The Department of Justice and the Securities and Exchange Commission have published their long awaited guidance on the Foreign Corrupt Practices Act. The events which lead to its issuance began with DOJ and SEC enforcement officials creating what they now call the New Era of FCPA enforcement. See, e.g., Lanny A. Breuer, Assistant Attorney General, Remarks at the 24th National Conference on the Foreign Corrupt Practices Act (Nov. 16, 2010)( “[O]ur FCPA enforcement is . . . getting stronger. I am aware that, for some of you, as we have become more aggressive, you have become more worried . . . I want to tell you . . . that you are right to be more concerned). It is characterized by expansive interpretations of the Act that are a function of prosecutorial charging discretion, industry sweeps, ever increasing sums paid to settle and earn cooperation credit and demands for longer prison terms.
The New Era also spawned demands from business organizations and other for legislative changes to the Act addressing the aggressive positions of enforcement officials and clarifying what critics called vague statutory terms. There have been repeated demands for a clarification of key provisions such as those defining who is a foreign official. Business groups also sought the addition of a procedures defense as under the U.K. Bribery Act and a safe harbor from successor liability.
Repeated Congressional hearings failed to produce any modifications. See, e.g., Hearing before Subcommittee on Crime, Terrorism, and Homeland Security of the Committee on the Judiciary, House of Representatives, 112th Congress, 1st Session, June 14, 2011. Meetings with DOJ and SEC enforcement officials failed to yield a resolution. All of this did, however, produce the promise of guidance from enforcement officials which many hoped would add clarity and more certainty for those conducting business in the international market place.
The guidance: An overview
The promised guidance is a booklet tiled A Resource Guide to the U.S. Foreign Corrupt Practices Act, authored by the DOJ and the SEC in consultation with other branches of the government. The Guide is a comprehensive review of the FCPA and related enforcement issues. It includes chapters reviewing the anti-bribery provisions, the accounting provisions, principles of enforcement, penalties, resolutions of actions, the whistleblower provisions and the DOJ opinion procedure. The sections synthesize the pertinent statutory provisions, current case law and positions reflected in settlements, providing a comprehensive view of current practice in the area.
As the government’s view of the law, it differs little from the complained about aggressive interpretations of the Act and does not really clarify what many consider to be vague terms. At the same time the statements in the Guide are important for understanding the view of enforcement officials, ascertaining the outer edges of the Act and as a guide to settlement where prosecutorial discretion is critical.
More importantly, however, the Guide offers critical instruction for those doing business abroad, particularly in high risk areas of the world. By detailing the guiding principles of enforcement and identifying the basis building blocks of an effective compliance system in the view of enforcement officials, it offers a road map for those willing to follow it. That road map is not the repeatedly demanded procedures defense sought by business groups. Its critical principles are not new or novel. Yet by crystallizing the guiding points that should become the bedrock of any compliance systems, the Guide offers business organizations the opportunity to build a system in a cost effective manner which reflects the views of New Era enforcement officials. While it is not the same as adding a compliance defense to the Act, it does offer business organizations in the path of the New Era a way to try and avoid or at least mitigate liability.
Key Legal Issues: New Era Interpretations Crystallized
The Guide does not directly resolve the key issues raised by business groups which lead to calls for reform and the Congressional hearings. Rather, it clarifies the views of enforcement officials which previously were reflected in scattered settlements and congressional testimony. Those views, which drive charging decisions, are reflected in issues such as the discussion about the jurisdictional reach of the Act. Here the Guide states that the FCPA reaches “. . . placing a telephone call or sending an e-mail, text message, or fax from, to or through the United States involves interstate commerce—as does sending a wire transfer from or to a U.S. bank or otherwise using the US. banking system, or traveling across state borders or internationally to or from the United States.” Id. At 11. While the Guide is footnoted, no citation is offered for this statement. Also omitted is a discussion of the ruling in U.S. v. Patel, Case No. 1:09-cr-335 (D.D.C.) in which the court rejected a DOJ claim of jurisdiction over a foreign national who forwarded a package from outside the country into the U.S.
In subsequent paragraphs the Guide describes the jurisdictional reach of the Act this way: “ A foreign national or company may also be liable under the FCPA if it aids and abets, conspires with or acts as an agent of an issuer or domestic concern, regardless of whether the foreign national or company itself takes any action in the United States.” Id. At 12. The supporting citation for this statement is the criminal information filed in U.S. v. JGC Corporation, Case No. 11-cr-260 (S.D. Tex. Apr. 6, 2011).
JGC, a Japanese company, was part of the so-called TSKJ consortium formed in connection with the of the Bonny Island Project in Nigeria. The DOJ charged that millions of dollars in bribes were paid by consortium members. Each member of the consortium settled. Since the company had no contacts with the United States, JGC initially raised jurisdictional issues in its discussions with the DOJ. Later, according to the settlement papers, the company began to cooperate after the jurisdictional issues were apparently dropped.
In discussing other issues the Guide simply reiterates current case law, offering little in the way of new guidance. The definition of a foreign official has been a key question raised by business groups and in Congressional hearings. Before Congress the DOJ repeatedly opposed any clarification of the definition, citing a series of court cases which use a fact intensive, circumstances driven multi-factor test. That test is reiterated in the Guide which lists 11 non-exclusive factors as points of consideration for making the determination. Id. At 20. This approach is useful when a careful, studied research process can be utilized to gather all the pertinent facts after which a look back can be made to try and determine if a foreign official is involved. This kind of hindsight, fact driven process may be useful after years of discovery in a court case which is the predicate for the test, but it offers little guidance to a business organization competing in a fast paced international market.
Likewise, in discussing the question of successor liability – a key concern of business groups – the Guide largely reiterates standard DOJ and SEC guidance. Liability under these circumstances arises in two ways, according to the Guide: “First, a parent may have participated sufficiently in the activity to be directly liable . . . Second, a parent may be liable for its subsidiary’s conduct under traditional agency principles . . . DOJ and SEC evaluate the parent’s control – including the parent’s knowledge and direction of the subsidiary’s actions, both generally and in the context of the specific transaction.” Id. At 27.
Not only do these statements simply reiterate current positions, they offer little explanation for cases such as SEC v. Armor Holdings, Inc., No. 1:11-cv-01271 (D.D .C. Filed July 13, 2011); SEC Lit. Rel. 22037 (Jul.13, 2011). There the parent corporation was charged on the theory that subsidiaries were its agents, a claim asserted in the SEC’s complaint with little factual support.
A road map for the future: The building blocks of a compliance defense.
A critical issue raised by business groups in Congressional hearings is the need for a compliance defense similar to the one recognized under the U.K. Bribery Act. The DOJ and the SEC have opposed the addition of such a defense arguing that the adequacy of the procedures utilized by the company is assessed in the charging process.
The Guide continues the current approach of enforcement officials. Citing the U.S. Sentencing Guidelines, the Guide acknowledges that “[i]n a global marketplace, an effective compliance program is a critical component of a company’s internal controls and is essential to detecting and preventing FCPA violations.” Id. At 56. It also acknowledges the fact that the occurrence of a violation does not mean that the compliance system was ineffective, inadequate or that the organization should be charged. Nevertheless, it reflects the long held view of enforcement officials that compliance procedures should be evaluated as part of the charging process, not as a defense.
This is not to say that the Guide fails to offer important guidance on this question. To the contrary, it offers the predicate for creating compliance procedures which can later be asserted as a defense to liability. The Guide details the views and teachings of New Era enforcement officials on the basic building blocks of an effective compliance program. Organizations willing to follow this road map to compliance should use them to craft an effective compliance program to prevent FCPA violations and, if necessary, serve as a defense.
The critical principles are not new or novel and do not require business organizations to spend extravagant sums purchasing every new high tech bell and whistle offered in the market place. Rather, they are basic, fundamental principles. Those principles must be integrated into the internal controls of the company which track the funds of the organization and thus serve as the bedrock of preventing FCPA liability.
Focusing initially on the top of the organization, they seek to create a culture centered on competing in the market place through fair dealing rather than suit cases full of cash or through some “local custom” back door which seeks to skew the playing field. The principles and culture flow through the organization with periodic reinforcement to employees and checks and balances to ensure compliance and appropriate implementation.
The principles detailed in the Guide, which must be adjusted and tailored to each company, can be summarized in eight key points:
- Tone at the top: “. . . compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” Id. At 57. This requires more than a good well written program. Rather, it requires the creation of a dynamic, strong culture which demands fair play.
- Code of conduct: The foundation of any set of procedures is often the code of conduct. As the Guide states: The policies and procedures of the organization should “outline responsibilities for compliance within the company, detail proper internal controls, auditing practices, and documentation policies, and set forth disciplinary procedures . . .“ Id. 58. These can take a wide variety of forms such as a web-based compliance program for the approval of routine gifts, travel and entertainment.
- Responsibility: Critical to any program is assigning responsibility “for oversight and implementation of a company’s compliance program to one or more specific senior executives within the organization. Those individuals must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources . . . “ Id at 58.
- Risk assessment: Fundamental to an effective compliance program is risk assessment. One size does not fit all or even every part of the organization. The approach and procedures may differ across the organization depending on the risk. As the Guide states: “Factors to consider, for instance, include risks presented by: the country and industry sector, the business opportunity, potential business partners, level of involvement with governments, amount of government regulation and oversight, and exposure to customs and immigration in conducting business affairs.” Id. At 59.
- Training and updating: Compliance procedures must, to be effective, be communicated throughout the organization and periodically updated in view of experience. This can be done in a variety of ways such as through web-based and in-person training sessions. There should also be periodic reviews and updates of the system based on the experience of the organization and the dictates of the market place.
- Incentives and disciplinary measures: The procedures must apply to every person in the organization. Critical to this is making integrity and ethics a part of the overall promotion, compensation and evaluation process which provides positive incentives for compliance. At the same time there must be an appropriate disciplinary scheme for those who do not comply with the system.
- Third party due diligence: Agents, consultants, distributors and other third parities have frequently been at the center of FCPA actions. An effective set of procedures keyed to risk based principles, an understanding of the business rationale for using the third party and any payments and on-going monitoring is key. Again, this is not a one-size fits all approach but rather a program crafted to the dictates of the market place and situation.
- Confidential reporting: Finally, any program should have a mechanism for confidential reporting. This can be used to encourage employees to report questions to the organization which should have a mechanism in place to conduct the appropriate internal investigation and take the proper steps.
The Guide is a useful compilation of New Era interpretations of the Foreign Corrupt Practices Act. It synthesizes the statutory provisions with the meager, available case law and the decisions made by enforcement officials reflected in numerous DOJ and SEC settlements. For the business organization and the practitioner it thus constitutes a ready reference of prosecutorial views.
It does not resolve the many questions which have troubled business organizations and members of Congress regarding current FCPA enforcement trends. It continues the aggressive interpretations of the statutes which many have criticized. It offers no real guidance on the key question of who is a foreign official or on the issue of successor liability.
Finally, while it continues the current process of only considering compliance procedures as part of the overall charging process rather than as a defense, the Guide does offer a promising road map for those who chose to take it. By synthesizing the key principles of an effective compliance program it offers organizations willing to adopt them into a comprehensive program the opportunity fashion an effective response to halt possible violations. It also what should be an effective reply to enforcement officials if a violation occurs, by demonstrating a commitment to ethical and fair business dealings which argues strongly for a declination or at least substantially reduced sanctions.
Hurricane Sandy: During this holiday season please remember the victims of Sandy’s destruction by donating to the Red Cross (here).