On November 14, 2012, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) jointly issued a long-awaited Resource Guide to the U.S. Foreign Corrupt Practices Act (FCPA). This client advisory presents a short summary of the key portions of that 120-page document. The very length of the document, and the work that went into it, evidences the importance these agencies place on the FCPA and suggest that the recent upturn in the numbers of cases can be expected to continue for some years to come.
While the new Guide presents little that is new, it is a useful compilation of the cases and guidance previously provided. It does not draw bright lines, instead frequently reiterating that the analysis in a given case is fact-specific. However the Guide does provide discussion and examples which clarify or confirm regulators’ approach in certain areas, such as:
- “Obtain or retain” business. It has long been clear from the enforcement cases, as well as the Fifth Circuit’s decision in United States v. Kay from 2004, that this critical element for an FCPA violation, which requires that a payment be made to obtain or retain business, will be read broadly. The Guide confirms that the DOJ and SEC believe that any conduct designed to create a competitive advantage in a foreign country, ranging from influencing a procurement process to circumventing local import regulations to influencing the outcome of a lawsuit to avoiding contract termination, among other scenarios, will qualify. And, of course, winning a contract or sale does as well.
- Gifts and hospitality. The Guide stakes out a clear position that single instances of non-business related travel and entertainment can constitute an improper payment, separate and apart from the payment of a cash bribe. However, the Guide does give some comfort to areas that may have been technical violations of the FCPA. For example, the Guide indicates that providing of modest gifts in traditional settings, tickets to ordinary sporting events while on business-related travel, or company logoed gifts, are not violations of the statute.
- Facilitation payments. The Guide stresses what has always been the key factor (in addition to the amount, which needs to be low) for evaluating whether a payment to an official to perform non- discretionary actions satisfies the facilitation payments exception. The Guide notes that paying a clerk a small cash payment to issue a permit, where otherwise it would take three months to get the permit even though the clerk has no discretion to deny the permit once the right paperwork is filed, is permitted under the FCPA. By contrast, paying an official to issue a permit where the official’s decision is based on an evaluation of environmental impact of the underlying project, and is discretionary, does not qualify.
- Definition of a foreign official. The Guide takes an expansive view of who qualifies as a foreign official, just as the DOJ has in recent litigation over the subject, i.e., any official or employee, at any level of authority, will qualify. In addition the Guide reaffirms the theory that a non- government official may qualify as an official under the FCPA where they are “acting in an official capacity for or on behalf of” the foreign government, citing a 2010 Opinion Release that addressed precisely this question with respect to a third-party consultant.
- Parent liability for acts of a subsidiary. In addition to reiterating the principle that a parent corporation can be liable if it authorizes or participates in its subsidiary’s improper payments, the Guide reaffirms that a parent can be held liable on a principle-agent theory. The analysis would be fact specific and would turn on the question of how much control the parent exercised over the subsidiary in general and with respect to the specific conduct. The Guide provides case examples where the facts were found sufficient to trigger this respondeat superior liability for a parent. In practice, we know that regulators take a very aggressive view of parent liability.
- Extraterritorial jurisdiction. The Guide reaffirms regulators’ expansive view of the extraterritorial reach of the statute, including with respect to foreign companies and nationals. The Guide states that any email or other communication from, to, or through the United States (a recent case predicated jurisdiction as to foreign nationals with respect to foreign conduct on emails going through U.S.-based servers for Hotmail), or wire transfer from, to, or otherwise using the U.S. banking system (several cases have identified transfers going through U.S. correspondent bank accounts as a hook). Likewise, the Guide also asserts that U.S. persons, based on citizenship alone, can be liable for acts conducted overseas without any other U.S. nexus.
- Successor liability. The issuer of whether a successor company should be held liable for the improper conduct of an acquired company has generated significant debate within recent years. The Guide provides hypotheticals that explicate regulators’ view on this issue in a range of scenarios. The Guide states that “in a significant number of instances” the DOJ and SEC have declined to prosecute successor companies themselves in the merger and acquisition context where these companies have done due diligence, remediated improper conduct, and voluntarily disclosed to the government. At the same time, even where an acquiring company has conducted reasonable due diligence, integrated an acquired company into the acquiring company’s compliance program, and made a voluntary disclosure, the DOJ and SEC at a minimum will likely prosecute the acquired company if it still exists in a form that would allow it to be prosecuted separately (e.g., acquired company is a subsidiary of acquiring company).
- Internal accounting controls. The Guide says that internal accounting controls must be sufficient to “assure” management’s control, authority, and responsibility over the firm’s assets. Yet the statute speaks only in terms of “reasonable assurance.” The standard enunciated in the Guide appears to reaffirm the apparent practice of the government of looking backward to determine whether a violation occurred and then declaring that the accounting controls must have been inadequate because they did not present a violation.
On the question of credit for disclosure and cooperation, which is an area that has generated much discussion in recent years because of the sense amongst many in the defense community that insufficient credit is given, the Guide similarly reaffirms past statements by regulators. Perhaps for the first time, the DOJ and SEC present several recent examples of cases where prosecutors declined to prosecute. The common thread appears to be that in each instance the company conducted a thorough internal investigation, promptly reported the bribery violations to Federal authorities, and took action to remedy the situation to try to assure that it would not occur again. Yet, in our experience, many companies undertake these types of measures and yet are still required to enter into expensive settlements. Thus, the Guide leaves this issue a gray area, and one subject to significant prosecutorial discretion, as before. As for credit for having a robust pre-existing compliance program, the Guide undertakes an extensive discussion of the hallmarks of a strong compliance program and specifies examples of best practices, as well as poor ones, from DOJ and SEC’s point of view. These examples are helpful, but no additional clarity is provided by the Guide as to the degree of credit a company will receive in a settlement for having a strong pre-existing compliance program.
Also, the Guide reviews the various theories available to the government to prosecute individuals at public companies for their involvement in the alleged FCPA violations. Interestingly, the Guide omits the theory of control person liability from the government’s quiver. Only time will tell whether this omission signifies that the government is abandoning this theory or whether it was an oversight.
The Guide’s introduction states that it is intended to provide information about the FCPA, but warns that it is “non-binding, informal, and summary in nature, and the information contained [in the Guide] does not constitute rules or regulations.” Nonetheless, it would be difficult (and therefore unlikely) for the DOJ or SEC to prosecute anyone for an intentional violation of the FCPA if the person reasonably followed the guidance provided by these agencies in this Guide. The issue of course is that, because the specific facts are so important, in many cases it will not be possible to simply refer to the Guide, without further analysis, to identify whether specific conduct would or has crossed the line into illegality.
A summary of some of the key portions of the Guide is set forth below:
The Business Purpose Test
The FCPA applies only to payments intended to induce or influence a foreign official to use their position “to assist . . . in obtaining or retaining business for or with, or directing business to, any person.” This “business purpose test” is broadly interpreted to include:
- Winning a contract;
- Influencing the procurement process;
- Circumventing the rules for importation of products;
- Gaining access to non-public bid tender information;
- Evading taxes or penalties;
- Influencing the adjudication of lawsuits or enforcement actions;
- Obtaining exceptions to regulations; and
- Avoiding contract termination.
Regarding customs, the Guide discusses a specific case from 2010 wherein the company in question bribed customs officials in more than ten countries in exchange for benefits such as evading customs duties on imports, improperly expediting imports, extending contracts and lowering tax assessments, obtaining false documentation related to temporary import permits, and enabling the release of equipment from customs officials.
- The improper payments allowed the company to carry out its existing business, thereby violating the FCPA prohibition on corrupt payments made for the purpose of “retaining” business.
- The company and six of its corporate customers paid a total of more than $235 million in civil and criminal sanctions and disgorgement.
Meaning of “Corruptly”
- Offers, promises, or authorizations of payment, or payments to government officials must be made “corruptly” to violate the FCPA. The FCPA focuses on intent and therefore does not require that a corrupt act succeed in its purpose; if made corruptly, an attempt to offer, promise, or authorize a payment is sufficient to trigger liability, even if it is unsuccessful.
- Regardless of whether any bribes are ultimately offered or paid, authorizing someone to “pay whoever you need to” constitutes an FCPA violation.
Meaning of “Anything of Value”
- The FCPA prohibits the corrupt offer/gift/promise/authorization to give “anything of value” to a foreign official. There is no minimum threshold for corrupt gifts or payments.
Nominal, promotional gifts permitted: the Guide emphasizes that, given the corrupt intent requirement, “it is difficult to envision any scenario in which the provision of cups of coffee, taxi fare, or company promotional items of nominal value would ever evidence corrupt intent, and neither DOJ nor SEC has ever pursued an investigation on the basis of such conduct.”
Further, the Guide lists the “hallmarks of appropriate gift giving” as when a gift is:
- given openly and transparently;
- properly recorded in the giver’s books and records; – provided only to reflect esteem or gratitude; and
- permitted under local law.
- Further, the Guide lists the “hallmarks of appropriate gift giving” as when a gift is:
Illegal gifts: the Guide notes that past enforcement cases have both “involved single instances of large, extravagant gift-giving (such as sports cars, fur coats, and other luxury items)” and “focused on small payments and gifts only when they comprise part of a systemic or long-standing course of conduct that evidences a scheme to corruptly pay foreign officials to obtain or retain business.”
- Companies may also violate the FCPA if they give payments or gifts to third parties, such as an official’s family members or charities tied to a foreign official.
Regarding travel and entertainment, the Guide acknowledges that past enforcement cases have involved such expenditures where they “occurred in conjunction with other conduct reflecting systemic bribery or other clear indicia of corrupt intent,” such as the payment of cash bribes.
The Guide, without citing to prior precedent, opinion or settled enforcement action, gave several examples of improper travel and entertainment:
- $12,000 birthday trip for a government decision-maker from Mexico that included visits to wineries and dinners;
- $10,000 spent on dinners, drinks, and entertainment for a government official;
- a trip to Italy for eight Iraqi government officials that consisted primarily of sightseeing and included $1,000 in “pocket money” for each official; and
- a trip to Paris for a government official and his wife that consisted primarily of touring activities via a chauffeur-driven vehicle.
- The Guide also cautions companies to properly record travel and entertainment expenses and highlighted the need for appropriate internal controls to monitor the provision of such benefits.
- The Guide, without citing to prior precedent, opinion or settled enforcement action, gave several examples of improper travel and entertainment:
Hypotheticals of permitted benefits:
- inviting a dozen current and prospective customers (some of who are foreign officials) out for drinks at a trade show, and paying for the moderate bar tab is not suggestive of corrupt intent, even where the invitees were specifically selected.
- presenting the general manager of a utility – wholly-owned, controlled, and operated by a foreign government – with a moderately priced crystal vase as a wedding gift and token of esteem is appropriate, reasonable, and not in violation of the FCPA.
- where a company hosts foreign government officials for the purpose of their review of the execution and performance of a contract (a legitimate business purpose), the provision of business-class airfare may be reasonable (assuming the company’s employees would qualify for business-class airfare in similar circumstances), as are moderately priced meals and entertainment (such as a baseball game and a play).
- Although the FCPA does not prohibit charitable contributions, the Guide encourages robust due diligence to minimize the likelihood of such payments being construed as an indirect bribe in violation of the FCPA.
- The Guide identifies five questions to consider when making charitable payments in a foreign country:
- What is the purpose of the payment?
- Is the payment consistent with the company’s internal guidelines on charitable giving?
- Is the payment at the request of a foreign official?
- Is a foreign official associated with the charity and, if so, can the foreign official make decisions regarding your business in that country? and
- Is the payment conditioned upon receiving business or other benefits?
Payments to Third Parties
- The FCPA expressly prohibits corrupt payments made to “any person, while knowing that all or a portion of such money or thing of value will be offered, given, or promised, directly or indirectly.” Because Congress anticipated the use of third-party agents in bribery schemes, the “knowing” mens rea standard was intended to cover “both prohibited actions that are taken with ‘actual knowledge’ of intended results as well as other actions that, while falling short of what the law terms ‘positive knowledge,’ nevertheless evidence a conscious disregard or deliberate ignorance of known circumstances that should reasonably alert one to the high probability of violations of the Act.”
Willful blindness is evidenced through some common “red flags” associated with third parties, including:
- excessive commissions to third-party agents or consultants;
- unreasonably large discounts to third-party distributors;
- third-party “consulting agreements” that include only vaguely described services;
- the third-party consultant is in a different line of business than that for which it has been engaged;
- the third party is related to or closely associated with the foreign official;
- the third party became part of the transaction at the express request or insistence of the foreign official;
- the third party is merely a shell company incorporated in an offshore jurisdiction; and
- the third party requests payment to offshore bank accounts.
- The FCPA’s bribery prohibition contains a narrow exception for “facilitating or expediting payments” made in furtherance of “routine governmental action” that involves non-discretionary acts.
A “routine governmental action” is:
An action which is ordinarily and commonly performed by a foreign official in –
- obtaining permits, licenses, or other official documents to qualify a person to do business in a foreign country;
- processing governmental papers, such as visas and work orders;
- providing police protection, mail pickup and delivery, or scheduling inspections associated with contract performance or inspections related to transit of goods across country;
- providing phone service, power and water supply, loading and unloading cargo, or
- protecting perishable products or commodities from deterioration; or
- actions of a similar nature.
- An action which is ordinarily and commonly performed by a foreign official in –
A “routine governmental action” is not:
- An action within an official’s discretion; or
- An action that would constitute misuse of an official’s office.
- The Guide advises that the mere act of accounting for a bribe as a “facilitating payment” does not make it one, noting that enforcement actions have focused on payments for improper purposes that otherwise would have been properly recorded.
- Even though true facilitating payments are permissible under the FCPA, they may still subject a company or individual to sanctions under either the local law in the countries where a company is operating or other countries’ foreign bribery laws (such as the UK Bribery Act, which contains no such exception).
Hypothetical of permitted payment:
- A one-time small cash payment to a clerk to ensure that a clerk files and stamps permit applications expeditiously (a routine, non-discretionary governmental service that a company is entitled to receive) is a non-violative facilitating payment.
Books and Records
- Recording a bribe as a legitimate payment rather than as a bribe violates the books and records provision.
Examples of bribes that have been mischaracterized include:
- Commissions or royalties;
- Consulting fees;
- Sales and marketing expenses;
- Scientific incentives or studies;
- Travel and entertainment expenses;
- Rebates or discounts;
- After sales service fees;
- Miscellaneous expenses;
- Petty cash withdrawals;
- Free goods;
- Intercompany accounts;
- Supplier/vendor payments;
- Write-offs; and
- “Customs Intervention” payments.
- Issuers are required to maintain a system of internal controls that provide “reasonable assurance” that transactions and accounting comply with company policy and generally accepted accounting principles. However, the Guide also speaks of the need for controls which “assure” management’s control.
- An issuer is allowed flexibility in devising a system of controls appropriate for its business.
- The Guide makes clear that the DOJ and SEC expect a company’s internal controls to be proportional to the nature of the risks faced by the company.
The factors that should inform the design of an internal controls regime include:
- The nature of product or services;
- How the product or service gets to market;
- The nature of the work force;
- Extent of direct government interaction; and
- Scope of operations in countries with high corruption risk.
- The Guide highlights the individual responsibility of a company’s principal officers under Sarbanes Oxley to certify to the best of their knowledge the accuracy of financial reports and sufficiency of internal controls and the possibility for civil or criminal liability flowing from a knowing false certification.
Related U.S. Laws:
Other federal laws that may provide additional criminal or civil liability for conduct that violate the FCPA include:
- The Travel Act – prohibits travel in interstate or foreign commerce to promote “unlawful activity”;
- Anti-Money Laundering Statutes – prohibit certain transactions involving the proceeds of unlawful activities;
- Mail and Wire Fraud Statutes – prohibit use of the mails, including electronic communication, to commit fraud;
- Tax Laws – U.S. tax law specifically prohibits taking tax deductions for bribes;
- Other Certification and Licensing Requirements – the federal government imposes anti-bribery certification requirements on certain companies. For example, the Export-Import Bank of the United States requires the U.S. supplier to a foreign direct purchaser receiving a loan to certify that it has not and will not violate the FCPA; and
- The anti-fraud provisions of the SEC may apply where the financial results of an issuer are materially impacted by the inclusion of the business obtained as a result of the FCPA violation
Guiding Enforcement Principles:
The DOJ Principles of Federal Prosecution
DOJ’s Principles of Federal Prosecution recite the factors that are considered in conducting an investigation, determining whether to charge a corporation, and negotiating a plea. Those factors include among others:
- the nature and seriousness of the offense;
- the pervasiveness of wrongdoing within the corporation;
- the corporation’s history of similar misconduct;
- timely and voluntary disclosure of wrongdoing, and cooperation;
- effectiveness of the corporation’s pre-existing compliance program; and
- corporation’s remedial actions and whether conduct is ongoing.
The SEC’s Enforcement Manual
In determining whether to open an investigation and whether an enforcement action is warranted, the SEC lists seven factors it will consider, including:
- the egregiousness of the potential violation;
- the potential magnitude of the violation; and
- whether the conduct is ongoing.
Self-Reporting, Cooperation, and Remedial Efforts
Cooperation in Criminal Cases:
- The DOJ’s Principles of Federal Prosecution of Business Organization specifically provides that prosecutors should consider whether the company timely disclosed the violation and willingly cooperated with investigation; and
- The Federal Sentencing Guidelines allow for sentence reductions and downward departures for self-reporting, cooperation, acceptance of responsibility, and remediation. An organization will not qualify for the compliance program reduction when it unreasonably delayed reporting the offense.
Cooperation in Civil Cases:
In evaluating cooperation by a company, the SEC will consider:
- self-policing before the discovery of the misconduct;
- self-reporting of any violation; – remediation, including discipline of wrongdoers and improvements to internal controls; and
- cooperation with law enforcement during any investigation.
- In evaluating cooperation by a company, the SEC will consider:
Corporate Compliance Program
- In addition to considering whether a company has self-reported, cooperated, and taken appropriate remedial actions, the DOJ and SEC also consider the adequacy of a company’s compliance program when deciding what, if any, action to take.
The DOJ and SEC endorse no formula for a sufficient compliance program, preferring to take a “common sense” approach to evaluate any program based on three questions:
- Is the company’s compliance program well designed?
- Is it being applied in good faith? and
- Does it work?
Hallmarks of an effective compliance program: The DOJ and SEC will give credit only for a serious, substantive policy rather than a “check the box” approach that provides for a program that exists on paper only. Certain “hallmarks” should be present in good compliance programs, including:
- Senior Management Commitment – whether the company’s leadership fosters a “culture of compliance” through its actions and communication to employees;
- Code of Conduct and Other Specific Procedures – whether the company has adopted and promulgated clear compliance rules and procedures;
- Oversight, Autonomy, and Resources – whether the company shows practical commitment to its program, including committing implementation to the oversight of a senior executive, affording compliance personnel autonomy from business management, and providing adequate resources to the program;
- Risk Assessment – whether the company identifies risk and tailors its compliance policy and resources to those risks;
- Training and Continuing Advice – whether the company takes steps to allow for ongoing communication of the compliance policy and ethical expectations on its employees;
- Incentives and Disciplinary Measures – whether the company has established incentives that promote ethical behavior, including (1) whether it has established disciplinary procedures, including whether those procedures are reliably, timely, and consistently applied and (2) whether its incentive system encourages ethical behavior by, for example, making adherence to compliance program a factor in compensation or advancement decisions;
- Third-Party Due Diligence – whether the company undertakes risk-based assessment of third parties, including (1) understanding the third parties’ qualifications, reputation, and relationship to government officials, (2) understanding the business rationale for the use of the third party, and (3) ongoing monitoring of third parties; and
- Continuous Improvement – whether the company tests and reviews its compliance program for areas of improvement.
FCPA Penalties, Sanctions, and Remedies:
- For each violation of the anti-bribery provisions, the FCPA provides that corporations and other business entities are subject to a fine of up to $2 million. Individuals, including officers, directors, stockholders, and agents of companies, are subject to a fine of up to $100,000 and imprisonment for up to five years.
- For each violation of the accounting provisions, the FCPA provides that corporations and other business entities are subject to a fine of up to $25 million. Individuals are subject to a fine of up to $5 million and imprisonment for up to 20 years.
- Under the Alternative Fines Act, 18 U.S.C. § 3571(d), courts may impose significantly higher criminal fines than those provided by the FCPA – up to twice the benefit that the defendant sought to obtain by making the corrupt payment, as long as the facts supporting the increased fines are included in the indictment and either proved to the jury beyond a reasonable doubt or admitted in a guilty plea proceeding.
- Fines imposed on individuals may not be paid by their employer or principal.
- For violations of the anti-bribery provisions, corporations and other business entities are subject to a civil penalty of up to $16,000 per violation. Individuals, including officers, directors, stockholders, and agents of companies, are similarly subject to a civil penalty of up to $16,000 per violation, which may not be paid by their employer or principal.
- For violations of the accounting provisions, SEC may obtain a civil penalty not to exceed the greater of (a) the gross amount of the pecuniary gain to the defendant as a result of the violations or (b) a specified dollar limitation in one of three tiers. The specified dollar limitations are based on the egregiousness of the violation, ranging from $7,500 to $150,000 for an individual and $75,000 to $725,000 for a company for each violation. The SEC may obtain civil penalties in actions filed either in federal court or in an administrative proceeding.
- Individuals and companies violating the FCPA may also face significant collateral consequences, including suspension or disbarment from contracting with the federal government, cross-debarment by multilateral development banks, and the suspension or revocation of certain export privileges.
Resolutions with the DOJ
- Plea Agreements
- Deferred Prosecution Agreements
- Non-Prosecution Agreements
- In the past two years alone, the DOJ has declined several dozen cases against companies where potential FCPA violations were alleged, although these actions generally are not publicly announced.
- Six examples of the DOJ declinations are provided, in five of which the SEC joined. Common facts include that the company:
- conducted a thorough internal investigation;
- promptly self-reported the bribes; and
- implemented remedial action to prevent recurrences of the violation, including either termination or discipline of those responsible.
Resolutions with the SEC
- Injunctive Actions/Contempt Sanctions
- Equitable Disgorgement and Accounting
- Administrative Proceedings
Deferred Prosecution Agreements
- The SEC entered into its first DPA in May 2011
- Non-Prosecution Agreements
- Termination Letters and Declinations
- The Sarbanes Oxley Act of 2002 and Dodd-Frank Act of 2010 both contain provisions for whistleblowers who report FCPA violations. A whistleblower, who provides original information of a violation, may obtain an award of 10% to 30% of moneys collected in SEC and related actions by other agencies, where the tip results in the SEC collecting at least $1 million.
DOJ Opinion Procedure:
- The DOJ’s Opinion Procedure allows parties to submit information regarding prospective conduct to the DOJ and receive an opinion from the DOJ about whether the conduct falls within its enforcement policy.
- Opinions are only available to issuers or domestic concerns (as defined by the FCPA).
- To the extent that an opinion concludes that proposed conduct would not violate the FCPA, a rebuttable presumption is created that the requestor’s conduct that was the basis of the opinion is in compliance with the FCPA. However, this requires that all material facts regarding the transaction have been provided to the agency.
WHAT SHOULD COMPANIES DO?
While the Guide does not provide many new answers, it does compile the learning from most of the existing precedents into one reference document. This should lead companies to review and update their existing internal controls to assure that they are following best practices. The Guide does not specify all of the elements of an effective compliance program, but it does set forth various hallmarks of such a program, including suggestions on policies, training, risk measurements, testing, discipline, and due diligence regarding acquisitions. At the same time, the Guide recognizes that one size does not fit all, and that a company’s program should reflect its size, culture, business, and risks involved. Vigilance, diligence, and reasonableness are the keys to effective compliance. Company officers, in-house lawyers, and all FCPA practitioners should fully familiarize themselves with this important Guide.