The FCPA repeat offender list may substantially grow as Reuters reports that “the U.S. FBI is investigating corporate giants Johnson & Johnson, Siemens AG, General Electric Co and Philips for allegedly paying kickbacks as part of a scheme involving medical equipment sales in Brazil.”
Once the ink is dry on a Foreign Corrupt Practices Act settlement, most people forget about it. However, it does not disappear and may be resurrected by opportunistic parties including in civil litigation.
Such is the circumstance in this post which discusses a recent 5th Circuit decision in which plaintiffs’ counsel referenced a 2011 FCPA enforcement action against Johnson & Johnson and a related entity. (See here for the prior post).
Various courts have held that the Foreign Corrupt Practices Act does not confer a private right of action. However, as highlighted in “FCPA Ripples” and several other posts on this website, private plaintiffs with increasing frequency are using allegations of corruption to allege other substantive causes of action in what amounts to “offensive use” of the FCPA and related topics.
Recently, American service members and civilians and their families who were killed or wounded while serving in Iraq filed this 203 page civil complaint against AstraZeneca, General Electric, Johnson & Johnson, Pfizer and Roche claiming that the companies’ alleged acts of corruption in Iraq present viable civil claims under the federal Anti-Terrorism Act and for intentional infliction of emotional distress. Specifically, the plaintiffs allege that they or their family members were attacked by a terrorist group (Jaysh al-Mahdi) funded in part by the defendants’ corrupt sales practices.
When I published “The Facade of FCPA Enforcement” in 2010 (see here) the trend of FCPA-inspired tag-a-long private civil suits was in its early stages. Thus, the section of my article – why the facade of FCPA enforcement matters – did not include discussion of such suits.
Now that the trend is clear, add FCPA-inspired private civil suits to the list of reasons why the facade of FCPA enforcement matters.
The game is very predictable. In the days and weeks following an FCPA enforcement action, or even a company disclosing or otherwise being the subject of FCPA scrutiny, the suits and/or “investigations” by plaintiffs firm will start to mount
In this prior post, I asked whether FCPA-inspired civil suits have a purpose or a parasitic. I stated that when a company’s FCPA violations are found to be condoned or encouraged by the board or executive officers, such plaintiff causes of action would seem to be warranted. But these situations are rare in FCPA enforcement actions. This prior post detailed June 2011 Congressional testimony on behalf of the U.S. Chamber Institute for Legal Reform that touched upon FCPA-civil litigation and I generally agree with the criticisms made of this “piggyback-litigation phenomenon.”
Several prior posts (here and here) profile how such derivative claims seldom, if ever, get past the motion to dismiss stage. Yet, several companies make the business judgment to settle such claims for what amounts to nuisance value for the company, but which represents a handsome pay day for plaintiff’s counsel for doing and accomplishing next to nothing.
Two recent Foreicgn Corrupt Practices Act related civil settlements prove this point.
In July, Halliburton announced here that a Texas state court issued an order preliminarily approving the proposed settlement of a derivative claim concerning a variety of misconduct, including Bonny Island, Nigeria conduct giving rise to the previous FCPA enforcement action against Halliburton and its related entities.
Pursuant to the proposed settlement, within 90 days of a final settlement date, Halliburton’s board agreed to implement various corporate governance and internal control revisions. The items most related to FCPA compliance should not be hard to accomplish because pursuant to the 2009 FCPA DOJ/SEC settlement, Halliburton already was under an existing obligation, including through engagement of a compliance monitor, to implement a host of FCPA related compliance enhancements.
Yet pursuant to the proposed settlement agreement, for its innovative work (that is my term), Plaintiffs’ counsel in the derivative action will seek approval of its fees and expenses not to exceed $7 million and Halliburton will not oppose such fees and will pay them through its insurance carriers.
Likewise, Johnson & Johnson recently announced (here) a proposed settlement of a derivative claim concerning a variety of misconduct, including the conduct giving rise to its 2011 FCPA enforcement action. As detailed in this prior post, pursuant to the settlement via a DPA, the company is already subject to enhanced compliance obligations related to the FCPA. The prior post noted that such enhanced compliance obligations were unusual and surprising given the DOJ’s conclusion that J&J already generally had “effective” policies and procedures. In the words of the DOJ “J&J had a pre-existing compliance and ethics program that was effective and the majority of problematic operations globally resulted from insufficient implementation of the J&J compliance and ethics program in acquired companies.”
Yet, along comes the Plaintiffs’ firms with a derivative action and pursuant to the settlement, J&J has agreed to reimburse Plaintiffs’ counsel in an amount not exceeding $10 million and to pay approximately $450,000 in its expenses.
Like many things in this new era of FCPA enforcement, FCPA-civil related suits have, in many cases, spiraled out of control. Yet with many, including now Plaintiffs firms, with a vested financial interest in seeing the status quo prevail, it is doubtful any meaningful change is on the horizon.
Yet the question can be asked, do FCPA civil-related suits accomplish anything? Do such suits serve a purpose or are they parasitic? Is this another reason why the “facade” of FCPA enforcement matters.
Last month, Johnson & Johnson (J&J) settled an FCPA enforcement action focused on voluntary disclosed conduct in Greece, Poland, Romania involving various health care providers. See here for the prior post. [The enforcement action also involved conduct in connection with the U.N. Oil for Food Program in Iraq – conduct that was not voluntarily disclosed].
The enforcement action was resolved via a deferred prosecution agreement (DPA) and in the DPA (here) the DOJ specifically states as follows: “J&J had a pre-existing compliance and ethics program that was effective and the majority of problematic operations globally resulted from insufficient implementation of the J&J compliance and ethics program in acquired companies.” (emphasis added).
The J&J enforcement action is thus a rare instance of the DOJ finding a company’s pre-existing compliance and ethics program “effective” notwithstanding the fact that conduct allegedly violating the FCPA took place within the overall organization.
The J&J DPA contains the standard compliance metrics found in typical DPAs and non-prosecution agreements (Attachment C of the J&J DPA) that the company must abide by during the three year term of the DPA.
However, the DPA also contains (see Attachment D) “Enhanced Compliance Obligations” that J&J must abide by during the term of the DPA. These “enhanced compliance obligations” are unusual and surprising given the DOJ’s conclusion that J&J already generally had “effective” policies and procedures.
Even though the DPA states that J&J, as part of the voluntary disclosure and cooperation process, “conducted an extensive, global review of all of its operations to determine if there were problems elsewhere and […] reported on any area of concerns to the Department and the SEC,” the “enhanced compliance obligations” nevertheless require J&J to “conduct risk assessments of markets where J&J has government customers and/or other anticorruption compliance risks on a staggered, periodic basis.”
In what seems like a “full employment act” for some, the DPA requires J&J to “identify no less than five operating companies that are high risk for corruption because of their sector and location and […] conduct FCPA Audits of those operating companies at least once every three years.” According to the DPA, “FCPA Audits of other operating companies that pose corruption risk shall occur no less than once every five years.”
Pursuant to the DPA, “each FCPA Audit shall include” the following.
“a. On-site visits by an audit team comprised of qualified auditors who have received FCPA and anticorruption training;
b. Where appropriate, participation in the on-site visits by personnel from the compliance and legal functions;
c. Review of a statistically representative sample appropriately adjusted for the risks of the market, of contracts with and payments to individual health care providers;
d. Creation of action plans resulting from issues identified during audits; these action plans will be shared with appropriate senior management, including the Chief Compliance Officer, and will contain mandatory undertakings designed to enhance anticorruption compliance, repair process weaknesses, and deter violations; and
e. Where appropriate, feasible, and permissible under local law, review of the books and records of distributors which, in the view of the audit team, may present corruption risk.”
Such “enhanced compliance obligations” seem wholly inappropriate given the DOJ’s conclusion that J&J already had “effective” compliance policies and procedures and given that J&J, prior to resolving the enforcement action, already “conducted an extensive, global review of all of its operations to determine if there were problems elsewhere…”.
Remediation and effective compliance policies and procedures are good.
But if the “enhanced compliance obligations” found in the J&J DPA are a new norm, how long will corporate defendants tolerate being required by the government (under the risk of prosecution for failure to do so) to engage in fishing expeditions (when the company already went fishing) just for the sake of going fishing again?