IT companies have increasingly global operations. As such, they are aware that the investigation and prosecution of Foreign Corrupt Practices Act (FCPA) violations are drawing increased attention. A well-publicized 2010 undercover sting operation resulted in the indictment of 22 individuals across the country on FCPA charges. Big-ticket agreements in the past year by Daimler AG (US$185 million), Snamprogett/ENI (US $365 million), and Technip (US$340 million) to resolve criminal and civil FCPA charges are only the latest in a recent string of nine-figure prosecutions. And in a 2010 speech to the Organisation for Economic Co-Operation and Development (OECD), US Attorney General Eric Holder called combating corruption one of the Department of Justice’s (DOJ) “highest priorities” and noted that the pace of criminal prosecutions “is accelerating.” Notably, the US government’s scrutiny is focused on individuals as well as corporate entities. As the Attorney General remarked:

Let me be clear, prosecuting individuals is a cornerstone of our enforcement strategy because, as long as it remains a tactic, paying large monetary penalties cannot be viewed by the business community as merely “the cost of doing business.” The risk of heading to prison for bribery is real, from the boardroom to the warehouse.

Indeed, charging and seeking tough sentences for individuals is now part of a deliberate DOJ strategy to enforce the FCPA.

The government is putting its money where its mouth is. As Assistant Attorney General Lanny Breuer has emphasized, the government devoted the significant additional funding for economic fraud enforcement in the administration’s 2010 budget and a further 23 percent increase in 2011. The DOJ’s Criminal Division is also adding a number of attorneys to the Fraud Section, “lawyers who will be deployed immediately to prosecute crimes like . . . foreign bribery under the [FCPA].” The legislative branch is on board as well. Recent financial reform legislation includes provisions awarding bounties to whistleblowers who report violations.

The SEC Bulks Up in San Francisco

Like the DOJ, the US Securities Exchange Commission (SEC) has made the FCPA a centerpiece of its enforcement efforts. Last year, the SEC’s Enforcement Division created national specialized units in five priority areas, one devoted entirely to the FCPA. As the Associate Director in the Division of Enforcement remarked, the “primary mission” of this unit is to become more proactive in its enforcement of the FCPA, including by gaining “in-depth knowledge of industries and regional practices” and conducting “more targeted sweeps and sector-wide investigations.”

FCPA criminal investigations are handled primarily by the DOJ’s Fraud Section in Washington, D.C., and until recently the SEC’s FCPA investigations also have largely been run from the East Coast. By doing so, the SEC has effectively limited the number of cases it had the ability to investigate. But that has changed. On the heels of its national reorganization, the SEC announced in 2010 that it had opened a specialized FCPA unit in its San Francisco Regional Office, the first of its kind among the SEC’s 12 regional offices. In doing so, the SEC sent a clear message that it views Silicon Valley as a target-rich environment. As the Assistant Regional Director in charge of the unit stated, “The fact that we have a significant presence of companies in Silicon Valley who do business internationally, specifically in Asia, makes us well-suited for addressing these kinds of issues.”

Targeting Silicon Valley, Asia

The FCPA prohibits certain direct or indirect payments to foreign officials, candidates for foreign political position and foreign political parties. The global reach of many Silicon Valley companies, whether privately held or publicly traded, whether operating directly or though foreign subsidiaries, makes the FCPA a real concern. Doing business with any foreign governmental entity, whether as a customer, vendor, contractor, financier or partner, poses a potential for FCPA violations. Less directly, any business that involves government regulators, such as customs officials, also faces potential FCPA issues.

The most obvious situations involve what are clearly foreign entities and clearly problematic payments. Hewlett-Packard, for example, was the subject of an SEC probe concerning alleged bribes made by a foreign subsidiary to secure the sale of computer equipment to the office of the prosecutor general of the Russian Federation. But the governmental connection is not necessarily so obvious. Universities, hospitals, banks and telecommunications companies are just some of the entities that may be sufficiently nationalized or government-controlled to fall within the FCPA.

Regulators in the US have been aggressive in alleging that employees of state-owned or state-controlled enterprises fall within the FCPA’s prohibitions. This stance can pose problems especially in China, where the line between public and private is not always so clear. The bureaucratic hurdles involved in conducting business in China and the widespread Chinese cultural practice, often entirely legitimate, of exchanging gifts to strengthen personal and business relationships—guanxi—compound the opportunities to run afoul of the FCPA.

Nor are the problematic benefits at issue as obvious as a suitcase stuffed with hundred-dollar bills. One Bay Area tech company, for example, recently agreed to pay a US$1.5 million civil penalty and an additional US$1.5 million criminal fine as part of a joint SEC/DOJ FCPA investigation. Among other allegations, the SEC charged that the company’s wholly-owned Chinese subsidiary paid nearly US$7 million for hundreds of overseas trips by employees of Chinese government-controlled telecommunications companies. While the company claimed that the trips were to provide customer training, the US government asserted that they were really sightseeing junkets.

As the SEC noted, its San Francisco FCPA outpost is particularly well-positioned to pursue Asia-related matters. Many Asian countries did not fare well in Transparency International’s 2010 Corruption Perceptions Index: China (79th out of 180 countries), Thailand (84th), Indonesia (111th), Vietnam (120th), Philippines (139th), Cambodia and Laos (tied for 158th). Given stepped-up cross-border enforcement cooperation and the increasing emphasis on battling corruption, as recently was on display in last year’s G-20 summit, the SEC expects to be busy.

The Increasing Costs of Penalties and Other Consequences

The current political climate means not only increased attention on enforcement, but also a more aggressive application of the FCPA and its penalties. Big corporate pay-outs have generated the most attention, but individuals are also seeing stiffer penalties. In 2010, a federal judge sentenced Charles Jumet, who, in a DOJ-led prosecution, was convicted of involvement in US $212,000 in bribes to Panamanian officials, to 87 months imprisonment, the longest sentence ever given under the FCPA.

In the year since opening its doors, the SEC’s San Francisco FCPA unit has been quiet — at least publicly. No FCPA charges or settlements have been reported from the San Francisco Regional Office in over a year. However, the word on the street is that the office has a number of active FCPA investigations (some in conjunction with the United States Attorney’s Office), so future announcements may be forthcoming.

More broadly, there are some noteworthy FCPA developments in the past 12 months. Since historically most FCPA cases have settled — many contemporaneous with the filing of the complaint — there has been little opportunity for courts to weigh in on some of the undeveloped aspects of the FCPA. It appears that more defendants, however, are litigating FCPA charges. One district court recently addressed the extent to which an officer of a government-owned entity may be considered a “government official” under the FCPA. In United States v. Aguilar,1 the court ruled that employees of a electric utility company wholly owned by the Mexican government could be considered “government officials” under the FCPA.2

Other defendants have lost at trial or pled guilty, but several courts have rejected the government’s request for stiff sentences, indicating that the courts may not readily accept the government’s contentions of the seriousness of some FCPA offenses.3

What to Do?

In a world where both global business and FCPA enforcement are continuing to expand, there are some things that you can do to minimize your exposure:

Compliance Program Vigilance

An ounce of FCPA prevention is worth a pound of government cure. Of course, a compliance program that prevents an FCPA violation from occurring in the first place will eliminate the extensive costs required to manage — even successfully — an FCPA claim. But while even the best compliance programs cannot guarantee that some employee somewhere won’t violate the FCPA, an effective program can go a long way to minimizing the costs of such violations.

Critically review your compliance program to make sure that it is designed for optimal effectiveness, that it is enforced and supported by all levels of management, that employees are property trained and incentivized to comply with it, and that it has sufficient resources to make it work. Special attention should be paid to issues specific to your industry and the parts of the world in which you operate.

Know Your Constituents

Know your partners and customers. Understand their ownership structure, particularly the extent to which they may be owned or controlled by a foreign government or by persons or entities acting on its behalf. Be familiar with the type and amount of government funding they receive. In dealing with customers, vendors, agents or consultants, secure written representations that they are familiar with the proscriptions of the FCPA, that they are in compliance with the FCPA, and that they will continue to comply. Include meaningful sanctions for the failure to do so.

Where you are acquiring a company or new personnel, do your homework in advance. Improper practices can be an unintended part of a foreign acquisition. Many overseas managers and employees come from different national and corporate cultures, with different languages and experiences. Aggressively educate and train personnel so that they know your company’s values and procedures, especially where they may be at odds with their prior experience.

Disclose Where Necessary

Consider whether you need to disclose the FCPA as a risk factor for your business. These risks may be more prominent in developing countries, where business growth can be most promising, as well as in certain larger markets, such as Russia or China, with a history of such problems. In addition, certain business lines, including certain technologies involving heightened export restrictions, may be more susceptible to the exchange of improper benefits.