Big Business Already Knows How to Mitigate Cannabis Risk

Guest Post by Doug Fischer, Principal at Doug Fischer Law

While entrepreneurs and investors are busy capitalizing on the U.S. cannabis industry’s breakneck expansion, large publicly traded firms remain largely on the sidelines. Sure, there are a couple of notable exceptions, like Scotts-Miracle Gro, which owns a subsidiary that sells products to plant-touching businesses. And other companies, such as Constellation Brands and Novartis, are jumping into in Canada or other foreign markets. But by and large, big U.S. businesses have been timid about selling into the domestic cannabis market. For banks, companies with government contracts, and a few other highly-regulated businesses, the hesitance is understandable. But many other firms are missing a huge opportunity.

Let’s start with two obvious and difficult facts: First, selling cannabis is federally illegal under the Controlled Substances Act. Second, it’s against the law to knowingly transact in the proceeds of cannabis sales. Thus, it’s inescapable that firms selling products or services to cannabis businesses could be accused of aiding and abetting violations of the Controlled Substances Act or money laundering. But the analysis shouldn’t end there.

Companies interested in working with the cannabis industry shouldn’t be asking whether there’s any risk in selling to the cannabis industry. Rather, they should be asking whether that risk can be effectively managed. With the right processes in place, the answer is a resounding “yes.”

Every day, large companies face compliance challenges far more daunting than how to sell their valuable products and services to the cannabis industry. Let’s take the example of a hypothetical multinational technology company that we’ll call BigTech. BigTech may use foreign agents pursue government contracts in countries that have a high-risk of corruption. The consequences for violating US anti-corruption laws could include fines totaling hundreds of millions of dollars and criminal charges against responsible executives. BigTech also has subsidiaries across the globe and faces the challenge of ensuring the financials it rolls up from those subsidiaries are accurate. Failing to report accurate financials could result in lawsuits from investors or enforcement actions by the Securities and Exchange Commission.

How does Big Tech grow while facing these massive risks? By creating compliance programs that mitigate risk and facilitate the company’s most critical business activities. The U.S. government has given BigTech ample guidance on how to create such compliance programs. Among other components, effective corporate compliance programs must include:

• Risk assessment
• A culture of compliance, staring with appropriate commitment from company leadership
• Well-designed policies and procedures
• Sufficient resources devoted to compliance
• Employee training
• A means for employees to report concerns
• Continuous testing of the program’s effectiveness

Keeping with our BigTech example, to address the risk of corrupt payments being made by the company or its agents, BigTech would analyze potential markets for that risk, train its employees to spot red flags of corruption, employ a vigorous screening process for foreign agents it hires, and put in place strict financial controls that ensure funds are not siphoned off to bribe government officials. To ensure its subsidiaries’ books are in order, BigTech would create a robust internal audit function and possibly separate financial planning from accounting functions to ensure employees don’t feel pressured to cook the books.

If large companies can overcome these enormous risks, there’s no doubt they can also craft compliance programs that facilitate entry into the cannabis market. Although the US Department of Justice rescinded the Cole Memorandum on January 4, 2018, it does not appear to be approaching cannabis enforcement differently than when the Cole Memorandum was in effect. Indeed, we know from its statements and actions, that the Department of Justice remains focused on diversion of product across state lines, black market cannabis operations, organized crime, and youth use. And while historical precedent is no guarantee of future action, the Department of Justice has been largely hands-off when it comes to cannabis businesses that do not implicate these concerns. Moreover, there are no examples of the federal government prosecuting an ancillary business simply for providing a legitimate product or service to a state-compliant cannabis business.

Each cannabis-related compliance program will vary based on a company’s unique risk profile, but some aspects of an effective compliance program for selling into the cannabis industry are obvious. Continuing with our BigTech example, the company could devise a process to satisfy itself that its customers are licensed in the states in which they operate and have a good record with state regulators. To mitigate the risk of money laundering accusations, BigTech could ensure it knows the identities and backgrounds of its customers’ owners and only accept payments from bank accounts in its customers’ names. BigTech might also train its sales employees to spot red flags of non-compliance with state laws by its customers, such as failure to check IDs at dispensaries or marketing in ways that may appeal to minors. BigTech would not be re-inventing the wheel, but rather employing familiar principles to a new risk.

Although current law makes it impossible to eliminate all legal risks associated with selling to the cannabis industry, a strong compliance program can bring that risk down an acceptable level. And as mentioned earlier, businesses looking to enter the cannabis market will also have to assess their other regulatory obligations.

Creating an effective cannabis-related compliance program of course requires resources, but those are likely resources well spent given the size of the opportunity. Rather than only focusing on what’s different about working with the cannabis industry, businesses would be wise to consider how they could apply their existing compliance know-how to grow their bottom lines.

About the author:

Doug Fischer is the Principal of Doug Fischer Law, which provides legal counsel and advisory services to businesses and investors in the cannabis industry, including financial firms, trade groups, technology companies, and others. He has expertise with cannabis regulations, the Controlled Substances Act, anti-money laundering laws, corporate compliance programs, and securities laws. Previously, Doug served as Chief Legal Officer of the National Association of Cannabis Businesses (NACB). At the NACB, Doug worked with leading cannabis businesses to establish industry compliance standards, advised members on regulatory developments, and promoted the NACB to government agencies and other stakeholders. Prior to that, Doug was an attorney with Cadwalader, Wickersham & Taft, where he represented corporations and individuals in an array of settings spanning white collar criminal, regulatory and complex commercial matters, including counseling investors and ancillary businesses in the cannabis industry. You can contact Doug at and follow him on Twitter @DougFischerLaw.

Are you a cannabis industry thought leader and want to be heard? Let us know your story.

Published by NCV Newswire
NCV Newswire
The NCV Newswire by New Cannabis Ventures aims to curate high quality content and information about leading cannabis companies to help our readers filter out the noise and to stay on top of the most important cannabis business news. The NCV Newswire is hand-curated by an editor and not automated in anyway. Have a confidential news tip? Get in touch.

Get Our Sunday Newsletter