions or penalties.
A successful monitorship should ideally lead to enhanced governance, an improved risk and compliance management system, and a deeply ingrained culture of integrity.
The right monitor can significantly facilitate the company’s cooperation and progress and, ultimately, identify the measures and resources needed to gain approval for its remediation efforts. The greatest challenges often emerge during the monitorship itself. Effective management skills and insights specific to the local context are therefore essential. The Department of Justice requires monitors to have the appropriate background, educational qualifications, experience, and reputation. Ideally, monitor candidates should have held senior positions in the corporate sector and have a history of successfully directing change programs in complex organizations. US monitors of Europe-based companies should be well versed in the European business landscape and its “rules of the game.” (For additional insights, see “Perspectives on Monitorships and Successful Compliance Transformation.”)
Three Core Competencies for US Monitors in Europe
Notable instances of European companies with US monitorships include Glencore (2023), Ericsson (2020), Fresenius (2019), Volkswagen (2017), and Credit Suisse (2014). Such monitorships have proven effective at tackling structural issues that companies are unable to resolve by themselves.
Our experience points to three core competencies required by US monitors of Europe-based multinational companies: cultural dexterity, legal know-how across relevant jurisdictions, and experience with European and local corporate governance regulations and practices.
Cultural Dexterity
A US monitor in Europe must adapt to the legal and corporate culture of the particular jurisdiction. An appreciation of, and experience with, different cultures can be critical in fostering agreement among parties, gaining buy-in from stakeholders, and expediting results. Cultural differences between the monitor’s team and the company could lead to damaging breakdowns in communication if not bridged.
The monitor and his or her team should adopt a results-driven, solution-oriented approach, paired with sensitivity to the company’s board and compliance leadership. This includes assisting the company in designing (or enhancing) and implementing a robust compliance management system. The monitor should also be adept at addressing any organizational resistance impeding progress. Monitors who struggle to understand an organization's culture, setup, and informal dynamics may inadvertently hinder long-term progress, resulting in a longer and more expensive period of monitorship.
Cultural dexterity is especially important because company and business culture is often the root cause of compliance problems. Companies with an unreceptive culture—characterized by the suppression of open communication, an emphasis on personal gain, discriminatory practices, or a pervasive lack of responsibility—are more likely to be ordered to initiate cultural transformation programs under the monitor’s guidance during a remediation program.
Monitors supporting a cultural transformation should help the company consider two critical dimensions: an ethics and integrity culture and a legal and compliance culture. To foster an ethics and integrity culture, employees must comprehend the importance of compliance and be assured of the company’s steadfast commitment to upholding integrity in its compliance objectives. Key components include leadership tone, incentive structures, promotion criteria, diversity initiatives, and rigorous consequence management. Establishing a robust legal and compliance culture requires the implementation of the right tone at the top, “walk the talk” role modeling, and clear and transparent policies and training frameworks.
Cultural dexterity is especially important because business culture is often the root cause of compliance problems.
Instigating meaningful change with measurable effects starts with performing in-depth diagnostics of the existing culture and outlining the envisioned target culture. The company can then design appropriate interventions, develop training and communication strategies, and formulate a reliable approach to measuring the success of the transformation.
Legal Know-How Across Relevant Jurisdictions
To navigate complex regulatory landscapes involving privacy laws, trade regulations, and corporate compliance across jurisdictions, monitors of Europe-based multinational companies must be well versed in both US and European laws. Legal expertise in specific European countries is essential, as there are key differences with the US regulatory environment. Most notably, European regulators scrutinize data protection and workers' rights more rigorously than their US counterparts.
Monitors must reconcile the laws of the US and of individual European countries. They play a crucial role in identifying areas of potentially conflicting laws and liability exposure and in helping companies structure practices to minimize legal issues. To address controversial topics effectively, they need to help companies develop practical solutions, especially concerning confidentiality, data protection, and legal privilege within the relevant legal frameworks.
During the oversight period, monitors should regularly review how any relevant regulatory changes will affect the company’s agreement with the US government enforcement authorities. Effective management of regulatory interactions with the relevant government authorities is also a crucial task, including establishing a liaison office staffed with experts who have experience in communicating with enforcement authorities and regulatory bodies on both sides of the Atlantic.
Experience with European and Local Corporate Governance Regulations and Practices
US monitors of Europe-based multinational companies must be familiar with several notable differences between the governance, decision bodies, and liability schemes of European and US companies .
First, US companies typically use a one-tier board system in which a single group of executive and nonexecutive directors is responsible for the management and supervision of the company. In contrast, European companies, such as those in Germany, often use a two-tier board system, with an executive management board and a larger supervisory board (sometimes including employee representatives) that handle governance tasks separately and differently. US monitors and Europe-based multinational companies under US regulatory scrutiny may find it challenging to navigate these bodies’ respective roles and responsibilities.
Second, in several European countries, codetermination policies and trade unions play a substantial role in governance. For instance, German codetermination policies give employees the right to actively participate in shaping their working environment and to be represented on the supervisory board. Securing the buy-in of employee representatives is thus crucial for any transformation initiative.
Third, the liability scheme with respect to members of the executive and supervisory boards is stricter in Europe than in the US. In Germany, for example, liability exposure is almost unlimited and can even endanger private fortunes accumulated in a manner not connected to the corporate function in question. US monitors should be aware that such strict and far-reaching exposure may lead to defensiveness on the part of executive management and supervisory board members in critical company situations.
Applying the Three Core Competencies
US monitors in Europe-based multinational companies need to apply their cultural dexterity, legal know-how, and understanding of the governance context—both European and local—to manage stakeholder relations effectively. This involves quickly identifying and mitigating immediate risks and sensitivities, defining the scope of needs to enhance processes, and helping the company steer the necessary enhancement programs. They also apply these competencies in supporting the company’s efforts to set up remediation programs and improve governance structures, as well as in tracking the implementation of mitigation initiatives.
Monitors need to apply their cultural dexterity, legal know-how, and understanding of the governance context to manage stakeholder relations effectively.
Depending on the scope of the company’s agreement with the relevant US enforcement authorities and the monitor’s mandate, efforts should be concentrated on designing a company-wide compliance enhancement program, defining target operating models, and creating company-specific risk maps, including ownership and oversight. This includes the establishment of effective control frameworks, systems, and processes for managing relevant risks, such as bribery and corruption, money laundering, human-rights violations, and environmental risks.
Regulators expect financial institutions and other companies to maintain a robust, well-documented governance and risk management framework with defined roles and responsibilities across the three lines of
defense.1
1
The three lines of defense is a risk governance framework that splits responsibility for operational risk management across three functions. Individuals in the first line own and manage risk directly. The second line oversees the first line, setting policies, defining risk tolerances, and ensuring that they are met. The third line, consisting of internal audit, provides independent assurance of the first two lines.
Notes:
1
The three lines of defense is a risk governance framework that splits responsibility for operational risk management across three functions. Individuals in the first line own and manage risk directly. The second line oversees the first line, setting policies, defining risk tolerances, and ensuring that they are met. The third line, consisting of internal audit, provides independent assurance of the first two lines.
They also want to see a strategy in place that clearly describes the approach to HR compliance. Establishing a resilient HR compliance framework requires comprehensive legal know-how, particularly in European and local labor laws and data protection standards (especially those under the EU General Data Protection Regulation, which is extremely strict regarding data tied to specific individuals).
In many European countries, remediation programs involving investigations into breaches or misconduct, assessments of the performance of specific roles and mandated actions, or employee efficiency analysis must be closely coordinated with workers’ councils and unions. Challenges also arise with respect to compensation incentives and clawbacks—a topic that the Department of Justice is closely
scrutinizing.2
2
US Department of Justice, “The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks,” March 2023.
Notes:
2
US Department of Justice, “The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks,” March 2023.
Successfully managing regulatory expectations across the Atlantic requires cultural sensitivity and an understanding of both implicit and explicit expectations. This awareness is vital to persuading stakeholders and fostering long-term change.
The Bottom Line: Transatlantic Experience Matters
US monitorships of Europe-based multinational companies achieve the highest level of success when monitors provide a combination of strong ties to the US legal system and hands-on experience with European business culture, legal systems, and governance structures. The ideal monitor is a former group general counsel, chief compliance officer, and/or board member responsible for legal, ethics, and compliance at a European multinational company. This individual should possess practical in-house experience and a pertinent track record in executing cultural transformations within such a company.
In addition, monitors of Europe-based multinational companies should be supported by a high-caliber team of experts possessing the requisite expertise, language proficiency, and industry experience. It is also essential to have subteams in the US and Europe. In some cases, team members may even need to be on the ground in other locations globally. The monitor should therefore have strong team partners, ideally with global coverage. Finally, the monitor and team partners must be supported by a well-conceived program structure and seamless communication and collaboration among the various subteams.
The appointment of an independent compliance monitor with the appropriate transatlantic experience can significantly enhance the performance and outcome of US monitorships in Europe-based multinational companies. The monitor needs the right combination of transatlantic legal and compliance acumen, cultural sensitivity, and extensive in-house experience with European and local corporate governance. Such qualifications will allow the monitor to foster an environment conducive to ethics and compliance and effect a successful transformation of the business practices of Europe-based multinational companies.
Kaufmann & Company and BCG jointly provide unique expertise to design and execute global governance and compliance programs, making us the premier choice for US monitorships in Europe. Our significant experience in every facet of compliance management allows us to tailor our approach to address specific market compliance challenges, merging business acumen and compliance and risk management expertise. We operate from a CEO's perspective to strategically evaluate compliance within respective frameworks, maintaining agility and flexibility. Our international teams can swiftly deploy experts and consultants globally.
Boasting more than 500 global BCG risk and compliance professionals, our knowledge is deep and industry-specific. We routinely apply our regulatory acumen to address the nuances of jurisdictions, industries, and companies. Collaborating with BCG’s industry specialists ensures our strategies are practical, enduring, and value-driven.