The U.S. Securities and Exchange Commission and the U.S. Department of Justice recently released a "Resource Guide to the U.S. Foreign Corrupt Practices Act" re-garding the application and enforcement of the Foreign Corrupt Practices Act ("FCPA") The Guide is available at: http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf
While the FCPA Resource Guide ("Guide") does not represent a change in FCPA en-forcement, it includes an extensive discussion of the FCPA. It provides useful exam-ples and consolidates the relevant existing case law and the Guiding Principles for the enforcement of the FCPA in the U.S.
In practical terms, the Guide provides helpful guidance on the set-up of a com-pliance program by companies.
1. Compliance Program Guidance
The Guide provides the standards and cornerstones for the set-up of a compliance program. Each company has to establish a tailor-made structure for itself. As there is no "one-size fits it all" approach, each program should be adapted according to the specific risks the company is facing.
However, according to the approach taken by the U.S. authorities, certain common criteria for an efficient compliance program do exist:
- Risk assessment: A Risk Assessment is fundamental for the development of a strong compliance program. Based on the risks identified, the compa-ny should accordingly devote the necessary resources to addressing these risks.
- Training and Continuing Advice: Communication of compliance throughout the company is essential. The compliance program should be followed and adhered to by employees at all levels of the company.
The training audience might differ according to the degree an employee is exposed to certain risks (e.g. sales personnel encounter other risks than accounting staff).
Besides providing accurate training, the company, depending on the size and complexity of its business, should in any event install appropriate measures to advise its staff on the company's ethical principles and its compliance program.
- Incentives and Disciplinary measures: First and foremost, the program should cover all members of the company; no one should be beyond its reach. Violations should be sanctioned by disciplinary measures. The Guide notes that positive incentives for staff members in the form of promotions, or for improving and developing a company's compliance program and for ethical and compliant leadership, may further optimize a compliance pro-gram
- Third-Party Due Diligence: Third parties, including consultants and agents, can be misused to conceal the payment of bribes. Performing a risk-based due diligence before operating with third parties is therefore of key importance. While the specific character of such due diligence might vary, it should be done according to the Know-Your-Business-Partner-principle.
However, (i) the company should in any case inform itself about the third party’s qualifications, including its possible relations with public officials, (ii) the role and the terms under which a third party operates should be clearly expressed in contractual terms, and (iii) the company should have the pos-sibility to control its contractual engagement with third parties. This ap-proach includes trainings, the stipulation of a right to audit, and the re-quirement that compliance certificates be provided. In addition, the third parties should adhere to similar compliance standards.
- Confidential reporting of misconduct and internal investigation: A compliance program should include mechanisms to enable employees to report suspected or actual misconduct on a confidential basis and without fear of reprisals. To that end, companies may, for example, install ano-nymous hotlines or employ ombudsmen. In case of a reported allegation of suspicion, companies should possess an efficient, reliable and properly funded process geared at investigating the allegation. Furthermore, the company should ensure the proper documentation of its response to the al-legation, including any mediation or disciplinary measures it may apply.
- Continuous improvement: The compliance program is subject to a con-stant process of improvement. As business changes over time, a compa-ny's compliance program must reflect such changes and should adapt to them promptly.
- Pre-Acquisition Due diligence and Post-Acquisition Integration: A company needs to perform a proper due diligence prior to a merger or ac-quisition. Companies engaging in a due diligence should know about any possible FCPA exposure and accordingly apply a solid risk analysis. The Guide signals that action against the successor company might only hap-pen under limited circumstances, for example in cases "where the succes-sor company directly participated in the violations or failed to stop the mis-conduct from continuing after the acquisition".
2. What does "anything of value" mean?
The FCPA prohibits paying, offering, promising to pay or authorizing to pay or offer money or "anything of value" to a foreign official. The Guide notes that there are no de-minimis threshold amounts for corrupt payments or gifts. It acknowledges, how-ever, that the FCPA permits reasonable gifts, travel and entertainment where there is a bona fide business purpose. Facilitation payments are only permitted under re-stricted circumstances. In addition, small gifts or tokens of esteem or gratitude are not prohibited. The company may thus, for example, pay for the airfare of a public official who is travelling to inspect a company's facility for a legitimate business pur-pose.
3. Who is a foreign public official?
The Guide's discussion of who constitutes a "foreign official" focuses principally on the meaning of the term "instrumentality" of a foreign government. The Guide notes that whether a company is an "instrumentality" is "fact-specific" and depends on the entity's ownership or control, respectively its status and function. A foreign govern-ment ownership stake of 50% or more is a good indicator; however, even an entity with a lower rate of foreign government ownership may be deemed an "instrumen-tality" of a foreign government.
4. Facilitation Payments – a narrow exception
The Guide reiterates the narrow facilitation payment exception under the FCPA and acknowledges that the facilitation payments exception only applies to "routine go-vernmental action" that involves non-discretionary acts.
The Guide provides a comprehensive overview of the FCPA statute and offers impor-tant insights into the U.S. authorities' regulatory approach to vigorously enforcing the FCPA. The standards for a compliance program outlined in the Guide are similar to the ones issued along with the UK Bribery Act 2010 and thus constitute major in-centives for companies to consider re-evaluating their current compliance programs. As a result, an efficient compliance program should enable the company to mitigate its exposure to FCPA liability.
The Guide makes it clear that in accordance with the US Sentencing Guidelines, which govern the sentencing of companies, an effective compliance program is re-garded as part of an organization's remediation. Having an effective compliance program may thus lead to a reduction in the organization's culpability for violations, if the company did not unreasonably delay reporting the offence.