Top Menu

Navigation

Reasonable

By on March 14, 2012 in Books and Records, Enforcement Agency Policy, Enforcement Agency Speeches, Internal Controls, SEC

I recently discovered the awesomeness of word clouds.  A word cloud is a graphical representation of word frequency in a source text.  Word clouds can be a fun and informative learning device.  The word cloud for the FCPA’s anti-bribery provisions is here and the word cloud for the FCPA’s books and records and internal control provisions is here.  (Both word clouds – as well as future FCPA-related word clouds I create – can be found on the Resources tab of this website).

A quick glance at the FCPA books and records and internal controls word cloud demonstrates that the term “reasonable” is the most prominent term in these provisions.  Yet, reviewing SEC FCPA enforcement actions you would hardly know as the agency seems to have, in many cases, converted the books and records and internal control provisions into strict liability provisions.  See here for a prior post and for an extended discussion see here – “The Facade of FCPA Enforcement” (pages 976-981).  Common verbiage in SEC FCPA enforcement actions includes generic statements that the parent company issuer failed to implement effective internal controls or that problematic payments in distant subsidiary books and records were consolidated with the issuer’s for purposes of financial reporting and that therefore the parent company issuer is liability.

The dominance of “reasonable’ in the FCPA books and records and internal control provisions, as demonstrated by the word cloud, is a good opportunity to revisit this prior post which details comments by Harold Williams (Chairman of the SEC) in 1981 as to the then infant FCPA.  Terming his statements as official Commission policy, Williams stated as follows.

“The Act does not mandate any particular kind of internal controls system. The test is whether a system, taken as a whole, reasonably meets the statute’s  specified objectives. ‘Reasonableness,’ a familiar legal concept, depends on an  evaluation of all the facts and circumstances.”  […] “Private sector decisions implementing these statutory objectives are business decisions. And,  reasonable business decisions should be afforded deference. This means that the  issuer need not always select the best or the most effective control measure.  However, the one selected must be reasonable under all the circumstances.”

As to the “degree of exactitude” Williams stated as follows. “I turn first to the question of whether the Act’s text or purpose mandates that business records and controls conform to a standard of absolute exactitude or that a company’s control system meet some absolute ideal. The answer is ‘no.’ Both of the Act’s accounting provisions, it should be noted are modified by the key term ‘reasonable.’ […] In essence, therefore, the Act does provide a de minimus exemption, though not in absolute quantitative terms.”  Williams further stated as follows. “Reasonableness, as a standard, allows flexibility in responding to particular facts and circumstances. Inherent in this concept is a toleration of deviations from the absolute. One measure of the reasonableness of a system relates to whether the expected benefits from improving it would be significantly greater than the anticipated costs of doing so. Thousands of dollars ordinarily should not be spent conserving hundreds. Further, not every procedure which may be individually cost-justifiable need be implemented; the Act allows a range of reasonable judgments.”

In a sign of just how much FCPA enforcement has changed, Williams stated as follows in his speech. “If a violation was committed by a low level employee, without the knowledge of top management, with an adequate system of internal control, and with appropriate corrective action taken by the issuer, we do not believe that any action against the company would be called for.”

In another sign of just how much FCPA enforcement has changed, William stated as follows. “… [D]epending on the
circumstances, intentional circumventions of a company’s system of records and of accounting controls by a low-level employee would not always be considered violations of the Act by the issuer. No system of adequate records and controls – no matter how effectively devised or conscientiously applied – could be expected to prevent all mistaken and improper transactions and disposition of assets. Given human nature, regardless of the adequacy of the system, a bookkeeper may still erroneously post entries, an overzealous agent may make unauthorized payments, or an unscrupulous employee may falsify records for his own purposes. The Act recognizes each of these limitations. Neither its text and legislative history nor its purposes suggest that occasional, inadvertent errors were the kind of problem that Congress sought to remedy in passing the Act. No rational federal interest in punishing insignificant mistakes has been articulated. And, the Act’s accounting provisions do not require a company or its senior officials to be the guarantors of all conduct of company employees.”

In concluding this portion of his speech, Williams stated as follows. “The test of a company’s internal control system is not whether occasional failings can occur. Those will happen in the most ideally managed company. But, an adequate system of internal controls means that, when such breaches do arise, they will be isolated rather than systemic, and they will be subject to a reasonable likelihood of being uncovered in a timely manner and then remedied promptly. Barring, of course, the participation or complicity of senior company officials in the deed, when discovery and correction expeditiously follow, no failing in the company’s internal accounting system would have existed. To the contrary, routine discovery and correction would evidence its effectiveness.”

As to the SEC’s enforcement policy, Williams concluded his remarks as follows. “The genius – and challenge – of [the FCPA’s accounting provisions] , it should be remembered, is their reliance on private sector decisionmaking – rather than specific federal edicts – to address an area of public concern. The Act’s eventual success or failure will, therefore, depend primarily upon business’s response. The Commission’s obligation, in turn, is to provide a regulatory environment in which the private sector can address these issues meaningfully and creatively. In this regard, we must encourage public companies to develop innovative records and control systems, to modify and improve them as circumstances change, and to correct recordkeeping errors when they occur without a chilling fear of penalty or inference that a violation of the Act is involved.”

The above comments by Williams are even more significant when one considers that the FCPA Williams was speaking about in 1981 did not contain the good faith compliance provisions added to the FCPA’s books and records and internal control provisions in 1988.

Those provisions currently state as follows.

“Where an issuer […] holds 50 per centum or less of the voting power with respect to a domestic or foreign firm, the [FCPA’s books and records and internal control provisions] require only that the issuer proceed in good faith to use its influence, to the extent reasonable under the issuer’s circumstances, to cause such domestic or foreign firm to devise and maintain a system of internal accounting controls consistent with [the provisions]. Such circumstances include the relative degree of the issuer’s ownership of the domestic or foreign firm and the laws and practices governing the business operations of the country in which such firm is located. An issuer which demonstrates good faith efforts to use such influence shall be conclusively presumed to have complied with the requirements of [the provisions].

In short, the FCPA’s books and records and internal control provisions focus on reasonable.  Are the SEC’s enforcement theories as to these provisions reasonable?

SEC Chairman Schapiro’s FCPA Responses

By on October 7, 2011 in Books and Records, Compliance Defense, Congressional Activity, Enforcement Agency Policy, FCPA Reform, Foreign Official, Internal Controls, Multimedia, SEC

As noted in this prior post, on June 30th, Senator Mike Crapo (R-ID) sent SEC Chairman Mary Schapiro a letter requesting answers to a number of FCPA related questions.  In this September 23rd letter, SEC Chairman Schapiro responds.

Chairman Schapiro begins as follows.  “Contuined strong enforcement of the FCPA sends the message that American companies operating abroad will not pay bribes as a ‘cost of doing business.’  The deterrence message of the Commission’s FCPA enforcement program incentivizes companies to self-assess and update their compliance and internal controls – all of which benefits companies’ operations overall and provides greater transparency to investors.  While I certainly appreciate and share your concerns about the costs of FCPA compliance in certain circumstances, I believe that the risks to investors and costs to companies posed by outdated or weak FCPA compliance measures are equally significant.”

Compliance Defense?

As to a potential FCPA compliance defense, Chairman Schapiro began by stating a common enforcement agency response … we already consider compliance.   She stated as follows.  “The Commission, in deciding whether to approve the filing of an FCPA enforcement action against a public company, already considers as one mitigating factor whether the company’s compliance program was reasonably designed and operated in a manner to detect and prevent FCPA violations.”  “Similarly,” Chairman Schapiro stated, “companies facing FCPA inquiries can obtain credit for cooperation under the Commission’s new Cooperative Initiative, in which cooperation is defined to include, among other factors, having reasonable internal controls and compliance measures.”    Given the above, Chairman Schapiro states that “it seems unnecessary – and even counterproductive – to recognize a formal affirmative defense for having such a program, given that there are at least three significant costs associated with such a defense.”

Chairman Schapiro then identifies the following three issues.

“First, the reasonableness of a compliance program is best measured not by how it exists on paper, but by how it operates in practice.  Consequently, the ease with which an employee was able to circumvent anti-corruption controls is some evidence – not sufficient evidence, but some evidence – that internal controls were insufficient.  The Commission would not want to be foreclosed from bringing FCPA charges under those circumstances, since holding companies accountable for weak internal controls incentivizes companies to create a robust FCPA compliance environment.”

“Second, providing an affirmative defense for reasonably designed compliance programs could allow companies to retain ill-gotten gains.  A company could engage in bribery or other corrupt behavior, obtain a benefit from such conduct (i.e. securing lucrative contracts), and yet not disgorge its ill-gotten gains.  Enabling companies to retain proceeds generated from the payment of bribes would disincentivize those companies from adopting rigorous anti-corruption programs.”

“Third, sanctioning corrupt behavior sends a strong message of general deterrence to all similarly situated companies that there is a high financial and reputational cost to be paid if they bribe foreign officials.  There is often no substitute for the deterrent impact of financial and reputational sanctions, which prevent improper behavior from becoming ingrained as just another ‘cost of doing business.’  That deterrence message likely would be diluted if such an affirmative defense was adopted.”

“Foreign Official”?

According to Chairman Schapiro, the FCPA “sufficiently defines the term foreign official.”  She stated as follows.  “Given the various forms of government found around the world, it would be impractical to articulate each of the myriad of ways that one could use to identify a foreign official in particular countries or cultures.  In addition, Commission and Department of Justice enforcement actions also provide guidance on the meaning of ‘foreign official’ in various contexts.  Finally, companies with a strong compliance culture have policies prohibiting all bribery in order to send a clear corporate message that such practices are not condoned.”

SEC Guidance?

“Both the Commission and the Department of Justice have numerous mechanisms for providing guidance on FCPA matters.  Perhaps the most important guidance comes from the enforcement actions that are brought by the Commission and the Department of Justice.  The Commission uses it pleadings and accompanying public news releases to highlight and reinforce the key elements of each case.  Additionally, senior staff in the Division of Enforcement speak regularly at industry conferences and provide guidance on the FCPA program. ”

For a prior post on “prosecutorial common law” – see here.

As relevant to Chairman Schapiro’s “guidance” response, readers may be interested in my “Facade of FCPA Enforcement” article  (here) in which I discuss  the frequency in which FCPA enforcement actions are resolved based on uninformative, bare-bones statements of facts or allegations or conclusory legal statements; the increasing trend of FCPA enforcement actions resolved based on untested and dubious legal theories, as well as enforcement theories seemingly in direct conflict with FCPA’s statutory provisions; and the opaque nature of FCPA enforcement and how similar enforcement actions, based on the government’s own allegations, are resolved with materially different charges and penalties.

In short, the notion that settled SEC civil complaints or administrative orders (or now SEC NPAs or DPAs or DOJ NPAs or DPAs for that matter) provide meaningful guidance or should serve as FCPA caselaw is absurd.  In my Facade article, I detail cases in which the SEC admits that the terms of an SEC settlement “do not necessarily reflect the triumph of one party’s position over the other.”  I also highlight statements from former SEC Commissioner and current Standford law professor Joseph Grundfest that, among other things, SEC complaints “typically omit mention of valid defenses and of countervailing facts or mitigating circumstances …”.  In the words of Professor Grundfest, the “natural result” of settling an SEC enforcement action “is a one-sided record in which the Commission asserts its version of the facts and the law, and the settling defendants commit not to challenge that rendition.” 

On the same general topic, albeit in the DOJ FCPA context, see this recent piece from Michael Volkov “The FCPA & Voluntary Disclosure An Engimatic Threat to Due Process” (“the Justice Department has started to cite as precedent its own decisions respecting the outer reaches of the law”).

Strict Parent Company Liability for Foreign Subsidiary Actions?

Chairman Schapiro’s response states in full as follows.  “A U.S. parent company may be liable under the FCPA for bribes paid by its foreign subsidiary in certain circumstances, such as where the parent company had knowledge of the foreign subsidiary’s bribery or where the subsidiary acted as the parent’s agent.  ‘Knowledge’ under the FCPA’s anti-bribery provisions encompasses actual knowledge, conscious disregard of, or willful blindness to the subsidiary’s illicit activities.  In addition, under agency law, an agent’s knowledge can be imputed to the principal (parent).  Accordingly, in the absence of the requisite evidence, the Commission does not charge a U.S. parent company with a violation of the FCPA’s anti-bribery provisions in connection with the foreign subsidiary’s actions.  In addition, the Commission may, based on its analysis of the particular facts and circumstances of some cases, charge the foreign subsidiary directly with violation of the FCPA’s anti-bribery provisions while separately charging the parent company with violations of the books and records and internal control provisions of the FCPA.  This is because the public company parent typically is responsible for the accuracy of the books and records of its overall operations, including those of its controlled foreign subsidiaries.  While the FCPA’s books and records and internal controls provisions do not contain a ‘knowledge’ requirement, the Commission exercises its discretion and flexibility in charging these provisions.”

For previous posts on the issue of strict liability see here and here.

Double-Dip Penalties?

Chairman Schapiro stated as follows. “The Commission and Department of Justice do not obtain duplicative penalties in FCPA cases.  Typically, the Commission will obtain monetary sanctions in the form of disgorgement (ill-gotten gains) while the Department of Justice obtains monetary sanctions in the form of penalties.  In those rare cases where both the Commission and the Department of Justice obtain penalties, the total penalty assessed against the company is no greater than it would be if either the Commission or DOJ alone obtained the penalty.”

However, DOJ penalties are calculated by reference to the advisory U.S. Sentencing Guidelines where an important factor in determining the ultimate penalty amount is value of the benefit received by the company from the conduct at issue.  

*****

For your viewing pleasure here – an October 5th rountable program sponsored by the Heritage Foundation on corruption, economic growth, and freedom.

For the calendars of Indianapolis area readers see here.  A luncheon address – “Compliance in a New Era of FCPA Enforcement” I am giving next Tuesday (Oct. 11th) to the World Trade Club of Indiana.   The event, sponsored by Butler University College of Business, begins at 11:30 at the downtown law offices of Baker & Daniels.

In The Words of Stanley Sporkin

By on September 26, 2011 in Books and Records, Compliance Defense, FCPA Reform, Internal Controls, Legislative History, SEC

Stanley Sporkin, as Director of the SEC’s Division of Enforcement in the mid-1970’s, played a key role in addressing the foreign corporate payments issues being investigated by Congress and in shaping what would become the FCPA’s books and records and internal control provisions.  Calling Sporkin the “Father of the FCPA” (as many have) is, in all due respect, a bit of an overstatement as Sporkin’s SEC was not in favor of what would become the FCPA’s anti-bribery provisions and wanted no part in enforcing those provisions.  Nevertheless, Sporkin was a key participant, and has remained a key player, on FCPA issues throughout his storied career.

Sporkin has been talking about FCPA reform for years – long before the U.S. Chamber released its FCPA reform proposals in October 2010.

Thanks to a reader, we can all read some of Sporkin’s early FCPA reform speeches.

In a 2004 speech (here), Sporkin spoke of the SEC stumbling upon the foreign payments issue in connection with its Watergate-related investigations.  The FCPA was not a singular outgrowth of Watergate –  Congress was already actively investigating allegations of overseas bribery and corruption separate and apart from the Watergate scandal – yet Watergate is nevertheless relevant to the FCPA’s origins.  In his speech, Sporkin also talks about the relationship between the FCPA and Sarbanes-Oxley Section 404 (a hot-button issue in 2004 when Sporkin delivered the speech).  As to “Next Steps,” Sporkin stated as follows.  “[W]e need more than Congress passing new statute, and the SEC requiring strict compliance with existing legislation.  We need a comprehensive assault on the problem.  This means we need the assistance of our government and indeed all the countries of the world along with the world business community, to provide a climate which enables our corporations to compete honestly and fairly throughout the world.  There is a way to fix this problem if there is a will to do so.”  Among other things, Sporkin proposed – no doubt in recognition that most FCPA issues arise from use of foreign agents –  the “establishment of a country-by-country list of agents that have been properly vetted and have agreed to be examined and audited by an independent international auditing group.”

In 2006, Sporkin returned to the podium (see here) as the FCPA neared its 30th year.  He stated as follows.  “What I envisioned when the law was enacted was a new corporate regime where bribery of foreign officials would be almost completely extinguished at least as it pertained to major U.S. corporations.  As all of us here have observed, the wild-eyed-do-gooder predictions never occurred.  Instead statistics indicate that bribery of foreign officials has maintained a steady pace over the years.”  [Counterpoint – perhaps bribery of foreign officials, as envisioned by Congress and indeed Sporkin’s SEC, has largely been extinguished, but the issue (in 2006 and still today) is that the goalposts have been moved … and not by Congress].

In his 2006 speech, Sporkin did not advocate the FCPA’s repeal, but he did “think the Department of Justice and the SEC can do something forward-looking which would be win-win for both the government and the private sector.”  He called it the “FCPA Immunization-Inoculation Program.”  Sporkin stated that the “quasi-amnesty program” would consist of the following:  (i) “agreement by participating firms to conduct a full and complete review [conducted jointly by a major accounting firm or specialized forensic accounting firm and a law firm]  of the company’s compliance with the FCPA for the previous 3 years; (ii) the company would agree “to disclose the results of the legal-accounting audit to the SEC, its investors, and the public; (iii) “if any violations turned up in the process of the audit, the participating [company] would agree to take all steps to eliminate the problems and implement the appropriate controls to prevent further violations; (iv) participating companies “would agree to subject themselves to a similar audit on an annual basis for at least 5 years to ensure that compliance was being maintained; (v) participating companies “would be required to create the position of FCPA compliance officer, whose sole responsibility would be to ensure the company’s compliance with the FCPA” and make an annual certification; and (vi) “in exchange … the SEC and DOJ would give qualified assurances that no actions would be brought for violations exposed by the review.”  As envisioned by Sporkin, the “limited amnesty would not apply if violations rose to flagrant or egregious level.”

According to Sporkin, the “immunization-inoculation program would serve the dual purpose of: (1) creating suitable incentives to compliance-minded companies to adopt and maintain high ethical standards in the conduct of their business; and (2) reducing the case load and investigative burden of governmental agencies that enforce the FCPA while reassuring regulators that companies are taking active steps to limit corruption in their foreign contracting and other activities.”  Sporkin conceded that “some adjustments may be necessary” but he believed that his proposal “would provide the right-thinking corporate community with the necessary assurances that it needs to develop a vibrant overseas business without having to defend itself against very costly and time consuming investigations.”

At the November 2010 Senate FCPA hearing, FCPA practitioner Michael Volkov (here) resurrected Sporkin’s proposal – see here for Volkov’s prepared statement.  [By the way, for those of you looking for the complete transcript of that hearing, along with the prepared statements, and post-hearing Q&A’s – see here].

While Sporkin’s FCPA reform proposals are, in certain ways, different from many of the proposed FCPA amendments being discussed at the moment, the point of this post – other than to highlight Sporkin’s reform proposals, is to demonstrate that the screams of some – that FCPA reform is solely a Chamber issue or somehow akin to waving the white flag of surrender to corporate bribery – are off-base.

What various FCPA reform proposals through the years have in common is experienced and knowledgeable individuals (including many former DOJ and SEC enforcement attorneys who helped shape the FCPA and FCPA enforcement) sharing a belief that the current ad hoc, inconsistent, arbitrary, and largely opaque enforcement only climate is in need of reform.

A Focus On The SEC

By on July 13, 2011 in Books and Records, Congressional Activity, Enforcement Agency Policy, Enforcement Agency Speeches, FCPA Reform, Internal Controls, SEC

From an FCPA reform perspective, most of the recent scrutiny has been on the DOJ and its enforcement policies and positions.

Yet, the FCPA is also enforced by the SEC.

As a civil enforcement agency only, the SEC’s stick is less sharp the DOJ’s. Nevertheless, the SEC’s FCPA enforcement positions on issues such as “foreign official” and “obtain or retain business” are seemingly identical to the DOJ’s.

Moreover, certain of the SEC’s enforcement theories as to the FCPA’s books and records and internal control provisions are subject to controversy. As I highlighted in “The Facade of FCPA Enforcement” (here at pgs. 976-984), with increasing frequency, the SEC has charged FCPA books and records and internal control violations based on untested and dubious legal theories, as well as theories seemingly in direct conflict with the FCPA’s statutory provisions.

For instance, the SEC routinely charges parent companies with FCPA books and records and internal control violations based solely on the conduct of indirect subsidiaries or affiliates in the absence of any allegation that the parent company participated in, or had knowledge of, the conduct at issue – even though the FCPA specifically states that issuers that demonstrate good faith efforts to cause indirect subsidiaries and affiliates to devise and maintain effective internal controls “shall be conclusively presumed to have complied with” the FCPA’s applicable requirements.

The SEC’s FCPA enforcement theories and policies are now being questioned. See here for the June 30th letter from Senator Mike Crapo (R-ID) to SEC Chairman Mary Schapiro.

The letter begins with Senator Crapo stating that “Congress and the agencies that enforce the FCPA must work together to ensure that the statute’s goals are being met without perverting the risk and reward calculus U.S. firms face when considering overseas business opportunities that would support domestic job growth.”

In the letter, Senator Crapo says he is “concerned by the recent Congressional testimony about the increased compliance costs for businesses operating in good faith to abide by the FCPA’s strictures and the deterrence of U.S. firms’ entry into, or expansion of, overseas operations.”

Senator Crapo then asks Chairman Schapiro for answers to the following questions.

1. Should the FCPA be amended to provide an affirmative defense, which may be raised where violations resulted from the conduct of individual employees or agents who circumvented compliance measures that were reasonably designed to identify and prevent such violations?

2. Does the Commission believe that regulations or guidance explaning factors it considers when determining whether an entity’s officers or employees are “foreign officials” would be helpful to U.S. firms? Would the Commission support legislation that more clearly defines the term “foreign official” under the FCPA?

3. What are the mechanisms by which the Commission could or does provide guidance on FCPA related matters?

4. Is it the Commission’s policy to hold firms strictly liable for foreign subsidiaries’ actions in violation of the FCPA?

5. Under what circumstances, if any, is it appropriate for both the Commission and the Department to seek the recovery of penalties from the same entity for the same conduct?

Prior to responding to Senator Crapo’s letter, Chairman Schapiro and others at the SEC’s FCPA Unit would be well served by reviewing a 1981 speech by then Chairman of the SEC – Harold Williams – on the FCPA’s books and records and internal control provisions.

To best understand (and place in context) current SEC FCPA enforcement positions and policies, it is useful to understand past SEC FCPA enforcement positions and policies. Statements made by the SEC Chairman in 1981 bear little resemblence to the SEC’s current enforcement of the FCPA’s books and records and internal control provisions.

*****

The year was 1981, the event was the American Institute of Certified Public Accountants, and the speaker was Harold Williams, the Chairman of the SEC. Williams focused his remarks (here) “solely to one major auditing development of recent years: the accounting provisions of the Foreign Corrupt Practices Act of 1977.”

Williams began has remarks as follows. “When viewed from an abstract perspective, the Act’s accounting provisions seem merely to codify a basic and uncontroversial management principle: no enterprise of any size can operate successfully without maintaining effective controls over its transactions and the disposition of its assets. Perhaps in part because these provisions were considered truisms, the Act was passed without Congressional dissent. However, practical experience with new legislation – even a law thought to be noncontroversial – often will reveal unanticipated problems. Newly enacted standards, for example, may be subject to differing constructions or raise compliance difficulties and ambiguities unforeseen by their draftsmen. And, until these problems are resolved by an agency, the courts or the Congress, those who are subject to these laws are often faced, unfortunately, with some disquieting circumstances. The anxieties created by the Foreign Corrupt Practices Act – among men and women of utmost good faith – have been, in my experience without equal.”

Williams noted that “such uncertainty can have a debilitating effect on the activities of those who seek to comply with the law. My sense is that, as a consequence, many businesses have been very cautious – sometimes overly so – in assuring at least technical compliance with the Act. And, therefore, business resources may have been diverted from more productive uses to overly-burdensome compliance systems which extend beyond the requirements of sound management or the policies embodied in the Act. The public, of course, is not well served by such reactions.”

Unlike many SEC speeches that contain the usual – this is only my personal opinion disclaimer – Williams specifically noted that he “conferred” with his “colleagues before presenting these remarks, and they have authorized me to advise you that these remarks constitute a statement of the Commission’s policy.”

As to the FCPA’s books and records provisions, Williams stated as follows. “This provision is intimately related to the requirement for a system of internal accounting controls, and we believe that records which are not relevant to accomplishing the objectives specified in the statute for the system of internal controls are not within the purview of the recordkeeping provision. […] nor could a company be enjoined for a falsification of which its management, broadly defined, was not aware and reasonably should not have known.”

As to the FCPA’s internal control provisions, Williams stated as follows. “The Act does not mandate any particular kind of internal controls system. The test is whether a system, taken as a whole, reasonably meets the statute’s specified objectives. ‘Reasonableness,’ a familiar legal concept, depends on an evaluation of all the facts and circumstances.”

Under the heading “deference” Williams stated as follows. “Private sector decisions implementing these statutory objectives are business decisions. And, reasonable business decisions should be afforded deference. This means that the issuer need not always select the best or the most effective control measure. However, the one selected must be reasonable under all the circumstances.”

Under the heading “state of mind” Williams stated as follows. “The accounting provisions principal objective is to reaching knowing or reckless conduct.”

As to the “purposes of the Act,” Williams provided a brief review of the “events which led to the [FCPA].” He stated as follows. “Clearly, Congress went further than determining whether the payments which gave the new law its name were ethically and commercially justifiable. It also chose to consider the corporate accounting and control deficiencies which had been breeding grounds for these practices. And, by doing so, it addressed the far more serious issues raised by these disclosures. […] These payments and falsifications were not only previously unknown to public investors and independent auditors, but many were also unknown to the payor’s board and, in numerous examples, even to its senior management. In some of these instances, internal controls existed, but they were shown to be ineffective or easily subverted. Unauthorized payments and related falsifications of corporate records seemed to evidence – indeed, were fostered by – a lack of adequate accounting records and controls. Consequently, in the legislation which ultimately emerged from Congress, prohibiting questionable payments and mandating control and recordkeeping were inexorably interconnected.”

Williams stated as follows. “The primary thrust of the Act’s accounting provisions, in short, was to require those public companies which lacked effective internal controls or tolerated unreliable recordkeeping to comply with the standards of their better managed peers. That is the context in which these provisions should be construed.”

Williams then addressed “four of the most important” interpretative questions concerning the then-young FCPA: “first, the degree of exactitude in recordkeeping mandated by the Act; second, the deference it affords business decisions concerning internal controls; third, whether a particular state of mind is necessary for a violation to exist; and finally, liability for compliance by subsidiaries.”

As to the “degree of exactitude” Williams stated as follows. “I turn first to the question of whether the Act’s text or purpose mandates that business records and controls conform to a standard of absolute exactitude or that a company’s control system meet some absolute ideal. The answer is ‘no.’ Both of the Act’s accounting provisions, it should be noted are modified by the key term ‘reasonable.’ […] In essence, therefore, the Act does provide a de minimus exemption, though not in absolute quantitative terms.”

Williams noted that Congress specifically declined to adopt a materiality test and stated that “internal accounting controls are not only concerned with misconduct that is material to investors, but also with a great deal of misconduct which is not.” He noted that while materiality is “appropriate as a threshold standard to determine the necessity for disclosure to investors, [it] is totally inadequate as a standard for an internal control system.”

Williams stated that “procedures designed only to uncover deficiencies in amounts material for financial statement purposes would be useless for internal control purposes” and noted that “systems which tolerated omissions or errors of many thousands or even millions of dollars would not represent, by any accepted standard, adequate records and controls.” Indeed, Williams noted that many of the “questionable payments that alarmed the public and caused Congress to act” […] were in most instance of far lesser magnitude than that which would constitute financial statement materiality.”

“Reasonableness, rather than materiality, is the appropriate test,” Williams stated. He noted as follows. “Reasonableness, as a standard, allows flexibility in responding to particular facts and circumstances. Inherent in this concept is a toleration of deviations from the absolute. One measure of the reasonableness of a system relates to whether the expected benefits from improving it would be significantly greater than the anticipated costs of doing so. Thousands of dollars ordinarily should not be spent conserving hundreds. Further, not every procedure which may be individually cost-justifiable need be implemented; the Act allows a range of reasonable judgments.”

As to the “specific recordkeeping requirement” in the FCPA, Williams stated as follows. “… [T]his provision is not an independent unrestrained mandate to the Commission to establish novel or unprecedented corporate recordkeeping standards; it is, rather, an integral part of Congress’ efforts to assure that the business community records transactions and assets in such a way as to maintain adequate control over them. And this leads to two important conclusions: First, the Act does not establish any absolute standard of exactitude for corporate records. And, second, records which are not related to internal or external audits or to the four internal control objectives set forth in the Act are not within the purview of the Act’s accounting provisions.”

As to “deference” with respect to “issuer liability for recordkeeping violations” Williams stated that the SEC “will look to the adequacy of the internal control system of the issuer, the involvement of top management in the violation, and the corrective actions taken once the violation was uncovered.”

In a sign of just how much FCPA enforcement has changed, Williams then stated as follows. “If a violation was committed by a low level employee, without the knowledge of top management, with an adequate system of internal control, and with appropriate corrective action taken by the issuer, we do not believe that any action against the company would be called for.”

Williams next turned to the “state of mind needed to violate the Act’s accounting provisions.” He reiterated that the “Act’s principal purpose is to reach knowing or reckless misconduct.”

In another sign of just how much FCPA enforcement has changed, William stated as follows. “… [D]epending on the circumstances, intentional circumventions of a company’s system of records and of accounting controls by a low-level employee would not always be considered violations of the Act by the issuer. No system of adequate records and controls – no matter how effectively devised or conscientiously applied – could be expected to prevent all mistaken and improper transactions and disposition of assets. Given human nature, regardless of the adequacy of the system, a bookkeeper may still erroneously post entries, an overzealous agent may make unauthorized payments, or an unscrupulous employee may falsify records for his own purposes. The Act recognizes each of these limitations. Neither its text and legislative history nor its purposes suggest that occasional, inadvertent errors were the kind of problem that Congress sought to remedy in passing the Act. No rational federal interest in punishing insignificant mistakes has been articulated. And, the Act’s accounting provisions do not require a company or its senior officials to be the guarantors of all conduct of company employees.”

In concluding this portion of his speech, Williams stated as follows. “The test of a company’s internal control system is not whether occasional failings can occur. Those will happen in the most ideally managed company. But, an adequate system of internal controls means that, when such breaches do arise, they will be isolated rather than systemic, and they will be subject to a reasonable likelihood of being uncovered in a timely manner and then remedied promptly. Barring, of course, the participation or complicity of senior company officials in the deed, when discovery and correction expeditiously follow, no failing in the company’s internal accounting system would have existed. To the contrary, routine discovery and correction would evidence its effectiveness.”

As to subsidiaries, Williams stated as follows. “Where the issuer controls more than 50 percent of the voting securities of the subsidiary, compliance is expected. So, too, would it be expected if there is between 20 percent and 50 percent ownership, subject to some demonstration by the issuer that this does not amount to control. If there is less than 20 percent ownership, we will shoulder the burden to affirmatively demonstrate control.”

As to the SEC’s enforcement policy, Williams concluded his remarks as follows. “The genius – and challenge – of [the FCPA’s accounting provisions] , it should be remembered, is their reliance on private sector decisionmaking – rather than specific federal edicts – to address an area of public concern. The Act’s eventual success or failure will, therefore, depend primarily upon business’s response. The Commission’s obligation, in turn, is to provide a regulatory environment in which the private sector can address these issues meaningfully and creatively. In this regard, we must encourage public companies to develop innovative records and control systems, to modify and improve them as circumstances change, and to correct recordkeeping errors when they occur without a chilling fear of penalty or inference that a violation of the Act is involved.”

RAE Systems Held Liable For The Acts Of Its Subsidiaries’ Joint Venture Partners

By on December 13, 2010 in 2010 Enforcement Actions, Anything of Value, China, DOJ Enforcement Action, FCPA Investigative Costs, Foreign Official, Internal Controls, Joint Venture, Non-Prosecution Agreement, RAE Systems, SEC Enforcement Action, Security Industry, Voluntary Disclosure

If every company voluntarily disclosed that its distant subsidiaries and/or its distant subsidiaries’ joint venture partners provided minor things of value (such as a notebook computer, kitchen appliances, and business suits) to someone deemed a “foreign official” by the enforcement agencies, then instead of 15 to 20 core FCPA enforcement actions per year, there would probably be something like 150 to 200 FCPA enforcement actions per year.

If every issuer voluntarily disclosed that its internal controls were imperfect as to distant subsidiaries or its distant subsidiaries’ joint venture partners, and that such distant entities failed to follow issuer instructions or issuer provided training and guidance, then instead of 15 to 20 core FCPA enforcement actions per year, there would probably be something like 1,500 to 2,000 FCPA enforcement actions per year (recognizing that the FCPA’s books and records and internal control provisions equally apply to domestic operations).

So why did RAE Systems voluntarily disclose such conduct to the DOJ and the SEC? Would it not have been more efficient and cost-effective for the company to effectively remedy these issues internally?

Do the high professional expenses connected with voluntary disclosures (compared to effectively remedying issues internally) have anything to do with the increase in voluntary disclosures? (See here for a prior post on the issue). In RAE Systems annual report for the year ended December 31, 2009 (see here), filed in March 2010, the company disclosed that it had (at that point) incurred $4 million in professional fees in connection with the FCPA investigation.

From an enforcement standpoint, is the Foreign Corrupt Practices Act becoming an all-purpose corporate governance instrument? Should it?

These are some of the questions raised by the odd RAE Systems enforcement action.

Last Friday, the DOJ and SEC announced (see here and here) a joint enforcement against RAE System (a San-Jose, California based company with shares on the New York Stock Exchange) “a leading global provider of rapidly deployable connected, intelligent gas detection systems that enable real-time safety and security threat detection.” (See here for the company website). In September, RAE Systems signed a definitive agreement to be acquired by Battery Ventures. The transaction is expected to close by the end of the first quarter of 2011.

This post summarizes the DOJ and SEC enforcement actions in which RAE Systems agreed to pay approximately $2.95 million in fines and disgorgement.

DOJ

Pursuant to a three-year non-prosecution agreement, RAE Systems acknowledged its “knowing violations of the internal controls and books and records provisions” of the FCPA “arising from and related to improper benefits corruptly paid by employees of two joint ventures majority owned and controlled by RAE Systems to foreign officials of departments, agencies, and instrumentalities” of the Chinese government.” Pursuant to the NPA, RAE Systems agreed to pay a $1.7 million penalty.

According to the NPA, RAE Systems “had significant operations” in China organized “under a holding company called RAE Asia, headquartered in Hong Kong.” RAE Systems “sold products and services in mainland [China] primarily through second-tier subsidiaries organized as joint ventures with local Chinese entities.

One of the joint ventures is RAE-KLH (Beijing) Co., Limited (“RAE-KLH”). RAE Systems acquired a 64% stake in RAE-KLH in 2004 and upped the stake to approximately 96% in 2006. The other joint venture is RAE Coal Mine Safety Instruments (Fushun) Co., Ltd. (“RAE-Fushun”). In 2006, RAE Systems acquired a 70% interest in RAE Fushan.

Both RAE-KLH’s and RAE Fushun’s financial results were included in the consolidated financial statements that RAE Systems filed with the SEC.

According to the NPA, “a significant number of RAE-KLH’s and RAE Fushun’s customers” in China were “government departments and bureaus and large state-owned agencies and instrumentalties.” The NPA states as follows. “The Lanzhous City Honggu Mining Safety Bureau, for example, was a government customer. Other government clients included regional fire departments, emergency response departments, and entities under the supervision of the provincial environmental agency, among others. Accordingly, officers and employees of a significant number of RAE-KLH’s and RAE Fushun’s customers were ‘foreign officials’ within the meaning of the FCPA …”.

The NPA then contains a heading that states, “RAE System’s Knowing Failure to Implement Systems of Effective Internal Controls at RAE-KLH and RAE Fushun Post Closing.”

The NPA then cites various company documents that suggest RAE was aware that KLH sales personnel were making kickbacks or otherwise engaging in questionable sales tactics with its customers. The NPA cites a document from a RAE Systems employee from the United States who met with KLH personnel that stated “we knew this risk all along and have accepted it upon entering the JV deal.”

Following the acquisition, the NPA states that “RAE Systems did provide some FCPA training to RAE-KLH personnel and did tell RAE-KLH personnel to stop paying bribes and providing other improper benefits, but such steps were half-measures.” The NPA states that “RAE Systems did not impose sufficient internal controls or make sufficient changes to high-risk practices.”

As to RAE-Fushun, the NPA states that “RAE Systems did not conduct pre-acquisition corruption due diligence of RAE Fushun” but that “given RAE’s System’s experience with KLH described above, the high-risk nature of the location, and the existence of numerous government customers, pre-acquisition corruption-focused due diligence was merited. The NPA further states “as was later confirmed, improper business practices had occurred at RAE Fushun before the acquisition and continued post-acquisition, as RAE Systems failed to implement an effective system of internal controls at RAE Fushun.”

Based on the above facts, the NPA states that “RAE Systems knowingly failed to implement a system of effective internal accounting controls at RAE-KLH and RAE Fushun…”.

According to the NPA, the “lack of effective internal accounting controls permitted improper payments to continue at RAE-KLH and RAE-Fushun after acquisition.”

As to RAE-KLH, the NPA states that certain sales representatives at RAE-KLH “used cash advances and reimbursements for improper purposes, including the corrupt giving of gifts and paying for entertainment, as well as direct or indirect payments to customers.” According to the NPA, “the gifts included, among other things, a notebook computer for the son of the deputy director of a state-owned chemical plant as part of efforts to obtain business from that entity.” The NPA also states that RAE-KLH made payments under contracts with a purported consultant and that some or all of the payments were funneled to officials of a state-owned enterprise and government departments.

As to RAE Fushun, the NPA likewise statements that certain sales representatives at RAE Fushun “used cash advances and reimbursements for improper purposes including the corrupt giving of gifts and paying for entertainment, as well as making direct or indirect payments, to officers and employees of customers.” According to the NPA, “these gifts to certain officials of state-owned enterprises and government departments included, among other things, a variety of luxury items, such as jade, fur coats, kitchen appliances, business suits, and high-priced liquor.”

The NPA then states that the “lack of effective internal controls and continued improper payments led to inaccurate books and records.”

During the three-year term of the NPA, RAE Systems agreed to undertake a host of compliance reforms and to report to the DOJ on an annual basis.

The DOJ agreed to enter into the NPA “based in part, on the following factors: (a) RAE System’s timely, voluntary, and complete disclosure …; (b) RAE System’s thorough, real-time cooperation with the DOJ and SEC; (c) the extensive remedial efforts already undertaken and to be undertaken by RAE Systems; and (d) RAE System’s commitment to submit periodic monitoring reports to the DOJ.”

SEC

The SEC’s complaint (here) is based on the same core set of facts described above. It charges RAE Systems, not only with FCPA books and records and internal control violations, but anti-bribery violations as well.

The complaint begins by alleging that “from 2004 through 2008” RAE Systems violated the FCPA “by paying, through two of its joint venture entities in China, approximately $400,000 to third party agents and government officials in China to influence acts or decisions by foreign officials to obtain or retain business for RAE Systems.” According to the complaint, the payments “were made primarily by the direct sales force utilized by RAE Systems” at its two Chinese joint-venture entities: RAE-KLH and RAE-Fushun.

According to the SEC, RAE System’s “illicit payments to government officials and third-party agents generated revenues worth over $3 million and gross margin of $1,147,800.”

The complaint states: “While the payments were made exclusively in China and were conducted by Chinese employees of RAE-KLH and RAE-Fushun, RAE Systems was aware of significant indications of ongoing bribery at RAE-KLH. At the time, RAE Systems failed to effectively investigate these indications, or red flags, and to stop the bribery from continuing. RAE System’s failure to act on these significant red flags allowed, at least in part, bribery to continue at RAE-KLH.”

RAE Systems was held liable for RAE-KLH’s improper payments even though the SEC complaint states that “RAE Systems Instruct[ed] KLH Personnel to Stop Bribery Practices.” According to the SEC, “while RAE Systems communicated these instructions to RAE-KLH personnel, RAE Systems did not impose sufficient internal controls or make any changes to the practice of sales personnel obtaining cash advances.” According to the SEC, RAE System’s CFO visited RAE-KLH’s Chinese facilities and observed that certain cash advances may be used for “grease payments, to supplement sales employees’ incomes and as bribes.” In response, RAE Systems, “implemented FCPA compliance training and required each RAE-KLH employee to certify that he or she did not engage in bribery practices.” However, the SEC alleged “again, however, [RAE Systems] did not impose sufficient internal controls or make changes to the practice of sales personnel obtaining cash advances.”

Without admitting or denying the SEC’s allegations, RAE Systems agreed to pay $1,147,800 in disgorgement (plus $109,212 in prejudgment interest) and to undertake a host of FCPA compliance measures.

Cheryl Scarboro (Chief of the SEC’s FCPA Unit) stated as follows. “RAE Systems develops products to detect harmful emissions, yet it did not have adequate measures in place to detect and root out internal wrongdoing. Companies that fail to respond to red flags can be held liable for the acts of their joint venture partners.”

Carlos Ortiz (a former DOJ attorney now at LeClair Ryan – here) and Roy McDonald (DLA Piper – here) represented RAE Systems.

Powered by WordPress. Designed by WooThemes