Much of the content on FCPA Professor assumes a certain level of knowledge and understanding of the Foreign Corrupt Practices Act and its enforcement. However, not all readers of FCPA Professor are familiar with such issues. The below Q&A’s do not address every issue that may arise under the FCPA, but rather are designed to provide useful information to better understand the FCPA and its enforcement.
Like other features of FCPA Professor, this FCPA 101 page is offered as a free public resource. If your knowledge and understanding of the FCPA and its enforcement have been elevated by the below Q&A’s, please consider supporting FCPA Professor through a donation.
Q. When and Why was the FCPA enacted?
A. The FCPA was enacted and signed into law by President Jimmy Carter in December 1977.
In the mid-1970’s, Congress held numerous hearings in the aftermath of news and disclosures of questionable foreign corporate payments to a variety of recipients and for a variety of reasons. Congressional attention was focused on payments made by, among others, Lockheed Aircraft Corporation, Gulf Corporation, United Brands Company, Northrop Corporation, Ashland Oil, and Exxon Corporation. Each of these instances involved allegations or admissions of payments directly or indirectly to traditional foreign government officials or foreign political parties in connection with a business purpose.
Congress soon discovered that such payments were not directly prohibited under U.S. law, even if certain existing laws – such as tax and securities disclosure laws – were perhaps indirectly implicated. Congress set out to close this gap. Both the 94th and 95th Congresses, as well as the administrations of Gerald Ford and Jimmy Carter, were involved in seeking legislation to address the foreign corporate payments and approximately twenty bills were introduced in Congress. Two competing legislative approaches were generally considered by Congress: an outright prohibition of certain foreign payments and a disclosure regime of a broader category of foreign payments. The Ford Administration favored the latter approach, but the Carter Administration – which took office in January 1977 – favored prohibition and this approach ultimately became law.
For an extensive overview of the FCPA’s legislative history, see “The Story of the Foreign Corrupt Practices Act.” This article weaves together information and events scattered in the FCPA’s voluminous legislative record to tell the FCPA’s story through original voices of actual participants who shaped the law. In addition, this narrated video tutorial tells the story of the FCPA.
Q. Has the FCPA been amended since 1977?
A. Yes.
Soon after passage of the FCPA – during a time of economic recession – questions were raised whether the FCPA was harmful to U.S. business. The Carter administration sent a report to Congress that identified the FCPA as discouraging exports; the Government Accountability Office released a report (see here and here) detailing how the FCPA was riddled with complicating ambiguities and shortcomings; and the administration of newly elected President Ronald Reagan recommended decriminalizing conduct subject to the FCPA.
Beginning in 1980, Congress sought to amend the FCPA – a process that took eight years. During this time period, various bills (either stand alone bills or specific titles or sections of omnibus export or trade bills) were introduced in the 96th, 97th, 98th, 99th, and 100th Congresses.
In 1988, the FCPA was amended in Title V of the Omnibus Trade Act (Public Law 100-418). Principal amendments included the creation of an express facilitating payment exception, the creation of certain affirmative defenses, and a revised knowledge standard applicable to payments made to “foreign officials” indirectly through third-parties such as agents.
The FCPA was also amended in 1998. In December 1997, the U.S. signed the Organization for Economic Cooperation and Development (“OECD”) Convention on Combating Bribery of Foreign Public Officials in International Business Transactions. To implement certain portions of the Convention, the FCPA was amended in 1998 (Public Law 105-366). Principal amendments included the creation of a new statutory provision applicable to certain foreign companies and foreign nationals and expanded nationality jurisdiction as to U.S. companies and citizens.
In 2010 and 2011 both the U.S. Senate and House held FCPA reform hearing. (See here for a transcript of the Senate hearing “Examining Enforcement of the FCPA” and here for video of the hearing. See here for a transcript of the House hearing “Foreign Corrupt Practices Act”).
Q. What are the FCPA's main provisions?
A. The FCPA is part of the Securities Exchange Act of 1934 and it has two main provisions: (i) the anti-bribery provisions; and (ii) the books and records and internal control provisions. (See here for the FCPA).
The anti-bribery provisions are organized according to the category of entity or person covered by the FCPA. Thus, the anti-bribery provisions are often confusing upon first read. 15 U.S.C. 78dd-1 is applicable to “issuers”; 15 U.S.C. 78dd-2 is applicable to “domestic concerns”; and 15 U.S.C. 78dd-3 is applicable to “persons” other than “issuers” or “domestic concerns.”
The books and records and internal control provisions are set forth in 15 U.S.C. 78m(b)(2)(A) and 78m(b)(2)(B) respectively.
More information on these provisions, including specific statutory elements, is provided in separate Q&A’s.
Q. Who is subject to the anti-bribery provisions?
A. As described above, the anti-bribery provisions apply to “issuers,” “domestic concerns,” and “persons” other than “issuers or “domestic concerns.”
An “issuer” is generally a company (U.S. or foreign) that has a class of securities (including so-called American Depository Receipts) traded on a U.S. exchange or an entity that is otherwise required to file reports with the Securities and Exchange Commission (“SEC”).
A “domestic concern” is generally any business form (e.g., private corporations, limited liability companies, partnerships, sole proprietorships) with a principal place of business in the U.S. or organized under U.S. law. A “domestic concern” also includes “any individual who is a citizen, national, or resident of the U.S.”
As to U.S. “issuers” and “domestic concerns,” the FCPA contains both territorial jurisdiction and nationality jurisdiction. Nationality jurisdiction means that the FCPA’s anti-bribery provisions will apply even if the conduct at issue has no U.S. nexus. Thus, as to U.S. “issuers” and “domestic concerns,” the FCPA’s anti-bribery provisions are extraterritorial meaning that the FCPA can be violated even if an improper payment scheme is devised and executed entirely outside of the U.S.
As to foreign “issuers” and associated persons, the FCPA’s anti-bribery provisions apply only to the extent there is territorial jurisdiction (i.e., “use of the mails or any means of instrumentality of interstate commerce”). In SEC v. Straub, a federal trial court judge ruled in 2013, in an issue of first impression, that the FCPA’s territorial jurisdiction element could be met in an enforcement action against foreign national defendants based on allegations that e-mails in connection with the alleged bribery scheme were routed through and/or stored on network servers located within the U.S. even if the defendants did not personally know where the e-mails would be routed and/or stored. In a follow-up 2016 decision, the same judge held that “use” of an instrumentality of interstate commerce was satisfied when the foreign national’s company made required SEC filings in the U.S. because the filings were a “foreseeable consequence” of the defendants’ actions.
In addition to FCPA specific jurisdictional elements, in an FCPA enforcement action against a foreign national defendant a court must also find that it can exercise personal jurisdiction consistent with due process principles. (See SEC v. Steffen).
A “person” other than an “issuer” or “domestic concern” can generally include foreign non “issuer” companies and foreign nationals. The anti-bribery provisions will apply to such a “person” “while in the territory of the U.S. [the person makes] use of the mails or any means or instrumentality of interstate commerce” or engages in “any other act in furtherance” of an improper payment scheme. In 2010, in the so-called Africa Sting enforcement action, a federal trial court judge concluded that this jurisdictional element was not satisfied when a foreign national defendant sent a DHL package in furtherance of the alleged bribery scheme from the United Kingdom to the U.S.
Given the above categories of businesses and individuals subject to the FCPA’s anti-bribery provisions, it is myth that the FCPA only applies to U.S. companies or U.S. citizens. In fact, several of the most high-profile FCPA enforcement actions of all-time have been against foreign companies or foreign nationals. (See here, here, here, and here for example). For reasons why FCPA enforcement actions against foreign companies often yield high settlement amounts, see here.
Q. What do the anti-bribery provisions prohibit?
A. As a general matter, the anti-bribery provisions prohibit the corrupt payment of money or “anything of value” to a “foreign official” in order to “obtain or retain business.” Each of these elements is described in more detail in separate Q&A’s.
Q. What does “anything of value” mean?
A. “Foreign officials” can be influenced in many different ways other than cash payments. If you think FCPA enforcement actions are just about suitcases full of cash to bona fide, traditional foreign government officials, think again. FCPA enforcement actions frequently include allegations involving internships (see here), sports tickets (see here), travel and entertainment (see here), charitable donations (see here) and other inconsequential things of value such as flowers, cigarettes, and golf in the morning and beer drinking in the evening (see here and here).
Q. What does “foreign official” mean?
A. The FCPA defines “foreign official,” as “any officer or employee of a foreign government or any department, agency, or instrumentality thereof, or of a public international organization, or any person acting in an official capacity for or on behalf of any such government or department, agency, or instrumentality, or for or on behalf of any such public international organization.”
The FCPA does not define “department,” “agency,” or “instrumentality.”
The term “foreign official” includes traditional foreign government leaders (such as Presidents, Prime Minister and other heads of state) as well as employees of various foreign government “departments” and “agencies” such as tax officials, customs officials, and others tasked with issuing foreign government licenses, permits, certifications, etc.
Legal development of the “foreign official” element is in its infancy, specifically as to the issue of whether employees of alleged state-owned or state-controlled enterprises (so-called SOEs) in foreign countries can be an “instrumentality” of a foreign government such that all SOE employees are “foreign officials” under the FCPA.
In 2014, the 11th Circuit issued the first-ever appellate court decision (U.S. v. Esquenazi) concerning the “foreign official” element. The court stated:
“An ‘instrumentality’ [under the FCPA] is an entity controlled by the government of a foreign country that performs a function the controlling government treats as its own. Certainly, what constitutes control and what constitutes a function the government treats as its own are fact-bound questions. It would be unwise and likely impossible to exhaustively answer them in the abstract. […] [W]e do not purport to list all of the factors that might prove relevant to deciding whether an entity is an instrumentality of a foreign government. For today, we provide a list of some factors that may be relevant to deciding the issue.
To decide if the government ‘controls’ an entity, courts and juries should look to the foreign government’s formal designation of that entity; whether the government has a majority interest in the entity; the government’s ability to hire and fire the entity’s principals; the extent to which the entity’s profits, if any, go directly into the governmental fisc, and, by the same token, the extent to which the government funds the entity if it fails to break even; and the length of time these indicia have existed.
[…]
We then turn to the second element relevant to deciding if an entity is an instrumentality of a foreign government under the FCPA — deciding if the entity performs a function the government treats as its own. Courts and juries should examine whether the entity has a monopoly over the function it exists to carry out; whether the government subsidizes the costs associated with the entity providing services; whether the entity provides services to the public at large in the foreign country; and whether the public and the government of that foreign country generally perceive the entity to be performing a governmental function.”
The Esquenazi decision is the first decision of precedent (at least in federal courts in Florida, Georgia and Alabama) to address the enforcement theory that employees of alleged SOEs are “foreign officials” under the FCPA. See here for the “current landscape” (including other trial court decisions) regarding the important “foreign official” element of the FCPA’s anti-bribery provisions. In one trial court decision, U.S. v. Carson, the trial court judge issued a jury instruction titled “knowledge of status of foreign official” which stated, in pertinent part, as follows.
“The defendant offered, paid, promised to pay, or authorized the payment of money, or offered, gave, promised to give, or authorized the giving of anything of value to a foreign official; The payment or gift at issue … was to (a) a person the defendant knew or believed was a foreign official or (b) any person and the defendant knew that all or a portion of such money or thing of value would be offered, given, or promised (directly or indirectly) to a person the defendant knew or believed to be a foreign official. Belief that an individual was a foreign official does not satisfy this element if the individual was not in fact a foreign official.”
The enforcement agencies have taken the position in certain actions that an SOE can qualify as an “instrumentality” even if the foreign government is a minority investor in the enterprise (although in the FCPA Guidance jointly issued by the DOJ and SEC in 2012, the enforcement agencies state that “as a practical matter, an entity is unlikely to qualify as an instrumentality [of a foreign government and its employees as “foreign officials”] if a government does not own or control a majority of its shares”). In other respects, the enforcement agencies have deemed SOEs to be an “instrumentality” of a foreign government even though the enterprise has publicly traded stock; does business outside of its own borders; employs non-nationals; and has other attributes of a commercial business. In recent years, approximately 50% of FCPA corporate enforcement actions have been based, in whole or in part, on the enforcement theory that SOE employees are “foreign officials” under the FCPA.
Another enforcement theory that has yielded approximately 25 FCPA enforcement actions in recent years is that employees (such as physicians, nurses, mid-wives, lab personnel, etc.) of certain foreign health care systems are “foreign officials” under the FCPA. (See this prior post which details the origins and prominence of this enforcement theory).
Regarding the “public international organization” prong of the FCPA’s “foreign official” definition, in 2016 in a case of first impression a federal trial court judge concluded that this term was not unconstitutionally vague or the result of an impermissible delegation of authority. To learn more about the term “public international organization,” see here and here.
See here for an extensive overview of the FCPA’s legislative history as to the “foreign official” element. For a complete list of the alleged “foreign officials”in recent FCPA enforcement actions (see here).
Another disputed issue when it comes to “foreign official” is whether the alleged bribe payor must know the specific identity of the “foreign official” for there to be a violation of the FCPA’s anti-bribery provisions. While there is no case law of precedent on this issue, certain trial court judges have reached different conclusions. For instance, in U.S. v. O’Shea, the trial court judge noted as follows. “You can’t convict a man promising to pay unless you have a particular promise to a particular person for a particular benefit.” In SEC v. Jackson, the trial court judge disagreed and stated that “asking a third party to bribe a government official, in order to induce that official to act in one of the proscribed ways detailed in [the FCPA], would meet the statute. The government does not have to “connect the payment to a particular official.”
Q. What does “obtain or retain business” mean?
A. “Obtain or retain business” includes payments to a “foreign official” to secure a foreign government contract. Beyond such scenarios of foreign government procurement, the meaning of “obtain or retain business” is murky and subject to much dispute.
Unlike many FCPA issues, this substantive FCPA element has resulted in a circuit court opinion. In U.S. v. Kay, 359 F.3d 738 (5th Cir. 2004), the court was presented with an issue of first impression – that being whether payments to “foreign officials” to avoid paying customs duties and to lower sales taxes could satisfy the “obtain or retain business” element.
The Fifth Circuit concluded that the FCPA’s “obtain or retain” business element was ambiguous and it thus analyzed the legislative history. In short, the Fifth Circuit was convinced that Congress intended to prohibit a range of payments wider than those that only directly influence the acquisition or retention of foreign government contracts. The Fifth Circuit held that payments to a “foreign official” to lower taxes and customs duties can provide an unfair advantage to the payer over competitors and thereby assist the payer in obtaining and retaining business.
However, the Fifth Circuit stated that not all such payments outside the context of directly securing a foreign government contract violate the FCPA; it merely held that such payments “could” violate the FCPA. According to the court, the key issue is whether the payments intended to lower the company’s cost of doing business in the foreign country enough to assist it in obtaining or retaining business. The Fifth Circuit recognized that “there are bound to be circumstances” in which a customs or tax reduction merely increases the profitability of an existing profitable company and thus, presumably, does not assist the payer in obtaining or retaining business. The court specifically stated: “[i]f the government is correct that anytime operating costs are reduced the beneficiary of such advantage is assisted in getting or keeping business, the FCPA’s language that expresses the necessary element of assisting in obtaining or retaining business would be unnecessary, and thus surplusage – a conclusion that we are forbidden to reach.”
Given the Kay holding, it is a highly fact-dependent question whether a payment to a “foreign official” outside the context of a specific foreign government contract satisfies the “obtain or retain business” element. Despite the equivocal nature of the Kay holding, there has been a significant increase in FCPA enforcement actions since the decision where the alleged improper payment involves customs duties and tax payments or is otherwise alleged to have assisted the payer in securing foreign government licenses, permits, and certifications which assisted the payer in generally doing business in a foreign country. (See here for example).
The significant increase in non-foreign government procurement type enforcement actions post-Kay is despite the fact that the enforcement agencies were 0-2 on this enforcement theory pre-Kay when put to its burden of proof. For instance, in 1989 the DOJ charged Alfredo Duran with conspiracy to violate the FCPA’s anti-bribery provisions. According to the charging documents, Duran conspired to make payments to officials of the Dominican Republic in order to obtain the release of two aircraft seized by the government of the Dominican Republic. Duran pleaded not guilty and put the DOJ to its burden of proof at trial. At the close of the DOJ’s case, Duran filed a motion for judgment of acquittal and argued that “no reasonable jury could find that the purpose of any of the alleged intended payments was to assist […] in obtaining or retaining business.” Duran’s motion stated that “any intended payment was simply for the purpose of hurrying along a bureaucratic process.” The trial court judge granted the motion and ordered an acquittal. (See here for the prior post). Likewise, in SEC v. Mattson, at issue was whether alleged goodwill payments to an Indonesian tax official for a reduction in a tax assessment fell under the FCPA’s anti-bribery provisions. The SEC claimed that the FCPA’s unambiguous language plainly encompassed such payments and the issue before the court on a motion to dismiss was whether the plain language of the FCPA prohibited such payments. The court rejected the SEC’s arguments and granted the motion to dismiss. (See here for the opinion).
Q. Does the FCPA have any exceptions or affirmative defenses?
A. Yes. The anti-bribery provisions contain one exception and two affirmative defenses.
The anti-bribery provisions “shall not apply to any facilitating or expediting payment to a foreign official … the purpose of which is to expedite or to secure the performance of a routine government action by a foreign official …”.
The FCPA’s legislative history states that the law was “deliberately cast in terms which differentiate between [corrupt payments] and facilitating payments” and that the FCPA would not “reach payments made to secure permits, licenses, or the expeditious performance of similar duties of an essentially ministerial or clerical nature …”. Congress recognized that such payments “may be reprehensible in the United States” but “that they are not necessarily so viewed elsewhere in the world and that it is not feasible for the United States to attempt unilaterally to eradicate all such payments.”
The anti-bribery provisions contain two affirmative defenses. The first is for the payment of “anything of value” “lawful under the written laws and regulations” of the foreign official’s country. The second is if the payment of “anything of value” “was a reasonable and bona fide expenditure, such as travel and lodging expenses, incurred by or on behalf of a foreign official … and was directly related to (A) the promotion, demonstration, or explanation of products or services; or (B) the execution or performance of a contract with a foreign government or agency thereof.”
Many FCPA enforcement actions allege conduct that would seem to implicate the above provisions, particularly the FCPA’s facilitating payment exception. (See here and here for examples). Yet, as with most FCPA enforcement actions, these actions are typically resolved without judicial scrutiny. As noted by a former high-ranking SEC FCPA enforcement attorney “the fact that the FCPA’s twin enforcement agencies have treated certain payments as prohibited despite their possible categorization as facilitating payments does not mean a federal court would agree” and the enforcement agencies “narrow interpretation of the facilitating payment exception is making that exception ever more illusory regardless of whether the federal courts – or Congress – would agree.” (See here).
Indeed, in 2012 in SEC v. Jackson, a case of first impression concerning facilitating payment pleading requirements, the trial court found “that the evolution of the [FCPA] strongly supports the conclusion that the SEC must bear the burden of negating the ‘facilitating’ payments exception” and that “the facilitating payments exception is best understood as a threshold requirement to pleading that a defendant acted ‘corruptly.'” Subsequently in the same case, a federal trial court judge stated in connection with denying summary judgment motions, “I have such trouble understanding the facilitating payment exception.”
Q. Can a third-party subject a company to anti-bribery violations?
A. Yes.
A significant percentage of anti-bribery violations against business organizations are based on the conduct of agents, representatives, distributors, or joint venture partners (collectively third-parties). Utilizing third-parties in foreign markets is often required pursuant to local law or otherwise common as third parties know best the local business landscape and how to get things done. However, knowing the local business landscape and how to get things done can also mean making improper payments on a company’s behalf in violation of the anti-bribery provisions.
The anti-bribery provisions prohibit not only direct payments to a “foreign official” to “obtain or retain business,” but also payments to “any person” (such as a third-party) “while knowing that all or a portion of such money or thing of value” will be provided to a “foreign official.”
The anti-bribery provisions state that “a person’s state of mind is ‘knowing’ with respect to conduct, a circumstance, or a result if (i) such person is aware that such person is engaging in such conduct, that such circumstance exists, or that such result is substantially certain to occur; or (ii) such person has a firm belief that such circumstance exists or that such result is substantially certain to occur.”
The anti-bribery provisions further state: “When knowledge of the existence of a particular circumstance is required for an offense, such knowledge is established if a person is aware of a high probability of the existence of such circumstance, unless the person actually believes that such circumstance does not exist.”
As evident from these provisions, it is a highly fact-dependent analysis whether one can be subject to FCPA liability for the actions of a third-party based on “knowledge” of the third-party’s conduct.
For instance, in U.S. v. Bourke, 667 F.3d 122 (2d Cir. 2011), the court affirmed the defendant’s conviction of conspiring to violate the FCPA. The court generally held that the defendant enabled himself to participate in a bribery scheme without acquiring actual knowledge of the specific conduct at issue and that such conscious avoidance, even if supported primarily by circumstantial evidence, is sufficient to warrant FCPA-related charges.
Because of the FCPA’s “third-party payment provisions,” it is important for those subject to the anti-bribery provisions that utilize third-parties to conduct pre-engagement due diligence and to adopt policies and procedures regarding the engagement and post-engagement obligations of the third-party.
Q. What do the books and records and internal control provisions prohibit?
A. The FCPA has always been a law much broader than its name suggests. The foreign corporate payments discovered in the mid-1970’s were often recorded in separate books and records or otherwise misrecorded. Thus, at the SEC’s urging, Congress included books and records and internal control provisions in the FCPA.
The books and records provision requires that “issuers” “make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer.”
The internal controls provision requires that “issuers” “devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that:” among other things, “transactions are executed in accordance with management’s general or specific authorization;” “access to assets is permitted only in accordance with management’s general or specific authorization;” and “transactions are recorded as necessary to permit a preparation of financial statements in conformity with generally accepted accounting principles … and to maintain accountability for assets.”
As evident from the above description, the FCPA’s books and records and internal control provisions are generic and can be implicated in purely domestic scenarios that have nothing to do with payments to “foreign officials” to “obtain or retain business.” (See here for an example of so-called non-FCPA, FCPA enforcement actions). Because payments to a “foreign official” to “obtain or retain business” are frequently concealed or otherwise misrecorded on a company’s books and records (such as “miscellaneous expenses,” “cost of goods sold” etc.), the books and records provision can also be implicated in a typical FCPA scenario.
When improper payments are made, the enforcement agencies will generally assert that the internal control provisions were also violated on theory that the payments would have been detected and never paid if the company had proper internal controls (such as effective FCPA compliance policies, adequate supervision and control of foreign managers or third-party agents, sufficient checks and balances for spending corporate money, etc).
The FCPA specifically states that ‘where an issuer … holds 50% or less of the voting power with respect to a domestic or foreign firm [the books and records and internal control provisions] require only that the issuer proceed in good faith to use its influence, to the extent reasonable under the issuer’s circumstances, to cause such domestic or foreign firm to devise and maintain a system of internal accounting controls consistent with [the above stated provisions.]” This provision further provides as follows. “Such circumstances include the relative degree of the issuer’s ownership of the domestic or foreign firm and the laws and practices governing the business operations of the country in which such firm is located. An issuer which demonstrates good faith efforts to use such influence shall be conclusively presumed to have complied with the requirements of [the books and records and internal control provisions].”
Despite this statutory provision, the enforcement agencies routinely charge parent companies – in what is akin to a strict liability theory – for the books and records and internal control violations of indirect subsidiaries and affiliates, even in the absence of any allegation that the parent company lacked good faith or participated in or had knowledge of the conduct at issue (See here for example). Indeed, in certain instances enforcement of the FCPA’s books and records and internal controls provisions is akin to “standardless” enforcement. (To learn more see here and here).
As with many securities laws provisions, knowingly circumventing or knowingly failing to implement a system of internal accounting controls or knowingly falsifying any book, record, or account, can be the basis for criminal liability. (See here and here examples).
Despite the generic nature of the FCPA’s books and records and internal controls provisions, there is surprisingly only one judicial decision that directly addresses the substance of these provisions. The pertinent holding of SEC v. World-Wide Coin Investments, 567 F.Supp. 724 (N.D. Ga. 1983) is as follows.
“The definition of accounting controls does comprehend reasonable, but not absolute, assurances that the objectives expressed in it will be accomplished by the system. The concept of “reasonable assurances” contained in [internal control provisions] recognizes that the costs of internal controls should not exceed the benefits expected to be derived. It does not appear that either the SEC or Congress, which adopted the SEC’s recommendations, intended that the statute should require that each affected issuer install a fail-safe accounting control system at all costs. It appears that Congress was fully cognizant of the cost-effective considerations which confront companies as they consider the institution of accounting controls and of the subjective elements which may lead reasonable individuals to arrive at different conclusions. Congress has demanded only that judgment be exercised in applying the standard of reasonableness. […] It is also true that the internal accounting controls provisions contemplate the financial principle of proportionality—what is material to a small company is not necessarily material to a large company.”
The books and records and internal control provisions only apply to “issuers.” However, best practices is for any company to follow the provisions. As the FCPA Guidance rightly notes, “good internal controls can prevent not only FCPA violations, but also other illegal or unethical conduct by the company, its subsidiaries, and its employees” such as financial fraud, commercial bribery, export controls violations, and embezzlement or self-dealing by company employees.
Q. Which agencies enforce the FCPA?
A. The FCPA has dual enforcers – the DOJ and the SEC. (See here for the DOJ’s FCPA website, here for the SEC’s FCPA website).
The DOJ, a criminal law enforcement agency, is the sole agency responsible for criminal enforcement of the anti-bribery provisions and willful violations of the books and records and internal control provisions. The DOJ has jurisdiction over “issuers,” “domestic concerns,” and “persons” other than “issuers” and “domestic concerns” as those terms are described above.
Per DOJ policy, “no investigation or prosecution of cases involving alleged violations of the antibribery provisions of the Foreign Corrupt Practices Act … or of related violations of the FCPA’s record keeping provisions … shall be instituted without the express authorization of the Criminal Division.” Thus, unlike other areas of criminal law, DOJ’s enforcement of the FCPA is highly centralized and very few individuals possess decision making authority and discretion.
The SEC, a civil law enforcement agency, has jurisdiction over “issuers” (and its employees and agents) and can bring civil charges for violations of the anti-bribery provisions and the books and records and internal controls provisions. In recent years, the SEC has also brought enforcement actions against non-issuers for violating such provisions on the theory that the defendant, while acting as an agent of an issuer, violated such provisions and/or aided or abetted issuer violations. (See here for example).
Assuming both the DOJ and SEC have jurisdiction as to any particular matter, it is common for both agencies to be involved in the same core enforcement action and for both the DOJ and SEC enforcement actions to be announced and resolved on the same day.
In 2012, the DOJ and SEC jointly issued FCPA Guidance. Despite enforcement agency comments that one of its objectives in issuing the Guidance was to outline what the law is, it is important to understand that the Guidance does not represent the law. To state the obvious, Congress declares the law and courts interpret the law. Rather, the Guidance represents DOJ’s and the SEC’s interpretations of the FCPA and the agencies’ enforcement policies and procedures.
Indeed, the former chief of the DOJ fraud section stated that the Guidance is ‘‘more of a scrapbook of past DOJ and SEC successes than a guide book for companies who care about playing by the rules.” Moreover, the Guidance contains the following qualification.
“It is non-binding, informal, and summary in nature, and the information contained herein does not constitute rules or regulations. As such, it is not intended to, does not, and may not be relied upon to create any rights, substantive or procedural, that are enforceable at law by any party, in any criminal, civil, or administrative matter. It is not intended to substitute for the advice of legal counsel on specific issues related to the FCPA. It does not in any way limit the enforcement intentions or litigating positions of the U.S. Department of Justice, the U.S. Securities and Exchange Commission, or any other U.S. government agency.”
For an analysis of the FCPA Guidance, see “Grading the FCPA Guidance.”
In 2016, the DOJ released a policy document titled “The Fraud Section’s FCPA Enforcement Plan and Guidance” (the so-called FCPA Pilot Program) designed to “enhance its efforts to detect and prosecute both individuals and companies for violations of the FCPA.”
For more on the Pilot Program, see here. For an analysis of the Pilot Program, see “Grading the DOJ’s FCPA Pilot Program.”
Q. How do the enforcement agencies typically find out about FCPA issues?
A. FCPA enforcement actions can originate from a number of sources including: voluntary disclosures; international law enforcement cooperation; U.S. embassy, civil society, and media reporting; sting operations; competitor complaints or concerns; and whistleblower complaints. For other origins of FCPA enforcement actions, see here and here. This post provides a comprehensive summary of the origins of recent FCPA enforcement actions.
In recent years, the majority of corporate FCPA enforcement actions (and related individual enforcement actions) have resulted from voluntary disclosures. As a general matter, voluntary disclosure means a company’s lawyer, during or after an internal investigation of conduct that may implicate the FCPA, contacts the DOJ and SEC (if applicable) to schedule a meeting during which the lawyer will disclose conduct that may implicate the FCPA. For potential conflicts of interests concerning voluntary disclosures, see here and here.
The FCPA does not require such affirmative disclosure, as even the DOJ states in the FCPA Pilot Program ” nothing in the Guidance is intended to suggest that the government can require business organizations to voluntarily self-disclose, cooperate, or remediate. Companies remain free to reject these options and forego the credit available under the pilot program.”
However, given application of the DOJ Principles of Prosecution of Federal Business Organizations and the U.S. Sentencing Guidelines (topics discussed in a separate Q&A), a company may choose to voluntarily disclose conduct that may implicate the FCPA even though the enforcement agencies, in many cases, may likely never find out about the conduct. The enforcement agencies actively encourage voluntary disclosure and have stated that such disclosures will result in less harsh treatment of FCPA violators. However, the merit of this position is subject to much dispute.
In short, given the controversies surrounding voluntary disclosure corporate counsel and others making business decisions on behalf of an organization need to understand that thoroughly investigating an issue, promptly implementing remedial measures, and effectively revising and enhancing compliance policies and procedures – all internally and without disclosing to the enforcement agencies – is a perfectly acceptable, legitimate, and legal response to FCPA issues in but all the rarest of circumstances.
Q. How long does FCPA scrutiny tend to last?
A. As highlighted here, FCPA scrutiny typically lasts between 2-4 years from the point of first disclosure (whether an SEC filing or other instance of public disclosure) to the point of any FCPA enforcement action. In certain cases, such scrutiny has lasted between 6-8 years. Former DOJ officials have offered some of the most vocal critiques regarding long-lasting FCPA scrutiny. (See here, here and here).
The long period of scrutiny is largely a function of the “where else” question (as well as the lack of any meaningful enforcement agency time constraints – an issue discussed in a separate Q&A regarding statute of limitations).
For instance, every instance of FCPA scrutiny will have a point of entry – for instance a company’s conduct in China is under investigation. However, typically before the enforcement agencies will agree to resolve any enforcement action, the agencies will ask something along the following lines – if the conduct occurred in China, demonstrate to us that similar conduct did not also occur in countries a, b, and c. In short, the “where else” often results in the company doing a world-wide review of its operations which takes time and is largely the reason for the high level of pre-enforcement action professional fees and expenses discussed in a separate Q&A. For more on the “where else” question see this post, and for a look inside an FCPA investigation see this post.
Other reasons for the typically long period of FCPA scrutiny can include the following: DOJ and SEC enforcement actions tend to be announced on the same day and it is common for one agency to wait for the other agency to conclude its investigation and deliberation; and attrition at the enforcement agencies tends to be high and it is not uncommon for DOJ/SEC employee turnover to delay conclusion of FCPA investigations.
Q. What is the FCPA’s statute of limitations?
A. The FCPA does not have a specific statute of limitations. Rather, the five year “catch-all” provisions in 18 USC 3282 (for criminal actions) and 28 USC 2462 (for civil actions) apply.
Despite this general limitations period, if one digs into the details of many FCPA enforcement actions (see here for example) one quickly discovers that many actions involve conduct that occurred 5-7 years, 7-10 years, and in some instances 10-15 years prior to the enforcement action. The reasons for this can include the following.
Given the “carrots” and “sticks” relevant to resolving an FCPA enforcement action, cooperation is often the name of the game in corporate FCPA inquiries and to assert statute of limitations issues is not cooperating. Indeed, one of the first steps a company will often do after disclosing conduct to the enforcement agencies is enter into a tolling agreement and/or agree to waive statute of limitations defenses.
In addition, if the DOJ charges a conspiracy, as it often does in FCPA enforcement actions, the five year limitations period may not begin to start until the last overt act in furtherance of the conspiracy occurs. Furthermore, under 18 USC 3292, in a criminal case the DOJ can seek, before return of an indictment, to suspend the limitations period if seeking evidence located in a foreign country.
In SEC v. Straub, 2013 WL 466600 (S.D.N.Y. 2013), the court ruled, in an issue of first impression concerning 28 USC 2462, that the limitations period did not begin to run because the foreign national defendants were not physicially present in the U.S.
Q. How are FCPA enforcement actions typically resolved?
A. The U.S. used to have a law enforcement system whereby companies suspected of wrongdoing were prosecuted criminally and/or civilly and whereby companies that did not engage in provable wrongdoing were not prosecuted. That system has, to a large extent, been abandoned particularly when it comes to FCPA enforcement.
Nearly every DOJ FCPA enforcement action against a company in this new era of FCPA enforcement involves a non-prosecution agreement (“NPA”) or a deferred prosecution agreement (“DPA”).
An NPA (see here for an example) is not filed with a court, but instead is a privately negotiated agreement between the DOJ and the company whereby the DOJ agrees not to prosecute the company if it acknowledges responsibility for the conduct at issue and agrees to a host of compliance undertakings.
A DPA (see here for an example) is technically filed with a court and thus has the same appearance as a criminal indictment or information. However, as negotiated between the DOJ and the company, the DOJ agrees to defer prosecution of the company (usually for a two to three year period) if the company acknowledges responsibility for the conduct at issue and agrees to a host of compliance undertakings. After the relevant time period, the DOJ dismisses the criminal charges filed, but never prosecuted.
NPAs and DPAs have been used to resolve other substantive criminal offenses, yet in any given year a significant percentage of all NPAs and DPAs are used to resolve FCPA enforcement actions. For an in-depth analysis of NPAs and DPAs in the FCPA context, see “Measuring the Impact of NPAs and DPAs on FCPA Enforcement.”
This type of resolution vehicle was first used in an FCPA enforcement action in 2004 and use of these vehicles has steadily risen since then. Although the DOJ has steadfastly defended these alternative resolution vehicles (see here), use of NPAs and DPAs remain controversial. For instance, former Attorney General Alberto Gonzales has stated that NPAs and DPAs do not necessarily reflect instances of companies violating the FCPA, but rather companies feel compelled to agree to the agreements. Gonzales stated that reliance on NPAs and DPAs has made it “easy, much easier quite frankly” for the DOJ to resolve FCPA inquiries, that such resolution vehicles have “less of a toll” on the DOJ’s budget and that such agreements “provide revenue” to the DOJ.
Indeed, use of NPAs and DPAs to resolve alleged FCPA violations presents two distinct, yet equally problematic public policy issues. The first is that such vehicles, because they do not result in any actual charges filed against a company, and thus do not require the company to plead to any charges, allow egregious instances of corporate conduct to be resolved too lightly without adequate sanctions and without achieving maximum deterrence. The second is that such vehicles, because of the “carrots” and “sticks’ relevant to resolving a DOJ enforcement action, often nudge companies to agree to these vehicles for reasons of risk-aversion and efficiency and not necessarily because the conduct at issue actually violates the law. Thus, use of NPAs or DPAs allow “under-prosecution” of egregious instance of corporate conduct while at the same time facilitate the “over-prosecution” of business conduct.
As highlighted here, in 2016 the DOJ invented yet another way to resolve alleged FCPA violations – the so-called declination with disgorgement.
In short, from 1977 to 2004, there were only two ways in which the DOJ resolved alleged instances of FCPA scrutiny: it either charged the company or did not charge the company. In 2004 and thereafter, the DOJ brought non-prosecution agreements and deferred prosecution agreements to the FCPA context. In 2016 unveiled declinations with disgorgement. Given the ways the SEC resolves alleges instances of corporate FCPA scrutiny: a civil complaint; a non-prosecution agreement; a deferred prosecution agreement; and an administrative action – FCPA enforcement resembles more a buffet line than law traditional law enforcement.
In the FCPA’s history, only two companies are believed to have challenged the DOJ in an adversary proceeding and put the DOJ to its high burden of proof at trial. In 1991, Harris Corporation (and certain of its executives) prevailed in an FCPA trial when the judge granted a verdict of acquittal after the DOJ’s evidence (see here). In 2011, Lindsey Corporation (and certain of its executives) were found guilty by a federal jury of conspiracy to violate the FCPA and substantive FCPA violations. However, the convictions were vacated and the charges dismissed after the trial court judge found numerous instances of prosecutorial misconduct (see here).
Individuals, unlike a company, can be deprived of their liberty and put in jail. Thus, it is not surprising that more individuals elect to put the DOJ to its burden of proof at trial. The DOJ’s record in individual FCPA trials during the FCPA’s history is mixed and the fact remains that the DOJ has an overall losing record in such actions. (See here for the article “What Percentage of DOJ FCPA Losses is Acceptable?”). An individual FCPA defendant can also agree, as many do, to a plea agreement before trial. By pleading guilty, an individual FCPA defendant will likely receive a lower sentence, particularly if the individual agrees to cooperate in the investigation and prosecution of others. (See here).
In terms of SEC enforcement, FCPA inquiries are typically resolved either through a settled civil complaint (see here for example) or an administrative order (see here for example). In both instances, a defendant is typically allowed to settle the enforcement action without admitting or denying the SEC’s allegations. As the influential Second Circuit court of appeals stated “trials are primarily about truth … [SEC settlements] are primarily about pragmatism.”
In 2010, the SEC also brought NPAs and DPAs to FCPA enforcement. However, because of the above-referenced SEC administrative actions, SEC use of the NPAs and DPAs is less frequent compared to the DOJ’s.
In short, the common thread in most FCPA resolution vehicles is the lack of any meaningful judicial scrutiny. Thus, in connection with most instances of FCPA scrutiny two distinct, yet separate, questions can be asked. The first question, and the easiest, is whether, given the DOJ’s and SEC’s enforcement theories, the conduct at issue can expose a company to FCPA scrutiny and an FCPA enforcement action? The answer to this question is often yes. The second question, and more important one, is whether Congress in passing the FCPA intended to capture the alleged conduct at issue and whether a court would find the alleged conduct in violation of the FCPA. The answer is to this question is often debatable.
Q. How are FCPA fines, penalties, and sentences calculated?
A. Even though the FCPA contains criminal and civil fine and penalty amounts, these amounts are often of little importance in arriving at actual fine and penalty amounts assessed in an FCPA enforcement action.
Under the Alternative Fines Act, an FCPA criminal violation can result in a fine up to twice the benefit the payor sought to obtain through the improper payment. Moreover, the advisory U.S. Sentencing Guidelines are used to calculate an advisory penalty range. (See here for the provisions applicable to corporate conduct). Factors under the Guidelines that can affect a criminal fine include: the number of employees in the organization; whether high-level personnel were involved in or condoned the conduct; prior criminal history; whether the organization had a pre-existing compliance and ethics program; voluntary disclosure; cooperation; and acceptance of responsibility.
The DOJ’s Guidelines calculations are generally publicly available (see here for an example) at least when a deferred prosecution agreement or plea are used to resolve an FCPA enforcement action. When a non-prosecution agreement is used to resolve an FCPA enforcement action, calculations of the fine amount are seldom transparent.
The below table sets forth the largest corporate FCPA settlements. (Note the figures below represent net FCPA settlement amounts after accounting for certain credits or deductions in a few enforcement actions involving foreign companies).
Company | Amount | Year |
1. Ericsson | $1.06 billion
(DOJ – $520 million) (SEC – $540 million) |
2019 |
2. MTS | $850 million
(DOJ – $750 million) (SEC – $100 million) |
2019
|
3. Siemens | $800 million
(DOJ – $450 million) (SEC – $350 million) |
2008 |
4. Alstom | $772 million
(DOJ – $772 million) |
2014 |
5. KBR / Halliburton | $579 million
(DOJ – $402 million) (SEC – $177 million) |
2009 |
6. Teva Pharmaceutical | $519 million
(DOJ – $283 million) (SEC – $236 million) |
2016 |
7. Telia | $483 million
(DOJ – $275 million) (SEC – $208 million) |
2017 |
8. Och-Ziff | $412 million
(DOJ – $213 million) (SEC – $199 million) |
2016 |
9. Total | $398 million
(DOJ – $245 million) (SEC – $153 million) |
2013
|
10. VimpelCom | $397.5 million
(DOJ – $230 million) (SEC – $167.5 million) |
2016 |
Even though FCPA enforcement actions in this new era have resulted in several large corporate settlement amounts, it would be inaccurate to conclude from the above chart that every FCPA enforcement action yields settlement amounts in the hundreds or tens of millions. (See here and here for example).As to individuals who violate the FCPA, criminal sentences are also based on the advisory Guidelines. Factors under the Guidelines that can affect an individual’s sentence include: the number of bribe payments; the amount of bribe payments; the individual’s role in the scheme; and the individual’s background and criminal history. (See here for example).
In 2011, Joel Esquenazi received a 15 year prison sentence for FCPA and related offenses – the longest sentence ever imposed in an FCPA enforcement action. The previous record was approximately 7 years given to Charles Jumet in 2010 for FCPA and related offenses. Notwithstanding the above sentences, the majority of individual FCPA sentences fall between probation and 24 months in prison – despite much longer DOJ sentencing recommendations.
In addition to prison sentences, individuals can also face monetary fines in DOJ FCPA enforcement actions. For instance, Jeffrey Tesler, the U.K. consultant at the center of the massive Bonny Island bribery scheme, agreed to forfeit approximately $149 million as part of his plea agreement. In another action, Paul Novak was ordered to pay a $1 million criminal fine, among the largest individual criminal fines in FCPA history.
The SEC is empowered to seek a variety of sanctions in an enforcement action such as monetary penalties, disgorgement of ill-gotten gains, pre-judgment interest, an injunction, or a cease and desist order prohibiting current and future violations. The most significant monetary portion of a corporate SEC FCPA enforcement action is often disgorgement and prejudgment interest (including in cases where the SEC does not charge an anti-bribery violation, a controversial issue – see here).
There is little transparency of monetary settlement amounts in SEC FCPA enforcement actions. For instance, certain enforcement actions include a civil penalty, disgorgement and prejudgment interest; certain other enforcement actions include only disgorgement and prejudgment interest; certain other enforcement actions include only disgorgement and a civil penalty; certain other enforcement actions include only disgorgement; and certain other enforcement actions include only a civil penalty.
In an individual SEC FCPA enforcement action, defendants can be ordered to pay a disgorgement amount and/or a civil penalty. For instance, in a 2016 enforcement action against Daniel Och (CEO of the hedge fund Och-Ziff) Och agreed to pay approximately $2.2 million (the vast majority of which was a disgorgement amount), the largest settlement amount in FCPA history by an individual in an SEC action.
The above described DOJ and SEC fine and penalty amounts in FCPA enforcement actions are in addition to pre-enforcement action and post-enforcement action professional fees and expenses (discussed below in a separate Q&A regarding the business effects of FCPA scrutiny).
Q. Besides FCPA settlement amounts, what other business effects can result from FCPA scrutiny?
A. FCPA scrutiny and enforcement can have several negative business effects on a company, in addition to any ultimate fine and penalty amount announced on enforcement action day.
Professional fees and expenses (lawyer fees, forensic accounting fees, data retrieval, analysis, etc) associated with FCPA scrutiny often exceed fine and penalty amounts assessed by the DOJ and/or SEC. For instance, at certain points during its FCPA scrutiny Wal-Mart disclosed pre-enforcement action professional fees and expenses and/or compliance enhancements of approximately $1.2 million per working day. Avon Products resolved an FCPA enforcement for $135 million, yet disclosed approximately $550 million in pre-enforcement action professional fees and expenses.
In short, pre-enforcement action professional fees and expenses typically exceed by a 3, 5, or 7:1 ratio settlement amounts in an FCPA enforcement action. (See here for a 170:1 ratio). Whether such pre-enforcement action professional fees and expenses are warranted or whether FCPA scrutiny and enforcement has turned into a boondoggle for FCPA Inc. is an open question. For instance, due to the increased public attention on pre-enforcement action professional fees and expenses DOJ officials have stated “we do not expect companies to aimlessly boil the ocean.”
FCPA scrutiny has also, in certain instances, adversely affected a company’s stock price and cost of capital as credit rating agencies may downgrade corporate debt. In addition, in certain instances, FCPA scrutiny has delayed or otherwise terminated merger and acquisition transactions and/or resulted in shareholder litigation for alleged securities laws violations or state law claims for officer/director breach of fiduciary duty. FCPA scrutiny can also impact executive leadership and compensation issues as well as distract executive leadership from other business endeavors.
For additional reading on this topic, see “Foreign Corrupt Practices Act Ripples.”
For the above reasons, FCPA scrutiny and exposure is not just a legal issue, but a business issue as well that needs to be on the radar screen of business leaders operating in the global marketplace.
Q. Why has FCPA enforcement generally increased?
A. The FCPA is a law most logically implicated when doing business in international markets. Thus, as more companies (large and small and across a variety of industry sectors) have moved into international markets, it is not surprising to see FCPA enforcement increase.
The passage of Sarbanes Oxley in 2002 has also impacted FCPA enforcement. Section 404 of SOX requires issuers to assess and report on the effectiveness of its internal controls over financial reporting. As a general matter, this requirement has caused issuers to more actively investigate questionable transactions particularly in foreign subsidiaries whose books and records are consolidated with the issuers for purposes of financial reporting. Indeed, when asked during the Senate’s 2010 FCPA hearing and the House’s 2011 FCPA hearing about reasons for the general increase in FCPA enforcement, the DOJ’s witness specifically mentioned SOX.
Other factors often cited as the cause of increased FCPA enforcement include: increased enforcement agency resources; increased focus on business activity by foreign law enforcement agencies and resulting information sharing with U.S. law enforcement; and increased monitoring of business conduct by the media, non-governmental organizations and civil society.
Another practical reason FCPA enforcement has generally increased is because of the buffet of options the DOJ/SEC have created to resolve alleged FCPA violations (a topic discussed in more detail in a separate Q&A). Indeed, a former high-ranking DOJ FCPA enforcement official stated that if the DOJ “only had the option of bringing a criminal charge or declining to bring a case [as opposed to the third option of using an NPA or DPA], you would certainly bring fewer cases.” The OECD, in its Phase 3 Report of the U.S. FCPA Enforcement Program, noted that “it seems quite clear that the use of these agreements is one of the reasons for the impressive FCPA enforcement record in the U.S.” (See here). In short, the FCPA has not changed since 1998, and a former high-ranking DOJ FCPA enforcement official stated that “what’s really changed is not so much the legislation, but the enforcement and approach to enforcement by U.S. authorities” (see here).
Yet another practical reason, perhaps it is provocative as well, is new and creative enforcement theories.For instance, as highlighted above in connection with “foreign official,” approximately 25 corporate FCPA enforcement actions have been based on the theory that individuals (such as physicians) employed by foreign healthcare systems are “foreign officials.” As to the validity and legitimacy of this enforcement theory, it is worth noting that it has never been used in connection with individual FCPA enforcement action. In addition, as highlighted above as well, several corporate enforcement actions have labeled internship and hiring practices as being bribery.
A provocative reason for the increase in FCPA enforcement is that many believe FCPA enforcement has become a “cash cow” for the U.S. government. (See here). Most notably, a former high-ranking DOJ FCPA enforcement official has stated that “the government sees a profitable program, and it’s going to ride that horse until it can’t ride it anymore.” (see here).
The emergence of FCPA Inc. and the prominence of voluntary disclosures have also contributed to the general increase in FCPA enforcement. As another former high-ranking DOJ FCPA enforcement official has stated “this is good business for law firms … accounting firms … consulting firms, the media – and Justice Department lawyers who create the marketplace and then get [themselves] a job” in the private sector. (See here). For additional articles discussing this dynamic, see here and here.
Thus, the increase in FCPA enforcement has both practical and perhaps provocative reasons.
Despite the general increase in FCPA enforcement actions during the past decade, one needs a proper perspective of FCPA enforcement statistics. In this era of FCPA enforcement, a typical FCPA enforcement action will include a DOJ and SEC enforcement action against the corporate parent, likely a DOJ enforcement action against related subsidiaries, and occasionally related DOJ and/or SEC enforcement actions against culpable individuals. All of these enforcement actions are based on the same core set of conduct.
However, many FCPA Inc. participants have adopted creative and haphazard counting methods to make FCPA enforcement appear more robust than it actually is. To learn more about these methods, see the article “A Common FCPA Language to Remedy Distorted FCPA Enforcement Statistics.”
Q. Are companies that resolve FCPA enforcement actions “bad” or “unethical”?
A. In some cases yes, in most cases no.
Certain FCPA enforcement actions are based on allegations that executive management or the board was involved in or condoned the improper conduct at issue. (See here, here and here for examples). However, this type of FCPA enforcement action is not typical.
A typical FCPA enforcement action involves allegations that a small group of people (or perhaps even a single individual) within a subsidiary or business unit engaged in conduct in alleged violation of the FCPA. Yet because of respondeat superior principles, the company is exposed to FCPA liability even if the employee’s conduct was contrary to the company’s pre-existing FCPA policies and procedures. Such pre-existing policies and procedures might be relevant to charging decisions under the Principles of Prosecution as well as to the ultimate fine amount under the Sentencing Guidelines, but are not relevant to liability as a matter of law.
This theory of corporate criminal liability is subject to much controversy and in conflict with similar corporate criminal liability principles in other countries. For instance, under the United Kingdom Bribery Act, the U.K. Ministry of Justice recognizes that “no policies or procedures are capable of detecting and preventing all bribery.” Thus, the Bribery Act provides a “full defense if [a company] can show that despite a particular case of bribery it nevertheless had adequate procedures in place to prevent persons associated with it from bribing.”
In the mid-1980’s numerous FCPA reform bills included a specific defense under which a company would not be held liable for a violation of the FCPA’s anti-bribery provisions by its employees or agents, who were not an officer or director, if the company established procedures reasonably designed to prevent and detect FCPA violations by employees and agents. Such a compliance defense passed the U.S. House, but was never made part of the FCPA’s 1988 amendments.
To learn more how an FCPA compliance defense could better incentivize more robust corporate compliance, reduce improper conduct, and thus best advance the FCPA’s objective of reducing bribery, see “Revisiting an FCPA Compliance Defense.”
Also relevant to the question of whether companies that resolve FCPA enforcement actions are “bad” or “unethical” is the fact that most FCPA enforcement actions (as discussed in a separate Q&A) are based on the conduct of third-parties under the FCPA’s third-party payment provisions. Further, certain FCPA enforcement actions are based on successor liability theories whereby an acquiring company is held liable for the acquired company’s FCPA liability. (See here for example).
Finally, given the resolution vehicles typically used to resolve an FCPA enforcement – such as non-prosecution and deferred prosecution agreements (“NPAs” and “DPAs”) (topics discussed in more detail in a separate Q&A), companies subject to FCPA scrutiny often decide it is quicker, more cost efficient, and more certain to agree to such a resolution vehicle rather than engage in long-protracted litigation with the DOJ or SEC. These resolution vehicles do not require the company to plead guilty to anything (or typically admit the allegations in the SEC context), are not subject to meaningful judicial scrutiny, and do not necessarily represent the triumph of one party’s legal position over the other. Rather settlement through such a resolution vehicle often reflects a risk-based decision grounded in issues other than facts or the law. Indeed, a former high-ranking DOJ FCPA enforcement official has stated that given the availability of such alternative resolution vehicles, “it is tempting for the [DOJ], or the SEC since it too now has these options available, to seek to resolve cases through DPAs or NPAs that don’t actually constitute violations of the law.”
To understand why a company would agree to resolve an FCPA inquiry even if valid and legitimate defenses are available or if mitigating facts are relevant to the alleged conduct, it is necessary to understand the “carrots” and “sticks” relevant to resolving a DOJ enforcement action – namely the DOJ’s Principles of Federal Prosecution of Business Organizations (here).
The Principles of Prosecution, found in the U.S. Attorneys’ Manual, set forth the factors prosecutors “should consider” in determining whether to bring criminal charges against a business organization or negotiate a plea or other agreement (such as an NPA or DPA) with the organization to resolve potential criminal charges. Relevant factors include the company’s “willingness to cooperate” in the DOJ’s investigation. Simply stated, challenging the DOJ’s enforcement theories, its interpretation of the facts, or to raise valid and legitimate legal defenses is not cooperating with the DOJ’s investigation. Given the choice between being criminally indicted (an event that will likely negatively affect the company’s market capitalization and result in other negative collateral consequences) most companies opt to resolve FCPA scrutiny via the resolution vehicles discussed above.
Yet consider the long-term effects of such corporate risk aversion.
In certain respects, the business community is, at least in part, responsible for the current aggressive FCPA enforcement climate. Indeed, as Homer Moyer (a dean of the FCPA bar) has observed: “One reality is the enforcement agencies’ [FCPA] views on issues and enforcement policies, positions on which they are rarely challenged in court. The other is what knowledgeable counsel believe the government could sustain in court, should their interpretations or positions be challenged. The two may not be the same. The operative rules of the game are the agencies’ views unless a company is prepared to go to court or to mount a serious challenge within the agencies.”
Q. Can private plaintiffs bring FCPA cases?
A. It is an open question whether Congress intended for the FCPA to have a private right of action. However, various courts including the Sixth Circuit in Lamb v. Phillip Morris, Inc., 915 F.2d 1024 (6th Cir. 1980), have held that the FCPA does not confer a private right of action meaning that only the DOJ and SEC can bring FCPA cases.
Q. What about the bribe-takers?
A. Just as with tango, it takes two in a bribery scheme – the payor and the recipient. However, the FCPA is a supply-side statute in that it has been held only to govern the conduct of the briber payor. (See U.S. v. Castle, 925 F.2d 831 (5th Cir. 1991)).
Nevertheless, in recent years the DOJ has charged certain “foreign official” bribe recipients in connection with FCPA enforcement actions with other crimes such as money laundering. (See here for example). In addition, the DOJ has formed a Kleptocracy Asset Recovery Initiative which is designed to target and recover the proceeds of foreign official corruption that have been laundered into or through the U.S.
Q. What is the FCPA Opinion Release Procedure?
A. The FCPA directed the Attorney General to “establish a procedure to provide responses to specific inquiries by [those subject to the FCPA] concerning conformance of their conduct with the DOJ’s present enforcement policy …”.
Pursuant to the governing regulations (here) only “specified, prospective – not hypothetical – conduct” is subject to a DOJ opinion and the DOJ’s opinion has no precedential value, and its opinion that the contemplated conduct is in conformance with the FCPA is entitled only to a rebuttable presumption should an FCPA enforcement action be brought as a result of the contemplated conduct.
Since 1980, the DOJ has issued approximately 60 FCPA Opinion Procedure Releases (see here and here). In nearly every instance, the DOJ’s opinion is that it does not intend to bring an enforcement action based on the disclosed contemplated conduct. This is largely due to the fact that if a requestor senses (through initial discussions with the DOJ) that it will not receive a favorable opinion, it simply withdraws its request and an opinion is never issued. (See here).
While available to those subject to the FCPA with questions or concerns, the Opinion Procedure Release Program is rarely utilized by business organizations and it is generally viewed as an ineffective source of FCPA information.
Q. Do other countries have “FCPA-like” laws?
A. When passed in 1977, the FCPA was a pioneering statute, the first-ever domestic statute governing the conduct of domestic companies in its interactions (both direct and indirect) with “foreign officials” in foreign markets. In enacting the FCPA, Congress also instructed the Executive Branch to seek broad international support for “FCPA-like” laws in other countries.
This call for change was slow to take root. However, in 1997 approximately 35 countries adopted the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions. (See here). At present, approximately 40 countries have adopted the OECD Convention – countries that account for approximately two-thirds of the world’s exports and approximately ninety percent of foreign direct investment. For ratification status of the Convention, see here.
However, just because a country has an FCPA-like law does not mean that the law is actively enforced. In fact, many countries that have adopted the OECD Convention rarely bring enforcement actions under their domestic statute. Reasons for low enforcement activity can include lack of political will and prosecutorial resources as well as unique attributes of a country’s law. For instance, in many OECD member countries the concept of legal person criminal liability (as opposed to natural person criminal liability) is non-existent and in certain countries that do have legal person criminal liability, such liability can only result from the actions of high-level executive personnel or other so-called “controlling minds” of the legal person. (To learn more, see here). Moreover, the use of non-prosecution and deferred prosecution agreements (resolution vehicles that the OECD has stated “is one of the reasons for the impressive FCPA enforcement record in the U.S.”) is foreign to most jurisdictions.
See here for recent OECD Working Group on Bribery Annual Reports.