The US Justice Department recently announced a new FCPA self-reporting policy designed to encourage companies to report violations in exchange for reduced penalties. Baker & McKenzie Partners Bob Tarun and Peter Tomczak recommended a very similar approach to the announced DOJ policy in a high-profile 2010 article, “A Proposal for a United States Department of Justice Foreign Corrupt Practices Act Leniency Policy.” (Read a summary here.)
Below, Mr. Tarun and Mr. Tomczak outline three steps companies should take in light of the new policy:
First, companies should benchmark their compliance and ethics programs against the eight criteria for establishing an effective compliance program. The credit available under the Sentencing Guidelines and the extra credit available under the Pilot Program, plus the DOJ’s recent focus on compliance programs and anti-corruption internal controls including by its hiring of a compliance expert, highlight the importance for companies to maintain and implement an effective compliance program. Though the Pilot Program makes clear that the criteria it identifies for an effective compliance program are not “one size fits all,” the elements set forth in the Pilot Program further inform companies about what the DOJ considers in evaluating the effectiveness of a corporate compliance program.
Second, companies should review the effectiveness of, and reinforce as appropriate, those aspects of their compliance programs that allow companies to detect and respond more quickly to potential violations of law. Such mechanisms include, among others, thorough anti-corruption training, legally-compliant hotlines, and frequent, clear communication of anti-retaliation messaging and cultural norms that promote internal reporting. To be eligible for additional credit under the Pilot Program, companies must voluntarily disclose FCPA misconduct “prior to an imminent threat of disclosure or government investigation” and “within a reasonably prompt time after becoming aware of the offense.” Companies already have substantial incentives to learn of and respond to potential violations of law, and the Pilot Program provides a helpful reminder to companies to confirm how well they are positioned to capture such benefits.
Third, companies should carefully analyze the steps outlined for full cooperation and remediation with an eye towards identifying which ones may prove very costly or problematic for the company to satisfy. For example, the Pilot Program confirms the Yates Memorandum’s focus on individuals, and expressly notes that, to qualify as fully cooperating, companies will need to make available for interview upon the DOJ’s request company officers and employees who have relevant information. These costs associated with representation and defense of individuals in any investigation may not be covered by a company’s existing D&O insurance policies. In addition, the Pilot Program conditions full cooperation on producing overseas documents, with the burden on companies to show why such documents cannot be produced. A company may transact business in a jurisdiction that presents known challenges in complying with local data privacy laws. For each of these examples, and for others, companies may be able to undertake steps now that mitigate their potential costs and make it easier for them to meet the Pilot Program’s requirements.
Read more insights on the pilot program in our Client Alert, “FCPA Pilot Program Sheds New Light on the Value of Self-Disclosure.”