At a November 2011 conference on the Foreign Corrupt Practices Act (FCPA), Assistant Attorney General Lanny Breuer announced that “detailed new guidance on the [FCPA’s] criminal and civil enforcement provisions” would be released sometime in 2012. The announcement of this anticipated guidance was an unexpected but welcome development for companies and FCPA practitioners alike. In an area of the law where precedent is relatively lacking and the precedent that does exist often comes in the form of negotiated settlements and fact-specific DOJ Opinion Procedure Releases instead of litigated cases, the forthcoming guidance could be an important asset in the FCPA compliance toolbox.
Recent reports suggest that the guidance – which presumably will be jointly issued by the DOJ and the SEC, who share enforcement authority over the FCPA – is likely to be released this month. Although the DOJ and SEC have not publicly provided any indication regarding the topics that the guidance will cover, this article highlights a few areas in which additional direction from the enforcement authorities would be particularly useful.
A CLARIFICATION OF THE DEFINITION OF “FOREIGN OFFICIAL” UNDER THE FCPA
The anti-bribery provisions of the FCPA prohibit payments made to a broadly-defined group of foreign officials. The statutory definition of foreign official includes, among other things, any officer, employee, or individual acting in an official capacity for or on behalf of any “instrumentality” of a foreign government. The definition of “instrumentality” is potentially quite broad.
The government has suggested that entities such as, for example, foreign government-owned businesses may be considered instrumentalities of a foreign government. Recent federal court decisions as well as a September 18, 2012 DOJ Opinion Procedure Release1 have provided some direction on who may be considered a foreign official, though these pronouncements have not always been as clear or consistent as the FCPA bar may like. Though the determination of whether a particular individual is a foreign official under the FCPA is and will remain, of course, a highly fact-specific analysis, additional guidance would be welcome in this area – particularly given that this definition is central to compliance with (and enforcement of) the FCPA.
A DESCRIPTION OF THE HALLMARKS OF A STRONG FCPA COMPLIANCE PROGRAM
Many companies have made enormous strides over the past few years in establishing and refining robust FCPA compliance programs – often at significant cost. It is clear that the government expects companies subject to the FCPA to have such compliance programs in place, and has stated that the existence of such a program may mitigate in favor of more lenient treatment in the event that potential FCPA violations are uncovered. What is less clear, though, is what the government considers to be the hallmarks of an effective FCPA program.
Companies and practitioners have been able to take cues from certain cases. One recent example involved Garth Peterson, a former Morgan Stanley managing director based in China. In that case, Peterson was charged by the DOJ and SEC with FCPA violations but both agencies publicly declined to bring charges against Morgan Stanley, citing the company’s strong internal controls, voluntary disclosure of the matter, and cooperation with the investigation. In particular, the government identified a number of key aspects of the Morgan Stanley compliance program, including that it employed extensive employee training, regular and random audits, a team of over 500 dedicated compliance officers, employee compliance certifications, and a “substantial” system of internal controls over payments.
Although the Morgan Stanley case is an important exemplar, it would be helpful to have additional FCPA-specific guidance regarding the government’s general expectations as opposed to having to rely upon case-by-case examples. Effective compliance programs are by their very nature risk-based, and it is therefore not practical to specify exactly how such a program should function. We believe, though, that more guidance in this area would be welcome.
This type of guidance was released last year by the UK Ministry of Justice, when it set forth six principles to inform compliance by companies subject to the UK Bribery Act.2 These principles – proportionate procedures, top-level commitment, risk assessment, due diligence, communication (including training), and monitoring and review – are sufficiently high level to be universally applicable, yet together with the commentary on the principles provide important and quantifiable standards for companies to follow in their anti-bribery compliance efforts.
Although companies can look to general U.S. guidelines for effective compliance programs – such as the DOJ Principles of Federal Prosecution of Business Organizations and the U.S. Sentencing Guidelines – specific guidance tailored to the FCPA context would be a welcome development. For instance, the guidance could address the approach to common FCPA-related issues – such as gifts and entertainment for government officials – that are faced by companies on a daily basis and are typically the subject of policies and procedures, but for which there is still little concrete government guidance.
A CLEAR QUANTIFICATION OF THE BENEFITS OF SELF-REPORTING AND COOPERATION BY COMPANIES WHO UNCOVER POTENTIAL FCPA VIOLATIONS
The DOJ and SEC have long encouraged companies to self-report potential FCPA violations, and developments in whistleblower incentives (such as whistleblower financial awards under the Dodd-Frank Act) mean that companies that uncover potential FCPA violations face a difficult and high stakes decision when it comes to self-reporting. This decision is made all the more complex by the lack of a clear indication as to what level of leniency, if any, a company can expect for bringing FCPA concerns to the government’s attention and cooperating in the resultant investigation. Concrete examples of this leniency – such as the BizJet matter, in which the DOJ deferred prosecution agreement explicitly provided for an “approximately thirty percent reduction off the bottom of the fine range” under the U.S. Sentencing Guidelines based upon BizJet’s “extraordinary cooperation” and “extensive remediation” – are few and far between.
Although enforcement officials have touted the benefits of self-reporting and cooperation, there remains no true quantification of these benefits – whether on a global or detailed case-by-case basis. Meanwhile, the downside to self-reporting remains clear in the form of financial costs, distraction to the business, and potential negative publicity. The fairness and efficiency of the FCPA enforcement regime would be greatly enhanced if the guidance were to include either (i) overall guidelines regarding the factors taken into account by the government when determining a reduction in penalties for companies that self-report; or (ii) a commitment to publicly quantify the benefit received by self-reporting companies when settlements are announced.
STATISTICS ON DECLINATIONS IN FCPA CASES AND THE FACTORS THAT LEAD TO THE GOVERNMENT’S DECISION NOT TO PURSUE AN FCPA ACTION
The high-profile nature of FCPA enforcement by the government over the past few years has led to a sense by some companies that enforcement efforts may at times be long on aggression and short on discretion. This view may not fully take account of the fact that the government declines to pursue some unknown number of cases – whether based upon the initial fact pattern as presented or after an investigation – given that there is no meaningful public information on the number or fact patterns of these cases.
One recent high-profile exception is the Garth Peterson case, noted above, in which the DOJ and SEC charged Peterson with FCPA violations yet publicly declined to pursue charges against Morgan Stanley. This case stands as a helpful example, and additional information on declinations would be important to companies as they calibrate their compliance programs, structure internal investigations, and make difficult decisions around self-reporting. The release of declination data would also provide a more meaningful picture of the FCPA enforcement landscape, and the forthcoming guidance would do well to address this area.
Regardless of whether the above areas – or others – are addressed by the forthcoming guidance, FCPA compliance and investigations will remain challenging areas that often involve difficult, high stakes decisions. We believe, however, that the government’s decision to release FCPA guidance is an important step forward and we are hopeful that the guidance will prove useful to companies seeking to refine their compliance programs, respond to potential FCPA issues, or simply run their business properly in an increasingly complex regulatory environment.