Aggressive FCPA enforcement in recent years has presented corporate officials with difficult choices regarding compliance and cooperation. Crafting, implementing and maintaining an effective FCPA compliance system can be time consuming and costly, particularly since its ultimate effect if a difficulty or possible violation occurs cannot be ascertained with certainty.
Cooperation and self-reporting are equally difficult issues. Both can result in extensive and costly investigations which continue for years. Yet the precise benefits are all but impossible to quantify at the time the decision is made.
Enforcement officials, in contrast, point to the clear benefits from both choices. Crafting an effective compliance system does not mean that every new gadget in the FCPA market place must be purchased. The key is to implement a system based on the principles detailed in the DOJ-SEC FCPA Guide. While the system is not a defense, the Morgan Stanley case is a good illustration that such a system can lead to a declination or at least minimize liability.
Cooperation and self-reporting also has clear benefits enforcement officials insist. They have identified instances in which a firm resolved serious FCPA charges with a deferred prosecution agreement and a fine. And, there are many examples of cases where the fine imposed is below the bottom end of the range calculated under the sentencing guidelines based on cooperation.
Despite all this, there is no doubt that the decisions faced by corporate officials are difficult. Careful consideration of the resolution of the FCPA case for Marubeni Corporation may help clarify the options for corporate officials. U.S. v. Marubeni Corporation, Criminal No. 314 cr 00052 (D. Conn. Filed March 19, 2014). There the The Japanese trading company did not implement an effective FCPA compliance system. The company also chose not to self-report or cooperate with an FCPA investigation despite a prior deferred prosecution agreement from an FCPA case. The result: The parent company pleaded guilty to one count of conspiracy and seven counts of FCPA charges. It will also pay a criminal fine of $88 million, well within the range calculated under the sentencing guidelines. And, DOJ will impose a compliance system on the firm, all as part of the plea agreement.
To be sure, the underlying conduct was significant. The case is based on a years long scheme which traces to at least 2002 when Marubeni, in conjunction with Alstrom, paid bribes to officials of the Indonesian government, included a high ranking member of Parliament and an official at the state owned utility. The bribes were paid to secure a $118 million contract for what was known as the Tarahan project which provides power related services for the citizens of Indonesia. To conceal the hundreds of thousands of dollars in bribes, two consultants were retained whose primary purpose was to pay the bribes. Portions of the bribe money were paid through the Maryland bank account of one consultant. The contract was secured.
While the firm is a recidivist, having been involved in the TSKJ Nigeria joint venture FCPA cases, a key factor in the disposition of the case, according to enforcement officials, was the specific choices made by the company. Marubeni did not create and implement an effective compliance system; it chose not to self –report; and it chose not to cooperate. Remarks of Acting Assistant AG Mythill Raman before the Global Anti-corruption Compliance Congress, Washington, D.C. (March 20, 2014).
The result of the firm’s choices is thus eight felony guilty pleas; a significant criminal fine; and an obligation to build an implement a compliance system based on the following principles dictated by the DOJ:
- High level commitment: The company will “ensure that its directors and senior management provide strong, explicit, and visible support and commitment to its corporate . . .” FCPA policy.
- Policies and procedures: The firm will develop and promulgate a “visible corporate policy against violations of the FCPA . . .”
- Development: The policies and procedures will be based on “a periodic risk assessment addressing the individual circumstances of the Company, in particular the foreign bribery risks facing the Company . . .”
- Inclusion: The policies and procedures will apply equally to all “directors officers, and employees and, where necessary and appropriate, outside parties acting on behalf of the Company in a foreign jurisdiction . . .”
- Comprehensive: The policy will be comprehensive, applying to gifts, hospitality, customer travel, political contributions, charitable donations and sponsorships, facilitation payments and solicitation and extortion.”
- Internal controls: The procedures will ensure that there is an effective system of financial and accounting procedures that include a system of internal controls that is reasonably designed to ensure the maintenance of fair and accurate books, records, and accounts.
- Oversight: The responsibility for the policies and procedures of the company shall be assigned to one or more “senior corporate executives” who will have the authority to report directly to the board, audit committee or other appropriate board committee and who have autonomy from management and adequate resources.
- Review and update: The company will review at least annually its policies and procures and update them, “taking into account relevant developments in the field and evolving international and industry standards.”
- Implementation: The firm will implement mechanisms designed to ensure compliance with its anticorruption and ethics policies and procedures including periodic training and corresponding “certifications by all directors, officers, employees, agents, and business partners, certifying compliance with the training requirements.” The company will also establish and maintain an effective system for providing guidance and advise regarding its anticorruption policies and procedures.
- Whistleblowers: The company will establish and maintain systems for the confidential reporting of possible violations of its anticorruption policies and for any necessary follow-up to respond and investigate and necessary.
- Enforcement: The company will establish appropriate mechanisms to ensure effective enforcement and, as appropriate, disciplinary procedures which apply to all persons.
- Third parties: The company will institute appropriate risk based due diligence and compliance requirements for the retention and oversight of all agents and business partners. Where necessary and appropriate the company will include standard provisions in agreements regarding compliance with anticorruption policies and permitting audits and the right to terminate the relationship.
- Mergers and acquisitions: The firm will develop and implement policies and procedures for mergers and acquisitions requiring that the appropriate risk based due diligence be conduct. In addition, the firm’s anticorruption policies and procedures will be extended to any acquisition as quickly as possible.
- Monitoring: Periodic testing will be conducted of the anticorruption policies and procedures taking into account developments in the field and evolving international and international standards.
There is no doubt that corporate directors face difficult choices in view of the aggressive FCPA enforcement programs being conducted by the DOJ and the SEC. The result in Marubeni should provide clarity to those choices.