Following on from episode one of our two part sit down series with Tom Hardin, also known as Tipper X, we will be covering how he got caught and the role of compliance now as to what it was then.
Missed Part 1 of the Tipper X story? Read about how it started here.
How did the FBI catch you? How were you coached by the FBI to help build these cases?
I was stopped on the street dropping off my drycleaning in Manhattan on the way to work at 6:30am, July 8, 2008 – two FBI agents and the wallets out on the sidewalk. They said they knew about the four trades and they knew I was down in Atlanta two days prior, visiting my nephew for his baptism. One agent was playing tough, one was reassuring me. They gave me the chance to help the FBI build the bigger cases in the industry which they were going after at the time. I had to wear a wire for the next two years, helping them pick off individuals of interest in the industry.
What was it like to covertly cooperate for two years, wearing a wire and recording phone calls?
This was all during the financial crisis, 2008-2009, so highly stressful times at work before working covertly with the FBI. I’d often feel that targets who I was going after must know I’m wearing a wire because of my pointed questions. One individual even invited me to go swimming with him one day I think to see if I was wearing a wire, I had to think quick to avoid a confrontation in the pool. It was highly stressful and I’m just happy to be alive today. I didn’t hire an attorney until a year into my cooperation! I was paranoid and just following FBI orders. When I finally hired an attorney, he said it was extremely rare for someone like me to wait so long and I thought “well, it’s my first time doing this”.
Can you talk about the legal process between the 2008 FBI approach on the street outside your apartment, 2009 guilty plea and your 2015 sentencing?
I pleaded guilty in December 2009, having worked undercover as “Tipper X” until then. “Tipper X” was revealed in January 2010 and that’s when I realised anyone that knew me at all in any professional capacity that day was going to have a bad day because compliance would put all of the names in these cases through the email system to see whether there were any matching communications. Many who knew me up to that point cut ties with me then, I only heard second hand that the worst days of their careers was having to say they knew Tom Hardin and of course they had no idea what I was up to. So this idea of “who am I hurting?” started to unravel. I was finally sentenced in Feb 2015, over five years after pleading guilty, to a non-custodial sentence because I received credit from the prosecution for my substantial cooperation and due to the amount of time it took to be sentenced. However, I will be a convicted felon the rest of my life. I can’t have a bank account because I’m on every AML list and the day-to-day realities show up where I have to check the box, for example, I’m not allowed to coach my two young daughters in any sports because of the felony conviction. It’s certainly not a complaint on my part, just something I never considered back when I made those choices.
In your talks with companies today, how do you think compliance can more effectively work with the business as a partner and less as a purely monitoring role?
I think it’s so important for compliance professionals to have personal relationships with their business people. If I’m about to deliver my presentation to a company and the compliance officer introduces themselves to the front-office, I think that’s a major red flag. Your door is always open.
Of course, compliance will have to say “no” sometimes, but I think a better way to frame the question is to tell the front line “tell me what you’re trying to do, and I’ll try to find a compliant way to get there.” That way, even if you have to say no, you show you are always working with them.
Compliance officers should also look for any opportunity to make themselves look more “commercial” to the business. In other words, you’re going to create more value than you capture versus someone who might be viewed as “transactional” and capturing all of the value. In my observations during my in-house talks and when I have more time to spend with companies speaking at offsites, commercially minded compliance officers tend to work very well with the business. They gather so much data for the regulator in their gatekeeper role which is also valuable to the business. Look for ways to take on the role of project manager and leverage that as a high ROI project for the business. I think if you’re recognised as commercial-minded, you’re going to be viewed as a partner, trusted advisor, and not just the “monitor” or “police.”
What are some additional hotspots for firms to think about today with conduct risk that you’ve noticed in your company talks?
Going back to a few points in our discussion above:
i) Isolated decision making in the organisation – I would counsel people if they ever feel like they have to make a decision in isolation, and can’t talk to anyone, then of course they will catch themselves in whatever potential bad behavior it is and course correct;
ii) Extra education for thinly supervised employees in offices which may be located in non-Westernised countries – I’ve seen this a few times in my talks where the line of questioning I receive from the audience in those countries is different from most firms in Western countries;
iii) Importance of professional mentorship – whether your company has a formal or informal program, I think this is really important as I look back at my 20s when I had no mentor;
iv) People should not only be encouraged to raise issues if they see them, but expected to raise issues – escalation of issues from my vantage point today continues to be an issue in the industry;
v) What happens if performance feels unfairly assessed by the employee? The opportunity to exaggerate contributions or lie to self-protect increases from what I’ve seen, which of course can lead to larger issues. It’s my observation that HR and compliance are often operating in their own silos and would be better off to come together to really paint the full picture of the employee.
vi) Goal setting – compliance needs to be involved in the setup and monitoring of the performance management system. After experiencing down months in two of our first three months of our business, our goals became much shorter-term in focus to “make money every month” from when we started of “invest for 3-5 years”. If a goal changes that drastically, obviously the opportunity for misconduct to occur increases as does an “anything goes” mindset. This is another common thread in my company talks with the firms who have shared their own situations of misconduct. Goals need to be specific, challenging yet achievable. The companies that don’t match “achievable” and “challenging” have had problems in the past or may in the future.
vii) “Tone at the top vs mode at the middle”. Regulators are rightly focused on tone at the top but is that message trickling down to the middle? Are expected behaviors espoused from the top observed across the cubicles in the company or is it just a message that doesn’t trickle down? I’ve seen a great focus from UK based companies now on culture and personal accountability in my speaking engagements since the FRC released the 2018 UK Corporate Governance Code as well as since the extension of the SMCR to FCA-solo regulated firms. Great strides are being made but the work needs to continue.
For anyone wanting to know more about you or to get you into their business for you to share your story directly, what’s the best way to get in touch?
I share my story today as conduct risk training for banks, hedge funds, asset managers, private equity firms, law firms, associations etc. and as a conference keynote speaker. My website is www.tipperx.com and email firstname.lastname@example.org.