And because bribery is “how business is done” in some foreign countries, that makes it okay, right? Right?!?!? Not even close. Even if bribes are considered normal or common in other countries, they aren’t legal under any written laws in those countries. Plus, bribes paid by U.S. companies in locales far from the U.S. still open up those companies to U.S. prosecutions under a burgeoning law known as the “FCPA.”

The Foreign Corrupt Practices Act first came about in 1977 to prevent U.S. businesses from bribing foreign government officials after many multinationals admitted to treating such bribes as a cost of doing business overseas. After its initial fervor subsided, the FCPA nearly fossilized over an almost 30-year lack of enforcement until its revival in 2004. Since then it has become a top enforcement priority for both the FBI and the SEC.

The FCPA now affects nearly all cross-border operations, especially sales and distribution. And both companies and individuals (owners, officers, directors, sales persons) can be charged with FCPA violations. As discussed below, the FBI or SEC can even charge U.S. companies and their officers for bribes offered by their foreign distributor, or a rogue sales person, that they knew nothing about. Yeah, I know, it’s nuts. Thankfully, much of this exposure can be limited implementing the suggestions mentioned below.

What’s the Worst that Could Happen?

FCPA penalties can get serious quickly. Corporate criminal penalties are $2 million per violation, or twice the related transaction’s profit, whichever is greater. Individual criminal penalties range from $100,000 per-violation fines to 5 years in prison. Civil penalties include profit disgorgement, injunctions, and fines starting at $16,000 per violation. Government contractor violators face added issues like potential contract rescission and may be barred from all future government contracts.

What’s more, investigation expenses (mostly legal and accounting fees) often dwarf penalty costs in FCPA cases.

How Can I Get in Trouble Here?

A typical FCPA violation is what most Americans would call a bribe. But instead of combatting all bribery, the FCPA focuses only on bribes paid to “foreign officials.” The FCPA therefore prohibits paying or offering to pay (directly or indirectly) “anything of value” to a “foreign official.” “Anything of value” means that bribes aren’t only cash payments. So hiring a government official’s son can also get you in trouble. Ask BNY Mellon.

The FCPA also contains a number of accounting provisions that are beyond the scope of this post. Those rules call for somewhat transparent books so that supervisors and auditors can quickly spot or prevent potential bribes.

“Foreign Officials”

“Foreign officials” include the usual suspects: elected/appointed foreign government officials and their staff, foreign government employees, foreign government agents, and just about anyone in uniform. But wait, there’s more. Foreign officials may also include workers at government-owned companies.

This means that a doctor at a government-owned hospital could be a foreign official. The universe of potential foreign officials, of course, expands rapidly in countries where the government is heavy-handed…ahem, heavily involved in the economy. For example, because the Chinese government owns a piece of many Chinese companies, millions of apparent private Chinese workers are potential foreign officials, representing millions of potential FCPA violations.

And as you may have guessed, because foreign official status may not be obvious, whether a bribe recipient is indeed a foreign official is often a hotly contested issue in FCPA investigations. Murky treatment by the courts hasn’t helped.

Limiting Your Downside

With all these traps for the unwary, U.S. businesses operating in China or similar jurisdictions may need robust anti-corruption policies and increased due diligence. The FBI and SEC certainly expect American companies in high-risk jurisdictions like China to reasonably vet all potential business partners, sales reps, distributors, or any others acting on the company’s behalf. Failure to do so can leave you liable for any bribes, authorized or not, offered by those persons under an agency theory.

You see, a bribe offered by an American company’s offshore distributor can be treated as a bribe, and an FCPA violation, by the American company even if the American company had no knowledge of the illicit payment. This is especially so if that company doesn’t have an anti-corruption policy or failed to perform basic due diligence that would have uncovered past distributor abuses. There, the FBI or SEC may claim that the American company engaged in a sort of “willful blindness,” thinking that what it didn’t know couldn’t hurt it. It can.

Thankfully though, a good anti-corruption policy coupled with a due diligence process tailored to a business’s needs will often limit a company’s FCPA exposure in third party liability cases. FCPA-related workforce training doesn’t hurt either. The FBI and SEC often cast a merciful eye (but still one containing the typical government condescension) on companies that make an upfront effort to prevent a third-party violation. The Federal Sentencing Guidelines also provide for lower fines in those cases.

Conclusion and Next Steps

To sum up, the FCPA generally affects cross-border businesses, especially those that may have contact with foreign officials. Likewise, FCPA enforcers hold companies doing business in high-risk jurisdictions to a higher standard.

The FBI and the SEC expect such companies to meet a minimum level of compliance. This generally includes a written anti-corruption policy, a third party due diligence questionnaire, and some sort of regular workforce training to ensure that certain employees are complying with the policy and using the questionnaire. These companies should also include FCPA-related language in their third party contracts that require the third party to comply with the FCPA in their contract-related duties.