Last year, the U.S. Securities and Exchange Commission (“SEC”) and Department of Justice (“DOJ”) collected over $1.5 billion – a record amount – from companies and individuals in connection with enforcement of the Foreign Corrupt Practices Act (“FCPA”). Enforcement actions have been brought for conduct as seemingly innocent as running an internship program which included relatives of foreign government officials. As the SEC and DOJ continue to push the limits of the FCPA and aggressively pursue and sanction companies and executives for FCPA violations, it is important for U.S. companies and individuals doing business outside the U.S. or with foreign entities to understand the scope of prohibited conduct, the potential sanctions that may be imposed, and steps that could reduce the risk of violations and minimize sanctions and exposure.
Overview of the FCPA
The FCPA has two primary types of provisions: anti-bribery and accounting. The anti-bribery provisions apply to U.S. business entities and issuers of securities listed on U.S. stock exchanges (and their employees, officers, and directors), U.S. citizens and residents, and certain foreign nationals or entities engaging in prohibited acts in the U.S. The provisions prohibit the offering or providing, directly or through a third party, of anything of value to a foreign government official with corrupt intent to influence an award or continuation of business or to gain an unfair advantage. The accounting provisions essentially make it illegal for a company that reports to the SEC to have false or inaccurate books or records or fail to maintain a system of internal accounting controls.
The FCPA’s definition of “foreign official” is interpreted broadly by the SEC and DOJ and includes even low-level employees of government owned or controlled companies, ventures, and instrumentalities. Recent enforcement actions demonstrate that prohibited “bribes” can take many forms, including payments of cash, travel and entertainment expenses, and the giving of extravagant gifts or a series of smaller gifts. To constitute a violation, however, the FCPA requires proof of “corrupt intent” – an intent to wrongfully influence the recipient. For individual criminal liability, the actor must act “willfully” – with knowledge that the conduct is unlawful. For corporate criminal liability or civil liability, proof of willfulness is not required provided there is proof of corrupt intent. An FCPA violation is committed by merely making the offer; an actual payment of a bribe is not required.
Sanctions and remedies may include civil penalties such as disgorgement of ill-gotten gains, additional reporting obligations, required oversight by an independent consultant, criminal penalties such as fines and imprisonment, and deferred prosecution arrangements. The SEC and DOJ have been increasingly aggressive in pursuing charges against individuals when warranted, and the FCPA prohibits employers from paying civil penalties assessed against individual employees, officers, or directors.
The FCPA is not without limits, however. In U.S. v. Lawrence Hoskins, No. 12-cr-238, 2015 U.S. Dist. LEXIS 106802 (D. Conn. Aug. 13, 2015), the Connecticut District Court recently held that a non-U.S. person who is not an agent of a U.S. entity and commits no acts in the U.S. is not subject to FCPA liability and cannot be charged with conspiring to violate the FCPA or aiding and abetting a violation. In addition, parties may defend against FCPA charges by arguing that there was no proof of corrupt intent, the subject payment or gift was of nominal value, the recipient was not a foreign official, the actor was not an issuer or domestic concern, the payment was lawful under applicable local laws, or the payment was a bona fide expense or was related to the execution of a bona fide contract.
In the past several years, there has been a growing global emphasis on anti-corruption enforcement, with many countries in the world joining as parties to conventions such as the OECD Anti-Bribery Convention and the UN Convention Against Corruption, and increasing their own enforcement efforts and legislation (for example, the very broad U.K. Bribery Act 2010). Global cross-border cooperation in bribery and anti-corruption investigations has become increasingly common, with the SEC and the DOJ often working with foreign authorities on FCPA or foreign law anti-corruption matters (in some cases involving parallel investigations or enforcement actions).
Recent FCPA-Related Actions and Settlements
- On October 5, 2015, Bristol-Myers Squibb (BMS) paid $14 million to settle charges that its joint venture in China made cash payments and provided other benefits, including jewelry, meals, travel, entertainment, and sponsorships for conferences and meetings, to health care providers at state-owned and state-controlled hospitals in exchange for prescription sales. In the consent order, the SEC found that BMS failed to respond to “red flags,” did not investigate indications of compliance gaps, and was slow to remediate gaps in its internal controls system. This case highlights the importance of a robust internal control system and prompt investigation of potential violations.
- In September 2015, Hitachi, Ltd. agreed to pay $19 million to settle SEC charges that it inaccurately recorded improper payments to South Africa’s ruling political party in connection with contracts to build two multi-billion dollar power plants. The SEC’s complaint alleged that Hitachi partnered with an entity it knew to be a funding vehicle for the African National Congress and paid “success fees” to the entity to help obtain government contracts from a public utility owned and operated by the South African government.
- In August 2015, Avon Products Inc. entered into a $62 million settlement to resolve a private securities class action suit brought by shareholders relating to FCPA violations involving the provision of gifts, meals, and entertainment to Chinese government officials from an Avon subsidiary. This followed Avon’s December 2014 FCPA-related settlement with the SEC for $135 million.
- In August 2015, The Bank of New York Mellon (BYNM) settled SEC charges that it provided student internships to family members of foreign government officials affiliated with a Middle Eastern sovereign wealth fund in order to win or retain contracts to manage and service the assets of the fund. BNYM agreed to pay $14.8 million as part of the settlement. This matter demonstrates that an offer to provide intangible items of value (here, valuable student internships) may lead to FCPA scrutiny or charges.
- In August 2015, a former sales executive for SAP International, Inc. pled guilty to criminal FCPA violations and settled charges brought by the SEC alleging that he bribed Panamanian government officials to procure software license sales. The executive agreed to pay a total of $92,395 in disgorgement and interest and is due to be sentenced in December 2015.
- In February 2015, Goodyear Tire & Rubber Company agreed to pay more than $16 million to settle SEC charges that it failed to prevent or detect more than $3.2 million in bribes during a four-year period due to inadequate FCPA compliance controls at its subsidiaries in Africa. The SEC alleged that Goodyear’s subsidiaries in Kenya and Angola paid bribes to employees of government-owned entities as well as other local authorities such as police or city council officials. In announcing the settlement (which included disgorgement of profits but no civil penalty component), the SEC credited Goodyear’s “self-reporting, prompt remedial acts, and significant cooperation with the SEC’s investigation.”
- In January 2015, the SEC entered into a deferred prosecution agreement with a Tampa, Florida engineering firm, PBSJ Corporation, with PBSJ agreeing to pay $3.4 million for FCPA violations relating to the bribery and employment of foreign officials to secure Qatari government contracts. In agreeing to defer prosecution, the SEC emphasized the prompt reaction by the company to stop the misconduct and its cooperation with the SEC’s investigation. The responsible PBSJ officer was charged with FCPA violations and, without admitting or denying the charges, agreed to pay a penalty of $50,000.
These developments serve as a reminder for companies operating internationally of the risk of FCPA liability, and the need to understand the scope of conduct prohibited by the FCPA and ways to mitigate civil and criminal exposure. While companies are encouraged to consult counsel regarding FCPA compliance initiatives and enforcement issues, the following are some best practices to keep in mind:
- Companies with any international business component should have a formal written FCPA compliance policy. It should be clearly and forcefully articulated and include mechanisms for reporting and remediating potential violations. Companies with significant international operations should implement a stand-alone FCPA compliance policy, rather than relying solely on provisions contained in their code of ethics or general policy manual.
- The policy should explain the scope and applicability of the FCPA, prohibited conduct, possible sanctions, the identification of red flags, due diligence required for dealing with third parties and agents, and procedures for reporting concerns or possible violations. It should make clear that there cannot be retaliation against whistleblowers. The policy should also address other U.S. laws which prohibit commercial bribery such as the Travel Act, and applicable foreign laws such as the U.K. Bribery Act 2010.
- The policy should be distributed to all employees, directors, and officers, and companies should consider posting it on the company’s network or website. The policy should include periodic training for all directors, officers, and employees with responsibilities relating to international operations. Companies should maintain records certifying compliance with the training requirements. Increasingly, companies are including FCPA compliance as part of their due diligence processes in connection with transactions and agreements with vendors and other parties, and may request a certification of compliance.
- Companies must thoroughly understand their international operations and assess the risk of FCPA violations in particular businesses and industries and in certain global regions.
- Companies with significant international operations should consider establishing an executive-level FCPA Review Committee or FCPA Compliance Officer to manage and review FCPA compliance and training, and to stay abreast of legal developments. As part of an internal audit or compliance program, companies might consider periodic audits and evaluations of their FCPA policies.
- If possible violations are identified or formal allegations are received, companies must act swiftly to investigate, cease improper conduct, and prevent any further violations. Companies should consider voluntary disclosure of FCPA violations to the federal government which may mitigate exposure to enforcement action or sanctions. Public companies will also need to evaluate their disclosure obligations.
- Cooperation with authorities can significantly reduce liability for companies accused of an FCPA violation. However, the SEC or DOJ may not consider voluntary disclosure of corporate misconduct, without more, to be true and full cooperation.
For more information concerning the matters discussed in this publication, please contact the authors Matthew D. Dunn (212-238-8706, firstname.lastname@example.org) or Theodore Y. McDonough (212-238-8788, email@example.com), Gary D. Sesser (212-238-8820, firstname.lastname@example.org) or your regular CL&M attorney.