On August 24, 2018, the U.S. Court of Appeals for the Second Circuit dealt a blow to the U.S. Department of Justice’s (“DOJ”) ongoing efforts to expand the extraterritorial reach of the U.S. Foreign Corrupt Practices Act (“FCPA”).
In United States v. Hoskins, 1 the Second Circuit concluded that a non-resident foreign national who did not commit any acts in the United States and is not otherwise subject to FCPA jurisdiction cannot be prosecuted merely under the theory that the foreign national was an accomplice or co-conspirator with a U.S. entity or individual. The Second Circuit’s opinion is contrary to certain of the DOJ’s prior enforcement settlements and published guidance, through which the DOJ has asserted broad jurisdiction over foreign entities and individuals for alleged FCPA violations. Because the vast majority of defendants settle with the DOJ rather than face indictment, the validity and limits of these assertions have largely gone untested until now.
The Second Circuit’s decision in Hoskins, one of the rare court opinions interpreting the FCPA, signals that courts are willing to limit U.S. regulators’ authority to assert jurisdiction over foreign entities and individuals for conduct committed outside the United States.
THE DOJ’S BROAD INTERPRETATION OF THE FCPA “TERRITORIAL” JURISDICTION
The FCPA sets forth three sources of jurisdiction. First, the DOJ may prosecute issuers of securities listed in the United States, U.S.-based entities and U.S. citizens, nationals and residents, as well as their employees and agents, if they use interstate commerce in connection with the payment of bribes.2 Second, foreign non-issuers and individuals also can be prosecuted on the basis of conduct committed within the territory of the United States.3 And third, U.S. citizens, nationals, residents and U.S.-based issuers and entities may be held liable for conduct committed anywhere in the world.4
As reﬂected in the DOJ’s recent enforcement actions and public statements, the Department historically has adopted a broad interpretation of the FCPA’s jurisdictional reach. In FCPA guidance issued jointly by the DOJ and the U.S.
Securities and Exchange Commission (“SEC”), for instance, the government took the position that foreign entities and individuals can be subject to FCPA liability if they engage in any act in furtherance of a corrupt payment while in the United States.5
The DOJ also has taken the position that foreign persons may be subject to FCPA liability if they aid and abet, conspire with, or act as an agent of an issuer or U.S. citizen, national, resident or entity, regardless of whether the foreign person itself took any action while in the United States.6 According to the DOJ and SEC’s FCPA guidance, foreign persons may be subject to substantive FCPA charges “for the reasonably foreseeable substantive FCPA crimes committed by a co-conspirator in furtherance of the conspiracy,” even if the foreign person “had never taken any actions in the territory of the United States.”7
THE SECOND CIRCUIT’S DECISION IN HOSKINS
The Hoskins decision arises out of the DOJ’s high-proﬁle prosecution of French multinational energy company Alstom S.A. in connection with a global bribery scheme, which resulted in Alstom’s guilty plea and payment of a $772 million criminal penalty. The DOJ alleged that Lawrence Hoskins, a British national employed by Alstom’s U.K. subsidiary, knowingly authorized payments by Alstom’s U.S. subsidiary to consultants in Indonesia for the purpose of bribing Indonesian government ofﬁcials in exchange for a large power contract. Hoskins was not alleged to have traveled to the United States or to have otherwise committed any acts in furtherance of the scheme within U.S. territory.
Consistent with its FCPA guidance, the DOJ argued that, independent of whether Hoskins was an agent or employee of Alstom’s U.S. subsidiary, and although he was not alleged to have committed any acts within the United States, he could nonetheless be prosecuted because he conspired with or aided and abetted a U.S. company and its employees in committing FCPA violations.
The Second Circuit rejected the DOJ’s position. In doing so, the Court found that the FCPA statute “deﬁnes precisely the categories of persons who may be charged for violating its provisions,” and that the “territorial limitations of the FCPA preclude liability” for foreign nationals acting outside the territory of the United States who are not ofﬁcers, directors, employees or agents of a U.S. entity or individual. The Court concluded that the “government may not expand the extraterritorial reach of the FCPA by recourse to the conspiracy and complicity statutes.” Hoskins, therefore, could not be held liable under the FCPA because he did not ﬁt within the categories of persons directly covered by the statute.8
As one of the rare court opinions interpreting the FCPA, and in particular, limiting the DOJ’s jurisdictional reach, the Second Circuit’s decision in Hoskins is signiﬁcant. The decision suggests that certain of the DOJ’s expansive jurisdictional theories are not grounded in the law. It is unclear how the DOJ will respond in future enforcement actions. It also remains to be seen whether the DOJ and SEC will reassess their FCPA guidance regarding the assertion of jurisdiction on the basis of accomplice liability in light of the Court’s decision.
Despite the implications of the decision on the interpretation of FCPA jurisdiction, the Hoskins decision does not alter the regulatory and enforcement landscape for a signiﬁcant proportion of multinational companies and their executives, namely those with even minimal contacts with the U.S. The Court’s decision was based upon a speciﬁc set of facts: a foreign national who did not act as an employee or agent of a U.S. entity or individual, and who did not commit any acts within the United States. In practice, therefore, multinational companies and their executives should anticipate that the DOJ will continue to aggressively enforce the FCPA even on the basis of a limited U.S. nexus and should ensure that their corporate compliance programs and internal controls are sufﬁciently robust to prevent, detect and remediate anti-corruption risks.