During the past several years, the Department of Justice ("DOJ") and the Securities and Exchange Commission ("SEC") have pursued an increasing number of enforcement actions against businesses and individuals under the U.S. Foreign Corrupt Practices Act ("FCPA"). The FCPA, which prohibits bribery of foreign officials for business purposes, has enabled the DOJ and SEC to impose sizeable monetary penalties and secure lengthy prison sentences. Yet courts have thus far lacked the opportunity to interpret much of the FCPA's notoriously ambiguous language. And the DOJ and SEC have generally offered scant public guidance on their FCPA enforcement analyses and priorities. Consequently, businesses face the challenge of complying with a murky statute in an equally murky enforcement environment.
On November 14, 2012, the DOJ and SEC took a step toward easing this challenge by publishing the 120-page A Resource Guide to the U.S. Foreign Corrupt Practices Act (the "Guide"). Providing businesses of all sizes with a user-friendly tool for understanding and complying with the FCPA, the Guide demonstrates the FCPA's practical application through hypotheticals, examples of enforcement actions and declinations, and summaries of case law and DOJ opinion releases. In doing so, the Guide addresses an array of historically thorny topics, including the definition of "foreign official"; what constitute proper and improper gifts, travel, and entertainment expenses; and how successor liability applies in the mergers and acquisitions context. Moreover, the Guide's 418 endnotes equip readers with a treasure trove of citations to statutes, legislative history, court filings, judicial opinions, and other sources.
The Guide is not binding on the DOJ and SEC and, thus, does not provide any new bright-line rules, but it is still required reading for anyone responsible for ensuring a company's FCPA compliance. Additionally, it collects—for the first time in one place—the government's collective views on the scope of the FCPA, as well as the various authorities the government will rely on in conducting future investigations and prosecutions. Although the Guide does not offer a watershed change in the agencies' approach to FCPA enforcement, among the Guide's numerous takeaways, Stoel Rives has identified the following five as especially noteworthy:
- Customized Compliance Programs: Perhaps the Guide's most important takeaway is that each small, medium, and large business entity with an international presence should establish a customized FCPA compliance program appropriate for its specific business needs and risk profile. In the words of the DOJ and SEC, "one-size-fits-all compliance programs are generally ill-conceived and ineffective." Nor would a general provision in an employee handbook prohibiting bribery of foreign officials likely suffice. The Guide devotes nine pages to identifying the "hallmarks of effective compliance programs" and stresses that a company should periodically review and update its compliance program. Additionally, the Guide repeatedly suggests that businesses should strongly consider translating written policies and training programs into the local language of foreign employees and foreign third-party intermediaries.
- Definition of "Foreign Official": Who qualifies as a "foreign official" has been the subject of much debate over the past several years, including—for the first time—a challenge to the DOJ and SEC's broad definition in a federal court of appeals case. (That decision is still pending.) The Guide does little to clarify this dispute, instead continuing to press the broad DOJ and SEC view that any employee of any entity that is owned or controlled by a foreign state is automatically a foreign official. The Guide does not mention the pending appeal, instead justifying the broad interpretation based on the few district court decisions that have adopted the government's definition, and the fact that dozens of government-drafted plea agreements have utilized the broad definition. The Guide does make clear that an entity will be considered owned or controlled by a foreign state if the foreign government owns or controls more than 50% of its shares—and sometimes even if the foreign government has a minority interest. Ultimately, whether the government's view (stated matter-of-factly in the Guide and without acknowledging the current conflict) will prevail remains to be seen.
- Gifts, Travel, and Entertainment Expenses: The Guide acknowledges what the DOJ and SEC have long admitted: that gifts, travel, and entertainment can all be part of normal and proper business practices. Thus, the DOJ and SEC are likely to limit their enforcement focus to (i) "single instances of large, extravagant gift-giving"; (ii) "widespread smaller items [given] as part of a pattern of bribes"; and (iii) otherwise reasonable travel and entertainment expenditures when occurring "in conjunction with other conduct reflecting systemic bribery." While acknowledging that these precautions may not be necessary for every business, the Guide recommends "automated gift-giving clearance processes" and "clear monetary thresholds for gifts along with annual limitations." In other words, businesses—especially medium-sized and large companies—would be wise to formalize gift giving with budgets and guidelines and an approval process, rather than handling gifts on an ad hoc basis.
- Successor Liability in M&A Transactions: The Guide devotes six pages to the issue of successor liability—i.e., the legal principle that when a company merges with or acquires another company, the successor company becomes liable for any civil or criminal offenses the predecessor company committed before the merger or acquisition. In other words, if a predecessor company violates the FCPA, the successor company is on the hook for those FCPA violations once the merger or acquisition closes. To avoid or at least minimize such successor liability, the DOJ and SEC encourage companies to (i) conduct extensive FCPA-specific due diligence on all merger and acquisition targets and (ii) voluntarily and promptly disclose to the DOJ and SEC any FCPA violations committed by the target and to cooperate in remediating such violations. More specifically, the Guide not only provides "practical tips" for reducing FCPA risk in mergers and acquisitions, but also offers DOJ and SEC analyses of hypotheticals involving multiple scenarios in the mergers and acquisitions context (complete with explanations of why the DOJ and SEC would or would not prosecute the successor company). The Guide's lengthy and detailed analysis of successor liability offers an important lesson: the DOJ and SEC are generally more inclined to pursue FCPA enforcement actions against predecessor companies, but will not hesitate to go after successor companies that fail to root out and rectify the sins of such predecessors.
- Alternative Resolutions: Short of actual prosecution and/or civil sanctions, the Guide discusses three other alternative resolutions: deferred prosecution agreements ("DPAs"), non-prosecution agreements ("NPAs"), and declinations. Unfortunately, the Guide does little to help the business community understand how the DOJ decides when to apply one alternative resolution over another. For example, DPAs require the initiation of an actual criminal charge, the resolution of which is deferred and, hopefully, ultimately dismissed after the company pays (usually) a hefty fine and stays out of trouble for a certain period of time. An NPA, on the other hand, is practically identical, but without the initiation of criminal charges; it is simply a contract between a target and the government. While describing the differences between the two agreements, the Guide does nothing to help the reader understand why the DOJ would choose one over the other. Similarly, although the Guide helpfully describes six situations (out of "several dozen" in the past two years) in which the DOJ and SEC have declined to take any action, the facts in those declinations appear to be remarkably similar to situations in which the DOJ has entered DPAs or NPAs. Companies reviewing the Guide will not find any clear criteria that will help them argue that their conduct warrants a declination rather than a DPA or an NPA. Moreover, the examples of declinations are even less helpful in that several of them do not even describe conduct that actually violates the FCPA—referring, for example, to "red flags" and "concerns" rather than "bribes" or "violations." Finally, while the DOJ has adamantly refused to recommend the FCPA be amended to include an affirmative defense of having an effective and robust compliance program, the examples of declinations in the Guide almost all mention the company's compliance practices as a factor in deciding to decline prosecution. This helps reaffirm the conventional wisdom that an effective compliance program will not only help prevent bribery, but will also go a long way toward avoiding criminal sanctions if bribery happens in spite of such programs and policies.