- FCPA Professor - http://fcpaprofessor.com -

United Airlines Resolves Books And Records And Internal Controls Action Based On Domestic Bribery And The SEC’s Inconsistencies Are Once Again Highlighted

If the above headline is confusing, you’ve forgotten (as it seems some commentators [1] have) that the Foreign Corrupt Practices Act is a law much broader than its name suggests.

Because of the FCPA’s generic books and records and internal controls provisions, most FCPA enforcement actions (as a technical matter) do not involve any allegations or findings regarding foreign bribery. (This dynamic – termed non-FCPA FCPA enforcement actions for lack of a better term – has been highlighted in prior posts here [2], here [3] and here [4]).

Case in point is last week’s SEC enforcement action [5] against United Continental Holdings Inc., the parent company of United Airlines Inc.

In summary, the SEC’s administrative order states:

“This matter concerns violations of the books and records and internal accounting controls provisions of the Securities Exchange Act of 1934 (“Exchange Act”) by United, one of the world’s largest airlines.

In 2011, United decided to institute a flight route from Newark, New Jersey, to Columbia, South Carolina (the “South Carolina Route”) that was projected to lose money. United instituted the South Carolina Route following pressure from David Samson (“Samson”), then the Chairman of the Board of Commissioners of the Port Authority of New York and New Jersey (“Port Authority”). The route provided Samson—who exercised authority and influence as a Port Authority official in matters affecting United’s business interests—with a more direct route to his house in South Carolina. United’s then chief executive officer (“CEO”) approved the South Carolina Route (“the Transaction”) outside of United’s normal processes, and United then scheduled the flight based on Samson’s preference as conveyed to United by one of its consultants, and United initiated the route despite its poor financial projections. Moreover, the South Carolina Route’s approval violated applicable United compliance and ethics policies (“United’s Policies”).

United violated Section 13(b)(2)(B) of the Exchange Act because, despite the significant potential corruption risks surrounding its dealings with public officials, United failed to design and maintain a system of internal accounting controls that was sufficient to prevent its officers from approving the use of United’s assets in connection with the South Carolina Route in violation of United’s Policies, which prohibited the use of assets for corrupt purposes. The ethics code in effect in 2011 provided that employees wishing to act in ways prohibited by the ethics code could request approval for an exception. In this instance, no exception was requested or granted. Indeed, the CEO was able to approve the South Carolina Route outside United’s normal process because United lacked adequate controls to reasonably ensure that prior to authorization of the Transaction an exception was obtained from the Director of Ethics and Compliance or United’s Board of Directors as required by United’s Policies. The failure to seek such prior authorization of the Transaction—which required a written submission and any approval to be in writing—also caused United to violate Section 13(b)(2)(A) of the Exchange Act because its books and records did not, in reasonable detail, accurately or fairly reflect the South Carolina Route Transaction.”

As further elaborated in the SEC’s order, the “South Carolina Route” (the thing of value corruptly offered to the bona fide public official with significant discretionary authority over United’s business) was “unilaterally approved” by CEO “outside of United’s normal processes. In addition, the order finds that various United corporate departments such as the Government Affairs Group and the Network Planning Group were involved in certain aspects of the planning and execution of the “South Carolina Route.”

According to the SEC’s order, the discretion of the Port Authority official that United sought to influence was in connection with a wide-body aircraft maintenance hangar at the Newark airport and “based on preliminary assessments and using information available at the time, United estimated that the Hangar would result in efficient routings that would drive $47.5 million in value to the United network on an annual basis post-construction.”

According to the SEC, “the Port Authority’s Board approved the lease agreement relating to United’s Hangar the same day as the CEO approved the initiation of the South Carolina Route.”

The above conduct does not merely “sound suspiciously like a books and records violation of the FCPA” (as one commentator put it [1]), but point in fact it was a violation of FCPA’s books and records and internal controls provisions. Moreover, the United matter was most certainly not (as the same commentator inferred) the first time the SEC has used the FCPA’s books and records and internal controls provisions in a domestic bribery and corruption matter. (See e.g., here [6]).

But what the United matter once again highlights is the SEC’s inconsistent enforcement approach to violations of the same statutory provisions (that is the FCPA’s books and records and internal controls provisions).

Compare the above findings in the United matter

with a fairly typical FCPA enforcement action in which alleged improper conduct is engaged in

Consider also that many alleged FCPA violations are voluntarily disclosed by the company and compare that to there being no reference of voluntary disclosure in the United matter.

Against this backdrop, all reasonable minds would have to agree that the United conduct was significantly more egregious than the fairly typical FCPA enforcement sketched above.

Yet, the SEC’s order merely requires United to pay a $2.25 million civil penalty.

Compare that to a fairly typical FCPA enforcement sketched above such as Novartis ($25 million SEC settlement), Johnson Controls ($14.4 million settlement) SciClone ($12.8 million SEC settlement) and a reasonable conclusion is that things are seriously out of whack given that all these more traditional FCPA enforcement actions involved the exact same legal violations as found in the United enforcement action.

As highlighted in the previous posts on this subject, a basic rule of law principle is consistency. In other words, the same legal violation ought to be sanctioned in the same way. When the same legal violation is sanctioned in materially different ways, trust and confidence in law enforcement agencies is diminished.

However, there sure does seem to be a lack of consistency between how the SEC resolves FCPA books and records and internal controls violations.