The Foreign Corrupt Practices Act is a law much broader than its name suggests. Many FCPA enforcement actions are not foreign in nature and many do not involve allegations of corruption. In the words of the late Gary Coleman – “whatcha talkin bout” (see here).
What I am talking about is the FCPA’s books and records and internal control provisions.
During Congressional investigation, deliberation and consideration of the foreign corporate payments problem in the mid-1970’s, Congress was surprised to learn that existing corporate record-keeping and internal control provisions were deficient to fully capture the domestic and foreign corporate payments that surfaced. The following exchange between Senator Proxmire, Roderick Hills (Chairman, SEC) and Stanley Sporkin (Director of Enforcement, SEC) during a 1976 hearing is instructive.
Senator Proxmire: “[Y]ou stress the fact that … the corporate abuses were accompanied by false or inadequate corporate books and records and that most of the cases involved illegal or improper domestic and foreign payments. Does such falsification of corporate books and records constitute a violation of SEC’s laws or regulations and do they constitute criminal violations?
Hills: I can’t say in all cases.
Sporkin: There is no provision that prohibits just what you stated.
Sporkin: There is no provision that provides, with respect to the kinds of companies we are talking about, that that could be a violation of law.
Senator Proxmire: Well, then, it would seem to me that maybe we ought to consider, as the legislative body for our Government, making it a violation of the law.”
Although the SEC wanted no part in enforcing what would become the FCPA’s anti-bribery provisions, the SEC insisted that any legislation directly addressing foreign corporate payments be supplemented by books and records and internal control provisions. Chairman Hills stated as follows. “I admit that [the provisions make] for dull reading, but these proposals will provide the teeth to assure that problems of this nature are brought to appropriate levels of corporate management and recorded in a manner that makes it far easier for us to discover them.”
Even with the enforcement agencies aggressive and broad theories regarding the FCPA’s anti-bribery provisions, the provisions nevertheless are (as a matter of law) narrowed by elements such as “foreign official” and “obtain or retain business.”
Not so, with the FCPA’s books and records and internal control provisions. They are among the most generic substantive legal provisions one can find and state as follows.
Issuers shall –
(A) make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer [the books and records provisions]; and
(B) devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that – (i) transactions are executed in accordance with management’s general or specific authorization; (ii) transactions are recorded as necessary (I) to permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements, and (II) to maintain accountability for assets; (iii) access to assets is permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences [the internal control provisions].”
As evident from these provisions, enforcement actions can result where the conduct at issue is not foreign and in the absence of corruption allegations.
Case in point are two recent FCPA enforcement actions that you likely never heard about because they are what I have called “non-FCPA FCPA enforcement.”
Recently, the U.S. Attorneys Office (E.D.N.Y.) announced (here) a criminal complaint against FalconStor Software, Inc. alleging that the company conspired to pay more than $300,000 in bribes to executives of J.P. Morgan Chase Bank, N.A. to obtain over $12 million in electronic storage licencing contracts. FalconStor was also charged with conspiring to falsify its corporate books and records to cover up the bribery scheme. According to the DOJ, “the bribes, including the grants of the stock options and restricted shares, were recognized in FalconStor’s books and records, but were falsely recorded as “compensation to an advisor” or as “employment bonuses.” The SEC also brought an action against FalconStar (see here) charging, among other things, violations of the FCPA’s books and records and internal control provisions. In its complaint (here) the SEC alleged, among other things, that the grants of restricted stock and options to various recipients in the bribe scheme were inaccurately characterized on the company’s books and records as consultant or advisor payments for bona fide services, when in fact no bona fide services were provided. The SEC also alleged that several of the expenses were disguised as compensation expenses on the company’s books and records and that other expenses of many of the bribes were reflected on books and records as sales promotion expenses and entertainment expenses.
Another instance of a recent FCPA enforcement action you likely heard little about was against Gold Standard Mining Corp. and certain of its executives. As noted in this SEC release, the SEC alleged that, between 2009 and 2011, Gold Standard filed numerous reports about its purported Russian gold mining operations that were materially false and misleading in various respects. Among other things, Gold Standard represented that it had acquired a Russian gold mining company known as Ross Zoloto Co., Ltd. (“Ross Zoloto”), but did not inform investors that it had agreed to allow the prior owner of Ross Zoloto to keep profits from existing operations or of issues surrounding Russian government registration or approval of the business combination. Among other things, in the complaint (here) SEC alleged as follows. “Gold Standard failed to devise and maintain a system of internal accounting controls. For example, Gold Standard did not have a means to verify the amount of gold produced; it did not have a means to determine the costs of producing the gold that was sold; it did not maintain records of inventory; it did not have independent access to Ross Zoloto’s bank statements and transactions; and it did not have a method for accessing the Russian accounting system used by Ross Zoloto or to close the books quarterly and create trial balances. It did not have copies of accounting policies or methods used to create the Russian accounting records to enable any U.S. accountants it retained to be able to convert the Russian accounting records accurately into financial statements in conformance with GAAP. As the chief executive officer of Gold Standard, Zachos knowingly or recklessly failed to implement a system of internal controls at Gold Standard…”.
Such instances of non-FCPA FCPA enforcement actions as noted above (and numerous other examples could be cited as well) raise the question – do companies view the FCPA books and records and internal control provisions holistically or through the narrow window of foreign operations and anti-bribery risk assessment? Do companies with a low FCPA bribery risk profile nevertheless provide training and adequate compliance resources to purely domestic FCPA books and records and internal control issues? If not, why not? Is too much focus in the FCPA space devoted to foreign corrupt practices and not enough focus on the more generic books and records and internal control provisions?
After all, the FCPA is a law much broader than its name suggests.