Top Menu

Did An FCPA Enforcement Action Contribute to a Foreign Coup?

Law firms crank out FCPA news releases, client alerts, etc. all the time to inform clients and potential clients about FCPA risks or the who, what, and where of a recent enforcement action ending with a few compliance lessons.

These pieces are informative, but rarely do they raise provocative questions.

That is, until Gregory Paw’s (Pepper Hamilton LLP) recent piece (see here) in which he asks whether the Latin Node FCPA enforcement action in the U.S. contributed to the June 2009 coup of Honduran president Manuel Zelaya.

By way of background, in April 2009, DOJ announced (see here) that Latin Node, Inc. (a privately-held telecommunication services company headquartered in Miami) pled guilty to violating the FCPA’s anti-bribery provisions in connection with improper payments made to officials in Honduras and Yemen in order to obtain and retain business. The criminal information (see here) details Latin Node’s efforts to obtain and retain business with Hondutel (the Honduran government-owned telecommunications company) and charges that despite recognized “financial weaknesses” in Latin Node’s proposal, Hondutel ultimately selected Latin Node for the agreement because of various improper payments Latin Node made or authorized to various Honduran “foreign officials.”


Hungry for more?

Yesterday, Magyar Telekom, the leading Hungarian telecommunications service provider with shares traded on a U.S. exchange, issued what is perhaps the longest, most detailed press release ever about a potential FCPA issue (see here).

The potential issue was first voluntarily disclosed in February 2006 (see here – p. 14) and yesterday the company announced that it’s Audit Committee issued the final report of FCPA’s counsel investigation.

I will leave it for you to think about potential application of the issues/questions I raised earlier this week in this post.

A Trip Around the World

Grab your bags and your passport, it’s time for a quick trip around the world.

First stop, Germany.


In December 2008, Siemens (a global corporation organized under the laws of Germany with shares listed on the New York Stock Exchange since March 2001) agreed to pay $800 million in combined fines and penalties to settle FCPA charges for a pattern of bribery the Department of Justice (“DOJ”) termed “unprecedented in scale and geographic scope.” The combined fines and penalties were easily the largest ever levied against an FCPA violator.

This week, Siemens announced (see here) that it “has come to an agreement about settlements with six further former Board members against whom damages were claimed in connection with past cases of corruption in the company.” See (here) for press coverage.

Next stop, the U.K.

SFO Charges Former DePuy Executive

The U.K.’s Serious Fraud Office (“SFO”) (an enforcement agency similar to the U.S. DOJ), recently announced (see here) that Robert John Dougall, the former Vice President of Market Development of DePuy International Limited was charged with conspiracy for “making corrupt payments and/or giving other inducements to medical professionals working in the Greek public healthcare system.” The SFO has previously indicated (see here) that it seeks to generally model DOJ’s enforcement strategies, and that model now seems to include a broad interpretation of the potential universe of recipients of improper payments (i.e. not just core government officials, but also employees of public healthcare systems). There is greater cooperation between law enforcement agencies around the world in investigating cases of alleged improper payments, a fact highlighted by the SFO release which notes that the case “was referred to the [SFO] by the [DOJ] and accepted in March 2008.” Depuy (see here) is “part of the Johnson & Johnson family of companies.” In February 2007, Johnson & Johnson disclosed a potential FCPA issue and the company’s most recent announcement on the issue is in its November 2009 10-K filing (see here).

Next stop, Australia.

Money to Print Money

The Age of Melbourne has reported (see here) that Securency International (see here) and certain of its executives are being investigated by the Australian Federal Police for alleged breaches of Australia’s criminal code which prohibit payments to foreign government officials to obtain a business advantage. According to the article, Securency (according to its website – a world leader in secure polymer substrate technology and the supplier of a range of unique substrates which are used for the printing of banknotes and other security documents), is also under scrutiny in the U.K., Vietnam, and Nigeria. The article notes that the Securency matter could be Australia’s first prosecution for foreign bribery.

Final stop, the beaches of the Bahamas.

Kozeny Extradition Hearing

While Frederic Bourke (see here) prepares his appeal, Viktor Kozeny, the alleged master-mind of the bribery scheme, continues to enjoy life in the Bahamas as U.S. government attempts at extradition have thus far failed. This week, the U.S. government’s appeal hearing was heard in the Bahamas. See here for press coverage.

Voluntary Disclosures and the Role of FCPA Counsel

Dyncorp International Inc. (“Dyncorp”), a provider of “specialized, mission critical professional and support services for the U.S. military, non-military U.S. governmental agencies and foreign governments” (according to its recent 10-Q filing) (see here) recently disclosed a potential FCPA issue.

Page 19 of its filing states:

“We have identified certain payments made to expedite the issuance of a limited number of visas and licenses from foreign government agencies that may raise compliance issues under the U.S. Foreign Corrupt Practices Act. The payments, which we believe totaled approximately $300,000 in the aggregate, were made to sub-contractors in connection with servicing a single existing task order that the Company has with a U.S. government agency. We have retained outside counsel to investigate these payments. We are in the process of evaluating our internal policies and procedures and are committed to improving our compliance procedures. During the past week, we voluntarily brought these matters to the attention of the U.S. Department of Justice and the Securities and Exchange Commission. We cannot predict the ultimate consequences of these matters at this time, nor can we reasonably estimate the potential liability, if any, related to these matters. However, based on the facts currently known, we do not believe that these matters will have a material adverse effect on our business, financial condition, results of operations or cash flow. We have not recorded any reserves with respect to this matter.” (emphasis added).

This disclosure, along with the more recent disclosure that Dyncorp’s Senior Vice President, Chief Compliance Officer and Executive Counsel was terminated (see here) has been covered by the Wall Street Journal (see here and here) and has been discussed elsewhere (see here).

I inject the following question/issue into the conversation (so to speak).

Why did Dyncorp voluntarily disclose to DOJ/SEC conduct that is arguably not even a violation of the FCPA? More broadly, what do such voluntary disclosures of potential FCPA issues say about the potential conflict of interests FCPA counsel has in advising companies as to the important disclosure issue.

First things first.

As readers of this blog likely know, many FCPA enforcement actions result from voluntary disclosures companies make to DOJ and (if an issuer) to SEC.

The reason?

There are some “carrots” out there.

First, “The Principles of Federal Prosecution of Business Organizations” (see here) (a.k.a. the former Thompson Memo which is now included in the US Attorney Manual) state that one of the factors a prosecutor should consider in deciding whether to criminally charge a company is the “value of cooperation” and the “corporation’s timely and voluntary disclosure of wrongdoing and its cooperation with the government’s investigation…” (see 9-28.700).

Second, Chapter Eight of the Federal Sentencing Guidelines (specifically s. 8C2.5(g)) (see here) will reduce an organization’s “culpability score” (which is key in calculating a company’s fine upon conviction as well as the company’s fine in a settlement) if: “the organization (A) prior to an imminent threat of disclosure or government investigation; and (B) within a reasonably prompt time after becoming aware of the offense, reported the offense to appropriate governmental authorities, fully cooperated in the investigation, and clearly demonstrated recognition and affirmative acceptance of responsibility for its criminal conduct”

See (here) for what Assistant AG Breuer recently told an FCPA audience about voluntary disclosure.

A company deciding whether or not to voluntarily disclose to the government will thus have to weigh the risk of the government finding out about the conduct in the absence of the company’s voluntary disclosure (and thus likely assume the risk of a harsher fine/penalty) vs. voluntarily disclosing the conduct to the government, yet being able to take advantage of the above mentioned “carrots”.

In weighing these options in the face of evidence of an actual FCPA violation, companies often choose the voluntary disclosure route – although the merits of the voluntary disclosure route and how to assess the leniency are issues subject to debate.

The weighing of these options when confronted with evidence of an actual FCPA violation is one thing.

However, and as demonstrated by Dyncorp’s recent disclosure, companies often also voluntarily disclose conduct to DOJ/SEC that may only potentially violate the FCPA.

Perhaps the analysis is similar to that above; however, is there any other area of law where companies (and their counsel) race to Washington to tell the government not about an actual violation of law, but merely about a potential violation of law (save perhaps for the DOJ’s antitrust leniency program (see here) which nevertheless involves actual violations)?

Before addressing the issue of what potential conflict of interest FCPA counsel may have in advising companies as to the important disclosure issue (particularly where the disclosure merely involves a potential FCPA violation), a bit about why the conduct Dyncorp disclosed is arguably not even a violation of the FCPA.

I’ve written before (see here) about the Fifth Circuit’s decision in U.S. v. Kay, 359 F.3d 738 (5th Cir. 2004) on the FCPA’s obtain or retain business element and how the court concluded that payments to customs officials to reduce customs duties and sales tax could fall within the FCPA, but that such conduct does not automatically constitute an FCPA violation. The Kay case is one of the few instances in which a court has rendered a substantive FCPA decision.

Post-Kay there has been an explosion in FCPA enforcement actions involving payments made to secure foreign government licenses, permits, and certifications or otherwise involving custom duties and the like. However, because these enforcement actions have not been contested, it remains an open question as to under what circumstances such payments can indeed satisfy the FCPA’s obtain or retain business element.

Dyncorp’s disclosure (“[w]e have identified certain payments made to expedite the issuance of a limited number of visas and licenses from foreign government agencies”) involves the type of payments at issue in Kay and one reason why the conduct Dyncorp disclosed is arguably not even a violation of the FCPA is the equivocal nature of the Kay decision (the only case law on this subject).

Here is the real head-scratcher though.

The Dyncorp payments were not made in order to obtain or retain business with any foreign government or foreign government entity, but rather assisted Dyncorp obtain or retain business with the U.S. government.

Has there ever been an FCPA enforcement action where the questionable payments were made to assist the payor in obtaining or retaining business with the U.S. government? To my knowledge no, and if anyone is aware of such an enforcement action please do let me know.

True, the DOJ’s “Lay-Person’s Guide to the FCPA” (see here) (the DOJ’s interpretation of the statute) notes “that the business to be obtained or retained does not need to be with a foreign government or foreign government instrumentality.”

However, as the Kay court noted, the payments still need to be in connection with foreign business (i.e. seemingly not business with the U.S. government).

The Kay court framed the issue as follows: “…how attenuated can the linkage be between the effect of that which is sought from the foreign official in consideration of a bribe (here, tax minimization) and the briber’s goal of finding assistance or obtaining or retaining foreign business with or for some person, and still satisfy the business nexus element of the FCPA?” (emphasis added).

Later in the opinion, the Kay court framed the issue as follows: “…the question whether the defendants’ alleged payments constitute a violation of the FCPA truly turns on whether these bribes were intended to lower ARI’s cost of doing business in Haiti enough to have a sufficient nexus to garnering business there or to maintaining or increasing business operations that ARI already had there, so as to come within the scope of the business nexus element as Congress used it in the FCPA.” (emphasis added).

In holding “that Congress intended for the FCPA to apply broadly to payments intended to assist the payor, either directly or indirectly, in obtaining or retaining business for some person, and that bribes paid to foreign tax officials to secure illegally reduced customs and tax liability constitute a type of payment that can fall within this broad coverage” (emphasis added), the Kay court still nevertheless focused on business in a foreign country (… “the FCPA’s legislative history instructs that Congress was concerned about both the kind of bribery that leads to discrete contractual arrangements and the kind that more generally helps a domestic payor obtain or retain business for some person in a foreign country…) (emphasis added).

The Kay court’s focus on foreign business is consistent with the FCPA’s extensive legislative history which also focuses on payments made to secure foreign business, not business with the U.S. government.

This provides another reason why Dyncorp’s disclosure of “certain payments made to expedite the issuance of a limited number of visas and licenses from foreign government agencies” in “connection with servicing a single existing task order that the Company has with a U.S. government agency” is arguably not even a violation of the FCPA.

So the question remains, why did Dyncorp disclose this conduct – conduct that could only potentially violate the FCPA?

This leads to the final issue/question – what potential conflict of interest does FCPA counsel have in advising companies as to the important disclosure issue (particularly where the disclosure only involves a potential FCPA violation)?

By raising this issue/asking this question, I am not accusing Dyncorp’s counsel of anything (I don’t even know which firm is representing Dyncorp). Rather, I ask this question in the context of the Dyncorp’s disclosure because it seems to present (for the above reasons) the perfect “case” in which to raise this lurking issue / ask this lurking question (even though the same question could legitimately be asked in connection with other corporate voluntary disclosures of conduct that could potentially violate the FCPA).

It truly is the “elephant in the [FCPA] room” in my estimation.

Here is the potential conflict of interest as I see it. FCPA counsel has every incentive (it would seem) to nudge a corporate client to make the disclosure.

Simply stated, no disclosure, the “case” (for all practical purposes) is over and thus no more billable hours.

Conversely, with the disclosure the “case” continues meaning more billable hours.

Often times if a voluntary disclosure is made the “case” continues for several more years as DOJ (and if applicable) SEC will demand a wide range of factual information and documents involving the conduct at issue.

Morever, often times the “case” gets expanded because a favorite question of the enforcement agencies is something along the following lines – “if Business Unit A was involved in this conduct in Country A, how do we know that Business Unit A was not also involved in this conduct in Country B, and, more broadly, how do we know that the Company (in general) was also not involved in this same conduct in Countries C,D, and E (all FCPA high-risk jurisdictions)?

Because cooperation with the government’s investigation is a prominent factor a prosecutor weighs in deciding whether to criminally charge a business entity under the above described “Principles of Prosecution”, a corporate client invariably (yet reluctantly) will accept FCPA’s counsel’s recommendation to broaden the “case” to demonstrate cooperation with the DOJ/SEC’s investigation.

Next thing the company knows, it is paying for a team of lawyers (accompanied by forensic accountants and other specialists) to travel around the world to answer DOJ/SEC’s questions even though the voluntary disclosure that got this whole process started involved conduct that may not actually violate the FCPA.

Because FCPA counsel’s “worldwide review” will often not be deemed credible unless it comes back to DOJ/SEC with at least something of concern or suspicion, FCPA counsel will often disclose several small, non-material, practically meaningless issues which also could potentially violate the FCPA.

DOJ/SEC, to demonstrate the thoroughness of its investigation, will often include these “tag-along” facts in the ultimate resolution documents (most often a non-prosecution or deferred prosecution agreement).

Thus, disclosure often times leads to significantly more work, and more billable hours for FCPA counsel. Because FCPA counsel is able to demand premium billing for its services given the high-profile, sensitive nature of the issue, the disclosure decision is literally a several hundred thousand / multimillion dollar issue for FCPA counsel and could mean the difference between several more months / years of work and no additional work.

To be clear, I am not suggesting any actual conflict of interest by Dyncorp’s counsel (or any other FCPA counsel for that matter).

Rather, I am pointing out that a potential conflict of interest is present in FCPA counsel’s disclosure advice given the significant difference in billable hours hinging on the disclosure decision.

This potential conflict of interest is hardly ever discussed, and this is not surprising given that few “outside” of the FCPA bar (given the opaque nature in which FCPA enforcement actions are resolved) even know how the disclosure and resolution process actually works to ask the question.

Here is another issue that is hardly ever discussed.

The same enforcement officials who often encourage the voluntary disclosure route, and speak of the credit that will be given to a company when it voluntarily discloses, are the same individuals who often rotate in and out of government service and the FCPA bar. Again, I am not suggesting any actual conflict of interests by these individuals.

However, these potential conflict of interest issues (i.e. the “elephants in the [FCPA] room”) should not be shoved aside in analyzing why there are so many FCPA voluntary disclosures (including of conduct that may only potentially violate the statute) and why FCPA enforcement is indeed the unique creature that it is.


Most FCPA enforcement actions against companies are resolved through a non-prosecution or deferred prosecution agreement (NPA’s / DPA’s).

Many NPA’s / DPA’s require the company to engage a compliance monitor for a set time period (generally 2-4 years).

Although monitors are not the “rage” they used to be a few years ago, recent FCPA enforcement actions against Control Components, Inc., KBR/Halliburton, and Siemens have included some form of a compliance monitor.

In a recent speech to an FCPA audience, Assistant AG Breuer (see here) indicated that:

“In appropriate cases, [DOJ] will also continue to insist on a corporate monitor, mindful that monitors can be costly and disruptive to a business, and are not necessary in every case. That said, corporate monitors continue to play a crucial role and responsibility in ensuring the proper implementation of effective compliance measures and in deterring and detecting future violations.”

Those interested in corporate monitors (whether in the FCPA context or otherwise) will want to review a recent report on monitors from the Government Accountability Office. (see here).

Among other interesting numbers are the following:

Since 1993 through September 2009, DOJ has entered into 152 NPA’s or DPA’s.

Of the 152 agreements, 48 required the appointment of a compliance monitor.

What does it take to become a monitor? A DOJ background certainly doesn’t hurt. GAO found that of the 48 NPA’s or DPA’s that required the appointment of a monitor, 42 different individuals were selected. Of those 42, 23 (approximately 55%) were former DOJ officials, something many find controversial in that a prior DOJ position could affect the monitor’s independence and impartiality.

Although the GAO report does not specifically discuss (or identify) the monitors in FCPA enforcement actions, a May 2008 DOJ letter to the House Judiciary Committee (see here) does list corporate entities along with the monitor appointed. To my knowledge, the following were FCPA enforcement actions: Aibel Group/Vetco Ltd., Baker Hughes, Ingersoll Rand, InVision Technologies, Micrus, Monsanto, Paradigm, Schnitzer Steel, Statoil, and York.

To see what one of those “FCPA monitors” has to say (here) is the excerpt from the Corporate Crime Reporter interview.

If the SEC Was An Issuer …

The FCPA’s books and records and internal control provisions require issuers (i.e. publicly-traded companies) to: (i) “make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer;” and (ii) devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that (among other things) transactions are executed in accordance with management’s general or specific authorization, transactions are recorded as necessary to maintain accountability of assets, and access to assets is permitted only in accordance with management’s general or specific authorization.

The SEC enforces these provisions against issuers.

Often times, the SEC enforces these provisions against issuers aggressively (see here and here).

It seems to not matter to SEC enforcement officials whether the improper recording in the company’s books or records occurred at a far flung, fifth-tier subsidiary by a rogue employee or whether the issuer actually had knowledge that a far flung subsidiary was engaged in improper conduct.

The SEC’s position is that if the far-flung subsidiary’s financial results are consolidated with the parent company issuer’s financial results for purpose of financial reporting, then the subsidiary’s violation is the issuer’s violation.

Further, it seems to not matter to SEC enforcement officials whether the violation resulted from a rogue employee acting contrary to clearly articulated and well communicated company policies and procedures prohibiting the improper conduct because, after all, if the company’s internal controls were effective, rogue employees would not exist or, if they do exist, proper controls would be put in place to monitor their behavior before it occurred.

Every so often, it is fun to spend a few moments in “hypothetical land.”

The issue in “hypothetical land” today is – if the SEC was an issuer.

If the SEC was an issuer, it would have some serious FCPA books and records and internal control issues to deal with as a result of the Government Accountability Office’s (“GAO’s”) recent “Financial Audit – Securities and Exchange Commission’s Financial Statements for Fiscal Years 2009 and 2008” (see here).

As detailed in the audit, the GAO “identified six significant deficiencies that collectively represent a material weakness in SEC’s internal control over financial reporting.” In short, the GAO concluded that “SEC’s internal control over financial reporting was not effective as of September 30, 2009.”

Most notably, the GAO found material weaknesses that have: (i) “resulted in unsupported entries and errors in the general ledger”; (ii) “ineffective financial reporting controls and general ledger system reporting limitations”; and (iii) “ineffective processes and related documentation concerning budgetary transactions.” (p. 5).

Among other specifics, in terms of the general ledger system and the supporting processes the SEC uses to prepare its financial statements, the GAO found that:

“unauthorized personnel can view, manipulate, or destroy data” (p. 64);

SEC controls to compensate for the general ledger limitations “are cumbersome and largely detective nature, increasing the risk that errors or fraud that could result in a misstatement to the financial statements would not be prevented” (p. 65);

in connection with deposit account activity, the SEC’s processes are “labor-intensive” and that “it does not have dedicated resources assigned to address this issue” (p. 69); and

“obligations […] were not always recorded timely and were not always supported by documentation evidencing the obligation as having been approved by an authorized individual” (p. 70).

Under the FCPA, not only is it important for issuers to have effective internal controls, but issuers must also monitor those internal controls to make sure that they are effective.

The GAO was critical of the SEC on this score as well.

The report notes:

“We also identified weaknesses in SEC’s monitoring process which indicate a lack of effective oversight of controls. Management’s monitoring of controls should include whether the controls are operating as intended and include an assessing of the design and operation of controls on a timely basis and taking necessary corrective actions. As discussed previously, we found that SEC’s monitoring procedures did not address all identified risks. Further, SEC’s management oversight was not sufficient given the frequency and sensitivity of the control activity, and monitoring procedures were not always completed in accordance with SEC’s stated testing plan.” (p. 71-72).

According to the GAO – “[b]ecause of inherent limitations, [the SEC’s] internal control[s] may not prevent or detect and correct misstatements due to error or fraud, losses, or noncompliance.” (p. 8).

Because of the above identified deficiencies, if the SEC was an issuer – would: (i) the SEC’s main DC office be strictly liable for branch office deficiencies; (ii) the SEC disgorge all of its “profits” connected (no matter how remotely) to the improper recording or the deficient internal controls; and (iii) would high-level SEC officials be accountable under “control person” theories for the books and records and internal control violations?

As readers of this blog know, all of the above “theories” are straight from recent SEC enforcement actions against issuers.

So next time an FCPA practitioner and his/her corporate client representative are seated across the table from an SEC enforcement official who asks, “how could this payment have not been recorded properly in subsidiary X’s books and records, how could the issuer not put in place effective internal controls, how could those controls not be monitored and assessed, etc. etc.” the most candid response just might be “I don’t know, you tell me – such issues happen at the SEC as well.”

One more thing, when enforcing the FCPA’s books and records and internal control provisions against issuers, the SEC insists on remedial measures and wants to see evidence of those remedial measures being put into place “yesterday.” An issuer comment, such as “this takes time,” would likely fall on deaf ears.

Yet, here is what SEC Chairman Mary Schapiro had to say about the GAO report and its findings of various deficiencies: “some deficiencies are likely to be resolved during the first half of FY 2010, while others – which have been the result of long-term and growing constraints affecting our information technology and human resources – will take longer to fully resolve.” (p. 29). This statement was also repeated by Kristine Chadwick, SEC CFO and Associate Executive Director (p. 33).

Alas, time to come back to reality, the SEC is not an issuer, but a couple minutes in “hypothetical land” does provide some useful perspectives as to the SEC’s enforcement of the FCPA’s books and records and internal control provisions.

Powered by WordPress. Designed by WooThemes