This profile is the latest in a series of weekly conversations with executives at U.S. public companies who are currently involved in establishing and developing compliance programs. An index of previous conversations is available here.
So, is it true that you once showed Scotts' chief executive pictures of other CEOs doing the perp walk for accounting fraud?
[Laughter] I actually showed them to a group of senior managers here, including our CEO.
Excellent incentive tool. How'd that go over?
In a vacuum it would have been spectacular. For anybody who reads the newspapers, people are aware of it.
When you're up there talking about, "we must do this and this and this" and then you say "or ..." and show a picture of the Rigas family [of Adelphia Communications] or one of the Enron guys in handcuffs—well, that's effective.
In 1995, Scotts merged with Miracle-Gro and almost immediately stumbled into accounting fraud. How did you recover from that?
Within months of the merger, it turned out that Scotts had issues around its financial statements. There was a restatement and a change of auditing partners. The Hagedorn family [which owned Miracle-Gro prior to the merger] took more of a leading role in the business than they had until that point. One of the things they brought was a keenly developed sense of right and wrong. The philosophy was very much to do the right thing and be very conservative.
As a result of all that, the company began in fits and starts to try to be a modern, fully compliant, publicly traded company. Traditionally the company's fiefdoms had been very separate … you had a bunch of groups trying to do the right thing, but they were not consistent and not well-coordinated at all. But before Enron and all those scandals hit, we hired our outside auditors to do what our CEO called an "ethics physical." What they found was pretty encouraging, although they had some significant suggestions for improvements.
Then all those scandals started to hit and Sarbanes-Oxley came along. I was in a meeting of the audit committee, which had taken a leading role in the compliance efforts at our company, and Jim [Scotts Co. Chairman and CEO James Hagedorn] looked at me and said, "You are now the chief compliance officer."
What was the state of Scotts' compliance at that point?
Well, it became obvious very quickly that we were making good progress, but we were not coordinated and there were clearly gaps. I sat down with my legal staff to decide how we should do this, and we decided it had to be cross-functional.
What I had always tried to do before was to go out and buy advice—hire Skadden Arps or someone—and have them come in and analyze, go off and synthesize, then come back in and train. But it became clear to me that it just doesn't get you where you want to be. It's like going to a class: It's really interesting while you do it, but then you come back from class and put the book on the shelf.
We decided to adopt an approach where … to the largest extent possible, we would undertake this ourselves. We would get review and assistance from outsiders to make sure we didn't wander off the reservation (and that's particularly true in the international business), but generally our approach has been to build it ourselves.
Tell us more about how you structured that.
We set up a corporate compliance committee: I chaired it, plus our head of human resources and our head of internal audit, Bill Egan. At the time he was also our chief ethics officer. He was almost like a father-confessor; people could go to him and they felt safe confiding in him, and he had a fair amount of experience conducting investigations. We also brought in one of my lawyers who had a real passion for this, whom we designated the compliance project manager.
After the committee, we interviewed a number of our business-unit heads and identified the top areas—I think there were about eight—where people had questions or where we could see that we must be compliant but people didn't have instruments developed enough to do the job.
Can you give an example?
Antitrust would be one. In certain areas we are both competitors with and customers of other businesses, and in some countries there is a much looser sense of antitrust laws. We wanted to apply the most rigorous approach to that.
Whenever those discussions occurred (and they occur all the time for us), we wanted people to understand clearly when the supplier conversation ended and the competitor conversation started. We wanted them to understand that if you want to talk as a competitor, you ought to have a lawyer in the room.
So we identified these hot-button issues, and then established a compliance committee of about 25 business leaders across the company. We mixed it up so that, say, the sales people had a big piece of developing the antitrust training—so people worked on fairly relevant areas. Then we broke them up into subcommittees and talked through a bunch of issues.
We're still in the process of doing some of this, as we work our way down the list. We developed training materials, and now we're rolling that out. We've probably trained, overall, about 2,500 people and we have a permanent workforce of about 4,500. Some people won't receive every bit of training, depending on where they are. We try to tailor it so the training is real-life for people.
You've implemented new compliance programs before at Insilco and Grimes Aerospace. How is it different this time around, after Sarbanes-Oxley?
The whole approach is different this time because so much is handled internally—and that's driven by the screaming need that this be effective. Just hiring an outside law firm to do it is not going to get you there these days if you end up in hot water.
The effect of Sarbanes has been most profound in the way the board of directors operates. Insilco was public but dominated by a financial owner, and Grimes was private although subject to a lot of regulations as a government contractor. It was much more like we did it because we wanted to do it, and we didn't report to anybody. Here we have a highly sensitive board that borders on fanatical about the governance side, although the line between governance and compliance these days is not so bright ... I spend a lot of time with the audit committee, making sure they understand and are satisfied that what we're doing with compliance is what they want done.
What is your relationship with the board and its committees?
I'm the primary liaison with the governance committee; I attend almost all of their sessions. It had been called the "nominating and board governance" committee, but it became clear that we don't have that much turnover on the board. That committee really spent most of its time making sure the board functions well, so we changed the name to "governance and nominating" and we broadened it from board governance to corporate governance.
Especially since Sarbanes, we've implemented probably a dozen major corporate documents: charters for each of the committees, board charters, reporting procedures, an ethics policy [see box at right]. That's been a very smooth relationship.
I report to the audit committee about every other meeting. I give a full-blown 15- to 20-minute presentation, and it's pretty intense. The audit committee is very much no-nonsense; they're intensely focused on the things they want done. I usually bring our whole compliance committee, and Bill our internal auditor reports to the audit committee as well. They're intense meetings but they can be fun. We've had some go-arounds on things, but they always win.
And how's Section 404 coming for you?
Ugh. We have done a huge amount of hair-pulling on that. It is absolutely astounding how much work, effort, time and money has gone into the documentation process. That's being led by our chief financial officer. We have a steering committee of our vice chairman, me, our head of HR and our CFO.
Our original schedule was to have this done now with the attestations this fall at the end of our fiscal year. We were really under a lot of pressure, particularly in Europe because we acquired a number of businesses and never really integrated them. We're in the middle of investing $50 million in an integration program now, a big chunk of which is putting everyone on the same platform. We're installing an SAP system, and in the U.S. our single biggest advantage for getting our 404 work done is our SAP system. Of course, it's also been the single biggest thing we've been counseled about from our outside auditors. Last year they put us through a mock 404 analysis ... and it was very painful.
What are your priorities for the next 12 months?
Two issues: first, all that compliance training that I had mentioned earlier. Our completion date is Sept. 30, and we're going to come very close to that. Although, when we started at the front end one of the things we didn't really focus on is how ongoing this effort must be. We can't just cross the finish line on Sept. 30, have everybody trained, and then go back to our day jobs. It's an ongoing, rolling thing we need to manage.
The other issue is our international business. We operate in a bunch of different countries, and some of them are quite small. A lot don't have any consumer business either; a lot are professional customers like golf courses or horticulture. Getting our arms around what we do there and what the challenges are is pretty challenging. Because there are things that are regulated [in Europe] that we don't even think about here. They have all kinds of new privacy regulations, for example. Getting the international business as advanced in the compliance area as our U.S. business is really a big focus.
Thanks, David.
This column should not be regarded as legal advice. It is for general information and discussion only, and is not a full analysis of the matters presented.
No comments yet