Previous posts here and here discussed the $15 million FCPA enforcement action against Rio Tinto and the $4 million FCPA enforcement action against Flutter International.
This post highlights additional issues to consider.
While one would like to think that FCPA enforcement actions “just happen” when they are ready to happen, certain FCPA enforcement actions are seemingly timed to coincide with a company’s reporting cycle, government enforcement “marketing,” or other issues.
Separate FCPA enforcement actions announced on the same day are rare.
The Rio Tinto and Flutter International enforcement actions were announced on the same day.
Perhaps it is because the same law firm (Kirkland & Ellis) represented both companies.
As highlighted in this prior post, Rio Tinto disclosed in November 2016:
“On 29 August 2016, Rio Tinto became aware of email correspondence from 2011 relating to contractual payments totalling US$10.5 million made to a consultant providing advisory services on the Simandou project in Guinea. The company launched an investigation into the matter led by external counsel. Based on the investigation to date, Rio Tinto has today notified the relevant authorities in the United Kingdom and United States and is in the process of contacting the Australian authorities. Energy & Minerals chief executive Alan Davies, who had accountability for the Simandou project in 2011, has been suspended with immediate effect. Legal & Regulatory Affairs group executive Debra Valentine, having previously notified the company of her intention to retire on 1 May 2017, has stepped down from her role. Rio Tinto intends to co-operate fully with any subsequent inquiries from all of the relevant authorities. Further comment at this time is therefore not appropriate.”
Thus, from start to finish, Rio Tinto’s FCPA scrutiny lasted approximately 6.5 years.
In the Flutter International order, the SEC states:
“By at least 2016, the Company’s Board undertook a review of whether the Company, any of its subsidiaries, or any of its personnel had made improper payments, directly or through external consultants, to government officials in certain foreign jurisdictions. As a result of this review, the Company voluntarily contacted the Commission and other U.S. and Canadian regulators …”.
Thus, from start to finish, Flutter International’s FCPA scrutiny also lasted approximately 6.5 years.
FCPA scrutiny lasting 6.5 years is unconscionable.
I’ve said it many times, and will continue saying it until the cows come home: if the DOJ/SEC want their FCPA enforcement programs to be viewed as more credible and more effective the enforcement agencies must resolve instances of FCPA scrutiny much quicker.
This is particularly true in the Rio Tinto matter given the following language from the SEC:
“Rio Tinto cooperated in the Commission’s investigation by identifying and timely producing key documents identified in the course of its own internal investigation, providing the facts developed in its internal investigation, and making current or former employees available to the Commission staff.”
This is also true in the Flutter International matter given the following language from the SEC:
“The Company’s and Flutter’s cooperation included sharing facts developed in the course of its own internal investigation and forensic accounting reviews, providing translated copies of various documents and relevant witness statements, and encouraging parties outside of the Commission’s subpoena power to provide relevant evidence and information.”
In the minds of some (including former FCPA enforcement officials), FCPA enforcement is a convenient cash cow for the U.S. government.
As previously indicated, those who believe this will find new support in the Rio Tinto and Flutter International enforcement actions.
The basic findings of the Rio Tinto enforcement action were as follows: Approximately 12 years ago, Rio Tinto (a metal and mining company with headquarters in Australia and the United Kingdom) hired a French investment banker and close friend of a former senior Guinean government official as a consultant to help the company retain mining rights in Guinea. Even though both Australia and the United Kingdom have laws and law enforcement resources to adequately address the conduct at issue, the U.S. nevertheless extracted $15 million from Rio Tinto because the company had American Depository Shares that traded on a U.S. exchange.
The basic findings of the Flutter International enforcement action were as follows: Flutter International (a company headquartered in Ireland) is the successor in interest to The Stars Group (a company that was headquartered in Canada) and the “Company paid approximately $8.9 million to consultants in Russia in support of the Company’s operations and its efforts to have poker legalized in that country.” Even though both Ireland and Canada have laws and law enforcement resources to adequately address the conduct at issue, the SEC nevertheless got involved because The Stars Group at one time had shares traded on a U.S. exchange.
Australia, the U.K., Ireland, and Canada are all parties to OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (OECD Convention). Given this reality, as well as the specific provision in Article 4 of OECD Convention that “when more than one Party has jurisdiction over an alleged offence described in this Convention, the Parties involved shall, at the request of one of them, consult with a view to determining the most appropriate jurisdiction for prosecution,” can it truly be said that the U.S. was an appropriate jurisdiction to prosecute these foreign companies for alleged interactions with non-U.S. officials?
From a historical perspective, it is worth noting that part of the FCPA reform discussion in the 1980’s were bills – introduced by Democrats – seeking to waive the FCPA’s provisions “in the case of any country which the Attorney General has certified to have (1) effective bribery or corruption statutes; and (2) an established record of aggressive enforcement of such statutes.” (See S. 1797, Competitive America Trade Reform Act of 1985, introduced on October 29, 1985 by Senator Gary Hart (D-CO) and H.R. 3813, Competitive America Trade Reform Act of 1985, introduced on November 21, 1985 by Representative Vic Fazio (D-CA)).
While waiving the FCPA’s provisions – as those bills sought to do – does not seem like a good idea, perhaps the time has come with the maturity of the OECD Convention – for U.S. enforcement agencies to adopt a policy of not bringing FCPA enforcement actions against foreign companies from peer OECD Convention countries.
Third Party Issues
Regardless of the above policy issues, the Rio Tinto and Flutter International enforcement actions highlight a laundry list of third party compliance deficiencies in the eyes of the government.
In the Rio Tinto enforcement action, the SEC found, among other things, that:
- the third party was a former classmate of the Senior Government Official;
- the third party had no direct work experience relating to the mining business generally or in Guinea specifically;
- Rio Tinto “ran a cursory background check” on the third party “without any additional due diligence”;
- the third party began working on behalf of Rio Tinto “before a written agreement was executed defining the scope of his employment, fees, or deliverable” and that “no written agreement of any sort was in place for the majority of the [third party’s] employment and a written contract was only executed one day before Rio Tinto paid the consultant.”
In the Flutter International enforcement action, it is interesting to note that the problematic third parties were several steps removed from Flutter International. As stated by the SEC:
“Prior to its acquisition by the Respondent (Flutter International), the Company (The Stars Group) operated a number of gaming and sports betting websites, including PokerStars, one of the largest online poker websites in the world. The Company acquired PokerStars and other online gaming brands as part of its acquisition of Oldford Group Ltd. (“Oldford Group”) on August 4, 2014 (the “PokerStars Acquisition”). As part of the PokerStars Acquisition, the Company acquired Oldford Group’s operations in Russia and inherited certain Russia-based consultants who had been engaged by Oldford Group.”
In any event, the SEC found, among other things:
- “The predecessor parent company of PokerStars (a subsidiary of the Oldford Group) initially retained the Russian Consultants prior to the PokerStars Acquisition in August 2014. Then existing policies required employees to perform certain due diligence on third parties, including background and reference checks and written contracts. Nevertheless, no due diligence was performed on the Russian Consultants upon their initial retention, in connection with the PokerStars Acquisition, or in the subsequent months as the Company maintained the predecessor parent company’s compliance program while supplementing it with additional controls.”
- Throughout the Relevant Period, the Company failed to adhere to internal policies requiring that the Company maintain written contracts with its consultants. The Company did not have a written contract with Consultant C until late 2017 despite Consultant C’s retention years earlier. While existing contracts were in place between the Company and Consultants A and B prior to 2017, such contracts were perfunctory documents and did not include anti-bribery and anticorruption provisions or safeguards despite internal requirements that all third-party agents and consultants adhere to applicable Company policies.
- Even after the Company executed new contracts with the Russian Consultants in 2017 that included anti-bribery and anti-corruption provisions, the Company failed to effectively enforce them. For example, while the Russian Consultant contracts required that each consultant submit monthly invoices containing details of the services they provided, as well as any relevant backup or supporting documents, this information was not provided or included on the invoices, which contained only general statements including “consulting services” or “legal services” without any further detail. Additionally, while the contracts required that the Russian Consultants submit monthly reports detailing their activities, such reports were neither submitted to nor requested by the Company.
- Further, the Company regularly paid Consultant C for office expenses incurred by a poker-related non-profit organization, including charges related to that organization’s rent and staff salaries, without a formal contractual requirement and without receiving supporting documents evidencing the actual rent or expenses until 2019.
- The Russian Consultants submitted to the Company invoices containing no details or information about the services they provided to the Company. Additionally, invoices for Consultant C were prepared and submitted by a company employee, rather than by Consultant C until 2019. Until 2019, no Company employee substantively reviewed the invoices, i.e., to determine if the services were in fact provided. The invoices were simply approved and paid as long as the amount fell within the overall budget allocated to the Russian Consultants’ activities.
- As early as August 2014, the Company considered proposals from Consultant A to retain a new consultant to assist in the Company’s efforts to legalize poker in Russia; the Company ultimately retained Consulting Company A at the urging of Consultant A and the Company’s local regional manager. Numerous red flags regarding the retention existed at the time that the Company retained Consulting Company A. For example, Consulting Company A was registered in Belize and maintained its payment account in Latvia, two foreign jurisdictions unrelated to the services to be provided. Further, the payments to be made by the Company to Consulting Company A were initially described to the Company’s senior management as being for a “success fee” regarding getting legislation passed in Russia but later were described as a retainer fee to employ lawyers and other consultants to draft legislation.
- Nevertheless, the Company did almost no due diligence regarding Consulting Company A, only performing a public records database search for Consulting Company A, and taking no steps to investigate its principals or ultimate beneficial owner.
- Despite the aforementioned red flags and lack of diligence, the Company in January 2015 signed a services contract with Consulting Company A. That contract, which was never counter-signed, did not contain any anticorruption provisions, in violation of relevant Company policies.
- Following the retention of Consulting Company A, the Company performed little to no follow-up or monitoring of the relationship. The only documentation submitted by Consulting Company A to justify its payments were monthly invoices, perfunctory documents containing no detail about any services provided by Consulting Company A or related expenses it may have incurred. No one reviewing or approving those payments checked to ensure that Consulting Company A was in fact providing services to the Company.
Elevate Your FCPA Research
There are several subject matter tags in this post. However, only subscribers to FCPA Professor's premium search feature can see and use them in research. Efficient and cost-effective FCPA research is just a click away.Elevate Your Research