On November 14, 2012, the Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) jointly issued their long-awaited guidance on the Foreign Corrupt Practices Act (the “FCPA”): A Resource Guide to the U.S. Foreign Corrupt Practices Act (the “Guide”)1. The 120-page inter-agency Guide provides the most comprehensive written guidance to date on many aspects of the FCPA’s anti-bribery and accounting provisions. The Guide breaks no new ground and does not significantly change the positions previously advanced by the DOJ and SEC or address many of the nuanced questions confronting US businesses. Specifically, the DOJ and SEC did not, on a number of issues, create the hoped-for bright-line rules around key FCPA issues. Nonetheless the Guide will be a useful and accessible tool that compiles in a single source information on what the FCPA prohibits and how the statute may be applied, and provides helpful insight on the DOJ and SEC’s interpretation of the law.

What does the Guide contain?

The Guide contains, among other things, a detailed breakdown of the statute along with DOJ and SEC enforcement practices and perspectives, drawing on various sources of law and guidance, including recent enforcement actions, matters the agencies have declined to pursue, opinion releases, court decisions, the sentencing guidelines and agency memoranda. The Guide also includes hypotheticals that highlight general issues, such as: jurisdiction under the FCPA; the treatment of gifts, travel and entertainment expenses; facilitating payments; successor liability involving acquired companies that were and were not previously subject to the FCPA; and third-party vetting.

Some relevant highlights for our clients include:

Successor Liability

In the context of mergers and acquisitions, the Guide provides the DOJ and SEC’s stance on the circumstances in which the agencies will take action against successor companies. The Guide emphasizes the importance of pre-acquisition anti-corruption due diligence to identify potential corrupt acts and determine how such issues will be addressed, investigated and remedied. It further notes that the DOJ and SEC have declined to take action against acquiring companies that have duly discovered (including post-acquisition), voluntarily disclosed and timely remediated corruption issues, instead pursuing enforcement actions against predecessor companies. Notably, the Guide indicates that the circumstances in which the DOJ and SEC have taken action against acquiring companies are limited to “cases involving egregious and sustained violations or where the successor company directly participated in the violations or failed to stop the misconduct from continuing after the acquisition.2" Thus, to minimize the risk of potential enforcement actions by the DOJ and SEC, acquiring companies are well-advised to conduct risk-based pre-acquisition anti-corruption due diligence on target entities, take appropriate steps post-acquisition to ensure a comprehensive review is conducted, take timely and measured action to address and remediate any potential misconduct that is discovered, and promptly incorporate the acquired company into all of its internal controls, including its compliance program.

Components of Effective Compliance Programs

The Guide emphasizes the importance of an effective anticorruption compliance program and reiterates that there is no one-size-fits-all approach to an effective program. To be effective, a compliance program must be tailored to the size and nature of the business and the particular risks associated with its global location, the industry in which it operates, interactions with government officials, use of third-party agents, etc. In this regard, the Guide notes that the DOJ and SEC employ a “common-sense and pragmatic approach to evaluating compliance programs,” focusing on whether a compliance program is “well designed,” whether the program “[i]s . . . applied in good faith,” and whether the program “works.3

Significantly, the DOJ and SEC refused to use the Guide to offer a bright-line rule on whether companies could use compliance programs as a defense against criminal prosecution. As noted by Lanny Breuer, head of the DOJ’s Criminal Division, in a November 16 speech, regulators will not allow this out of concern that allowing such a defense could dilute the progress already made in using compliance programs to combat corruption. Thus, the Guide reiterates the general characteristics of an effective compliance program that have been previously discussed in various sources, including deferred and non-prosecution agreements entered into with the DOJ. These so-called “hallmarks” of a compliance program include:

  • Commitment from senior management and a clearly articulated policy against corruption
  • Code of conduct that is clear, concise and accessible to all employees 
  • Compliance policies and procedures tailored to the size and nature of the business 
  • Assigned individual(s) responsible for the oversight and implementation of the compliance program with adequate autonomy and resources
  • Risk assessment tailored to the particular risks faced by the company
  • Periodic training and certification for company directors, officers and relevant employees, as well as third-party agents and business partners if appropriate
  • Clear and appropriate disciplinary procedures that are applied promptly and reliably, as well as incentives that reward ethical and lawful behavior
  • Risk-based due diligence on third-party agents, consultants and distributors 
  • A mechanism for confidential reporting of misconduct and a process for investigating the allegations and documenting the company’s response
  • Periodic testing and review4

The Guide’s approach to this issue can provide companies with insight and direction for compliance programs and in completing risk assessments. The Guide nonetheless maintains a case-bycase, fact-specific approach that affords the enforcement agencies significant flexibility and allows agency officials discretion when making enforcement decisions. Based on Mr. Breuer’s comments last week, this approach quite intentionally leaves the lines surrounding compliance programs and FCPA enforcement somewhat blurry.  

Benefits of Cooperation

Once again eschewing a bright-line rule, the Guide’s offerings on the benefits of cooperation similarly echo the agencies’ prior statements and do not include specific, identifiable benefits that corporations can expect to receive in exchange for voluntary disclosure of potential misconduct or other forms of cooperation. Like previous statements on the benefits of cooperation, the Guide relies on the DOJ’s Principles of Federal Prosecution of Business Organizations, US Sentencing Guidelines, the SEC’s Seaboard Report and factors identified by the SEC in announcing its new cooperation program in discussing the benefits of cooperation.5 The result is that corporations must still perform an uncertain calculus in determining whether to voluntarily disclose potential misconduct to federal enforcement agencies or otherwise cooperate with a DOJ or SEC investigation.

The Guide does, however, contain six recent examples of matters the DOJ and/or SEC have declined to pursue, including the factors the agencies considered in their decisions. In all six examples, the companies

  • Began internal investigations upon discovering potential misconduct
  • Voluntarily disclosed the misconduct to the DOJ and/or SEC
  • Promptly took appropriate remedial actions such as ending the conduct, terminating or disciplining the employees involved, and improving their compliance programs and internal controls, among other things6

While these recent declinations demonstrate that companies with FCPA issues can benefit from voluntary disclosure under certain circumstances, they are too general to provide much guidance to companies faced with the decision of whether to self-report.

What does the Guide not contain?

Although useful in many respects, the Guide does not resolve some of the ambiguities surrounding the FCPA that have prompted many of the reform proposals called for by FCPA practitioners and members of the business community. Instead, the DOJ and SEC appear to have been careful in the Guide to retain flexibility for agency officials when making enforcement decisions.

For example, the Guide addresses the definitions of “foreign official” and “instrumentality,” describes a non-exhaustive list of factors that courts have considered in evaluating whether a particular entity may be considered an “instrumentality” for purposes of the FCPA,7 and notes that both agencies have “long used an analysis of ownership, control, status, and function to determine whether a particular entity is an agency or instrumentality of a foreign government.8” But the Guide does not provide any bright-line rules for determining when an entity is an instrumentality of a foreign government, expressly noting that “no one factor is dispositive” and that, under some circumstances, and entity that is less than 50 percent owned by a foreign government may qualify as an instrumentality.9

Similarly, as noted above, the Guide does not provide a formal compliance defense for companies that maintain effective compliance programs and voluntarily disclose potential misconduct, which has been proposed as a possible reform.10 As stated in the Guide, the DOJ and SEC will instead continue to “consider the adequacy of a company’s compliance program when deciding what, if any, action to take.11

Conclusion

The long-awaited guidance provided by the DOJ and SEC in the Guide is certainly useful in providing insight into the agencies’ interpretations of several key aspects of the FCPA and to understanding the agencies’ approaches to enforcing the statute. However, the Guide offers no bright-line rules on the FCPA and does little to clarify the current ambiguities in provisions of the FCPA. Thus, we anticipate that the FCPA will continue to be subject to considerable debate and interpretation.