Yesterday’s post (here) focused on DOJ FCPA individual prosecutions and highlighted the following facts and figures.
- Since 2008, the DOJ has charged 99 individuals with FCPA criminal offenses.
- 58% of the individuals charged by the DOJ with FCPA criminal offenses since 2008 have been in just five cases and 78% of the individuals charged by the DOJ since 2008 have been in just eleven cases.
- There have been 67 corporate DOJ FCPA enforcement actions since 2008 and of these actions, 50 (or 75%) have not (at least yet) resulted in any DOJ charges against company employees.
These statistics should cause alarm, including at the DOJ as it has long recognized that a corporate-fine only enforcement program is not effective and does not adequately deter future FCPA violations. For instance, in 1986 John Keeney (Deputy Assistant Attorney General, Criminal Division, DOJ) submitted written responses in the context of Senate hearings concerning a bill to amend the FCPA. He stated as follows:
“If the risk of conduct in violation of the statute becomes merely monetary, the fine will simply become a cost of doing business, payable only upon being caught and in many instances, it will be only a fraction of the profit acquired from the corrupt activity. Absent the threat of incarceration, there may no longer be any compelling need to resist the urge to acquire business in any way possible.”
In 2010 Hank Walther (Deputy Chief Fraud Section) stated that a corporate fine-only FCPA enforcement program allows companies to calculate FCPA settlements as the cost of doing business.
In 2013 Daniel Suleiman (DOJ Deputy Chief of Staff, Criminal division) stated that “there is no greater deterrent to corporate crime that the prospect of prison time … if people don’t go to prison, then enforcement can come to be seen as merely the cost of doing business.”
More recently, Patrick Stokes (DOJ FCPA Unit Chief) stated that DOJ is “very focused” on prosecuting individuals as well as companies and that “going after one or the other is not sufficient for deterrence purposes.”
Earlier this week, Deputy Assistant Attorney General Sung-Hee Suh rightly acknowledged that “corporations do not act criminally, but for the actions of individuals.”
In my 2010 Senate FCPA testimony (here), I noted that the absence of individual FCPA charges in most corporate FCPA enforcement actions causes one to legitimately wonder whether the conduct giving rise to the corporate enforcement action was engaged in by ghosts.
Others have rightly asked the “but nobody was charged” question, including James Stewart in a New York Times column highlighted in this previous post.
However, as I stated in my Senate testimony, there is an equally plausible reason why no individuals have been charged in connection with many corporate FCPA enforcement actions. The reason has to do with the quality and legitimacy of the corporate enforcement action in the first place.
Readers know well of the prevalence of non-prosecution and deferred prosecution agreements (NPAs / DPAs) in the FCPA context. As highlighted in this recent post, since 2010, 86% of corporate DOJ enforcement actions have involved either an NPA or DPA.
Informed observers also understand how NPAs and DPAs, not subject to any meaningful judicial scrutiny, are often agreed to by companies for reasons of ease and efficiency, and not necessarily because the conduct at issue violates the FCPA.
Indeed, prior to becoming SEC Chair, Mary Jo White stated a “fear [that] the deferred prosecution [agreement] is becoming a vehicle to show results” (here) and former Attorney General Alberto Gonzales has stated as follows.
“It is “easy, much easier quite frankly” for the DOJ to resolve FCPA inquiries with NPAs and DPAs; such resolution vehicles have “less of a toll” on the DOJ’s budget and such agreements “provide revenue” to the DOJ. It is all “unfortunate”
“In an ironic twist, the more that American companies elect to settle and not force the DOJ to defend its aggressive interpretation of the [FCPA], the more aggressive DOJ has become in its interpretation of the law and its prosecution decisions.”
Moreover, Mark Mendelsohn (former chief of the DOJ’s FCPA Unit), has talked about the “danger” of NPAs and DPAs and how “it is tempting for the [Justice Department] or the SEC…to seek to resolve cases through DPAs or NPAs that don’t actually constitute violations of the law.” (See “Mark Mendelsohn on the Rise of FCPA Enforcement,” 24 Corporate Crime Reporter 35, September 10, 2010).
For more on the above dynamics, see my article “The Facade of FCPA Enforcement.”
Individuals, on the other hand, face a deprivation of personal liberty, and are more likely to force the DOJ to satisfy its high burden of proof as to all FCPA elements.
In other words, perhaps the more appropriate question is not “but nobody was charged,” but rather do corporate NPAs and DPAs always represent provable FCPA violations? For a recent excellent article asking the same general question, see here.
I set out to test this with the following working hypothesis.
-
Instances in which the DOJ brings actual criminal charges against a company or otherwise insists in the resolution that the corporate entity pleads guilty to FCPA violations, represent a higher quality FCPA enforcement action (in the eyes of the DOJ) and is thus more likely to result in related FCPA criminal charges against company employees.
-
Instances in which the DOJ resolves an FCPA enforcement action solely with an NPA or DPA, represent a lower quality FCPA enforcement action and is thus less likely to result in related FCPA criminal charges against company employees given that an individual is more likely to put the DOJ to its high burden of proof.
The below statistics provide a compelling datapoint concerning the quality and legitimacy of many corporate DOJ FCPA enforcement actions.
Since NPAs and DPAs were first introduced to the FCPA context in December 2004 (see here), there have been 83 corporate DOJ FCPA enforcement actions.
-
14 of these corporate enforcement actions were the result of a criminal indictment or resulted in a guilty plea by the corporate entity to FCPA violations. 10 of these corporate enforcement actions – 71% – resulted in related criminal charges of company employees.
-
53 of these corporate enforcement actions were resolved solely with an NPA or DPA. In only 5 instances – 9% – was there related criminal charges of company employees.
-
A third type of corporate FCPA enforcement action is what I will call a hybrid action in which the resolution includes a guilty plea by some entity in the corporate family – usually a foreign subsidiary – and an NPA or DPA against the parent company. Since the introduction of NPAs and DPAs in the FCPA context, there have been 16 such corporate enforcement actions. In 5 of these actions – 31% – there was related criminal charges of company employees. This percentage is what one might expect compared to the two types of corporate FCPA enforcement actions discussed above, although it is interesting to note the following regarding 3 of these 5 instances. The DOJ ended up dismissing the charges against Si Chan Wooh (Schnitzer Steel), John O’Shea (ABB) was not found not guilty, and Bobby Elkin (Alliance One) received a probation sentence after the sentencing judge questioned many aspects of the enforcement action (see here for the prior post).
Although NPAs and DPAs were first introduced to the FCPA context in 2004, their use by the DOJ was sporadic at first and such alternative resolution vehicles did not become a fixture of FCPA enforcement until approximately 2007.
Thus, in testing the above hypothesis, 2007 is perhaps the best starting point. Since 2007, there have been 77 corporate DOJ FCPA enforcement actions.
-
12 of these corporate enforcement actions were the result of a criminal indictment or resulted in a guilty plea by the corporate entity to FCPA violations. 9 of these corporate enforcement actions – 75% – resulted in related criminal charges of company employees.
-
50 of these corporate enforcement actions were resolved solely with an NPA or DPA. In only 5 instances – 10% – was there related criminal charges of company employees.
-
A third type of corporate FCPA enforcement action is what I will call a hybrid action in which the resolution includes a guilty plea by some entity in the corporate family – usually a foreign subsidiary – and an NPA or DPA against the parent company. Since 2007, there have been 15 such corporate enforcement actions. In 4 of these actions – 26% – there was related criminal charges of company employees. This percentage is what one might expect compared to the two types of corporate FCPA enforcement actions discussed above.
If the above statistics do not cause one to question the quality and legitimacy of many corporate FCPA enforcement actions, no empirical data ever will. For those who believe NPAs and DPAs always represent provable FCPA violations, the ball is now in your court to offer credible explanations for following datapoints.
Since NPAs and DPAs were introduced to the FCPA context in 2004, if a corporate DOJ FCPA enforcement action is the result of a criminal indictment or resulted in a guilty plea by the corporate entity to FCPA violations, there is a 71% chance that related criminal charges will be brought against a company employee. If a corporate DOJ FCPA enforcement action is resolved solely with an NPA or DPA, there is a 9% chance that criminal charges will be brought against a company employee.
Since 2007, when NPAs and DPAs become a fixture of DOJ FCPA enforcement, if a corporate DOJ FCPA enforcement action is the result of a criminal indictment or resulted in a guilty plea by the corporate entity to FCPA violations, there is a 75% chance that related criminal charges will be brought against a company employee. If a corporate DOJ FCPA enforcement action is resolved solely with an NPA or DPA, there is a 10% chance that criminal charges will be brought against a company employee.
[Note – the above data was assembled using the “core” approach as well as the definition of an FCPA enforcement action described in this prior post]
