The Organisation for Economic Co-operation and Development (OECD) has released its Foreign Bribery Report, which provides a comprehensive analysis of anti-bribery enforcement actions around the world dating from 1999. The report examines enforcement actions taken by all countries that have enacted criminal anti-corruption statutes that target the bribery of foreign public officials. The OECD’s report highlights a number of risk areas and identifies enforcement trends, including some surprising realities about the commercial circumstances surrounding the payment of bribes.

The report tracked 427 cases against 263 individuals and 164 entities. The OECD determined that although anti-bribery enforcement actions climbed steadily after 2005, the actions peaked in 2011 and then dropped off considerably in 2012 and remained steady at this lower level through 2013. Unsurprisingly, the report found the United States to be the most active enforcer of anti-bribery laws, imposing sanctions in connection with 128 different foreign bribery schemes. The next most active country was Germany, which took action against individuals and entities in connection with 26 separate bribery schemes. Overall, settlement continues to remain the most common way anti-bribery enforcement actions are resolved, accounting for nearly 70 percent of the cases analyzed.

The OECD’s findings also provide insights into where and how official bribery most often occurs. Perhaps counter to popular thinking, the OECD found that bribes are most often paid to public officials in relatively wealthy countries (i.e., those with medium to very high United Nations Human Development Index (HDI) scores), rather than to public officials of developing countries, who are generally assumed to be the most common recipients of illegal payments. According to the OECD’s report, bribery is also largely concentrated in four industries, representing two-thirds of all cases studied: (i) extractive; (ii) construction; (iii) transportation and storage; and (iv) information and communication sectors. In the majority of the cases (57 percent), the bribes were paid to win public procurement contracts. The most likely recipients of bribes were officials connected to state-owned or -controlled enterprises (27 percent), followed by customs officials (11 percent), heath officials (7 percent) and defense officials (6 percent).

The OECD also concluded that, in most cases, top company employees knew about the bribes, with management-level employees paying or authorizing payments in 41 percent of the cases studied, and the company’s chief executive officer directly involved in 12 percent of the cases. Nearly one-third of the cases came to the attention of authorities through self-disclosure reporting. While the OECD found that only 2 percent of the cases were instigated by whistleblowers, that figure is likely to rise in the future, including due to the continuing efforts of the Securities and Exchange Commission’s (SEC) Office of the Whistleblower.

Significantly, the OECD also found that in 75 percent of the cases it examined, the bribes were carried out by third-party intermediaries—whose conduct can have legal repercussions for companies even when the intermediaries are not under the same level of control as the company’s own employees and operations. In 41 percent of the cases studied, these intermediaries were agents, distributors, and brokers. In another 35 percent of the cases, the intermediaries were corporate vehicles, such as foreign subsidiaries, entities serving as offshore tax shelters or local consulting firms.

The report provides several important takeaways from a compliance perspective. First, the OECD report notes that “[o]ne of the most remarkable outcomes is the fact that in foreign bribery cases concluded to date, corruption is not, as some would believe, the scourge solely of developing economies. With almost one in two concluded foreign bribery cases involving officials from countries with high to very-high HDI rankings, it is clear that this is a crime that takes place in countries at all levels of development.” The OECD report goes on to recommend that, because “bribes have been paid to officials from countries at various stages of development, bribery risk assessments should focus instead on the context of the transaction, for example, whether it involves partnering with a public company (in 27% of cases bribes were paid to SOE officials), public procurement processes (the context of the bribery in 57% of cases), or the use of intermediaries (which occurred in 71% of cases).” In other words, while the location of the business activity and Transparency International’s Corruption Perceptions Index are important factors for companies in crafting a risk-based approach to anti-corruption compliance—including training, risk-based due diligence on business partners and audits—the report’s findings underscore the reality that certain types of transactions present a heightened risk of corruption regardless of the location in which the transaction occurs.

Second, as stated in the report, “[t]he overwhelming use of intermediaries in foreign bribery cases demonstrates the need for enhanced and effective due diligence, oversight and application of the company’s compliance programme to third parties (whether individuals or companies) in international business transactions. Compliance programmes should focus specifically on due diligence with respect to agents and on verifying the rationale and beneficial ownership of other companies involved in the transaction.” This, of course, echoes the message of the SEC and the US Department of Justice (DOJ), as set forth in the 2012 FCPA Resource Guide: “Risk-based due diligence is particularly important with third parties and will also be considered by DOJ and SEC in assessing the effectiveness of a company’s compliance program.” And, it is important to remember in the context of third-party relationships that actual knowledge of an improper payment is not required. The FCPA applies not only to those with actual knowledge, but also applies to those who purposefully avoid actual knowledge: the so called “ostrich” or “head in the sand” problem.

The OECD’s findings are a potent reminder of the significant risks that are involved in partnering with third-party intermediaries in foreign jurisdictions and the need for risk-based due diligence on business partners. As stressed in the 2012 FCPA Resource Guide, “The fact that a bribe is paid by a third party does not eliminate the potential for criminal or civil FCPA liability.”

Given the risk involved in these third-party relationships, it is imperative that companies operating in foreign countries create and implement compliance programs that reduce the exposure that these intermediaries pose. Steps that the DOJ and SEC expect companies to take when contracting with third parties are outlined in the Resource Guide. Companies are expected to conduct appropriate risk-based due diligence to understand the qualifications, reputation and associations of its partner. If red flags surface, the amount of diligence should increase.

Companies must ensure that the work performed by the third party is necessary and justified, the contract terms are not unusual, and that the company is suited and qualified to perform the work. 
Companies should also ensure that their partners in foreign countries understand and commit to complying with the principal’s anti-corruption policies and expectations. This can be accomplished through training, commitments in the contracts with third parties and periodic certifications. And, even well-after third parties are retained, companies should undertake ongoing monitoring of their third-party partners, including exercising audit rights when appropriate.