From November 18 to 19, 2014, the American Conference Institute held its annual U.S. Foreign Corrupt Practices Act (FCPA) conference outside of Washington, D.C. Keynote speakers including U.S. Department of Justice (DOJ) Assistant Attorney General Leslie Caldwell of the Criminal Division and U.S. Security and Exchange Commission (SEC) Director of Division of Enforcement Andrew Ceresney, as well as Organisation for Economic Co-operation and Development (OECD) Deputy Secretary-General William Danvers focused on anti-corruption enforcement, self-reporting of detected FCPA violations and compliance. In addition to current agency directors and officials, panelists included former DOJ and SEC officials, seasoned practitioners, vendors specializing in corruption detection and compliance and in-house counsel from companies around the world.
DOJ Year in Review
This year, Patrick Stokes, deputy chief of the DOJ’s Fraud Section and head of the Section’s FCPA unit, and Kara Brockmeyer, chief of the SEC’s FCPA unit in the Division of Enforcement, provided a review of anti-corruption enforcement efforts in 2014, discussed steps that the agencies recommend companies take when they discover a violation and noted compliance best practices from the government’s perspective. Mr. Stokes and Ms. Brockmeyer’s comments were accompanied by the standard disclaimer that their statements were not binding on their respective agencies and the views they expressed were their own.
Since 2013, the DOJ’s FCPA unit has convicted, charged or unsealed charges against 25 individuals, including company CEOs and employees, and resolved 11 corporate cases involving penalties over $800 million. Since 2009, the DOJ has resolved cases with more than 50 corporations and more than 50 individuals, exacting fines totaling approximately $3 billion.
Mr. Stokes explained that, contrary to what some practitioners and companies may think, the DOJ does not focus on specific industries but, instead, follows the evidence. Mr. Stokes noted, however, that certain industries have inherent risks and certain geographic locations bring higher risk. Mr. Stokes cited the recent settlement with Bio-Rad, a medical industry company, in which the company agreed to pay a total of $55 million to settle claims with the DOJ and SEC. He also mentioned other resolutions with companies in higher-risk industries: Hewlett-Packard (“HP”) in the technical space; Diebold, an ATM manufacturer; Ralph Lauren in the apparel industry; and several companies in the oil and gas, power and extractive services industries as well as the agricultural industry.
SEC Year in Review
Ms. Brockmeyer told conference attendees that the SEC continues to investigate and bring charges against companies and individuals for traditional FCPA violations. As an example, she noted the settlement with Weatherford, in which the company agreed to pay $250 million to settle claims with the SEC and the DOJ for failure to establish internal controls and to prevent FCPA violations relating to the United Nation’s Oil for Food program. Additionally, Ms. Brockmeyer noted that the SEC is focusing on a wide range of non-traditional FCPA violations, such as corrupt payments relating to improper gifts and entertainment, payments to avoid taxes and required customs payment and charitable donations that ultimately benefit a government official.
Disclosure and Cooperation
Throughout the conference, both current and former senior-level officials from the DOJ and SEC repeated the theme that the focus for companies should be on (1) an effective compliance program, (2) prompt disclosure when a violation is identified, and (3) cooperation during the investigation process. Panelists and speakers also emphasized the increase in cooperation between the United States and foreign authorities in investigating and charging companies and individuals with FCPA violations.
During her keynote address, Assistant Attorney General Leslie R. Caldwell made the headline point that when companies chose to cooperate, their efforts should be timely and fulsome in order to maximize cooperation credit afforded by prosecutors. She emphasized that cooperation has real benefits in terms of charging decisions, methods of disposition (often in the form of deferred prosecution agreements, non-prosecution agreements and declinations rather than guilty pleas) and penalties.
She gave the example of the PetroTiger case as the kind of cooperation that the DOJ wants to see. As a result of the company’s prompt disclosure and full cooperation in disclosing a scheme to bribe a government official in Colombia, no charges were filed against the company, although two executives have pled guilty to FCPA and money laundering charges and another executive has been charged. On the other hand, AAG Caldwell gave examples of cases demonstrating seriously deficient or non-existent cooperation, which she characterized as “too little and too late,” that worked to the detriment of the companies. In one of those cases, Marubeni, the company pled guilty to criminal FCPA violations and paid $88 million in criminal sanctions and fines. Per the comments made by Mr. Stokes during his presentation, if Marubeni had self-disclosed and cooperated, the guidelines would have been 58 percent lower than the fine that the company actually paid.
When problems arise, AAG Caldwell said that the DOJ does not expect the company to “boil the ocean” in conducting an internal investigation that expands beyond the necessary scope of the concerns. Rather, the DOJ expects a tailored investigation that is focused on the nature of the issue.
Regarding the issue of voluntary disclosure, Mr. Stokes and Ms. Brockmeyer noted that voluntary disclosure can save a company a substantial amount of money. When a company discloses a potential violation, the company and the DOJ/SEC can have a dialogue to identify what the government is specifically interested in, which can result in saving the company money and resources. Referencing key considerations in the DOJ’s Principles of Federal Prosecution of Business Organizations (including whether the company voluntarily disclosed the violation; whether the company cooperated with the investigation; the state of the compliance program at the time of the violation and the remedial efforts made to improve internal controls; and whether the company has taken action against bad actors), Mr. Stokes argued that companies that have conducted themselves in accordance with these considerations often face lower fines and/or deferred prosecution agreements or avoid prosecution entirely. Mr. Stokes and Ms. Brockmeyer cautioned that if a company delays making a disclosure or decides not to make a disclosure, it is likely that a whistleblower will come forward and the company will lose the benefits associated with self-disclosure.
Cooperation in International Enforcement
During their panel discussion, Mr. Stokes and Ms. Brockmeyer stressed increasing cooperation between the DOJ and SEC, on one hand, and foreign jurisdictions, on the other hand, in the enforcement of corruption. With the increasing number of countries adopting corruption laws and the growing sophistication of foreign enforcement agencies, companies can expect that the United States is working with foreign jurisdictions and increasingly sharing information in parallel investigations.
In addressing this same issue, AAG Caldwell noted that the DOJ recognizes that legal issues—like the effect of foreign countries’ privacy laws and blocking statutes—sometimes arise in the course of international investigations. However, the DOJ has gained significant experience in the last few years handling these issues and although certain of these laws can raise difficulties for companies that want to cooperate with the DOJ, most do not. In any event, she noted, these laws are not intended to be shields. She also noted that the DOJ has concerns in cases when different lawyers or different companies take varied positions concerning the effect of the same privacy law, particularly in the same case. Further, recognizing that various international jurisdictions do not encourage cooperation by companies with foreign enforcement agencies, AAG Caldwell noted that a company that is the target of an investigation will not be successful in using that perspective as a defense as to why a company did not self-report problematic conduct to the DOJ.
Concerning the issue of compliance, Mr. Stokes and Ms. Brockmeyer cautioned against a situation in which a company may appear to have a good compliance program on paper but in practice the program has not been implemented and therefore it fails to accomplish the necessary goals of an effective compliance program.
Mr. Stokes explained that, while there is no one-size-fits-all compliance program, there are specific considerations that a company should take into account when formulating an effective compliance program. Mr. Stokes recommended that the first step a company should take is to conduct a thorough risk assessment that includes:
- identifying whether and to what extent the company is doing business in high risk jurisdictions
- speaking with employees that are in the field to assess potential risks
- determining what contracts the company has with, or involving, government officials
- considering the role of third parties
- conducting periodic risk assessments as the company grows or changes.
Mr. Stokes and Ms. Brockmeyer noted that the DOJ and SEC understand that small-and medium-size companies that are just beginning to enter the global market may not have the same resources to conduct an expansive risk assessment; however, these companies should be prepared to conduct a risk assessment that is proper for their business size and considers where the company is doing business. After the company has completed a risk assessment, it should create a compliance program that allocates its resources to the identified risks.
Mr. Stokes recommended that, at a minimum, a compliance program should:
- be consistent throughout the company and not just focus on the executive level
- include company-wide training with materials that are translated into languages appropriate for where the company is doing business
- appoint compliance program personnel
- include a mechanism to conduct thorough due diligence on third parties to assess their role and any relationships they have with government officials
- conduct due diligence to identify the beneficiaries of contracts.
Ms. Brockmeyer added the recommendation that companies establish a whistleblower hotline and create an atmosphere in which employees are comfortable reporting potential violations internally. This gives a company the opportunity to address the issue and report a violation itself before a whistleblower decides to report the violation to an enforcement agency.
In the case of a merger or acquisition, Ms. Brockmeyer and Mr. Stokes suggested that companies should conduct adequate due diligence before acquiring other companies and report any potential violations. Just as critical, they noted, is bringing a newly acquired company into the fold with a thorough post-acquisition due diligence review and integrating the acquired company into the existing company’s compliance regime.
Through these steps, companies may be able to avoid being the subjects of enforcement efforts like those that made headlines in 2014.