Top Menu

In The Words of Stanley Sporkin

Stanley Sporkin, as Director of the SEC’s Division of Enforcement in the mid-1970’s, played a key role in addressing the foreign corporate payments issues being investigated by Congress and in shaping what would become the FCPA’s books and records and internal control provisions.  Calling Sporkin the “Father of the FCPA” (as many have) is, in all due respect, a bit of an overstatement as Sporkin’s SEC was not in favor of what would become the FCPA’s anti-bribery provisions and wanted no part in enforcing those provisions.  Nevertheless, Sporkin was a key participant, and has remained a key player, on FCPA issues throughout his storied career.

Sporkin has been talking about FCPA reform for years – long before the U.S. Chamber released its FCPA reform proposals in October 2010.

Thanks to a reader, we can all read some of Sporkin’s early FCPA reform speeches.

In a 2004 speech (here), Sporkin spoke of the SEC stumbling upon the foreign payments issue in connection with its Watergate-related investigations.  The FCPA was not a singular outgrowth of Watergate –  Congress was already actively investigating allegations of overseas bribery and corruption separate and apart from the Watergate scandal – yet Watergate is nevertheless relevant to the FCPA’s origins.  In his speech, Sporkin also talks about the relationship between the FCPA and Sarbanes-Oxley Section 404 (a hot-button issue in 2004 when Sporkin delivered the speech).  As to “Next Steps,” Sporkin stated as follows.  “[W]e need more than Congress passing new statute, and the SEC requiring strict compliance with existing legislation.  We need a comprehensive assault on the problem.  This means we need the assistance of our government and indeed all the countries of the world along with the world business community, to provide a climate which enables our corporations to compete honestly and fairly throughout the world.  There is a way to fix this problem if there is a will to do so.”  Among other things, Sporkin proposed – no doubt in recognition that most FCPA issues arise from use of foreign agents –  the “establishment of a country-by-country list of agents that have been properly vetted and have agreed to be examined and audited by an independent international auditing group.”

In 2006, Sporkin returned to the podium (see here) as the FCPA neared its 30th year.  He stated as follows.  “What I envisioned when the law was enacted was a new corporate regime where bribery of foreign officials would be almost completely extinguished at least as it pertained to major U.S. corporations.  As all of us here have observed, the wild-eyed-do-gooder predictions never occurred.  Instead statistics indicate that bribery of foreign officials has maintained a steady pace over the years.”  [Counterpoint – perhaps bribery of foreign officials, as envisioned by Congress and indeed Sporkin’s SEC, has largely been extinguished, but the issue (in 2006 and still today) is that the goalposts have been moved … and not by Congress].

In his 2006 speech, Sporkin did not advocate the FCPA’s repeal, but he did “think the Department of Justice and the SEC can do something forward-looking which would be win-win for both the government and the private sector.”  He called it the “FCPA Immunization-Inoculation Program.”  Sporkin stated that the “quasi-amnesty program” would consist of the following:  (i) “agreement by participating firms to conduct a full and complete review [conducted jointly by a major accounting firm or specialized forensic accounting firm and a law firm]  of the company’s compliance with the FCPA for the previous 3 years; (ii) the company would agree “to disclose the results of the legal-accounting audit to the SEC, its investors, and the public; (iii) “if any violations turned up in the process of the audit, the participating [company] would agree to take all steps to eliminate the problems and implement the appropriate controls to prevent further violations; (iv) participating companies “would agree to subject themselves to a similar audit on an annual basis for at least 5 years to ensure that compliance was being maintained; (v) participating companies “would be required to create the position of FCPA compliance officer, whose sole responsibility would be to ensure the company’s compliance with the FCPA” and make an annual certification; and (vi) “in exchange … the SEC and DOJ would give qualified assurances that no actions would be brought for violations exposed by the review.”  As envisioned by Sporkin, the “limited amnesty would not apply if violations rose to flagrant or egregious level.”

According to Sporkin, the “immunization-inoculation program would serve the dual purpose of: (1) creating suitable incentives to compliance-minded companies to adopt and maintain high ethical standards in the conduct of their business; and (2) reducing the case load and investigative burden of governmental agencies that enforce the FCPA while reassuring regulators that companies are taking active steps to limit corruption in their foreign contracting and other activities.”  Sporkin conceded that “some adjustments may be necessary” but he believed that his proposal “would provide the right-thinking corporate community with the necessary assurances that it needs to develop a vibrant overseas business without having to defend itself against very costly and time consuming investigations.”

At the November 2010 Senate FCPA hearing, FCPA practitioner Michael Volkov (here) resurrected Sporkin’s proposal – see here for Volkov’s prepared statement.  [By the way, for those of you looking for the complete transcript of that hearing, along with the prepared statements, and post-hearing Q&A’s – see here].

While Sporkin’s FCPA reform proposals are, in certain ways, different from many of the proposed FCPA amendments being discussed at the moment, the point of this post – other than to highlight Sporkin’s reform proposals, is to demonstrate that the screams of some – that FCPA reform is solely a Chamber issue or somehow akin to waving the white flag of surrender to corporate bribery – are off-base.

What various FCPA reform proposals through the years have in common is experienced and knowledgeable individuals (including many former DOJ and SEC enforcement attorneys who helped shape the FCPA and FCPA enforcement) sharing a belief that the current ad hoc, inconsistent, arbitrary, and largely opaque enforcement only climate is in need of reform.

A Focus On The SEC

From an FCPA reform perspective, most of the recent scrutiny has been on the DOJ and its enforcement policies and positions.

Yet, the FCPA is also enforced by the SEC.

As a civil enforcement agency only, the SEC’s stick is less sharp the DOJ’s. Nevertheless, the SEC’s FCPA enforcement positions on issues such as “foreign official” and “obtain or retain business” are seemingly identical to the DOJ’s.

Moreover, certain of the SEC’s enforcement theories as to the FCPA’s books and records and internal control provisions are subject to controversy. As I highlighted in “The Facade of FCPA Enforcement” (here at pgs. 976-984), with increasing frequency, the SEC has charged FCPA books and records and internal control violations based on untested and dubious legal theories, as well as theories seemingly in direct conflict with the FCPA’s statutory provisions.

For instance, the SEC routinely charges parent companies with FCPA books and records and internal control violations based solely on the conduct of indirect subsidiaries or affiliates in the absence of any allegation that the parent company participated in, or had knowledge of, the conduct at issue – even though the FCPA specifically states that issuers that demonstrate good faith efforts to cause indirect subsidiaries and affiliates to devise and maintain effective internal controls “shall be conclusively presumed to have complied with” the FCPA’s applicable requirements.

The SEC’s FCPA enforcement theories and policies are now being questioned. See here for the June 30th letter from Senator Mike Crapo (R-ID) to SEC Chairman Mary Schapiro.

The letter begins with Senator Crapo stating that “Congress and the agencies that enforce the FCPA must work together to ensure that the statute’s goals are being met without perverting the risk and reward calculus U.S. firms face when considering overseas business opportunities that would support domestic job growth.”

In the letter, Senator Crapo says he is “concerned by the recent Congressional testimony about the increased compliance costs for businesses operating in good faith to abide by the FCPA’s strictures and the deterrence of U.S. firms’ entry into, or expansion of, overseas operations.”

Senator Crapo then asks Chairman Schapiro for answers to the following questions.

1. Should the FCPA be amended to provide an affirmative defense, which may be raised where violations resulted from the conduct of individual employees or agents who circumvented compliance measures that were reasonably designed to identify and prevent such violations?

2. Does the Commission believe that regulations or guidance explaning factors it considers when determining whether an entity’s officers or employees are “foreign officials” would be helpful to U.S. firms? Would the Commission support legislation that more clearly defines the term “foreign official” under the FCPA?

3. What are the mechanisms by which the Commission could or does provide guidance on FCPA related matters?

4. Is it the Commission’s policy to hold firms strictly liable for foreign subsidiaries’ actions in violation of the FCPA?

5. Under what circumstances, if any, is it appropriate for both the Commission and the Department to seek the recovery of penalties from the same entity for the same conduct?

Prior to responding to Senator Crapo’s letter, Chairman Schapiro and others at the SEC’s FCPA Unit would be well served by reviewing a 1981 speech by then Chairman of the SEC – Harold Williams – on the FCPA’s books and records and internal control provisions.

To best understand (and place in context) current SEC FCPA enforcement positions and policies, it is useful to understand past SEC FCPA enforcement positions and policies. Statements made by the SEC Chairman in 1981 bear little resemblence to the SEC’s current enforcement of the FCPA’s books and records and internal control provisions.

*****

The year was 1981, the event was the American Institute of Certified Public Accountants, and the speaker was Harold Williams, the Chairman of the SEC. Williams focused his remarks (here) “solely to one major auditing development of recent years: the accounting provisions of the Foreign Corrupt Practices Act of 1977.”

Williams began has remarks as follows. “When viewed from an abstract perspective, the Act’s accounting provisions seem merely to codify a basic and uncontroversial management principle: no enterprise of any size can operate successfully without maintaining effective controls over its transactions and the disposition of its assets. Perhaps in part because these provisions were considered truisms, the Act was passed without Congressional dissent. However, practical experience with new legislation – even a law thought to be noncontroversial – often will reveal unanticipated problems. Newly enacted standards, for example, may be subject to differing constructions or raise compliance difficulties and ambiguities unforeseen by their draftsmen. And, until these problems are resolved by an agency, the courts or the Congress, those who are subject to these laws are often faced, unfortunately, with some disquieting circumstances. The anxieties created by the Foreign Corrupt Practices Act – among men and women of utmost good faith – have been, in my experience without equal.”

Williams noted that “such uncertainty can have a debilitating effect on the activities of those who seek to comply with the law. My sense is that, as a consequence, many businesses have been very cautious – sometimes overly so – in assuring at least technical compliance with the Act. And, therefore, business resources may have been diverted from more productive uses to overly-burdensome compliance systems which extend beyond the requirements of sound management or the policies embodied in the Act. The public, of course, is not well served by such reactions.”

Unlike many SEC speeches that contain the usual – this is only my personal opinion disclaimer – Williams specifically noted that he “conferred” with his “colleagues before presenting these remarks, and they have authorized me to advise you that these remarks constitute a statement of the Commission’s policy.”

As to the FCPA’s books and records provisions, Williams stated as follows. “This provision is intimately related to the requirement for a system of internal accounting controls, and we believe that records which are not relevant to accomplishing the objectives specified in the statute for the system of internal controls are not within the purview of the recordkeeping provision. […] nor could a company be enjoined for a falsification of which its management, broadly defined, was not aware and reasonably should not have known.”

As to the FCPA’s internal control provisions, Williams stated as follows. “The Act does not mandate any particular kind of internal controls system. The test is whether a system, taken as a whole, reasonably meets the statute’s specified objectives. ‘Reasonableness,’ a familiar legal concept, depends on an evaluation of all the facts and circumstances.”

Under the heading “deference” Williams stated as follows. “Private sector decisions implementing these statutory objectives are business decisions. And, reasonable business decisions should be afforded deference. This means that the issuer need not always select the best or the most effective control measure. However, the one selected must be reasonable under all the circumstances.”

Under the heading “state of mind” Williams stated as follows. “The accounting provisions principal objective is to reaching knowing or reckless conduct.”

As to the “purposes of the Act,” Williams provided a brief review of the “events which led to the [FCPA].” He stated as follows. “Clearly, Congress went further than determining whether the payments which gave the new law its name were ethically and commercially justifiable. It also chose to consider the corporate accounting and control deficiencies which had been breeding grounds for these practices. And, by doing so, it addressed the far more serious issues raised by these disclosures. […] These payments and falsifications were not only previously unknown to public investors and independent auditors, but many were also unknown to the payor’s board and, in numerous examples, even to its senior management. In some of these instances, internal controls existed, but they were shown to be ineffective or easily subverted. Unauthorized payments and related falsifications of corporate records seemed to evidence – indeed, were fostered by – a lack of adequate accounting records and controls. Consequently, in the legislation which ultimately emerged from Congress, prohibiting questionable payments and mandating control and recordkeeping were inexorably interconnected.”

Williams stated as follows. “The primary thrust of the Act’s accounting provisions, in short, was to require those public companies which lacked effective internal controls or tolerated unreliable recordkeeping to comply with the standards of their better managed peers. That is the context in which these provisions should be construed.”

Williams then addressed “four of the most important” interpretative questions concerning the then-young FCPA: “first, the degree of exactitude in recordkeeping mandated by the Act; second, the deference it affords business decisions concerning internal controls; third, whether a particular state of mind is necessary for a violation to exist; and finally, liability for compliance by subsidiaries.”

As to the “degree of exactitude” Williams stated as follows. “I turn first to the question of whether the Act’s text or purpose mandates that business records and controls conform to a standard of absolute exactitude or that a company’s control system meet some absolute ideal. The answer is ‘no.’ Both of the Act’s accounting provisions, it should be noted are modified by the key term ‘reasonable.’ […] In essence, therefore, the Act does provide a de minimus exemption, though not in absolute quantitative terms.”

Williams noted that Congress specifically declined to adopt a materiality test and stated that “internal accounting controls are not only concerned with misconduct that is material to investors, but also with a great deal of misconduct which is not.” He noted that while materiality is “appropriate as a threshold standard to determine the necessity for disclosure to investors, [it] is totally inadequate as a standard for an internal control system.”

Williams stated that “procedures designed only to uncover deficiencies in amounts material for financial statement purposes would be useless for internal control purposes” and noted that “systems which tolerated omissions or errors of many thousands or even millions of dollars would not represent, by any accepted standard, adequate records and controls.” Indeed, Williams noted that many of the “questionable payments that alarmed the public and caused Congress to act” […] were in most instance of far lesser magnitude than that which would constitute financial statement materiality.”

“Reasonableness, rather than materiality, is the appropriate test,” Williams stated. He noted as follows. “Reasonableness, as a standard, allows flexibility in responding to particular facts and circumstances. Inherent in this concept is a toleration of deviations from the absolute. One measure of the reasonableness of a system relates to whether the expected benefits from improving it would be significantly greater than the anticipated costs of doing so. Thousands of dollars ordinarily should not be spent conserving hundreds. Further, not every procedure which may be individually cost-justifiable need be implemented; the Act allows a range of reasonable judgments.”

As to the “specific recordkeeping requirement” in the FCPA, Williams stated as follows. “… [T]his provision is not an independent unrestrained mandate to the Commission to establish novel or unprecedented corporate recordkeeping standards; it is, rather, an integral part of Congress’ efforts to assure that the business community records transactions and assets in such a way as to maintain adequate control over them. And this leads to two important conclusions: First, the Act does not establish any absolute standard of exactitude for corporate records. And, second, records which are not related to internal or external audits or to the four internal control objectives set forth in the Act are not within the purview of the Act’s accounting provisions.”

As to “deference” with respect to “issuer liability for recordkeeping violations” Williams stated that the SEC “will look to the adequacy of the internal control system of the issuer, the involvement of top management in the violation, and the corrective actions taken once the violation was uncovered.”

In a sign of just how much FCPA enforcement has changed, Williams then stated as follows. “If a violation was committed by a low level employee, without the knowledge of top management, with an adequate system of internal control, and with appropriate corrective action taken by the issuer, we do not believe that any action against the company would be called for.”

Williams next turned to the “state of mind needed to violate the Act’s accounting provisions.” He reiterated that the “Act’s principal purpose is to reach knowing or reckless misconduct.”

In another sign of just how much FCPA enforcement has changed, William stated as follows. “… [D]epending on the circumstances, intentional circumventions of a company’s system of records and of accounting controls by a low-level employee would not always be considered violations of the Act by the issuer. No system of adequate records and controls – no matter how effectively devised or conscientiously applied – could be expected to prevent all mistaken and improper transactions and disposition of assets. Given human nature, regardless of the adequacy of the system, a bookkeeper may still erroneously post entries, an overzealous agent may make unauthorized payments, or an unscrupulous employee may falsify records for his own purposes. The Act recognizes each of these limitations. Neither its text and legislative history nor its purposes suggest that occasional, inadvertent errors were the kind of problem that Congress sought to remedy in passing the Act. No rational federal interest in punishing insignificant mistakes has been articulated. And, the Act’s accounting provisions do not require a company or its senior officials to be the guarantors of all conduct of company employees.”

In concluding this portion of his speech, Williams stated as follows. “The test of a company’s internal control system is not whether occasional failings can occur. Those will happen in the most ideally managed company. But, an adequate system of internal controls means that, when such breaches do arise, they will be isolated rather than systemic, and they will be subject to a reasonable likelihood of being uncovered in a timely manner and then remedied promptly. Barring, of course, the participation or complicity of senior company officials in the deed, when discovery and correction expeditiously follow, no failing in the company’s internal accounting system would have existed. To the contrary, routine discovery and correction would evidence its effectiveness.”

As to subsidiaries, Williams stated as follows. “Where the issuer controls more than 50 percent of the voting securities of the subsidiary, compliance is expected. So, too, would it be expected if there is between 20 percent and 50 percent ownership, subject to some demonstration by the issuer that this does not amount to control. If there is less than 20 percent ownership, we will shoulder the burden to affirmatively demonstrate control.”

As to the SEC’s enforcement policy, Williams concluded his remarks as follows. “The genius – and challenge – of [the FCPA’s accounting provisions] , it should be remembered, is their reliance on private sector decisionmaking – rather than specific federal edicts – to address an area of public concern. The Act’s eventual success or failure will, therefore, depend primarily upon business’s response. The Commission’s obligation, in turn, is to provide a regulatory environment in which the private sector can address these issues meaningfully and creatively. In this regard, we must encourage public companies to develop innovative records and control systems, to modify and improve them as circumstances change, and to correct recordkeeping errors when they occur without a chilling fear of penalty or inference that a violation of the Act is involved.”

RAE Systems Held Liable For The Acts Of Its Subsidiaries’ Joint Venture Partners

If every company voluntarily disclosed that its distant subsidiaries and/or its distant subsidiaries’ joint venture partners provided minor things of value (such as a notebook computer, kitchen appliances, and business suits) to someone deemed a “foreign official” by the enforcement agencies, then instead of 15 to 20 core FCPA enforcement actions per year, there would probably be something like 150 to 200 FCPA enforcement actions per year.

If every issuer voluntarily disclosed that its internal controls were imperfect as to distant subsidiaries or its distant subsidiaries’ joint venture partners, and that such distant entities failed to follow issuer instructions or issuer provided training and guidance, then instead of 15 to 20 core FCPA enforcement actions per year, there would probably be something like 1,500 to 2,000 FCPA enforcement actions per year (recognizing that the FCPA’s books and records and internal control provisions equally apply to domestic operations).

So why did RAE Systems voluntarily disclose such conduct to the DOJ and the SEC? Would it not have been more efficient and cost-effective for the company to effectively remedy these issues internally?

Do the high professional expenses connected with voluntary disclosures (compared to effectively remedying issues internally) have anything to do with the increase in voluntary disclosures? (See here for a prior post on the issue). In RAE Systems annual report for the year ended December 31, 2009 (see here), filed in March 2010, the company disclosed that it had (at that point) incurred $4 million in professional fees in connection with the FCPA investigation.

From an enforcement standpoint, is the Foreign Corrupt Practices Act becoming an all-purpose corporate governance instrument? Should it?

These are some of the questions raised by the odd RAE Systems enforcement action.

Last Friday, the DOJ and SEC announced (see here and here) a joint enforcement against RAE System (a San-Jose, California based company with shares on the New York Stock Exchange) “a leading global provider of rapidly deployable connected, intelligent gas detection systems that enable real-time safety and security threat detection.” (See here for the company website). In September, RAE Systems signed a definitive agreement to be acquired by Battery Ventures. The transaction is expected to close by the end of the first quarter of 2011.

This post summarizes the DOJ and SEC enforcement actions in which RAE Systems agreed to pay approximately $2.95 million in fines and disgorgement.

DOJ

Pursuant to a three-year non-prosecution agreement, RAE Systems acknowledged its “knowing violations of the internal controls and books and records provisions” of the FCPA “arising from and related to improper benefits corruptly paid by employees of two joint ventures majority owned and controlled by RAE Systems to foreign officials of departments, agencies, and instrumentalities” of the Chinese government.” Pursuant to the NPA, RAE Systems agreed to pay a $1.7 million penalty.

According to the NPA, RAE Systems “had significant operations” in China organized “under a holding company called RAE Asia, headquartered in Hong Kong.” RAE Systems “sold products and services in mainland [China] primarily through second-tier subsidiaries organized as joint ventures with local Chinese entities.

One of the joint ventures is RAE-KLH (Beijing) Co., Limited (“RAE-KLH”). RAE Systems acquired a 64% stake in RAE-KLH in 2004 and upped the stake to approximately 96% in 2006. The other joint venture is RAE Coal Mine Safety Instruments (Fushun) Co., Ltd. (“RAE-Fushun”). In 2006, RAE Systems acquired a 70% interest in RAE Fushan.

Both RAE-KLH’s and RAE Fushun’s financial results were included in the consolidated financial statements that RAE Systems filed with the SEC.

According to the NPA, “a significant number of RAE-KLH’s and RAE Fushun’s customers” in China were “government departments and bureaus and large state-owned agencies and instrumentalties.” The NPA states as follows. “The Lanzhous City Honggu Mining Safety Bureau, for example, was a government customer. Other government clients included regional fire departments, emergency response departments, and entities under the supervision of the provincial environmental agency, among others. Accordingly, officers and employees of a significant number of RAE-KLH’s and RAE Fushun’s customers were ‘foreign officials’ within the meaning of the FCPA …”.

The NPA then contains a heading that states, “RAE System’s Knowing Failure to Implement Systems of Effective Internal Controls at RAE-KLH and RAE Fushun Post Closing.”

The NPA then cites various company documents that suggest RAE was aware that KLH sales personnel were making kickbacks or otherwise engaging in questionable sales tactics with its customers. The NPA cites a document from a RAE Systems employee from the United States who met with KLH personnel that stated “we knew this risk all along and have accepted it upon entering the JV deal.”

Following the acquisition, the NPA states that “RAE Systems did provide some FCPA training to RAE-KLH personnel and did tell RAE-KLH personnel to stop paying bribes and providing other improper benefits, but such steps were half-measures.” The NPA states that “RAE Systems did not impose sufficient internal controls or make sufficient changes to high-risk practices.”

As to RAE-Fushun, the NPA states that “RAE Systems did not conduct pre-acquisition corruption due diligence of RAE Fushun” but that “given RAE’s System’s experience with KLH described above, the high-risk nature of the location, and the existence of numerous government customers, pre-acquisition corruption-focused due diligence was merited. The NPA further states “as was later confirmed, improper business practices had occurred at RAE Fushun before the acquisition and continued post-acquisition, as RAE Systems failed to implement an effective system of internal controls at RAE Fushun.”

Based on the above facts, the NPA states that “RAE Systems knowingly failed to implement a system of effective internal accounting controls at RAE-KLH and RAE Fushun…”.

According to the NPA, the “lack of effective internal accounting controls permitted improper payments to continue at RAE-KLH and RAE-Fushun after acquisition.”

As to RAE-KLH, the NPA states that certain sales representatives at RAE-KLH “used cash advances and reimbursements for improper purposes, including the corrupt giving of gifts and paying for entertainment, as well as direct or indirect payments to customers.” According to the NPA, “the gifts included, among other things, a notebook computer for the son of the deputy director of a state-owned chemical plant as part of efforts to obtain business from that entity.” The NPA also states that RAE-KLH made payments under contracts with a purported consultant and that some or all of the payments were funneled to officials of a state-owned enterprise and government departments.

As to RAE Fushun, the NPA likewise statements that certain sales representatives at RAE Fushun “used cash advances and reimbursements for improper purposes including the corrupt giving of gifts and paying for entertainment, as well as making direct or indirect payments, to officers and employees of customers.” According to the NPA, “these gifts to certain officials of state-owned enterprises and government departments included, among other things, a variety of luxury items, such as jade, fur coats, kitchen appliances, business suits, and high-priced liquor.”

The NPA then states that the “lack of effective internal controls and continued improper payments led to inaccurate books and records.”

During the three-year term of the NPA, RAE Systems agreed to undertake a host of compliance reforms and to report to the DOJ on an annual basis.

The DOJ agreed to enter into the NPA “based in part, on the following factors: (a) RAE System’s timely, voluntary, and complete disclosure …; (b) RAE System’s thorough, real-time cooperation with the DOJ and SEC; (c) the extensive remedial efforts already undertaken and to be undertaken by RAE Systems; and (d) RAE System’s commitment to submit periodic monitoring reports to the DOJ.”

SEC

The SEC’s complaint (here) is based on the same core set of facts described above. It charges RAE Systems, not only with FCPA books and records and internal control violations, but anti-bribery violations as well.

The complaint begins by alleging that “from 2004 through 2008” RAE Systems violated the FCPA “by paying, through two of its joint venture entities in China, approximately $400,000 to third party agents and government officials in China to influence acts or decisions by foreign officials to obtain or retain business for RAE Systems.” According to the complaint, the payments “were made primarily by the direct sales force utilized by RAE Systems” at its two Chinese joint-venture entities: RAE-KLH and RAE-Fushun.

According to the SEC, RAE System’s “illicit payments to government officials and third-party agents generated revenues worth over $3 million and gross margin of $1,147,800.”

The complaint states: “While the payments were made exclusively in China and were conducted by Chinese employees of RAE-KLH and RAE-Fushun, RAE Systems was aware of significant indications of ongoing bribery at RAE-KLH. At the time, RAE Systems failed to effectively investigate these indications, or red flags, and to stop the bribery from continuing. RAE System’s failure to act on these significant red flags allowed, at least in part, bribery to continue at RAE-KLH.”

RAE Systems was held liable for RAE-KLH’s improper payments even though the SEC complaint states that “RAE Systems Instruct[ed] KLH Personnel to Stop Bribery Practices.” According to the SEC, “while RAE Systems communicated these instructions to RAE-KLH personnel, RAE Systems did not impose sufficient internal controls or make any changes to the practice of sales personnel obtaining cash advances.” According to the SEC, RAE System’s CFO visited RAE-KLH’s Chinese facilities and observed that certain cash advances may be used for “grease payments, to supplement sales employees’ incomes and as bribes.” In response, RAE Systems, “implemented FCPA compliance training and required each RAE-KLH employee to certify that he or she did not engage in bribery practices.” However, the SEC alleged “again, however, [RAE Systems] did not impose sufficient internal controls or make changes to the practice of sales personnel obtaining cash advances.”

Without admitting or denying the SEC’s allegations, RAE Systems agreed to pay $1,147,800 in disgorgement (plus $109,212 in prejudgment interest) and to undertake a host of FCPA compliance measures.

Cheryl Scarboro (Chief of the SEC’s FCPA Unit) stated as follows. “RAE Systems develops products to detect harmful emissions, yet it did not have adequate measures in place to detect and root out internal wrongdoing. Companies that fail to respond to red flags can be held liable for the acts of their joint venture partners.”

Carlos Ortiz (a former DOJ attorney now at LeClair Ryan – here) and Roy McDonald (DLA Piper – here) represented RAE Systems.

Smith & Wesson’s Recent Disclosures

In January, Amaro Goncalves was one of the individuals indicted in the Africa Sting case.

Goncalves is described in the indictment as “the Vice President of Sales for Company A, a United States company headquartered in Springfield, Massachusetts. Company A was a world-wide leader in the design and manufacture of firearms, firearm safety/security products, rifles, firearms systems, and accessories. The shares of Company A were publicly traded on the NASDAQ stock exchange.”

Company A is Smith & Wesson, a fact quickly acknowledged by the company in this press release.

I noted in January:

“At present, this case only involves individuals.

However, as indicated by Assistant Attorney General Breuer in yesterday’s DOJ release (here) the investigation is “ongoing” and you can bet that many of the companies which employ these individuals are “lawyering up” as past FCPA enforcement actions demonstrate that corporate enforcement actions or investigations often, but not always, precede or follow individual enforcement actions.”

Indeed, the companies indirectly implicated in the Africa Sting by their employees alleged conduct did “lawyer up.”

Because Smith & Wesson is a public company, the public is provided a better glimpse of how the Africa Sting case is affecting this company compared to the many other companies indirectly implicated – many of which are small, private businesses.

On June 30th, Smith & Wesson reported its Fourth Quarter and Full Year 2010 Financial Results Ended April 30, 2010 (see here). The company release contains this paragraph:

“Operating expenses of $89.1 million, or 21.9% of sales, for fiscal 2010 decreased versus operating expenses of $170.5 million, or 50.9% of sales, for fiscal 2009. Excluding the impact of the impairment charge recorded in the second quarter of fiscal 2009 and $9.7 million of operating expense at USR not contained in prior year results, operating expenses increased $7.1 million for the current fiscal year. This increase included $3.2 million in legal and consulting fees related to allegations against one of our employees under the Foreign Corrupt Practices Act (FCPA).”

If nothing more, Amaro Goncalves is probably not on the short-list for employee of the month because of his alleged conduct.

Yesterday, Smith & Wesson filed its annual report (see here). The report contained the following:

Foreign Corrupt Practices Act (FCPA)

On January 19, 2010, the U.S. Department of Justice (“DOJ”) unsealed indictments of 22 individuals from the law enforcement and military equipment industries, one of whom was our Vice President−Sales, International & U.S. Law Enforcement. We were not charged in the indictment. We also were served with a Grand Jury subpoena for the production of documents. We have always taken, and continue to take seriously, our obligation as an industry leader to foster a responsible and ethical culture, which includes adherence to laws and industry regulations in the United States and abroad. Although we are cooperating fully with the DOJ in this matter and have undertaken a comprehensive review of company policies and procedures, the DOJ may determine that we have violated FCPA laws. We cannot predict when this investigation will be completed or its outcome. There could be additional indictments of our company, our officers, or our employees. If the DOJ determines that we violated FCPA laws, or if our employee is convicted of FCPA violations, we may face sanctions, including significant civil and criminal penalties. In addition, we could be prevented from bidding on domestic military and government contracts, and could risk debarment by the U.S. Department of State. We also face increased legal expenses and could see an increase in the cost of doing international business. We could also see private civil litigation arising as a result of the outcome of the investigation. In addition, responding to the investigation may divert the time and attention of our management from normal business operations. Regardless of the outcome of the investigation, the publicity surrounding the investigation and the potential risks associated with the investigation could negatively impact the perception of our company by investors, customers, and others.

SEC Investigation

Subsequent to the end of fiscal 2010, we received a letter from the staff of the SEC giving notice that the SEC is conducting a non−public, fact−finding inquiry to determine whether there have been any violations of the federal securities laws. It appears this civil inquiry was triggered in part by the DOJ investigation into potential FCPA violations. We have always taken, and continue to take seriously, our obligation as an industry leader to foster a responsible and ethical culture, which includes adherence to laws and industry regulations in the United States and abroad. Although we are cooperating fully with the SEC in this matter, the SEC may determine that we have violated federal securities laws. We cannot predict when this inquiry will be completed or its outcome. If the SEC determines that we have violated federal securities laws, we may face injunctive relief, disgorgement of ill−gotten gains, and sanctions, including fines and penalties, or may be forced to take corrective actions that could increase our costs or otherwise adversely affect our business, results of operations, and liquidity. We also face increased legal expenses and could see an increase in the cost of doing business. We could also see private civil litigation arising as a result of the outcome of this inquiry. In addition, responding to the inquiry may divert the time and attention of our management from normal business operations. Regardless of the outcome of the inquiry, the publicity surrounding the inquiry and the potential risks associated with the inquiry could negatively impact the perception of our company by investors, customers, and others.”

Smith & Wesson’s disclosure is hardly surprising. Anytime a company’s employee is criminally indicted for an FCPA violation, it is reasonable to assume that the DOJ will wonder “who knew what and when” and will seek to discover whether the employee’s alleged conduct is isolated or evidence of broader, more systemic conduct. When that employee is the “Vice President−Sales, International & U.S. Law Enforcement” it is virtually guaranteed that the DOJ will ask such questions.

It is unlikely that Smith & Wesson is the only company implicated in the Africa Sting case under investigation. However, as stated above, because Smith & Wesson is a public company, the public is provided a better glimpse of how the Africa Sting case is affecting this company compared to the many other companies implicated – many of which are small, private businesses. These companies are “domestic concerns” and thus subject to the FCPA, it’s just that FCPA inquiries of non-public companies generate less attention that FCPA inquiries of public companies.

Nor is it surprising that Smith & Wesson disclosed the existence of an SEC investigation.

I noted in January:

“Given that one of the individuals indicted is employed by a public-company issuer, the SEC may also be interested in that company from, at the very least, an FCPA books and records and internal control perspective.”

Even if Smith & Wesson is never charged with violating the FCPA’s antibribery provisions, it is likely that the company could face some exposure under the FCPA’s books and records and internal control provisions.

The SEC’s analysis would likely be as follows.

Goncalves, if the alleged conduct is true, no doubt, while a Smith & Wesson employee, made entries on the company’s books and records that did not accurately or fairly represent the transactions at issue. That, in and of itself, would be an FCPA books and records violation. Further, the SEC will take the position that if Smith & Wesson had effective internal controls, Goncalves could not have engaged in the conduct he is alleged to have engaged in. If he did, this in and of itself, is evidence that Smith & Wesson lacked effective internal controls.

A bit simplistic, yes. But this is perhaps how the Smith & Wesson inquiry will play out.

A final point.

Smith & Wesson is a supplier to numerous government customers and military installations. Under guidelines issued by the Office of Management and Budget, a person or firm found in violation of the FCPA may be barred from doing business with the Federal government. Add this issue to the list of issues to follow as the Smith & Wesson FCPA inquiry escalates. However, this sanction (to my knowledge) has never been used against an FCPA violator.

If the SEC Was An Issuer …

The FCPA’s books and records and internal control provisions require issuers (i.e. publicly-traded companies) to: (i) “make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer;” and (ii) devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that (among other things) transactions are executed in accordance with management’s general or specific authorization, transactions are recorded as necessary to maintain accountability of assets, and access to assets is permitted only in accordance with management’s general or specific authorization.

The SEC enforces these provisions against issuers.

Often times, the SEC enforces these provisions against issuers aggressively (see here and here).

It seems to not matter to SEC enforcement officials whether the improper recording in the company’s books or records occurred at a far flung, fifth-tier subsidiary by a rogue employee or whether the issuer actually had knowledge that a far flung subsidiary was engaged in improper conduct.

The SEC’s position is that if the far-flung subsidiary’s financial results are consolidated with the parent company issuer’s financial results for purpose of financial reporting, then the subsidiary’s violation is the issuer’s violation.

Further, it seems to not matter to SEC enforcement officials whether the violation resulted from a rogue employee acting contrary to clearly articulated and well communicated company policies and procedures prohibiting the improper conduct because, after all, if the company’s internal controls were effective, rogue employees would not exist or, if they do exist, proper controls would be put in place to monitor their behavior before it occurred.

Every so often, it is fun to spend a few moments in “hypothetical land.”

The issue in “hypothetical land” today is – if the SEC was an issuer.

If the SEC was an issuer, it would have some serious FCPA books and records and internal control issues to deal with as a result of the Government Accountability Office’s (“GAO’s”) recent “Financial Audit – Securities and Exchange Commission’s Financial Statements for Fiscal Years 2009 and 2008” (see here).

As detailed in the audit, the GAO “identified six significant deficiencies that collectively represent a material weakness in SEC’s internal control over financial reporting.” In short, the GAO concluded that “SEC’s internal control over financial reporting was not effective as of September 30, 2009.”

Most notably, the GAO found material weaknesses that have: (i) “resulted in unsupported entries and errors in the general ledger”; (ii) “ineffective financial reporting controls and general ledger system reporting limitations”; and (iii) “ineffective processes and related documentation concerning budgetary transactions.” (p. 5).

Among other specifics, in terms of the general ledger system and the supporting processes the SEC uses to prepare its financial statements, the GAO found that:

“unauthorized personnel can view, manipulate, or destroy data” (p. 64);

SEC controls to compensate for the general ledger limitations “are cumbersome and largely detective nature, increasing the risk that errors or fraud that could result in a misstatement to the financial statements would not be prevented” (p. 65);

in connection with deposit account activity, the SEC’s processes are “labor-intensive” and that “it does not have dedicated resources assigned to address this issue” (p. 69); and

“obligations […] were not always recorded timely and were not always supported by documentation evidencing the obligation as having been approved by an authorized individual” (p. 70).

Under the FCPA, not only is it important for issuers to have effective internal controls, but issuers must also monitor those internal controls to make sure that they are effective.

The GAO was critical of the SEC on this score as well.

The report notes:

“We also identified weaknesses in SEC’s monitoring process which indicate a lack of effective oversight of controls. Management’s monitoring of controls should include whether the controls are operating as intended and include an assessing of the design and operation of controls on a timely basis and taking necessary corrective actions. As discussed previously, we found that SEC’s monitoring procedures did not address all identified risks. Further, SEC’s management oversight was not sufficient given the frequency and sensitivity of the control activity, and monitoring procedures were not always completed in accordance with SEC’s stated testing plan.” (p. 71-72).

According to the GAO – “[b]ecause of inherent limitations, [the SEC’s] internal control[s] may not prevent or detect and correct misstatements due to error or fraud, losses, or noncompliance.” (p. 8).

Because of the above identified deficiencies, if the SEC was an issuer – would: (i) the SEC’s main DC office be strictly liable for branch office deficiencies; (ii) the SEC disgorge all of its “profits” connected (no matter how remotely) to the improper recording or the deficient internal controls; and (iii) would high-level SEC officials be accountable under “control person” theories for the books and records and internal control violations?

As readers of this blog know, all of the above “theories” are straight from recent SEC enforcement actions against issuers.

So next time an FCPA practitioner and his/her corporate client representative are seated across the table from an SEC enforcement official who asks, “how could this payment have not been recorded properly in subsidiary X’s books and records, how could the issuer not put in place effective internal controls, how could those controls not be monitored and assessed, etc. etc.” the most candid response just might be “I don’t know, you tell me – such issues happen at the SEC as well.”

One more thing, when enforcing the FCPA’s books and records and internal control provisions against issuers, the SEC insists on remedial measures and wants to see evidence of those remedial measures being put into place “yesterday.” An issuer comment, such as “this takes time,” would likely fall on deaf ears.

Yet, here is what SEC Chairman Mary Schapiro had to say about the GAO report and its findings of various deficiencies: “some deficiencies are likely to be resolved during the first half of FY 2010, while others – which have been the result of long-term and growing constraints affecting our information technology and human resources – will take longer to fully resolve.” (p. 29). This statement was also repeated by Kristine Chadwick, SEC CFO and Associate Executive Director (p. 33).

Alas, time to come back to reality, the SEC is not an issuer, but a couple minutes in “hypothetical land” does provide some useful perspectives as to the SEC’s enforcement of the FCPA’s books and records and internal control provisions.

Powered by WordPress. Designed by WooThemes