When approaching the issue of due diligence in connection with an acquisition, two key strands of diligence usually spring to mind: legal due diligence and commercial due diligence. A third strand of due diligence, which straddles both of the two previous categories relates to anti-bribery and corruption compliance. Whilst this has become more commonplace in the US following a string of successor liability prosecutions for breaches of the Foreign Corrupt Practices Act (FCPA), it is often overlooked in the UK. The purpose behind anti-bribery due diligence is to manage investment risk and to avoid the inadvertent acquisition of liability. A survey carried out by Ernst & Young in 2011, however, indicated that a fifth of companies do not include this as part of M&A due diligence, and a quarter never consider it in a post-acquisition review.1 This article looks at the changing impetus in this area following the introduction of the Bribery Act 2010 (the “Bribery Act”), and considers why this is an issue that should, arguably, play a more prominent role in M&A transactions generally.
The Bribery Act, and its U.S. counterpart the FCPA, are the key pieces of legislation tackling bribery and corruption on a domestic and international basis. Committing an offence under either act can lead to corporate and individual liability, both criminal and civil. For corporate entities, the fines imposed for corrupt conduct can be significant, and the reputational damage and business disruption that comes from being embroiled in an investigation can have long-lasting effects.
In the U.S., it is well established that an acquiring entity may find itself liable for the historic corrupt conduct of an entity that it has acquired. This inheritance of successor liability has been central in making sure that FCPA compliance due diligence is a standard, and important, part of any M&A transaction. Indeed, the U.S. enforcement authorities, the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC), have, in the course of various settlement decisions and published opinions, set out what form that due diligence should take if successor liability is to be avoided.
For instance, the DOJ has indicated that it would generally not impose successor liability for actions of a target that occur pre-closing in circumstances where the acquirer takes significant steps, prior to or immediately after closing, to investigate and remedy any improper conduct, within a maximum of 180 days post-closing.2 This would generally include an obligation to self-report any pre-acquisition conduct discovered, and cooperate in the subsequent investigation.
It is worth noting that liability does not arise solely in the case of share acquisitions. In 2011, the SEC settled an enforcement action against Watts Water Technologies Inc. with regard to the corrupt conduct of its Chinese subsidiary. That subsidiary was acquired by way of an asset purchase. Watts Water has since sued the lawyers representing it in connection with the acquisition on the premise that they were negligent in their failure to conduct adequate due diligence in relation to potential FCPA compliance problems.
In the UK, and in the context of the Bribery Act, there is not yet the same body of case law and experience. The Bribery Act only came into force on July 1, 2011, and as yet there has only been one prosecution of an individual. Whilst the enforcement bodies, such as the Serious Fraud Office (SFO) and the Ministry of Justice (MOJ) have issued guidance on its interpretation and enforcement, until more cases are brought and some of the more contentious points fought out, there remains a degree of uncertainty around aspects of its application.
In terms of how it is likely to impact on M&A transactions, the first point to note is that it is generally accepted that the Bribery Act does not create successor liability for historic acts of corruption that occur prior to the transaction closing. This is because of the nature of the “Corporate Offence” that creates liability on the part of parent companies for the acts of their subsidiaries.
The Corporate Offence is the offence of failing to prevent associated persons from engaging in bribery for the benefit of the corporation in question. The target does not become associated with the acquirer until the deal closes, and prior to that it is difficult to see how the bribery could have been for the benefit of the acquirer - two key elements of the offence. By contrast, the MOJ has made it clear, in its guidance that there may be liability for acquirers for failures in due diligence where there is current or continuing bribery by an acquired company.3
Recognising the importance of this issue, Transparency International (TI) published guidance in May 2012 that addresses due diligence in the context of the Bribery Act. The TI guidance sets out 10 good practice principles for anti-bribery due diligence in mergers, acquisitions and investments (collectively “transactions”). These focus on a risk-based approach to pre-acquisition due diligence, which should be proportionate to the level of risk associated with the target. As such, exactly what is required in any given transaction will be highly fact-specific. It is worth noting, however, that the value of the transaction is generally not a determining factor as to the level of review required - small investments can carry disproportionate risks, and vice versa.
The TI guidance recommends that anti-bribery due diligence should also be commenced at a sufficiently early stage of the transaction to enable the findings to influence the outcome of negotiations, or prompt further investigation where necessary. As noted above, in addition to managing liability, this type of due diligence is also highly relevant to assessing investment risk. Investment risk associated with bribery can include: legal risks (e.g., liability for fines and regulatory action); financial risks (e.g., distorted or falsified data in the accounts); reputational risks (e.g., negative publicity arising from acquiring a corrupt entity); and ethical risks (e.g., the potential that the target’s corrupt conduct will infect the culture within the acquirer). Obviously, the sooner these risks are uncovered, the better placed a potential acquirer will be to determine whether it wants to proceed, what controls it may need to impose, and the degree to which it may want to re-negotiate the price to reflect those risks.
The TI guidance applies equally to M&A transactions and to private equity investments. That said, there remain some doubts as to the extent that private equity investors would be caught by the Corporate Offence. Unless there is a sufficient degree of control by the investor over the target, then the target arguably does not perform services for or on behalf of the investor, so is not an associated person for the purpose of the offence. In January 2012, however, the SFO stated:
“Shareholders and investors in companies are obliged to satisfy themselves with the business practices of the companies they invest in…. It is particularly so for institutional investors who have the knowledge and expertise to do so. The SFO intends to use the civil recovery process to pursue investors who have benefitted from illegal activity. Where issues arise, we will be much less sympathetic to institutional investors whose due diligence has clearly been lax in this respect.”
As this comment alludes to, criminal liability under the Bribery Act is not the only type of liability that an acquirer or investor must give heed to. Even if there is no liability for the acquirer under the Bribery Act for historic corrupt conduct, it may find itself liable under the Proceeds of Crime Act 2002 by virtue of having purchased, or invested in, tainted assets. The revenue stream and assets that accrue to the acquirer may result in the acquirer receiving ‘criminal property’ (i.e. the proceeds of illegal bribery) which is a money laundering offence under POCA.
The recent High Court decision concerning Mabey & Johnson makes it clear that the authorities are prepared to recover proceeds of crime by targeting dividends using the POCA powers of civil recovery. In that case, the parent company, which had no knowledge of its subsidiaries corrupt practices, was found to have failed to exercise “proper control and due diligence” over its subsidiary and ordered to pay £131,201 to reflect share dividends received from the illegally obtained contracts.
This risk, therefore, remains a real one for all acquirers and investors. There will also be both criminal and civil liability for anything that occurs post-closing, and the individuals active in the target pre-closing may still be found individually criminally liable for the historic bribery. To the extent, therefore, that corruption was endemic within a target, and the senior management team was involved, if those individuals are disqualified from acting as directors or, worse still, sent to jail, then the stability of the newly acquired target would be severely undermined.
Obviously, when carrying out any due diligence of this sort, you must be prepared to take the appropriate remedial actions should any wrongdoing be uncovered, particularly once the transaction has already closed. The expectation in the US is that the acquirer will self-report the violations to the enforcement bodies. The TI, MOJ and SFO guidance all make it clear that self-reporting of Bribery Act infringements to the UK enforcement agencies should be equally considered. Self-reporting, however, does not guarantee favourable treatment and the SFO’s revised guidance, published on 9 October 2011, makes it explicitly clear that the SFO may decide to use its criminal powers to tackle infringements that have been voluntarily disclosed to it.
As such, the advisable approach for any entity making an acquisition, particularly when the target operates in a high risk industry or location, would be to follow the approach advocated by the U.S. enforcement bodies. Where possible, anti-bribery due diligence should be carried out in the early stages of the transaction. In circumstances where that is not feasible pre-closing, once the transaction is completed the acquirer should instigate proper reviews, implement suitable policies and procedures and, where necessary take remedial steps to address any existing problems.