Yesterday’s post  highlighted comments made by Deputy Attorney General Sally Yates at a recent Foreign Corrupt Practices Act event and this post provides equal time to comments made by SEC Director of Enforcement Andrew Ceresney at the same event.
Similar to the DOJ speech, much of Ceresney’s speech represents the same old, same old something even he acknowledged during his speech.
When reading Ceresney’s comments about the importance of individual FCPA prosecutions keep in mind the following facts. In 2016 there have been 21 SEC corporate FCPA enforcement actions and 15 actions (72%) have not resulted (at least yet) in any related FCPA charges against company employees. This figure is generally consistent with the overall figure since 2008 in which approximately 80% of SEC corporate FCPA enforcement actions have not resulted in any related FCPA charges against company employees.
Ceresney began his speech  as follows.
“Investigating and bringing enforcement actions for FCPA violations has been an important priority for us at the SEC and we have taken a lead role in fighting corruption worldwide. During this time, we have seen tremendous improvement in FCPA awareness and compliance both in the United States and abroad, and there is no question that we have made great progress in our attempts to curb corruption under the FCPA and its foreign counterparts.”
Ceresney then focused on the following topics: voluntary disclosure and cooperation; the Och-Ziff enforcement action and the importance of individual accountability; the JP Morgan enforcement action and the hiring of family members of alleged foreign officials; and international cooperation and global settlements.
On voluntary disclosure and cooperation, Ceresney stated:
“I want to start by briefly discussing our efforts to incentivize companies to self-report misconduct and cooperate with our investigations. Self-reporting and cooperation are very important and helpful to us, particularly in FCPA cases, given the challenges we face in identifying and investigating FCPA violations. We use a carrot and stick approach to encouraging cooperation. We reward cooperation in multiple ways. Parties that self-report and cooperate can benefit from reduced charges, including deferred prosecution or non-prosecution agreements (DPAs or NPAs), and in certain instances when the violations are minimal, no charges. We also reward cooperation with significantly reduced penalties, and in some cases, no penalties. At the same time, companies who discovered misconduct but made the decision not to report it to us and did not provide meaningful cooperation, have not received any reduction in penalties or other benefits when we learned of the conduct from other sources, including whistleblowers, and in some cases, have paid significantly higher penalties as a result. As I have said before, companies are gambling if they fail to self-report FCPA misconduct to us.
I have been stressing the benefits of companies self-reporting and cooperating for the past few years – and those benefits are real. While it is not always possible to identify circumstances where we declined to bring a case, we were able to do so earlier this year when we declined to bring an action against Harris Corporation given their self-policing, self-reporting and substantial cooperation. In that case, the Chairman and CEO of a Chinese subsidiary acquired by Harris facilitated a bribe scheme where illegal payments were made in the form of gifts to officials of state-owned hospitals in China. Although it was only able to perform limited pre-acquisition due diligence on the subsidiary, Harris took immediate and significant steps after the acquisition to train staff in China and integrate the subsidiary into Harris’s system of internal accounting controls. As a result of these measures, including the implementation of an anonymous complaint hotline, Harris discovered and reported the misconduct within five months of the acquisition. The SEC determined not to bring charges against Harris, taking into consideration the company’s efforts at self-policing that led to the discovery of the misconduct, prompt self-reporting, thorough remediation, and exemplary cooperation with the SEC’s investigation.
[Note Ceresney’s comments about the Harris Corp. matter suggest that the lack of SEC charges were hardly as dramatic as Harris Corp.’s counsel has made it out to be – see here  for the prior post]
In my speech at this conference last November, I announced that in FCPA cases, a company must self-report to be eligible for an NPA or DPA. In June of this year, we announced two NPAs with companies that self-reported violations and provided full cooperation. In the first case, Akamai Technologies, a Massachusetts-based internet services provider, agreed to disgorge more than $650,000 in profits connected to bribes paid to officials of Chinese state-owned entities by a foreign subsidiary. In the second case, Nortek, a Rhode Island-based residential and commercial building products manufacturer, agreed to disgorge nearly $300,000 in profits connected to bribes paid to Chinese officials by a foreign subsidiary. In both cases, the companies promptly self-reported the misconduct, took remedial measures, including improving their internal controls, and cooperated extensively with the SEC’s investigation, thereby justifying NPAs.
The Commission also gave significant credit for cooperation in connection with penalties imposed in more than a half a dozen other recent FCPA cases. These include our settlements with AstraZeneca and Nordion, where the Commission reduced penalty amounts in recognition of their cooperation, and our settlement with SAP, where the Commission agreed not to impose any penalty in recognition of its significant cooperation.
My sense from discussions with defense counsel is that our actions have sent a clear message to the defense bar and the C-Suite that there are significant benefits to self-reporting and cooperation with the SEC. I expect that the Division of Enforcement will continue in the future to reinforce this message and reward companies that self-report and cooperate.”
On the Och-Ziff enforcement action and the importance of individual accountability, Ceresney stated in pertinent part:
“This case was one of our most significant FCPA actions in years. To begin with, it was the first FCPA action against a hedge fund and one of the first against a financial services firm. The case served notice to financial services companies that, like other U.S. companies, they face unique corruption risks when operating in some international markets. Beyond that, in most instances, Och-Ziff used funds provided by the investors in its managed funds to pay bribes. The Investment Advisers Act violations charged here serve to provide notice that investment advisers have a special duty to ensure that they do not engage in misconduct using funds entrusted to them by investors.
This case also emphasized the important obligations of senior executives. Here, the SEC’s Order found that Mr. Och knew of the significant corruption risks when doing business in the Congo, was aware of corruption accusations against Och-Ziff’s business partner in the Congo, and received due diligence on the business partner that identified substantial corruption risks. Nevertheless, Mr. Och made the decision to approve transactions with the business partner in the Congo despite being aware of the significant risks of corruption and despite the fact that Och-Ziff’s senior compliance and legal personnel were recommending against proceeding with the transactions. This case sends the message loud and clear that CEOs will be held responsible if they do business with persons with close ties to government officials when due diligence raises significant red flags, particularly when control functions are raising serious questions about such transactions. It is only by holding such senior decision makers responsible that we will deter such conduct.
Similarly, Mr. Frank was responsible for ensuring that all transactions were recorded accurately and was likewise responsible for devising and maintaining Och-Ziff’s internal accounting controls. Yet, the Order found that he approved Och-Ziff’s payments in the transactions in the Congo in which he believed there was a high risk of corruption. He deferred to Mr. Och as the final decision maker and executed those transactions per Mr. Och’s approval. CFOs who are responsible for the organization’s internal controls cannot escape responsibility for executing such transactions in these circumstances, even when they are not the ultimate decision maker.
Och-Ziff is not the only case that demonstrates the Enforcement Division’s renewed emphasis on individual liability in FCPA cases. Seven enforcement actions in the past year involved individuals. For example, in the Harris Corporation case I mentioned earlier, the Commission charged the former CEO and Chairman of Harris’s subsidiary in China for violating the FCPA by facilitating a bribery scheme that provided illegal gifts to officials at state-owned hospitals in order to obtain and retain business for the company. The Commission also recently brought FCPA actions against the CEO of LAN Airlines, the former CFO of a Danish subsidiary of Analogic Corporation, a Massachusetts-based medical device manufacturer, a former vice-president of SAP SE, a worldwide software company, and a former engineer for Nordion Inc., a Canadian health science company, for violations of the FCPA. Although cases against individuals have challenges, including jurisdictional and statute of limitations issues, pursuing individual accountability is a critical part of deterrence and, as these cases show, the Division of Enforcement will continue to do everything we can to hold individuals accountable.”
On the JP Morgan enforcement action and the hiring of family members of alleged foreign officials, Ceresney stated in pertinent part:
“Another significant recent case was our action against JPMorgan relating to their hiring practices in Asia.
In the wake of some of the Commission’s prior hiring practices cases, including our cases against Bank of New York Mellon and Qualcomm, some questioned whether providing internships could amount to an FCPA violation. But the JPMorgan case should put that debate to rest. The statute precludes the payment or provision of “anything of value” to a foreign official in order to induce that official to take official action or obtain an improper advantage for the purpose of obtaining or retaining business. As I stressed in my speech here last year, “anything of value” is a broad term and is not limited to cash or tangible gifts but includes less traditional items of value that have been given in order to influence foreign officials. There is no question that JPMorgan itself recognized that employment given at the request of a foreign official can be a thing of value under the FCPA, providing tangible or intangible benefits to a foreign official. When these benefits are given to influence a foreign official in the performance of their official duties to assist an issuer in obtaining or retaining business, the FCPA is violated.
This case also makes clear that employment of a child, friend or relative can influence a foreign official in his or her official actions. JPMorgan actually tracked the benefits it received under the “Sons and Daughters” program through a spreadsheet that kept track of the revenues related to each hiring, which demonstrated JPMorgan’s view that the foreign officials were indeed influenced to take action. JPMorgan personnel also spoke openly about the tangible benefits they were getting from this hiring, noting in an email to the CEO of JPMorgan APAC that the program “has an almost linear relationship with mandates in China.” In one instance, a senior JPMorgan APAC banker wrote in response to a request to hire the son of an official of a state-owned entity that “[the public official’s state-owned entity] is an important client. We need to help his son that definitely [sic] will give us leverage of business opportunities for both fig [JPMorgan’s Financial Institutions Group] and non fig for jpm.” A few weeks after the son was hired, JPMorgan APAC announced that it had won a mandate to work on deal for a subsidiary of the official’s state-owned entity.
Some have asked whether these hiring practices cases tread too far into hiring decisions made by institutions, which are complex and typically based on many factors. I think the facts of this case also put to rest any such claim. After all, it is clear from the order that the relatives hired under this program were not hired under the normal hiring process, and in many cases, did not meet the minimum qualifications for their positions. It also is clear that the hires were made for the specific purpose of influencing the public officials in their official duties. So while each of these cases will turn on their particular facts and circumstances, the JPMorgan matter involved clear violations of the FCPA.
Finally, I should note that this case is also important because it demonstrates that having an anti-corruption policy that addresses potential violations of the FCPA is not enough, without rigorous compliance review and testing. JPMorgan recognized the FCPA issues surrounding hiring and set up a specific program to review official hires. That program, however, was ineffective because the investment bankers took actions to evade it and the compliance personnel did not sufficiently understand the program to review it adequately. It is not enough for a company to set up rules and controls, and to train its employees, if those controls are not enforced.
The JPMorgan case was the first case to be brought resulting from the Enforcement Division’s Asia Referral Hiring Sweep, which began in 2013 with our investigation of JPMorgan. As part of this sweep, Enforcement began looking at hiring practices in the Asia-Pacific region for investment banks based on what we perceived, in part through our investigation of JPMorgan, could be an industry-wide problem. Enforcement’s work on the sweep is ongoing.”
On international cooperation and global settlements, Cereseny stated:
“Finally, I want to talk about the strides Enforcement has made over the last few years in international cooperation. Collaboration with international regulators and law enforcement is critical to our success in the FCPA space. As global markets become more interconnected and complex, no one country or agency can effectively fight bribery and corruption alone. In this globalized marketplace, the SEC’s ability to protect investors and maintain fair and efficient markets is often dependent on Enforcement’s ability to investigate misconduct that takes place, at least in part, abroad. Coordination allows the SEC to maximize its ability to investigate wrongdoing while working within the parameters of many different legal systems.
For many years, the SEC has cooperated extensively with our international partners and these relationships and cooperative arrangements have given us the ability to leverage the information and resources of our counterparts to strengthen our own enforcement efforts. In fact, in this past fiscal year alone, the Commission has publicly acknowledged assistance from more than two dozen different jurisdictions in the FCPA cases we brought.
Two recent cases, though, demonstrate another trend in our international cooperation that I am sure will become more pronounced in the coming years. We are starting to see that as our foreign partners adopt anti-bribery laws that prohibit corruption, those countries join together with us in bringing actions against wrongdoers simultaneously with our actions. In our recent cases against VimpelCom and Embraer, we cooperated successfully with international colleagues and reached global settlements that included charges brought by the SEC and DOJ in the United States and by authorities in the Netherlands and Brazil.
In February of this year, we reached a global settlement, along with the U.S. Department of Justice and the Prosecution Authority of the Netherlands, which required telecommunications provider VimpelCom to pay more than $795 million to address its violations of the FCPA. The Complaint alleged that the company paid at least $114 million in bribes to an Uzbek government official linked to the President of Uzbekistan as the company entered the Uzbek telecommunications market and sought government-issued licenses, frequencies, channels, and number blocks. This case involved extraordinary international assistance. The Division of Enforcement, with the help of the Commission’s Office of International Affairs, worked seamlessly with the Dutch authorities and received international assistance in the course of the investigation from no fewer than 14 jurisdictions – the most ever provided in a single FCPA investigation. The global settlement – one of the largest in the history of the FCPA – required VimpelCom to pay $397.5 million to U.S. authorities (split between the DOJ and SEC), and $397.5 million to the Prosecution Authority of the Netherlands.
Last month, we worked closely with the DOJ and Brazilian authorities to bring charges against the Brazilian aircraft manufacturer Embraer. Our global settlement required the company to pay more than $205 million to resolve allegations that it violated the FCPA by paying bribes to win business in the Dominican Republic, Saudi Arabia and Mozambique. The settlement requires Embraer to pay DOJ a $107 million penalty as part of a DPA, and to pay more than $98 million in disgorgement to the SEC. $18.5 million of that disgorgement amount was paid to Brazilian authorities in the parallel civil and criminal proceeding in Brazil, with us crediting those payments against the disgorgement owed to the Commission.
These global settlements are critical and welcome FCPA developments. They demonstrate that the Division of Enforcement is now not only receiving assistance from foreign authorities but bringing simultaneous actions and sharing disgorgement and penalties with them appropriately. These sorts of global resolutions send strong messages of deterrence to companies and individuals, as they know they will face sanctions from the U.S., as well as other places they do significant business. Global settlements also allow us to resolve cases efficiently and provide closure to companies and individuals on all exposure they face.
Enforcement will continue to work closely with foreign law enforcement and regulators to bring anti-bribery actions. I fully expect that you will see more global settlements involving foreign authorities in the coming years.”
Ceresney concluded his speech as follows.
“We have made tremendous progress over the past 10 years in deterring FCPA misconduct and incentivizing companies across the world to improve their compliance programs. I am confident that in the coming years, we will continue to treat FCPA violations as a priority and see significant FCPA actions against entities and individuals involving the SEC, our criminal partners, and foreign authorities.”