On November 14, 2012, the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) released their long-awaited guidance on the Foreign Corrupt Practices Act (FCPA). A Resource Guide to the US Foreign Corrupt Practices Act (the "Resource Guide") is the most comprehensive guidance ever issued by the DOJ and SEC, the two agencies with enforcement responsibilities concerning the FCPA. Enacted in 1977, the FCPA is a federal law that prohibits U.S. persons and certain foreign issuers of securities from making unlawful payments to foreign officials in order to obtain or retain business. With potentially significant criminal and civil liability at stake and widely publicized fines and settlements in FCPA enforcement actions, companies that conduct business outside the United States are paying renewed attention to their efforts to comply with the FCPA and position themselves for a strong defense in the case of any enforcement action.
The Resource Guide is intended to provide the public with detailed information about the government's FCPA enforcement approach and priorities. While the Resource Guide does not contain any major surprises or shifts in interpretation of the law, the 120-page document does identify important legal issues surrounding FCPA enforcement and provides detailed explanations of the agencies' approach to those issues, including examples of actual enforcement actions and declinations.
The Resource Guide is comprehensive, summarizing federal laws and international conventions related to the FCPA, the FCPA's anti-bribery and accounting provisions, potential penalties and sanctions under the FCPA and the ways in which such matters may be resolved. In this ASAP, those aspects of the new guidance are highlighted along with their particular importance to employers who may be covered by the FCPA.
Liability for Third-Party Payments
Noting that the FCPA specifically prohibits payments to third parties "while knowing that all or a portion of such money will be offered or given" to a foreign official, the Resource Guide goes on to emphasize the government's broad definition of "knowing." The knowledge requirement is met where a person is aware there is a "high probability" that their payment would be used for a corrupt payment to a government official. The "knowledge" requirement is also satisfied when a person "purposefully avoid[s] knowledge" of the potential for a corrupt payment.
The Resource Guide identifies red flags that may arise in dealings with third parties and warrant further investigation, including:
- excessive commissions to third parties;
- large discounts to distributors;
- consulting agreements with vague description of services; and
- payment of fees to bank accounts in alternative jurisdiction.
Emphasizing the importance of combating corrupt payments by third parties, the Resource Guide recommends appropriate "risk-based due diligence" of third parties and recommends compliance activities such as the distribution of anti-corruption policies and training to third parties.
Mergers and Acquisitions
With reports that mergers and acquisitions activity may rise in 2013, the Resource Guide is timely and highlights the importance of evaluating bribery and corruption risks before completing a merger or acquisition, ferreting out potential FCPA violations during due diligence, and quickly assimilating the business into an organization's ethics and compliance program.
The Resource Guide identifies the following activities as appropriate steps to take in due diligence and integration of a new acquisition:
- conduct thorough risk-based FCPA and anti-corruption due diligence;
- quickly implement anti-corruption policies and procedures for the newly acquired business;
- train directors, officers, and agents of the newly acquired business on the FCPA and the company's ethics and compliance programs;
- conduct an FCPA-specific audit of newly acquired businesses as quickly as practicable; and
- disclose any corrupt payments discovered in due diligence.
If organizations take these steps, the DOJ and SEC may be more likely to "decline to bring enforcement actions" against acquiring issuers.
Acceptable Travel and Entertainment
The Resource Guide describes a number of useful hypotheticals to highlight when an organization's entertainment of a government official is appropriate and, conversely, when it will be considered a violation of the FCPA. In sum, entertainment that is only a "small component" of a legitimate business trip or event will not be considered an illegal bribe.
The Resource Guide provides the following examples of acceptable and unacceptable travel and entertainment expenses.
- Promotional items given away at a trade show to all attendees;
- Hosting a happy hour with a "moderate bar tab" for current and prospective customers, including foreign government officials; or a
- Moderately priced wedding present.
- Vacations for a buyer and his girlfriend;
- Travel perks inconsistent with business norms or policy;
- $10,000 spent on dinner, drinks and entertainment for a government official; or
- $1,000 "pocket money" associated with a sightseeing.
Parent Company Liability
The Resource Guide dispels any notion that the DOJ or SEC will give a pass to the parent company of an entity engaged in conduct that violates the FCPA. While recognizing the general principles of corporate liability and the limits they may provide, the Resource Guide puts companies on notice that the DOJ and SEC will be looking into the substance of the transactions to determine the extent to which a parent company participated in any illegal conduct.
Guideline for Charitable Contributions
A "bribe" can come in many forms, and companies sometimes wade into dangerous areas without fully appreciating the consequences. Recognizing that charitable contributions can, under certain circumstances, be construed as a bribe, the Resource Guide offers recommendations to help companies steer clear of any potential FCPA liability when making a charitable gift. Specifically, the Resource Guide encourages companies to use thorough due diligence and controls, such as:
- requiring FCPA compliance certifications from recipients;
- confirming that none of the recipient's officers are affiliated with a foreign government;
- requiring the recipient to provide audited financial statements;
- obtaining confirmation that a valid and appropriate bank account is receiving the funds; and
- conducting post-contribution audits to ensure the funds were used as expected.
The Resource Guide also goes through examples of actual enforcement actions and declinations involving charitable contributions and provides a checklist of questions that companies should ask to help them ensure that their charitable contributions are not disguised bribes.
The FCPA's anti-bribery provision contains an exception for certain “facilitation payments,” meaning payments that are made in furtherance of routine governmental actions. Recognizing that this facilitation payment exception has caused a great deal of confusion, the Resource Guide attempts to provide some clarity. Noting that it is the purpose, not the size, of a payment that determines whether it a permissible facilitation payment, the Resource Guide illustrates this principle through hypotheticals – one involving a permissible facilitation payment to a clerk with no discretion to expedite the issuance of a permit, and one involving an impermissible payment of a small sum of cash in exchange for approval of a permit for which all the requirements had not been met. The Resource Guide cautions that simply categorizing something as a “facilitation payment” does not in fact make it so. Companies are also warned that, while facilitation payments may be permissible under the FCPA, they are often illegal under local laws and should be avoided on that basis.
FCPA Accounting Provisions
In addition to discussing anti-bribery measures, the Resource Guide gives extensive attention to the often-overlooked accounting provisions of the FCPA. The accounting provisions require public companies to: (1) keep books and records in reasonable detail that accurately reflect the issuer's transactions and disposition of its assets; and (2) maintain internal controls to assure management control over the issuer's assets.
The Resource Guide emphasizes that the accounting provisions do not require that an issuer be perfect in the maintenance of its books and records. However, recognizing that bribes are typically characterized in some other manner, the accounting provisions are designed to combat mischaracterization of expenses to conceal their true intent. There is no materiality threshold for the accounting provisions, and an issuer could be found to have violated the accounting provision even when the anti-bribery provisions have not been violated. As with the recordkeeping requirement, perfection is not required in an internal control regime and no specific steps are required. Rather, the internal controls should be designed to fit the risk profile and operations of the company, providing “reasonable assurances” that they will deter and detect the kinds of manipulations of the issuer's books and records that often indicate unlawful conduct.
Hallmarks of Effective Compliance Programs
The Resource Guide provides some helpful insights into the aspects of compliance programs that the DOJ and SEC consider important, recognizing that companies should weigh a variety of factors when determining what is appropriate for their specific business needs. The Resource Guide explains that, if designed carefully, implemented earnestly, and enforced fairly, a company's compliance program—no matter how large or small the organization—will help the company prevent violations, detect those that do occur, and remediate them promptly and appropriately.
The following are the components of an effective compliance program highlighted in the Resource Guide:
- Commitment from senior management and a clearly articulated policy against corruption.
- Code of Conduct and compliance policies and procedures.
- Oversight, autonomy, and resources.
- Risk assessment.
- Training and continuing advice, including in-person training for executives and those in high risk positions.
- Incentives and disciplinary measures.
- Third-party due diligence and payments.
- Confidential reporting and internal investigation.
- Continuous improvement: periodic testing and review.
- Mergers and acquisitions: pre-acquisition due diligence and post-acquisition integration.
Conclusion and Recommendations
While the Resource Guide did not provide any groundbreaking changes or developments, it is a useful tool to educate businesses on many of the nuances of FCPA compliance and enforcement. Moreover, it offers useful insight into which aspects of FCPA compliance and enforcement the DOJ and the SEC consider most important and, consequently, the issues and objectives to which companies should devote the most significant attention.
Implementing the compliance measures described in the Resource Guide can help companies combat potentially significant liability, preserve their reputation and profitability, and proactively detect unethical conduct. Working with knowledgeable counsel, employers should consider implementing or updating their compliance-related measures:
- Insist on and receive commitment from senior management to institute a clearly articulated policy against corruption.
- Ensure that managers responsible for conducting M&A due diligence know how to assess bribery and corruption risks.
- Have a clear, concise and customized Code of Conduct and a set of compliance policies and procedures.
- Ensure that there is a high level manager in the compliance role who has both autonomy and adequate resources.
- Ensure that a thorough assessment of corruption risks is conducted.
- Conduct periodic training for existing employees and make sure new hires working in high-risk areas are trained as soon as possible after hire. Executives, as well as Board Members, should attend in-person training.
- Offer compliance-related incentives and enforce disciplinary measures across the board.
- Incorporate risk-based third-party due diligence into vendor/agent approval process and conduct periodic audits of existing vendors/agents.
- Institute a confidential reporting system and have an effective internal investigation protocol.
- Review travel and entertainment policies to ensure that all such activities serve a legitimate business purpose.
- Continuously review and improve upon the company's compliance program.