The new Department of Justice and Securities and Exchange Commission Resource Guide to the U.S. Foreign Corrupt Practices Act (the Guide) devotes substantial attention to FCPA issues as they arise in the context of mergers and acquisitions.1 This attention is well-warranted given that a significant portion of FCPA enforcement actions arise in the M&A context, with this trend set to persist as U.S. companies inexorably push into emerging markets. The Guide underscores the extent to which the Agencies’ enforcement decisions are influenced by an acquiring company’s level of anti-corruption due diligence, its compliance integration efforts, and its willingness to self-report to enforcement authorities. Notwithstanding some helpful guidance on these issues, the Agencies have missed an opportunity to provide clear incentives to responsible companies looking to buy and integrate troubled businesses in corruption-challenged jurisdictions.
Emphasis on Due Diligence, Integration, and Disclosure
The overarching corruption risk in the M&A context is, of course, successor liability: The risk of buying a company that is already covered by the FCPA and that has already violated it, leading potentially to liability for the purchaser based on pre-acquisition acts over which it had no control. Assessing that successor liability risk is front and center for multinational companies expanding around the world.
Recognizing this risk, the Guide rightly emphasizes the importance of pre-closing due diligence and post-closing integration of the target into the acquirer’s compliance and internal control programs. In several hypotheticals, the Guide endorses the following steps as the key components of anti-corruption due diligence:
- a review by the acquirer’s legal, accounting, and compliance departments of the target’s sales and financial data, customer contracts, and third-party and distributor agreements;
- a risk-based analysis of the target’s customer base;
- an audit of selected transactions by the target; and
- interviews with target management, including those in charge of the legal, sales and audit functions.2
The Guide touts both the business and enforcement rationales for due diligence, arguing that robust diligence allows an acquirer to accurately value the target company, swiftly complete compliance and controls integration, and minimize the enforcement risk arising from any pre-existing FCPA liability at the target. In addition, the Agencies hint that they will view the failure to perform comprehensive corruption diligence as evidence that the company lacks a commitment to FCPA compliance.3
This diligence is much easier described than executed, given the myriad ways in which deals unfold and the difficulty even the most motivated buyers have in prying reliable corruption-risk information out of target companies in corruption-challenged jurisdictions. The Guide is short on ways to break through the barriers to this information, and long on the risks of getting the corruption assessment wrong.
No Successor Liability Safe Harbor
The Guide provides considerable insight regarding the Agencies’ views about successor liability prosecutions. It makes clear, for example, that where a lack of anti-corruption diligence and compliance controls leads to the purchase of a company with ongoing but undetected corruption violations that continue after closing, both the buyer itself and the target company will be prosecuted.4 And the Guide holds out the prospect of imposing successor liability where extensive but imperfect pre-closing due diligence fails to detect FCPA violations, even if the violations are quickly remedied and disclosed post-closing.5
A Missed Opportunity To Create The Right Incentives
Given the inherent limits of anti-corruption diligence, the threat of successor liability prosecution leads many companies to avoid buying any company operating in high-risk jurisdictions that is already exposed to the FCPA. Structuring the prosecution incentives in this way does not further the goals of the FCPA.
The Guide does stress that the Agencies’ practice is often to prosecute the target company, and not the purchaser, where pre-acquisition conduct is found during either due diligence or integration and promptly disclosed.6 But prosecution of a subsidiary is cold comfort for a purchaser, as the reputational harm of such a prosecution can easily be the same as prosecution of the parent company. A board of directors deciding whether to buy a potentially troubled company is unlikely to take solace in the Guide’s assurance that the Agencies usually prosecute only the predecessor companies.
The Agencies should encourage responsible companies to buy troubled businesses and fix them. Instead of applying successor liability rules to punish the buyer, the Agencies should provide immunity for purchasers and the companies they buy, and create a clear safe harbor period of three to six months in which to impose controls at the target company. The deterrent message would not be lost: Individuals could still be prosecuted, with the cooperation of the immunized companies.
The Guide’s discussion of successor liability prosecutions is helpful. More helpful would be clear incentives for good companies to buy bad ones.