For better or for worse, the global economy increasingly depends on trade between countries. Even for small- and medium-size businesses, growth might require entering foreign markets, which can bring all sorts of unexpected challenges. To exploit those new opportunities successfully, American businesses must confront unknown cultural norms and traditions, and navigate complex, and sometimes not entirely reliable, legal systems.

Often that requires dealing directly with officials or agents of the host country government. And often those officials or agents want something of value in return for getting you in the door, especially for helping businesses from the richest country in the world. Such bribery, committed abroad – even if done by third parties – can subject businesses to large financial penalties and subject citizens to prosecution in United States courts under the Foreign Corrupt Practices Act (“FCPA”). Therefore, it is vital for any company seeking to expand abroad to understand the scope of the FCPA and the consequences of breaching it.

FCPA Legal Framework

The statute has two main provisions: (1) anti-bribery provisions; and (2) books and records provisions. Under the anti-bribery provisions, U.S. companies, and their agents, may not give “anything of value” to “foreign officials” “in order to assist … in obtaining or retaining business.” Under the books and records provisions, U.S. companies must develop and maintain adequate controls to detect and, ideally, to prevent such bribery.

What constitutes “anything of value?” The answer is everything. The most obvious and historical examples are cash or a Rolex. But the government has expanded the definition to include pretty much anything that anyone might think is valuable with no de minimis threshold. For example, in the summer of 2015, BNY Mellon paid almost $15 million to settle an FCPA action for providing valuable student internships to family members of officials affiliated with Middle Eastern sovereign wealth funds.

Who are “foreign officials?” At a minimum, they include foreign government leaders, such as presidents or prime ministers, and employees of government departments or agencies, such as taxing or import authorities. But future actions could involve individuals more tangentially affiliated with the government. The Department of Justice (“DOJ”) considers certain employees of state-owned enterprises (“SOE”) to be foreign officials for purposes of FCPA enforcement, even if they are not foreign officials under the laws of the host country. In addition, in the first precedent-setting opinion on the matter, the 11th Circuit held in 2014 in United States v. Esquenazi that employees of SOEs are covered by the FCPA.

Although small companies and individuals engaged in international commerce might think this risk is minimal given their small contributions to global trade, any breach of the FCPA can bring penalties. In 1994, the government brought two FCPA actions affecting Vitusa Corporation, which sold milk powder to the government of the Dominican Republic: one against the entity and one against its sole shareholder. Rather than contest the allegations, the company paid a $20,000 fine, and the shareholder was placed on two years’ probation. In 2009, Gerald and Patricia Green were convicted of paying bribes of nearly $2 million to the governor of the Tourism Authority of Thailand in order to secure lucrative film festival contracts. The DOJ sought 10-year sentences for each, even though each was ultimately only sentenced to 6-months.

The 2010 Dodd-Frank financial reform bill brought about another wrinkle in FCPA enforcement by extending qui tam whistleblower actions to all securities-related statutes, including the FCPA. Under such an action, a whistleblower can receive between 10 to 30 percent of the amount the federal government ultimately recovers from the wrongdoer if the whistleblower provides unknown information necessary for a successful prosecution. While it remains debatable whether that change will significantly increase FCPA enforcement actions, suffice it to say that businesses engaging in global trade might have someone other than the U.S. government scrutinizing their business dealings abroad – their competitors.

To understand how such qui tam actions can harm your business, here’s one example brought under the False Claims Act. The action was brought by University Loft Company (“Loft”), an Indiana-based furniture manufacturer, against University Furnishings (“Furnishings”), a Texas-based competitor, for allegedly evading import duties. Furnishings ultimately paid $15 million to the government to settle the enforcement action, $2.25 million of which went to Loft for information it provided. That was in addition to the $1.3 million that Furnishing paid to Loft to settle a separate lawsuit against it. So, not only did Furnishings lose nearly $20 million as a consequence of both actions, but fifteen percent of the qui tam action went to a competitor.

Consequences of Breaching FCPA

If your business is subject to an FCPA enforcement action, you face two difficult and competing questions to answer: fight it or settle it? Traditionally, defendants would either contest the charge and go to trial or settle by pleading guilty in order to receive a reduced punishment. But in 2004, the DOJ introduced two alternative resolution mechanisms: non-prosecution agreements and deferred prosecution agreements. In exchange for quick resolution to threatened enforcement actions, companies enter into agreements to forgo prosecution. Penalties include substantial fines and implementation of expensive, government-monitored corporate reforms. Some businesses opt for these solutions because the costs are known, versus the delay and uncertainty of litigation. But the expanded use of these mechanisms – and the dilemma it causes businesses by forcing them to make an expeditious monetary decision despite possible success on the merits – has been highly criticized.

In September 2015, yet another development emerged. Deputy Attorney General Sally Yates circulated a memo (the “Yates Memo”) setting forth a change in DOJ policy. Traditionally, companies subject to an enforcement action could lessen the punishment if they assisted the government in unearthing and rectifying the malfeasance, so-called “cooperation credit.” Historically, the government was less concerned about individual criminal conduct and only targeted the business entity to clean up its act. But the new policy pursuant to the Yates Memo requires that, for the business to receive any cooperation credit, it must also investigate the transgression, determine who the individual wrongdoers are, and turn them over to the government for prosecution.

That policy has some degree of logic. After all, a business acts only through its agents and employees. To penalize just the entity (and its owners or shareholders) for the malfeasance of individual bad actors doesn’t seem entirely just. But since most FCPA actions are based on voluntary disclosures (i.e., businesses affirmatively telling the government that it violated the law), this new policy could surely limit such disclosures, especially if the guilty employee wields significant power within the business.

The Yates Memo also prohibits prosecutors from finalizing any settlement until they have developed a plan to resolve the underlying individual criminal case. For the business to benefit from the supposed efficiency and certainty of those alternative resolution mechanisms, the prosecutor now must develop a report including: “a discussion of the potentially liable individuals, a description of the current status of the investigation regarding their conduct and the investigative work that remains to be done, and an investigative plan to bring the matter to resolution prior to the end of any statute of limitations period.” Requiring prosecutors to engage in such nuanced and challenging analysis will no doubt further delay resolutions of FCPA actions against businesses as law enforcement undertakes a more rigorous administrative process.

Understanding the FCPA and how agencies enforce its provisions is critical for businesses engaged in international commerce in order to avoid preventable enforcement actions. And for global businesses with foresight, investing in a compliance program on the front end can turn the burden of the FCPA into a competitive advantage.