As part of our occasional series of conversations with compliance executives and others influential in the corporate governance world, Compliance Week caught up with Neville Tiffen, global head of Compliance for mining company, Rio Tinto.
Tell us a little about Rio Tinto.
Rio Tinto is a global mining company headquartered in London. Most of our assets are in Australia, North America, and Europe. Rio Tinto has been expanding globally, for a while, throughout Africa, South America, and Asia. Our footprint is expanding, and, of course, that brings with it a range of compliance and regulatory issues.
Is Rio Tinto concerned about the U.K. Bribery Act?
All multinational companies are focused on the Bribery Act. I think for companies with good FCPA programs, there has been an overreaction to it in terms of the impact on the internal program, because much of what the Bribery Act requires they've already been doing anyway. The extra dimension of the U.K. Act is the application to private sector bribery. This is usually against the law in countries in which we operate anyway. It is certainly against our standards.
When I came into my role a couple of years ago, I began a review and refresh of our compliance program. Shortly after commencing the review, we had four employees arrested for accepting bribes. This, plus the changing regulatory landscape and increased regulator activity worldwide, brought the compliance program review very much into focus.
At most companies, directors have raised concerns about the Bribery Act, and everybody wants to know what we are doing in response.
So, in some ways, the U.K. Bribery Act has helped me in my role as global head of compliance to keep people focused and to explain why it is worth investing in these efforts. Everyone now sees why we need to make some of the changes that we are working on—revised standards, refreshed training, improved communications, better systems, and a review of our whistleblowing program.
We probably would have made these changes as part of the refreshing of our program anyway, but the U.K. Bribery Act gave this more impact.
What are your views on the pace of regulations coming out of the United States, especially as it concerns the Dodd-Frank Act?
I am concerned about the Dodd-Frank whistleblower provisions. I think it's unfortunate that people will have incentives to go to a regulator before they come to the company with any problems. That will be a challenge for compliance departments. I'm not quite sure what impact it will have in practice but, going forward, that's something that compliance professionals need to keep an eye on.
The whistleblower provision is the sort of regulation that may sound like a good idea to some initially, but when you see it in practice, there are issues.
Speaking of Dodd-Frank, what do you think about the disclosure of government payments by the mining and extraction industries?
We are following closely the developments in relation to disclosure of payments to governments. For a number of years we've been a strong supporter of the Extractive Industries Transparency Initiative, and we've already been reporting under that.
ABOUT NEVILLE TIFFEN
Neville Tiffen,Global Head of Compliance, Rio Tinto
Neville Tiffen was appointed global head of compliance for Rio Tinto in late 2008. Previously, Tiffen held other senior positions for Rio Tinto including regional general counsel in the United States and South America, chief counsel - Australia and corporate secretary/chief counsel for Comalco Limited. Prior to Rio Tinto, Tiffen was chief counsel for Australian Industry Development Corporation. He has extensive experience in corporate governance, competition law, acquisitions and divestments, financing, community and indigenous agreements and investigations. Tiffen has undertaken a rigorous review of Rio Tinto's compliance and integrity program, introducing new and revised standards and updating the whistleblower program. His experience working across the globe has provided valuable insights into compliance issues facing companies today.
We're hoping the Dodd-Frank Act will be consistent with what we're doing under EITI already.
I can understand why some are pushing back on the confidentiality issue, because it could cause a lot of legal problems. There are times that in order to meet the law in the United States we could be breaking the law in other countries. Nobody wants to be caught in that scenario.
How much of a concern does director liability play?
Director and management liability is obviously important in considering any compliance program. The major concern is to protect shareholder value, or enhance shareholder value if we can.
What other regulatory enforcement actions are of major note for Rio Tinto?
Obviously, the regulators are getting quite active, particularly in the United States.
In Australia, they've just increased penalties for bribery of foreign government officials, and that specifically includes jail terms. At the same time, the Australian authority has not yet had one prosecution for bribery of a foreign official.
What compliance concern most keeps you up at night?
Well, I sleep pretty well at night. But the aspect I really encourage internally at Rio Tinto is our culture of speaking out. If people are concerned that somebody might be doing the wrong thing, we want them to speak up, and then the company can respond appropriately.
A lot of people would say we do have an open culture, but some of the emerging economies create challenges for us in this regard because it is just not the culture in those countries for employees to speak out. That aspect does worry me.
The laws are getting more complicated, even though the underlying principles might be the same. It makes it hard for a global company to comply. We try very hard to be compliant, for example data privacy, and to have effective training and communication programs, but when is enough, enough?
Training is a constant challenge—how to do that in a cost-effective, efficient, and meaningful manner around the world. As we have discussed, many of the issues are complex and really require face-to-face interaction on an ongoing basis. Online and Webinar training goes only so far. Some of the issues are complex, and you really need to get out there and train people directly. That is an area we are really working on.
Thank you, Neville.
No comments yet