This post highlights various common sense statements from the Second Edition (nearly all of them appeared in the original Guidance as well – see here) and provides certain commentary.
“[T]he FCPA does not cover every type of bribe paid around the world for every purpose …” (Pg. 13). Even the DOJ and SEC acknowledge that the FCPA is a limited statute. Moreover, the word “bribe” does not even appear in the FCPA. Rather, specific elements must be satisfied for there to be a violation of the FCPA’s anti-bribery provisions.
“The corrupt intent requirement [of the FCPA] protects companies that engage in the ordinary and legitimate promotion of their business while targeting conduct that seeks to improperly induce officials into misusing their positions.” (Pg. 14). If the minds of some, the corrupt intent element has been read out of the statute and replaced with a general – “because it happened – it must have been corrupt” standard. Thus, it is an open question whether most business organizations view the corrupt intent element as “protecting” the company. Regardless, it is refreshing for the government to acknowledge that corrupt intent is a required element of an FCPA anti-bribery violation. Nevertheless, it is an open question whether certain conduct frequently found in FCPA enforcement actions – such as golf in the morning and beer drinking in the evening or scuba diving and snorkeling – are seeking to improperly induce officials into misusing their positions.
“Items of nominal value, such as cab fare, reasonable meals and entertainment expenses, or company promotional items, are unlikely to improperly influence an official …” (Pg. 15). There are many FCPA enforcement actions that involve meals and entertainment expenses that seem reasonable, but what makes them unreasonable in the eyes of the enforcement agencies is that they were provided to alleged “foreign officials.” (See this prior post titled “It All Depends What the “B” Word Means).
“The FCPA does not prohibit charitable contributions or prevent corporations from acting as good corporate citizens.” (Pg. 16). However, this is often the end result given how risk averse business organizations react to FCPA enforcement actions that have involved charitable giving. (See this prior post titled “The Charitable Donation That Did Not Occur.”).
“[A]s a practical matter, an entity is unlikely to qualify as an instrumentality [of a foreign government and its employees as “foreign officials”] if a government does not own or control a majority of its shares.” (Pg. 21) However, as a practical matter there have been several FCPA enforcement actions premised on this theory in which a government does not own or control a majority of shares (see here) or where the entity describes itself as a private business (see here).
“Successor liability does not […] create liability where none existed before. For example, if an issuer were to acquire a foreign company that was not previously subject to the FCPA’s jurisdiction, the mere acquisition of that foreign company would not retroactively create FCPA liability for the acquiring issuer.” (Pg. 29)
“The ‘in reasonable detail’ qualification [of the FCPA’s books and records provisions] was adopted by Congress ‘in light of the concern that such a standard, if unqualified, might connote a degree of exactitude and precision which is unrealistic.’ […] The term ‘reasonable detail’ is defined in the statute as the level of detail that would ‘satisfy prudent officials in the conduct of their own affairs.’ Thus, as Congress noted when it adopted this definition, ‘[t]he concept of reasonableness of necessity contemplates the weighing of a number of relevant factors, including the costs of compliance.’” (Pg. 39)
“Like the ‘reasonable detail’ requirement in the books and records provision, the [FCPA’s internal control provisions] defines ‘reasonable assurances’ as ‘such level of detail and degree of assurance as would satisfy prudent officials in the conduct of their own affairs.’ The Act does not specify a particular set of controls that companies are required to implement. Rather, the internal controls provisions gives companies the flexibility to develop and maintain a system of controls that is appropriate to their particular needs and circumstances.” (Pg. 40)
Regarding the two statements above, query – when the government finds an internal control violation because of failure to do A, B, and C – whether the government considered the costs of doing A, B, and C. Regarding flexibility to do what is appropriate given a company’s particular needs and circumstances, see this prior post titled “Size Matters, But To What Extent?” documenting how there appears to be no meaningful difference in enforcement agency theories (ranging from third party compliance best practices to internal controls best practices including the finance and audit function and training best practices) in large issuer enforcement actions compared to small issuer enforcement actions.
“Companies may not be able to exercise the same level of control over a minority-owned subsidiary or affiliate as they do over a majority or wholly owned entity. Therefore, if a parent company owns 50% or less of a subsidiary or affiliate, the parent is only required to use its best efforts to cause the minority-owned subsidiary or affiliate to devise and maintain a system of internal accounting controls consistent with the issuer’s own obligations under the FCPA.” (Pg. 44). However, see this prior post highlighting how the enforcement agencies have seemingly ignored this express FCPA provision in several enforcement actions.
“The [DOJ’s] Principles of Federal Prosecution provide that prosecutors should recommend or commence federal prosecution if the putative defendant’s conduct constitutes a federal offense and the admissible evidence will probably be sufficient to obtain and sustain a conviction unless: […] (2) the person is subject to effective prosecution in another jurisdiction … (Pg. 50). As highlighted in this prior post (and previous annual posts) in recent years a high percentage of overall FCPA enforcement actions and higher percentage of overall settlement amounts have been in enforcement actions against foreign countries domiciled in OECD Convention peer countries.
“[U.S. Sentencing Guidelines] reflect the recognition that a company’s failure to prevent every single violation does not necessarily mean that a particular company’s compliance program was not generally effective. DOJ and SEC understand that ‘no compliance program can ever prevent all criminal activity by a corporation’s employees,’ and they do not hold companies to a standard of perfection.” (Pg. 57). An interesting aspect of many FCPA enforcement actions is that they involve companies doing business in multiple jurisdictions, conducting thousands of transactions, employing thousands of employees and/or agents. Yet many enforcement actions are based on a single country, single transaction, and a small group of employees who frequently conceal their conduct from others.
“DOJ and SEC have no formulaic requirements regarding compliance programs.” (Pg. 57). If that is the case, then why are post-enforcement compliance requirements (for instance see usually Attachment C to a DOJ NPA or DPA) mostly carbon copies of each other regardless of the size of the company, industry, etc.
“Individual companies may have different compliance needs depending on their size and the particular risks associated with their businesses, among other factors. When it comes to compliance, there is no one-size-fits-all program.” (Pg. 58). See above comment as well as the prior post referenced above which documents how there appears to be no meaningful difference in enforcement agency theories (ranging from third party compliance best practices to internal controls best practices including the finance and audit function and training best practices) in large issuer enforcement actions compared to small issuer enforcement actions.
“Devoting a disproportionate amount of time policing modest entertainment and gift-giving instead of focusing on large government bids, questionable payments to third-party consultants, or excessive discounts to resellers and distributors may indicate that a company’s compliance program is ineffective.” (Pg. 60). Few companies subject to the FCPA are involved in “large government bids” and thus react to allegations found in real enforcement actions that can apply to them. What does the government expect risk averse business organizations to do when many enforcement actions contain allegations about modest entertainment and gift-giving. (See prior posts here and here).
FCPA Institute Online
The most comprehensive online FCPA training course available. Over 12 hours of narrated instruction from Professor Koehler allowing professionals to elevate their FCPA knowledge and practical skills at their own pace.