On December 6, 2019, the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) agreed to resolve allegations that multinational telecommunications company Telefonaktiebolaget LM Ericsson (Ericsson or the Company) made and improperly recorded tens of millions of dollars in improper payments in Asia, Africa and the Middle East in violation of the Foreign Corrupt Practices Act (FCPA).1 Ericsson agreed to pay a total of approximately $1.06 billion to resolve the matter, making it the second-largest US resolution in FCPA history.

Ericsson entered into a deferred prosecution agreement (DPA) with the DOJ and agreed to retain an independent compliance monitor for three years. An Ericsson subsidiary pleaded guilty.

The widespread conduct led to the near-record penalty, despite the fact that the DOJ only charged bribery with respect to a single country. It brought accounting-related charges with respect to several additional countries. The SEC, in contrast, alleged that a broader course of conduct violated the FCPA’s anti-bribery provisions, perhaps due to the SEC’s lower, civil standard of proof. The SEC filed a civil complaint in the United States District Court for the Southern District of New York. A pursuit of this case in district court is unusual as, in recent years, more SEC FCPA cases are resolved using administrative cease-and-desist orders.

As part of the Ericsson resolution, the DOJ alleged that employees of the foreign subsidiary that engaged in bribery were agents of the parent company that was subject to US jurisdiction. The DOJ’s papers did not, however, allege that any foreign subsidiary was an agent of the issuer. The importance to the DOJ of alleging an agency relationship between wrongdoers operating abroad and an entity with US ties was also highlighted by varying results in three trials that went to jury verdicts in November and December.

Ericsson Resolution

DOJ Settlement

The DOJ charged Ericsson with conspiracy to violate the FCPA’s anti-bribery provision relating to conduct in Djibouti and conspiracy to violate the FCPA’s accounting provisions for conduct in Djibouti, China, Vietnam, Indonesia and Kuwait. Subsidiary Ericsson Egypt Ltd. also pleaded guilty to conspiring to violate the FCPA’s anti-bribery provision related to conduct in Djibouti. Ericsson agreed to pay a $520.6 million criminal penalty to resolve the allegations.

Ericsson received partial credit for its cooperation with the DOJ and its remediation—a 15% reduction off the bottom of the United States Sentencing Guidelines (USSG) range—because the Company (1) conducted a thorough internal investigation; (2) made regular factual presentations to the DOJ; (3) provided facts learned during witness interviews conducted by the Company; (4) voluntarily made foreign-based employees available for interviews in the United States; (5) produced extensive documentation, including documents located outside of the United States as well as translations of foreign language documents; and (6) proactively disclosed some conduct of which the DOJ was previously unaware. The DOJ also concluded that despite not having adequate anti-corruption controls and an adequate compliance program at the time of the alleged conduct, Ericson had since enhanced its compliance program and internal accounting controls.

Ericsson was denied full cooperation and remediation credit because, according to the DOJ, the Company (1) failed to disclose allegations of corruption with respect to two relevant matters; (2) produced certain relevant materials in an untimely manner; and (3) did not timely and fully remediate, e.g., by failing to take adequate disciplinary measures with respect to certain executives and other employees involved in the misconduct.

SEC Settlement

In a related settlement, Ericsson agreed to resolve civil charges brought by the SEC and agreed to the entry of judgment enjoining it from future violations of the FCPA. Ericsson also agreed to pay $539.9 million in disgorgement and prejudgment interest to the SEC.2 The SEC did not seek a civil penalty, presumably because of the criminal penalty assessed by the DOJ. The SEC alleged many of the same facts put forth by the DOJ, but alleged that more of the conduct constituted violations of the FCPA’s anti-bribery provisions and added facts related to Saudi Arabia, which the DOJ did not include.

The Relevant Conduct

DOJ’s settlement papers focused on conduct in five countries: Djibouti, China, Vietnam, Indonesia and Kuwait. Across these five countries, the DOJ alleged that Ericsson disguised millions of dollars in bribery payments to foreign officials or payments to third-party agents by creating fictitious contracts, invoices and purchase orders for services that were never provided (and were never intended to be). In Djibouti, for example, Ericsson paid approximately $2.1 million in bribes to high-ranking foreign government officials in exchange for a €20.3 million (approximately $23 million) contract with the state-owned telecommunications company.

In China, between 2000 and 2016, Ericsson allegedly paid “tens of millions” to agents, consultants and service providers to fund gifts, travel and entertainment for government officials. Between 2013 and 2016, Ericsson also allegedly paid $31.5 million under sham contracts to third-party intermediaries for services that were never performed. Ericsson subsidiaries in Vietnam and Indonesia also allegedly used sham contracts from consulting companies to create off-the-books slush funds sometimes used to make payments to third parties. The payments amounted to $4.8 million in Vietnam and $45 million in Indonesia.

In Kuwait, an Ericsson subsidiary allegedly won a $182 million contract after an Ericsson sales agent gave the Company inside information on the bidding process for a state-owned telecommunications company. Ericsson allegedly paid the agent’s consulting company $450,000 under sham contracts.

These payments were falsely or misleadingly characterized in Ericsson’s books and records as, variously, consulting expenses, “external hardware” expenses, “corporate marketing fees” or administrative or research and development costs.

The DOJ also alleged that high-level Ericsson executives who oversaw the Company’s internal accounting controls were aware of and willfully failed to implement sufficient accounting controls to prevent the misconduct. According to the DOJ, the Company failed to (1) maintain adequate documentation of and accounting for payments to agents and consultants (e.g., supporting documents did not list ultimate recipients of and reasons for the payments); (2) conduct and complete due diligence prior to the retention of third-party agents and consultants; (3) ensure that a fully executed contract was entered into with a third party prior to the provision of services; (4) verify that the rates charged were commensurate with the services to be performed by third parties and that the services paid for were performed; and (5) establish proper oversight procedures related to third-party retention and payment.

The SEC complaint included allegations related to the above five countries and also included conduct in Saudi Arabia. The SEC alleged that from 2012 to 2013, Ericsson paid approximately $40 million to Saudi consultants at the request of Saudi government officials in exchange for $700 million in contracts from various Saudi state-owed entities.

***

This settlement is notable for a number of reasons, including:

  • Third-Party Monitoring Continues to Be Key FCPA Risk Area. This case illustrates the need for robust pre-engagement vetting and ongoing monitoring of third parties. The DOJ’s 2019 Guidance on Corporate Compliance Programs (2019 Compliance Guidance) expressly emphasizes the DOJ’s scrutiny of company practices concerning third parties when evaluating compliance programs.3 Under the 2019 Compliance Guidance, third-party due diligence efforts should encompass monitoring and assessment of third-party activity, including the review of invoices, and steps to ensure that third parties actually provided contracted-for services. According to the government, Ericsson’s policies were insufficient to ensure robust monitoring of third parties it engaged. In addition, as we recently reported4 and as illustrated by this matter, the DOJ and the SEC will continue to pursue enforcement action where there is evidence of control failures or efforts by employees to subvert existing controls related to third parties. In short, third parties continue to be the biggest FCPA risk area and the biggest challenge for companies engaged in global business.
  • Risks Associated with Gifts, Travel, and Entertainment. A number of FCPA enforcement actions have involved the corrupt payment of travel and entertainment expenses or the giving of gifts to foreign officials or third parties in order to influence a foreign official. The conduct as alleged in China—the payment of “tens of millions” over a span of 17 years—is a key example of such conduct that requires sufficient company oversight. While routine business entertainment is generally appropriate and lawful, companies should proactively address gifts, travel and entertainment expenses, and create systems to monitor these expenses. The FCPA Resource Guide has highlighted, for example, that “some companies with global operations have created web-based approval processes to review and approve routine gifts, travel and entertainment involving foreign officials and private customers with clear monetary limits and annual limitations.”5 Relatedly, companies should be aware that many other countries have recently enacted regulations on gifts and entertainment for government officials that may be stricter than the FCPA.
  • Failure to Implement a Comprehensive Anti-Corruption Program and Strong Internal Controls May Result in Significant Financial Penalties. This resolution highlights the importance of strong compliance systems and internal controls to identify and prevent illegal activity. The DOJ’s 2019 Compliance Guidance noted that the DOJ would consider a company’s commitment to, and effective implementation of, a strong compliance program when assessing its willingness to offer substantial credit at the time of resolution.6 In addition, under the DOJ’s Corporate Enforcement Policy, a company may avoid the imposition of a monitor if it has implemented an effective compliance program (among other factors) at the time of the resolution.7 In recent years, the DOJ has been increasingly willing to pursue criminal cases in connection with the FCPA’s internal accounting controls provisions, even where anti-bribery violations were not charged.
  • Guidance on Cooperation and Remediation Credit: The resolution provides guidance on the types of actions that may cause a company to lose credit for cooperation and remediation. The DOJ denied Ericsson full credit because the Company failed to fully disclose allegations of corruption, was slow to produce certain relevant materials, and did not timely and fully remediate, including failing to take adequate disciplinary measures with respect to certain executives and other employees involved in the misconduct. The Ericsson settlement is another example of the uncertainties that arise with regard to cooperation and remediation credit in wide-ranging and complex investigations and the discretion that the DOJ wields in resolution negotiations.
  • Commitment from Senior Management to a Culture of Compliance. This settlement agreement underscores the importance of a commitment from senior management to a culture of compliance. Companies must ensure that officers, directors and other senior management are involved in and receive the results of compliance-related risk assessments, receive compliance training and are actively engaged in developing policy responses to areas of identified risk. The involvement of senior executives increased the Company’s culpability score under the USSG (e.g., senior executives expressly instructed Ericsson employees to ensure that bribe payments were tied to other costs, instructed employees to create a structure that would allow the Company to work with and pay third-party agents in violation of Company policy, and willfully failed to implement sufficient accounting controls when made aware of significant internal control weaknesses). The DOJ’s 2019 Compliance Guidance and Memorandum on Selection of Monitors in Criminal Division Matters considers the involvement of senior management in the misconduct as a factor in deciding whether to impose a monitor.8
  • Failure to Adequately Discipline Corporate Wrongdoers Will Have Negative Consequences. As we have previously noted,9 the DOJ often states that it does not interfere in companies’ personnel decisions, but the 2019 Compliance Guidance clearly considers employee discipline a factor in relation to remediation credit. The DOJ concluded that Ericsson failed to take adequate disciplinary measures with respect to certain employees involved in the misconduct, a key factor in its receipt of only partial remediation credit. As of September 2019, Ericsson had disciplined 65 employees in relation to the FCPA violations, 49 of whom were no longer with the company.10 Like cooperation credit, remediation credit relating to employee discipline is a continuing challenge for corporations under investigation, particularly where a corporation may believe that the evidence does not establish there is wrongdoing, but the DOJ ultimately concludes that it does.
  • The Government’s Use of Agency Liability to Prosecute Ericsson. The government’s use of agency liability to charge Ericsson may suggest tension with a recent speech from Assistant Attorney General Brian A. Benczkowski at the American Conference Institute’s 36th International Conference on the FCPA. During this speech, Benczkowski noted a recent Second Circuit decision limiting the FCPA’s territorial reach (Hoskins, discussed below). In Hoskins, the court held that the DOJ cannot establish territorial jurisdiction under a conspiracy or aiding and abetting theory if no territorial jurisdiction otherwise exists, but the DOJ could seek to establish liability if the defendant was an agent of an FCPA-covered entity. On re-trial, Hoskins was found guilty based on an agency theory. However, AAG Benczkowski stated that the DOJ was not “looking to stretch the bounds of agency principles beyond recognition, or even push the FCPA statute towards its outer edges.” He went on to note that the DOJ would not take the position that “every subsidiary, joint venture or affiliate is an ‘agent’ of the parent company simply by virtue of ownership status,” or that “every parent company should automatically be held liable for the acts of its subsidiaries, joint ventures or affiliates based on an agency theory.” While the Ericsson DOJ papers may not allege all relevant facts, the theory by which Ericsson (the parent issuer) was alleged to be liable under the anti-bribery provisions appears tenuous. The DOJ did not allege that the Ericsson parent company was itself involved in any of the alleged conduct. Nor did the DOJ allege that Ericsson Egypt was an agent of the issuer. Rather, the DOJ alleged that Ericsson’s “subsidiaries acted as divisions of the parent, rather than separate and independent entities,” and went on to allege that Ericsson Egypt employees who authorized the bribes acted as agents of the issuer. The case thus suggests that the DOJ still plans to aggressively use agency principles to pursue corporate entities under the FCPA.11

Juries Returned Guilty Verdicts in Two Out of Three Recent FCPA-Related Cases, with the Results Highlighting the Importance of Agency in Overcoming Jurisdictional Challenges

The DOJ also completed three different foreign bribery-related trials in November and December. These bribery-related jury verdicts—rare events—offer insight into the DOJ’s continued emphasis on charging individuals, and also shed further light on the jurisdictional challenges discussed by Benczkowski.

One of these recent trials was the Hoskins matter, which is the same case that generated the jurisdiction ruling to which Benczkowski referred. The government, in 2013, charged Lawrence Hoskins, a former senior executive at French power and transportation company Alstom SA (Alstom S.A.), with participating in a multimillion-dollar scheme to bribe Indonesian officials in connection with a power project.12 Alstom S.A. was not a US entity and had not issued shares in the United States, and Hoskins himself had never traveled to the United States during the scheme. However, the government claimed it had jurisdiction based on Hoskins having conspired with employees of Alstom’s US subsidiary, Alstom Power, to hire consultants and approve improper payments to them.13 As we have previously reported,14 first the district court, in 2015, and then the Second Circuit Court of Appeals, in 2018, rejected this position, holding that the government could not obtain jurisdiction over a foreign individual not otherwise subject to the FCPA by charging a conspiracy with individuals acting in the United States.15

Undaunted—or at least minimally daunted—the government continued the prosecution of Hoskins on a separate jurisdictional theory: that he was an agent of a domestic concern, Alstom Power. The October 2019 trial largely focused on the sufficiency of the government’s evidence on this agency question. The government argued that Alstom’s formal corporate structure, under which Hoskins worked for the parent company, did not demonstrate which employees were in control of the effort to win the power project.16 Instead, the government focused on the practical nature of Hoskins’s relationship with Alstom Power, relying on testimony from former employees and their email communications with Hoskins. Prosecutors introduced evidence demonstrating that Alstom Power set compensation for the implicated consultants and that Hoskins was responsible for negotiating with those consultants on behalf of Alstom Power. The defense, on the other hand, relied on Hoskins’s formal relationship with Alstom S.A., e.g., evidence that Alstom S.A., the parent company, and not Alstom Power, controlled which consultants were hired.

These opposing arguments raised questions for the court about who qualifies as an agent and what actions are necessary to consummate the agency relationship. On this point, the court instructed the jury that:

“[a]n agent is a person who agrees to perform acts or services for another person or company. To create an agency relationship, there must be, one, a manifestation by the principal that the agent will act for it; two, acceptance by the agent of the undertaking; and, three, an understanding between the agent and the principal that the principal will be in control of the undertaking.”17

Thus, no formal agency relationship was required, and the jury could infer an agency relationship “circumstantially from the words and actions of the parties involved.” Critically, the court added, “[o]ne may be an agent for some business purposes and not others.” Accordingly, the government only needed to prove that Hoskins was “an agent of a domestic concern in connection with the specific events related to the Tarahan Project,” i.e., the project giving rise to the bribery scheme.

In the end, the jury was satisfied with the government’s proof on the agency question. On November 8, 2019, the jury convicted Hoskins of six counts of violating the FCPA, three counts of money laundering and two counts of conspiracy.18 (Hoskins was acquitted of a single money laundering count.19)

The government had less success in a recent trial in the Eastern District of New York. In the Boustani case, the government alleged that Jean Boustani, a salesman for the Lebanese shipbuilding company Privinvest, was instrumental in diverting more than $200 million in bribe and kickback payments from $2 billion worth of loans intended for Mozambican government projects. However, the government did not include an FCPA charge in the indictment, instead charging Boustani with wire fraud, securities fraud and money laundering violations. Based on the indictment allegations, and the evidence introduced at trial, it appears that Boustani was a foreign citizen working for a foreign corporation who had not carried out his alleged bribery scheme in the United States. Moreover, it appears the government lacked the type of evidence it was able to introduce in the Hoskins trial or may have had in the Ericsson matter—evidence that would have shown Boustani was an agent of US entities or individuals. And in the wake of the Hoskins Second Circuit ruling, the government could not assert that Boustani conspired with, or attempted to commit a crime with, individuals in the United States. Thus, Boustani was charged under other, non-FCPA counts instead. On December 2, 2019, the jury acquitted on all of them. One juror who spoke to the press commented that “[w]e couldn't find any evidence of a tie to the Eastern District…. That’s why we acquitted.”20

Given the fairly government-friendly agency definition in the Hoskins jury instructions, and the DOJ’s approach to agency in the Ericsson case, it will be interesting to see where the DOJ views itself as outside the bounds of agency law. While the DOJ in Boustani appears to have determined that agency law could not be stretched that far, it also seems that Boustani was not a close call. Undoubtedly, many other cases will be hotly negotiated where the facts fall closer to the middle.

A third recent jury verdict is also worth noting. In the Lambert case, the government brought FCPA, wire fraud, money laundering, and other charges against Mark Lambert, a former co-president of a Maryland-based transportation company, in the District of Maryland. The government clearly had jurisdiction over Lambert, a US citizen, US resident and an employee of a US entity. During a three-week trial, the government laid out its case that Lambert bribed a Russian official in exchange for contracts with a subsidiary of Russia’s State Atomic Energy Corporation.21 The DOJ introduced email correspondence between Lambert, his former co-president and the Russian official (who was using an alias), wherein they referred to the bribes by code words, such as “lucky figures,” “LF,” “lucky numbers,” and “cake.”22 The defense argued that the evidence was insufficient, focusing in particular on alleged inconsistencies in the statements of multiple witnesses.23 On November 22, 2019, Lambert was convicted of one count of conspiracy to violate the FCPA and to commit wire fraud, four counts of violating the FCPA, and two counts of wire fraud.24 (He was acquitted of money laundering and three other counts alleging FCPA violations.25) A juror told reporters after the verdict that the email correspondence led them to the conviction.26 Nonetheless, defense counsel vowed to appeal, asserting that the jury’s determinations were inconsistent and that they came after two “deadlock notes.”27

In any event, this case is a welcome trial victory for the DOJ, albeit with clear evidence of improper conduct and an undisputed US nexus. With those of Hoskins, Boustani and 28 other individuals in 2019, the Lambert trial also appears to reflect the DOJ’s commitment to the prosecution of individuals under the Yates Memorandum.