When Vicente Garcia (a former head of Latin American sales for SAP) resolved a parallel DOJ / SEC FCPA enforcement action in August 2015 (see here for the prior post), the question remained: would there also be a Foreign Corrupt Practices Act enforcement action against SAP?
Yesterday, the SEC answered that question in the affirmative by announcing an enforcement action against SAP (a German company with American Depository Shares registered with the SEC).
The SAP action is the first FCPA enforcement action of 2016.
Based on the same core conduct alleged in the prior Garcia action, SAP, without admitting or denying the SEC’s finding’s in an administrative order, agreed to pay approximately $3.9 million.
In summary fashion, the order states:
“This matter concerns violations of the books and records and internal controls provisions of the FCPA by SAP SE (“SAP”), a European Union corporation headquartered in Waldorf, Germany. The violations occurred due to deficient internal controls, which allowed SAP’s former Vice-President of Global and Strategic Accounts, Vicente E. Garcia, to discount the software price to a former SAP local partner at a level sufficient to permit Garcia and the local partner to pay $145,000 in bribes to one senior Panamanian government official, and offer bribes to two others. Through these bribes, Garcia secured government sales contracts of approximately $3.7 million for SAP, and also self-profited through kickbacks. By excessively discounting the SAP software, Garcia created a slush fund that the partner used to pay the bribes and kickbacks. Garcia concealed his scheme from others at SAP, circumvented SAP’s internal controls, and justified the excessive discounts by falsifying SAP’s internal approval forms.”
“The deep discounts that Garcia used to create the slush fund were falsely recorded as legitimate discounts on the books of SAP’s Mexican subsidiary, which were subsequently consolidated into SAP’s financial statements. In addition, SAP failed to devise and maintain an adequate system of internal accounting controls sufficient to provide reasonable assurances that these improper payments to government officials did not occur.”
According to the order:
“Garcia, as a senior vice-president of SAP responsible for sales in Latin America, used his knowledge of the availability of discounts to push through large discounts in order to create a slush fund from which the local partner was able to pay the bribes. SAP routinely provides large discounts to local partners for legitimate reasons that Garcia used to justify the illegitimate discounts. Once Garcia obtained approval of the discounts based on his falsified justification forms, the bribes were then paid from the local partner.”
As a result of Garcia’s conduct in the bribery scheme, SAP, with its local partner, was able to sell software to the Panamanian government through four contracts from 2010 to 2013. These contracts generated revenues of approximately $3.7 million to SAP.
The deep discounts that Garcia used to create the slush fund were falsely recorded as legitimate discounts on the books of SAP Mexico, which were subsequently consolidated into SAP’s financial statements.”
Under the heading “SAP’s Insufficient Internal Controls,” the order states:
“SAP lacked adequate internal controls to ensure that discounts to local partners were not improperly used. SAP’s system required employees to electronically submit requests within SAP to obtain approval of discounts to local partners. SAP employees, however, had wide latitude in seeking and approving discounts to local partners, and employees’ explanations for the discounts were accepted without verification. There were also no requirements for heightened anti-corruption scrutiny for large discounts. Garcia was therefore able to evade the basic approval procedures by taking advantage of his position and his knowledge of how discounts were approved. Furthermore, the nature of Garcia’s reporting structure made it easy for him to implement the bribery scheme. Although Garcia was located in Miami and employed by SAPI, he variously reported to supervisors employed by other regional subsidiaries and used employees from other subsidiaries such as SAP Mexico to execute the sales to the Panamanian government. This indirect reporting structure at SAP created gaps in supervising Garcia that provided him the opportunity to use the large discounts for creating a slush fund for bribes. Because of the deficient controls, Garcia was able to provide the partner with deep enough discounts to enable him to implement the bribery scheme, which continued unabated for over four years.”
Based on the above findings, the order finds that SAP violated the FCPA’s books and records and internal controls provisions.
Without admitting or denying the SEC’s findings, SAP agreed to pay disgorgement of $3.7 million “representing ill-gotten gains received in connection with the bribery scheme” and prejudgment interest of $188,896.
Under the heading “SAP’s Cooperation and Remediation,” the order states:
“When SAP learned of the conduct as a result of the SEC’s inquiry, SAP conducted a thorough internal investigation and extensively cooperated with the SEC’s investigation by, among other things: (i) conducting an internal investigation; (ii) voluntarily producing approximately 500,000 pages of documents and other information quickly, identifying significant documents and translating documents from Spanish; (iii) conducting witness interviews, sharing Power-Point presentations and timelines; (iv) facilitating an interview of Garcia at work at SAPI offices in Miami without alerting him to the investigation into his conduct; and (v) initiating a third party audit of the local partner.
After being alerted to Garcia’s misconduct, SAP terminated Garcia and undertook remediation efforts to uncover any other possible misconduct and to improve its FCPA compliance. Specifically, SAP audited all recent public sector Latin American transactions, regardless of Garcia’s involvement, to analyze partner profit margin data especially in comparison to discounts so that any trends could be spotted and high profit margin transactions could be identified for further investigation and audit. SAP also implemented new policies and procedures to detect and prevent similar issues from recurring in the future. For example, SAP elevated the status of its Chief Compliance Officer (“CCO”) by having that person now report directly to the CFO, who is a member of the Executive Board, and gave the CCO authority to independently terminate employees and partner contracts. SAP conducted, and continues to conduct, regular anti-corruption training, as well as anti-corruption audits through its internal audit function.
In determining to accept the Offer, the Commission considered remedial acts undertaken by Respondent and cooperation afforded the Commission staff.”
In this release, Kara Brockmeyer (Chief of the SEC’s FCPA Unit) stated: “SAP’s internal controls failed to flag Garcia’s misconduct as he easily falsified internal approval forms and disguised his bribes as discounts.”
According to reports, SAP was represented by Patrick Robbins (Shearman & Sterling).