Top Menu

Oracle Becomes The 20th Corporate FCPA Repeat Offender


As highlighted in this prior post, in 2012 Oracle resolved a $2 million SEC Foreign Corrupt Practices Act enforcement action finding that “Oracle violated the books and records and internal accounting controls provisions of the FCPA by failing to prevent Oracle India Private Limited from keeping unauthorized side funds at distributors from 2005 to 2007.”

As a condition of settlement, Oracle consented to the entry of a final judgment, among other things, “permanently enjoining it from future violations” of the books and records and internal controls provisions and in resolving the matter the SEC noted the “significant enhancements” Oracle made to its FCPA compliance program.

Yesterday, the SEC announced a $22.9 million FCPA enforcement action against Oracle “to resolve charges that it violated provisions of the FCPA when subsidiaries in Turkey, the United Arab Emirates, and India created and used slush funds to bribe foreign officials in return for business between 2016 and 2019.”

In resolving a second FCPA enforcement action, Oracle becomes the 20th corporate FCPA repeat offender (see here for the list).

Continue Reading

Six Years After Juniper Networks Disclosed FCPA Scrutiny, It Resolves A $11.7 Million Joke Of An Enforcement Action Based On Russia And China Subsidiary Conduct


As highlighted in this previous post, in mid-2013 Juniper Networks disclosed that it was under FCPA scrutiny. Over six years later, the SEC announced yesterday that the company agreed to pay approximately $11.7 million to resolve the scrutiny.

As highlighted below, the enforcement action was based on the conduct of Russia and China subsidiary employees. In Russia, certain sales employees of the Russian representative office of Juniper’s subsidiary secretly agreed with third party channel partners to provide discounts to customers that were parked in off-book funds some of which were used to pay for customer trips, including trips for government officials, some of which were predominately leisure in nature. In China, certain sales employees of Juniper’s Chinese subsidiaries falsified trip and meeting agendas for customer events in seeking approval from Juniper’s Legal Department.

Based on the conduct alleged in the enforcement action (which is beyond any conceivable statute of limitations) as well as actual FCPA legal authority, the enforcement action is a $11.7 million joke.

Continue Reading

Issues To Consider From The SAP Enforcement Action


Coming in at a “mere” $3.9 million settlement, this week’s SAP enforcement action will not make anyone’s list of “significant” enforcement actions.

Yet, as highlighted in this post, the enforcement action raises several significant (and alarming) issues.

Sole Actor

In the minds of some, rogue employees are figments of the corporate apologists imagination and no enforcement action has ever been based on the conduct of just one individual.

This has always been an off-target observation and the SAP action is yet another example of a company being the victim of a rogue employee (technically the individual was not even an employee of SAP, but rather a subsidiary company).

As stated by the SEC, SAP has 272 subsidiaries, its business is conducted through a network of more than 11,500 partners that provide an additional workforce of 280,000 individuals. The SAP enforcement action was based on the conduct of Vicente Garcia and set forth below in pertinent part is what the SEC found.

  • Garcia “created a slush fund” that was used to pay the bribes and kickbacks
  • Garcia “concealed his scheme from others at SAP”
  • Garcia “circumvented SAP’s internal controls”
  • Garcia “justified the excessive discounting by falsifying SAP’s internal approval forms”
  • Garcia “self-profited through kickbacks”
  • Garcia used his “personal e-mail” in connection with the scheme
  • All of Garcia’s accomplices were “others outside of SAP” (a term used by the SEC multiple times)

Ineffective Internal Controls?

Notwithstanding the above, in the perfect hindsight driven, would have, could have, should have world in which the SEC’s resides, the SEC states that SAP’s “deficient internal controls” “allowed” Garcia to engage in the improper conduct.

When analyzing whether SAP had “reasonable” internal controls (the statutory standard after all) consider the following SEC statements.

  • “In June 2009, SAP conducted an internal investigation and found that Garcia violated its internal Code of Business Conduct when he invited an executive of Petroleos Mexicanos (“PEMEX”), the Mexican national oil company, to an SAP marketing event at the Monaco Grand Prix. SAP did not find any attempt to improperly influence any government official in connection with the 2008 PEMEX sale. As a result of the internal investigation, SAP revised its policies prohibiting government officials or employees from attending any “hospitality” event, which it defined as any event where business constitutes less than 80% of the event.”
  • “One of the four contracts was a software license sale to the Panamanian social security agency, which was initially proposed to be a direct sale with the assistance of local partners. In order to facilitate the bribery scheme, the existing partners were replaced with a new local Panamanian partner. This last-minute change, and other red flags, triggered an SAP compliance review which resulted in SAP rejecting Garcia’s request to pay a commission to the local partner. Therefore, Garcia and others began looking for other ways to advance the bribery scheme. Finally, in the fall of 2010, Garcia finalized an indirect sale of the software license to the agency through the local partner, who, with Garcia’s assistance, ultimately sought and obtained an 82% discount on SAP’s sale price to the local partner. Garcia caused various approval forms to be submitted that misstated the reasons for the large discount. Garcia stated that the discounts were necessary to compete with other software companies in establishing a relationship with the government of Panama when, in fact, the discounts were necessary to fund and pay bribes to government officials. Garcia and others planned to sell SAP software to the local partner at an 82% discount, who in turn would sell the software at significantly higher prices to the Panamanian government and use part of the profits from the sale to pay bribes.
  • The underlying activity which SAP was faulted for in the enforcement action – large customer discounts – was something “SAP routinely” provided to “local partners for legitimate reasons.”

Based on the above SEC findings, the SAP enforcement joins prior FCPA enforcement actions against Oracle and H-P (also technology companies) as being truly alarming. (See this prior post highlighting how the former Assistant Chief of the DOJ’s FCPA Unit blasted various aspect of SEC FCPA enforcement including in the Oracle action – observations which equally apply to the SAP action).

What makes the enforcement actions alarming is not only the key statutory language of “reasonable,” but also prior SEC enforcement agency guidance. As highlighted numerous times on these pages, the most extensive SEC FCPA guidance states as follows.

“The test of a company’s internal control system is not whether occasional failings can occur. Those will happen in the most ideally managed company. But, an adequate system of internal controls means that, when such breaches do arise, they will be isolated rather than systemic, and they will be subject to a reasonable likelihood of being uncovered in a timely manner and then remedied promptly. Barring, of course, the participation or complicity of senior company officials in the deed, when discovery and correction expeditiously follow, no failing in the company’s internal accounting system would have existed. To the contrary, routine discovery and correction would evidence its effectiveness.”

No-Charged Bribery Disgorgment

The SAP enforcement action is the latest example of the SEC ordering disgorgement even though the offending company was not charged with violating the FCPA’s anti-bribery provisions.

As highlighted in this previous post, so-called no-charged bribery disgorgement is troubling.

Among others, Paul Berger (here) (a former Associate Director of the SEC Division of Enforcement) has stated that “settlements invoking disgorgement but charging no primary anti-bribery violations push the law’s boundaries, as disgorgement is predicated on the common-sense notion that an actual, jurisdictionally-cognizable bribe was paid to procure the revenue identified by the SEC in its complaint.” Berger noted that such “no-charged bribery disgorgement settlements appear designed to inflict punishment rather than achieve the goals of equity.”

Powered by WordPress. Designed by WooThemes