he Foreign Corrupt Practices Act (FCPA) has been in effect for more than 30 years and similar anticorruption legislation in many other countries has been in force for more than a decade. Recently, however, the U.S. Department of Justice (DOJ), the U.S. Securities and Exchange Commission (SEC) and regulators around the world have pursued aggressive and collaborative enforcement to produce a rising tide of indictments, civil enforcement actions, fines, and other penalties.
This new landscape has altered the way corporations conduct international business, bringing serious long-term consequences for violations. Boards and executives who are unprepared to deal with this challenge are increasingly finding themselves in the crosshairs of regulators – and paying a steep price.
Over the past several years, government authorities have extended the focus of their investigations and prosecutions beyond corporate entities to include individual executives. Indeed, in 2009 nearly 70% of the 40 FCPA actions brought by the DOJ and SEC targeted individuals, resulting in fines, jail time, and other penalties – a noticeable increase compared with recent years (see table overleaf). In 2009, the DOJ prosecuted 44 individuals, significantly more than 2008 (11 individuals), 2007 (10), and 2006 (three) combined. The trend of targeting and prosecuting individuals has continued into 2010: in January, the DOJ arrested and indicted 22 individual defendants as a result of a wide-ranging sting operation focused on overseas bribery in the military and law enforcement products industry. Speaking in February this year, Lanny Breuer, Assistant Attorney General for the DOJ, stated: “The prospect of significant prison sentences for individuals should make clear to every corporate executive, every board member, and every sales agent, that we will seek to hold you personally accountable for FCPA violations.”
These developments have given corporate executives the added incentive to exert more oversight and due diligence regarding their company’s operations. Boards and senior executives must get up to speed quickly to protect their corporations – and themselves – from the effects of overseas business corruption and related enforcement actions. To be effective, forward-thinking and responsible board members and senior executives must gain a basic understanding of the FCPA, its application, and the repercussions of violations. Once equipped with this knowledge, board members should verify that their company has implemented the necessary steps to ensure compliance. By taking these actions, a company can avoid the costs associated with violations and, if corruption occurs, have more flexibility to navigate a government investigation.
A Spike in Multinational Enforcement
Until the past several years, the prosecution of overseas business corruption was viewed as a U.S. phenomenon, and principally through the prism of the FCPA. Today, however, some 38 countries have adopted FCPA-like statutes, and many countries have domestic anticorruption legislation that applies to a foreign company and its employees doing business in their country. While the level of commitment to enforcement and collaboration varies among international jurisdictions, there’s no question that countries around the world have taken a more concerted and coordinated international interest in combating commercial corruption, as evidenced by multinational investigations and prosecutions of Alcatel, Siemens, and Statoil. Indeed, in May, a new bribery bill is expected to become law in the UK, which will be even stricter than the U.S. FCPA and will provide for more serious penalties.
In general, the FCPA and similar statutes have three essential elements. First, employees or representatives of companies are prohibited from offering money or anything of value to officials of foreign governments to obtain or retain business. Second, companies are required to keep books and records that are an accurate reflection of their transactions and payments (for example, a payment to a foreign government official must be reflected as such). Third, companies must design and implement internal controls to uncover and prevent FCPA violations. The first element, known as the antibribery provisions, are criminal violations enforced in the U.S. by the DOJ; and the remaining two, known as the books and records provisions, are principally enforced by the SEC.
While enforcement actions under the FCPA by government authorities against global corporations have been rising steadily for several years, prosecutions and penalties reached an all-time high in 2009. The DOJ brought a record 26 actions in 2009, the highest number ever, and the SEC brought another 14. Several recent trends have pushed overseas business corruption and fraud to the forefront:
- There is a growing global awareness that engaging in corrupt activity is an improper way to conduct business.
- Effective FCPA enforcement in the U.S. has required companies to do more to deter and detect overseas business corruption and investigate allegations of improper activity.
- Increased resources for enforcement combined with better cooperation among government agencies around the world have led to more vigorous prosecution.
- Law enforcement is now explicitly targeting individual executives, in addition to companies.
- Regulators are undertaking more creative legal theories to pursue and charge companies and executives.
- Law enforcement agencies are using more aggressive investigative tactics, such as sting operations and wiretaps, to detect and prosecute corrupt behavior.
As a result, government regulators are imposing higher fines while still committing comparatively modest (but growing) resources. Ten years ago, fines and penalties might have ranged from $100,000 to $10 million; they are now much larger. Siemens settled a case for $1.6 billion in 2008, and Halliburton paid a penalty of $559 million in 2009 to settle a case involving its former subsidiary KBR.
The Impact of an FCPA Investigation
Boards and senior executives have an opportunity – and the responsibility – to protect their companies and themselves in the face of increasing global investigation and enforcement of anticorruption legislation. The costs of being unaware or underprepared are substantial: as noted above, the penalties resulting from an FCPA investigation have increased exponentially.
Recent developments have only added to the total financial impact on companies. Government regulators are able to force companies to “disgorge” profits related to corrupt activity, and regulators are pursuing broader, more creative methods to calculate these profits and exact a higher price from companies. Furthermore, companies found guilty of bribery are barred from bidding on contracts with U.S. and European Union governments. (See sidebar, right, “Proactive compliance.”)
Beyond the already formidable fines and penalties, the organizational disruption of mounting a defense against FCPA or similar allegations can be significant, and the legal fees astronomical. There is also the specter of massive collateral litigation, including class-action lawsuits; costs of investigation and remediation, including forensic accountants, investigators and other consultants; reputational damage; and the unappealing and expensive prospect of a third-party monitor to oversee a company’s compliance and reporting efforts. In the Siemens case, U.S. investigators and the company’s own defense attorneys collected more than 100 million documents, necessitating the creation of special facilities in China and Germany to house them all. Siemens’ legal and compliance fees over the course of the litigation reportedly totaled $1 billion.
While more difficult to quantify, the effect of a public FCPA investigation or conviction on a company’s reputation can be substantial. From investors who see a tainted company as a risk not worth taking to executives who don’t want to be associated with corruption, the knock-on effects can be lasting. For the UK defense contractor BAE Systems, the investigation into alleged bribery of Saudi officials to secure a £43 billion defense contract first surfaced in the 1980s. After several years of negative press comment and allegations of UK government intervention in the investigation, the matter was finally brought to a close in 2010 with the payment of fines totaling $445 million.
Of course, a legal settlement is not the end of the story. Companies that have been the target of an investigation must then go to great lengths to rebuild their reputations and demonstrate their commitment to anticorruption measures.
Boards Must Take Action
To mitigate the huge costs and other negative consequences of enforcement actions, board members have a responsibility to ensure their company has taken appropriate measures to deter and detect overseas corruption. By instituting measures such as those outlined below, the organization will be in a good position either to avoid a protracted government investigation or, if one is inevitable, at least manage it on more palatable terms.
Board members and executives in industries targeted by regulators – such as medical devices and supplies, energy and pharmaceuticals – may already be well aware of the FCPA and its overseas equivalents. Leaders at other companies, however, are much less familiar with the risks. All board members and senior executives should be prepared, and should consider the following preventive measures:
Develop an Awareness and Basic Understanding of the FCPA
Board members should be aware that the statute, and foreign counterparts, exist and prohibit a far broader set of activities and conduct than it might initially appear. Proscribed actions go well beyond a simple payment of cash to a government official in exchange for the awarding of a contract. What many companies consider standard sales and marketing practices, for example, might violate the FCPA, especially in countries where the customer is a government agency, state-owned business, or nationalized industry. Similarly, board members and executives must understand their liability for FCPA violations that occur across the entire organization. Although board members and executives don’t need to be well versed in the intricacies and nuances of the FCPA, they should have a thorough understanding given the international regulatory environment. (See sidebar, “How well do you know the FCPA?”.)
Understand Which Parts of Your Organization Are at Greater Risk
This means determining which parts of the company have greater exposure to foreign governments. Anticorruption enforcement activities, by definition, focus on the parts of a company that interact with governments or government officials. Accordingly, board members should identify the company’s core businesses or business segments for which governments, government agencies, or state-owned companies make up a significant percentage of the customer base. Moreover, heavily regulated businesses or those that routinely have substantial “touches” with foreign government officials are inherently riskier and more susceptible to corrupt activity by virtue of their more extensive foreign government contact. Board members would be wise to identify the principal points of intersection between their company and foreign officials.
Certain industries have been singled out for FCPA investigation: oil and gas, pharmaceuticals and medical supplies. Companies that aren’t part of these industries shouldn’t consider themselves absolved from regulatory scrutiny. Indeed, any international business – such as multinational construction companies, real estate investment firms, or defense contractors – that shares key characteristics of the oil and gas or medical-device industries may be targeted in the future, and those companies should be more vigilant, particularly regarding partners, competitors, and third-party representatives.
Moreover, traditional multinational corporations aren’t the only organizations at risk. Large private equity firms might be exposed to increased risk by virtue of their portfolio of a diverse, international set of companies. Some private equity firms are highly decentralized, so the parent has less insight about the portfolio company’s daily operations and conduct. However, the parent has FCPA exposure because it’s legally liable for its operating companies. Given the enforcement climate, the deep pockets of private equity firms may present an attractive target for government regulators.
Understand Which Nations Are High Risk
Executives must be aware that the government officials of some countries have the reputation for accepting bribes as a matter of course to conduct business. Rightly or not, certain countries are commonly deemed to be “high-risk” jurisdictions – those more susceptible to corrupt business practices and the bribery of government officials. Countries that control the largest petroleum reserves, for instance, have been hot spots for foreign bribes. Similarly, in countries with state-run healthcare industries, the business contacts are often direct representatives of the national governments, making them likely targets for corrupt businesses.
Transparency International (TI), a nongovernmental organization, helps to promote awareness about global corruption. As part of its efforts, TI publishes an annual Corruption Perceptions Index that ranks the corruption levels of 180 countries. As the map opposite illustrates, certain countries in each region have gained a reputation for corporate bribery, so board members and senior executives of companies that do business in these places should be on alert.
Examine Company History and Any Previous Allegations
Board members – especially new ones – need to determine whether their company has ever faced significant allegations of overseas commercial bribery, regardless of whether a regulator has been involved.
Moreover, if the company had previously been the subject of an investigation related to the bribery of government officials, find out the underlying issues as well as the result or resolution. Since rooting out corruption in a multinational corporation requires a prolonged effort, violations that have occurred in the past can often indicate other problem areas.
Verify That the Company Has Appropriate Compliance Mechanisms in Place
Executives and board members at global companies with far-flung operations face the daunting task of being responsible – and potentially liable – for the actions of employees around the world. To address this challenge, an organization needs to adopt compliance mechanisms to ensure business conduct consistent with the FCPA, as well as the FCPA equivalents and local anticorruption laws of other countries in which the company has significant operations. Board members should be satisfied that a robust compliance program exists.
In general, CEOs and boards should verify that their company’s anticorruption compliance program is global, consistent, and effectively communicated. Where appropriate, the program should be customized to account for cultural differences and local anticorruption laws.
Board members should also ask whether the company is performing periodic risk assessments of its larger operations in high-risk jurisdictions. These assessments typically involve internal auditors or outside professionals interviewing key personnel in foreign operations, reviewing contracts and other relevant documents, and conducting transactional testing of certain accounts that are more susceptible to corrupt activity. Transaction types that should be tested for indicators of corrupt payment include:
- payments to agents/distributors;
- travel and entertainment expense reimbursement;
- petty cash;
- other expense accounts, such as gifts, political contributions, charitable contributions, seminars and trade shows, educational grants;
- free products; and
- after-the-fact credit memos.
Boards must also ensure their organization has the necessary personnel to address the issue. In many companies, the general counsel or chief financial officer oversees compliance activities. However, given the time required to monitor global operations effectively, and the stakes, larger corporations should have a dedicated global chief compliance officer.
Ensure Robust Due Diligence in Acquisitions of Overseas Businesses
It’s possible to literally “buy” a significant – and costly – FCPA problem, and a number of companies have inadvertently done so. As the global economy recovers and international M&A becomes more active, board members need to make sure their company is conducting robust due diligence on international companies in high-risk industries or countries.
This effort is twofold. First, companies should conduct external due diligence, focusing on the reputation of the target company, its principals and primary agents; understanding any history of improper business practices; and examining relationships with foreign government officials. Second, potential investors or acquirers should analyze the target company’s internal books and records, to identify any red flags for corruption, such as:
- customers that include government entities, such as state-owned companies;
- involvement in any joint ventures with government entities;
- details on the government approvals and licenses a company requires to operate;
- customs requirements in foreign countries; and
- relationships with third-party agents or consultants who interact with foreign officials on the company’s behalf.
Since a company can be liable for the FCPA violations of an acquired company or even a joint venture, companies should rigorously follow a standardized due diligence protocol and procedure for evaluating international growth opportunities.
Promote a Company Culture to Combat Overseas Corruption
The degree to which senior management is truly committed to conducting business honestly sets the tone for the entire organization. A board member can discern how much an organization values ethical conduct by probing, in an appropriate fashion, the views of senior management on the issue.
Companies that actively address global corruption use a wide range of measures to raise awareness among their employees. Encouraging a culture of transparency and vigilance – through a robust FCPA compliance and training program, staff handbooks, and annual training sessions, for instance – will help an organization avoid disregarding issues that could have serious repercussions down the line. If a company has significant operations in high-risk jurisdictions, such training should be done in person. As part of the hiring process, prospective employees should be screened for any relationships to government officials.
Successfully Navigating a Government Investigation
Should a company find itself the target of a government investigation related to overseas business corruption, CEOs and boards need to be aware of their options. By working with FCPA experts, companies can identify the best path forward. Although managing through a government investigation is complex and has many elements, board members and senior executives should engage in several ways:
Take Allegations Seriously
Companies can’t afford to dismiss internal reports of improprieties. Instead, upon the first indication of corruption, executives should dedicate the necessary energy and resources to understand the potential violations, conduct a preliminary and proportionate inquiry, and remediate corrupt activity if it is found to exist.
Assemble an Outside Team of Advisors
In the face of a credible allegation, a company should consider retaining an experienced team that might include legal counsel, a forensic accounting and investigative firm, and communications specialists with expertise in issues management. The board or audit committee should consider counsel and consultants that are independent from the company. It’s important that the forensic accounting and investigative consultant be multidisciplinary, experienced in FCPA and international investigations, and have capabilities across international jurisdictions. Many multinational companies have vetted and retained anticorruption counsel and advisors in high-risk foreign jurisdictions or regions to work proactively on compliance matters, but also in case credible bribery allegations surface. Even if a team of advisors does not need to be fully activated, it’s prudent to have them assembled and prepared.
Conduct a Parallel Investigation
If a government investigation does occur, the company and the board will want to do what they can to understand activity that might pose a problem. While conducting a parallel investigation is appropriate, it should proceed in a way that is not viewed as an act of obstruction by the government. The company must also preserve the evidence – whether witness statements, email and other electronic evidence, or physical documents.
Weigh Up the Benefits of Self-Disclosure
If the company finds that corrupt activity has occurred, one of the key issues is whether to disclose information voluntarily to government authorities. Executives should begin to consider self-disclosure if a preliminary internal investigation uncovers a reasonable basis that the allegations of corruption have merit. The firm’s professional advisors will help the board weigh the pros and cons of disclosing to the government.
While such action is appropriate in many instances, it’s not always required or justified. If a company decides to disclose, however, it must be forthcoming about the violations it has uncovered. Moreover, while self-disclosure can offer a valuable opportunity to negotiate with the government and set parameters for the investigation, the scope of the government investigation is ultimately beyond the company’s control.
Understand Non Prosecution Agreements (NPAs) and Deferred Prosecution Agreements (DPAs)
If the government is inclined to pursue charges, the case may be resolved through an NPA or DPA. An NPA is a contract between the DOJ and a company stipulating that if the company fulfills certain requirements, the government won’t file criminal charges. In a DPA, the government files charges that are then withdrawn once certain conditions are met over a three- to five-year period. Both agreements create incentives for companies to cooperate with government authorities and implement reforms to prevent misconduct. By entering into either agreement, a company can avoid being convicted of a criminal offense. In both an NPA and a DPA, fines are assessed, and often a monitor is assigned to assure compliance with the terms of the agreement. While many aspects of NPAs and DPAs are unappealing, they may be better than having the lasting stain of a criminal violation on the company’s record.
These steps represent a starting point for board members and senior executives as they review their company’s anticorruption efforts. As recent prosecutions have shown, government authorities expect executives and board members to take an active role to ensure compliance. Ignorance of a violation at a subsidiary will not absolve a company – or its leaders – from substantial fines and further compliance measures.
By understanding the full reach of FCPA enforcement actions, board members can protect their company against the effects of overseas business corruption and put their company in the most advantageous position should a government investigation ensue.