In an event that may be the first of its kind, the Securities and Exchange Commission (SEC) and Department of Justice (DOJ) declined to prosecute the Harris Corporation (Harris Corp.) after it reported that its new acquisition, CareFx Corporation, had been engaging in conduct that violated the Foreign Corrupt Practices Act (FCPA). The decision to decline prosecution against the purchaser Harris Corp., despite the flagrant violations of its newly acquired subsidiary, was driven by the fact that Harris Corp. had conducted advance FCPA due diligence on CareFx and then shortly after the acquisition had instituted and maintained a robust compliance program. Equally important was Harris Corp.’s decision to self-report the violation once it was uncovered. In recent years, federal prosecutors have promised leniency, or “cooperation credit,” for companies that maintain robust compliance programs and self-report violations. This decision to decline prosecution shows that federal prosecutors are sincere in their offer of leniency and demonstrates how corporations can limit or avoid FCPA liability through due diligence and robust FCPA compliance programs.

The FCPA Prohibits Bribery and Requires Robust Internal Controls

The FCPA consists of two primary provisions, an anti-bribery provision and a books and records provision. The anti-bribery provision makes it illegal to give anything of value to a foreign official for the purpose of obtaining or retaining business. The books and records provision requires issuers of securities in the United States to “maintain a system of internal accounting controls sufficient to provide reasonable assurances that” transactions are approved by management, recorded in conformity with generally accepted accounting principles and regularly audited.

Harris Corp’s FCPA Compliance Program Brings CareFx’s Violations to Light

Harris Corp. acquired CareFx Corporation in 2011. CareFx, which is engaged in the electronic medical records field, owned a Chinese subsidiary, CareFx Information Technology, LLC (CareFx China). Jun Ping Zhang (Ping), the CEO of CareFx China, had engaged in a bribery scheme whereby he curried favor with government officials by giving gifts to officials at state-owned hospitals in China. Ping concealed his bribes in fictitious expense claims. The false expense reports were then improperly recorded in the China subsidiary’s books and records which, in turn, were consolidated into Harris Corp.’s accounting records.

Harris Corp. discovered the scheme because it had instituted a robust compliance policy and program after purchasing CareFx Corp. Upon discovering the illegal behavior, Harris promptly instituted an internal investigation into the Chinese subsidiary’s activities. Once the investigation was complete, Harris Corp. self-disclosed to the SEC and DOJ. Both the SEC and DOJ declined to prosecute. In its September 12, 2016 release, the SEC noted Harris Corp.’s “efforts at self-policing . . ., prompt self-reporting, thorough remediation, and exemplary cooperation” with the SEC’s investigation.

The Government was impressed with the fact that prior to its acquisition of CareFx, Harris Corp. had conducted FCPA due diligence on CareFx China, the subsidiary. This due diligence included an interview of Ping, during which Ping did not disclose his scheme. In addition, Harris Corp. took what the SEC termed “significant steps . . . to train staff in China” on Harris Corp.’s internal FCPA controls. Because of those measures, including the implementation of an anonymous complaint hotline, Harris Corp. discovered Ping’s conduct within months of the acquisition.

FCPA Considerations for Companies Engaged in International Transactions

This excellent result for Harris Corp. demonstrates that the federal enforcement authorities are sincere when they say they will significantly reward efforts by companies to self-police, remediate problems and cooperate.

Companies engaging in acquisitions that include a foreign entity or foreign operations would be well-advised to adopt similar practices in order to avoid or mitigate potential FCPA liability. As the Harris case illustrates, pre-acquisition due diligence and sincere efforts post-acquisition to root out any illegal conduct can go a long ways toward protecting an acquirer from potential FCPA liability. Likewise, implementation and maintenance of an effective compliance program to identify such behavior is essential for preventing violations and discovering problems before they lead to significant liability. Our firm has significant experience conducting all aspects of FCPA due diligence, including preparing compliance policies, conducting and assisting with FCPA training programs, and internal investigations in the event a potential FCPA issue comes to light.