Yesterday’s post (here ) focused on DOJ FCPA individual prosecutions and highlighted the following facts and figures.
- Since 2008, the DOJ has charged 89 individuals with FCPA criminal offenses.
- 53% of the individuals charged by the DOJ with FCPA criminal offenses since 2008 have been in just four cases and 75% of the individuals charged by the DOJ since 2008 have been in just nine cases.
- There have been 60 corporate DOJ FCPA enforcement actions since 2008 and of these actions, 44 (or 73%) have not (at least yet) resulted in any DOJ charges against company employees.
These statistics should cause alarm, including at the DOJ as it has long recognized that a corporate-fine only enforcement program is not effective and does not adequately deter future FCPA violations. For instance, in 1986 John Keeney (Deputy Assistant Attorney General, Criminal Division, DOJ) submitted written responses in the context of Senate hearings concerning a bill to amend the FCPA. He stated as follows:
“If the risk of conduct in violation of the statute becomes merely monetary, the fine will simply become a cost of doing business, payable only upon being caught and in many instances, it will be only a fraction of the profit acquired from the corrupt activity. Absent the threat of incarceration, there may no longer be any compelling need to resist the urge to acquire business in any way possible.”
In 2010 Hank Walther (Deputy Chief Fraud Section) stated that a corporate fine-only FCPA enforcement program allows companies to calculate FCPA settlements as the cost of doing business.
Most recently, in 2013 Daniel Suleiman (DOJ Deputy Chief of Staff, Criminal division) stated that “there is no greater deterrent to corporate crime that the prospect of prison time … if people don’t go to prison, then enforcement can come to be seen as merely the cost of doing business.”
In my 2010 Senate FCPA testimony (here ), I noted that the absence of individual FCPA charges in most corporate FCPA enforcement actions causes one to legitimately wonder whether the conduct giving rise to the corporate enforcement action was engaged in by ghosts. Others have rightly asked the “but nobody was charged” question, including James Stewart in a New York Times column highlighted in this  previous post.
However, as I stated in my Senate testimony, there is an equally plausible reason why no individuals have been charged in connection with many corporate FCPA enforcement actions. The reason has to do with the quality and legitimacy of the corporate enforcement action in the first place.
Readers know well of the prevalence of non-prosecution and deferred prosecution agreements (NPA / DPA) in the FCPA context and how these agreements, not subject to any meaningful judicial scrutiny, are often agreed to by companies for reasons of ease and efficiency, and not necessarily because the conduct at issue violates the FCPA. For more on this dynamic, see my article “The Facade of FCPA Enforcement .” As highlighted in this  recent post, since 2010, 93% of corporate DOJ enforcement actions have been resolved via NPAs or DPAs.
Individuals, on the other hand, face a deprivation of personal liberty, and are more likely to force the DOJ to satisfy its high burden of proof as to all FCPA elements. In other words, perhaps the more appropriate question is not “but nobody was charged,” but rather do NPA and DPAs always represent provable FCPA violations?
I set out to test this with the following working hypothesis.
Instances in which the DOJ brings actual criminal charges against a company or otherwise insists in the resolution that the corporate entity pleads guilty to FCPA violations, represent a higher quality FCPA enforcement action (in the eyes of the DOJ) and is thus more likely to result in related FCPA criminal charges against company employees.
Instances in which the DOJ resolves an FCPA enforcement action solely with an NPA or DPA, represent a lower quality FCPA enforcement action and is thus less likely to result in related FCPA criminal charges against company employees given that an individual is more likely to put the DOJ to its high burden of proof.
The below statistics provide a compelling datapoint concerning the quality and legitimacy of many corporate DOJ FCPA enforcement actions.
Since NPAs and DPAs were first introduced to the FCPA context in December 2004 (see here ), there have been 76 corporate DOJ FCPA enforcement actions.
12 of these corporate enforcement actions were the result of a criminal indictment or resulted in a guilty plea by the corporate entity to FCPA violations. 10 of these corporate enforcement actions – 83% – resulted in related criminal charges of company employees.
51 of these corporate enforcement actions were resolved solely with an NPA or DPA. In only 5 instances – 9.8% – was there related criminal charges of company employees.
A third type of corporate FCPA enforcement action is what I will call a hybrid action in which the resolution includes a guilty plea by some entity in the corporate family – usually a foreign subsidiary – and an NPA or DPA against the parent company. Since the introduction of NPAs and DPAs in the FCPA context, there have been 13 such corporate enforcement actions. In 4 of these actions – 31% – there was related criminal charges of company employees. This percentage is what one might expect compared to the two types of corporate FCPA enforcement actions discussed above, although it is interesting to note the following regarding 3 of these 4 instances. The DOJ ended up dismissing the charges  against Si Chan Wooh (Schnitzer Steel), John O’Shea (ABB) was not found not guilty , and Bobby Elkin (Alliance One) received a probation sentence after the sentencing judge questioned many aspects of the enforcement action (see here  for the prior post).
If the above statistics do not cause you to question the quality and legitimacy of many corporate FCPA enforcement actions, no empirical data ever will. For those who believe NPAs and DPAs always represent provable FCPA violations, the ball is now in your court to offer credible explanations for following datapoints.
If a corporate DOJ FCPA enforcement action is the result of a criminal indictment or resulted in a guilty plea by the corporate entity to FCPA violations, there is a 83% chance that related criminal charges will be brought against a company employee. If a corporate DOJ FCPA enforcement action is resolved solely with an NPA or DPA, there is a 9.8% chance that criminal charges will be brought against a company employee.
At a conference last May (and as highlighted in this  post), I presented the above numbers and put the ball in the court of Denis McInerney (DOJ, Deputy Assistant Attorney General) and asked him to explain the gap. He described two enforcement actions resolved via an NPA or DPA in which there were indeed related individual prosecutions, but otherwise said that he did not know where these numbers are coming from. As I explained, it was really quite easy calculating the numbers. One simply takes all DOJ corporate enforcement actions since 2004, tracks how those enforcement actions were resolved, and then looks to see if there have been related individual actions against company employees.
[Note – the above data was assembled using the “core” approach as well as the definition of an FCPA enforcement action described in this  prior post]