I recently discovered the awesomeness of word clouds. A word cloud is a graphical representation of word frequency in a source text. Word clouds can be a fun and informative learning device. The word cloud for the FCPA’s anti-bribery provisions is here  and the word cloud for the FCPA’s books and records and internal control provisions is here . (Both word clouds – as well as future FCPA-related word clouds I create – can be found on the Resources tab of this website).
A quick glance at the FCPA books and records and internal controls word cloud demonstrates that the term “reasonable” is the most prominent term in these provisions. Yet, reviewing SEC FCPA enforcement actions you would hardly know as the agency seems to have, in many cases, converted the books and records and internal control provisions into strict liability provisions. See here  for a prior post and for an extended discussion see here  – “The Facade of FCPA Enforcement” (pages 976-981). Common verbiage in SEC FCPA enforcement actions includes generic statements that the parent company issuer failed to implement effective internal controls or that problematic payments in distant subsidiary books and records were consolidated with the issuer’s for purposes of financial reporting and that therefore the parent company issuer is liability.
The dominance of “reasonable’ in the FCPA books and records and internal control provisions, as demonstrated by the word cloud, is a good opportunity to revisit this  prior post which details comments by Harold Williams (Chairman of the SEC) in 1981 as to the then infant FCPA. Terming his statements as official Commission policy, Williams stated as follows.
“The Act does not mandate any particular kind of internal controls system. The test is whether a system, taken as a whole, reasonably meets the statute’s specified objectives. ‘Reasonableness,’ a familiar legal concept, depends on an evaluation of all the facts and circumstances.” […] “Private sector decisions implementing these statutory objectives are business decisions. And, reasonable business decisions should be afforded deference. This means that the issuer need not always select the best or the most effective control measure. However, the one selected must be reasonable under all the circumstances.”
As to the “degree of exactitude” Williams stated as follows. “I turn first to the question of whether the Act’s text or purpose mandates that business records and controls conform to a standard of absolute exactitude or that a company’s control system meet some absolute ideal. The answer is ‘no.’ Both of the Act’s accounting provisions, it should be noted are modified by the key term ‘reasonable.’ […] In essence, therefore, the Act does provide a de minimus exemption, though not in absolute quantitative terms.” Williams further stated as follows. “Reasonableness, as a standard, allows flexibility in responding to particular facts and circumstances. Inherent in this concept is a toleration of deviations from the absolute. One measure of the reasonableness of a system relates to whether the expected benefits from improving it would be significantly greater than the anticipated costs of doing so. Thousands of dollars ordinarily should not be spent conserving hundreds. Further, not every procedure which may be individually cost-justifiable need be implemented; the Act allows a range of reasonable judgments.”
In a sign of just how much FCPA enforcement has changed, Williams stated as follows in his speech. “If a violation was committed by a low level employee, without the knowledge of top management, with an adequate system of internal control, and with appropriate corrective action taken by the issuer, we do not believe that any action against the company would be called for.”
In another sign of just how much FCPA enforcement has changed, William stated as follows. “… [D]epending on the
circumstances, intentional circumventions of a company’s system of records and of accounting controls by a low-level employee would not always be considered violations of the Act by the issuer. No system of adequate records and controls – no matter how effectively devised or conscientiously applied – could be expected to prevent all mistaken and improper transactions and disposition of assets. Given human nature, regardless of the adequacy of the system, a bookkeeper may still erroneously post entries, an overzealous agent may make unauthorized payments, or an unscrupulous employee may falsify records for his own purposes. The Act recognizes each of these limitations. Neither its text and legislative history nor its purposes suggest that occasional, inadvertent errors were the kind of problem that Congress sought to remedy in passing the Act. No rational federal interest in punishing insignificant mistakes has been articulated. And, the Act’s accounting provisions do not require a company or its senior officials to be the guarantors of all conduct of company employees.”
In concluding this portion of his speech, Williams stated as follows. “The test of a company’s internal control system is not whether occasional failings can occur. Those will happen in the most ideally managed company. But, an adequate system of internal controls means that, when such breaches do arise, they will be isolated rather than systemic, and they will be subject to a reasonable likelihood of being uncovered in a timely manner and then remedied promptly. Barring, of course, the participation or complicity of senior company officials in the deed, when discovery and correction expeditiously follow, no failing in the company’s internal accounting system would have existed. To the contrary, routine discovery and correction would evidence its effectiveness.”
As to the SEC’s enforcement policy, Williams concluded his remarks as follows. “The genius – and challenge – of [the FCPA’s accounting provisions] , it should be remembered, is their reliance on private sector decisionmaking – rather than specific federal edicts – to address an area of public concern. The Act’s eventual success or failure will, therefore, depend primarily upon business’s response. The Commission’s obligation, in turn, is to provide a regulatory environment in which the private sector can address these issues meaningfully and creatively. In this regard, we must encourage public companies to develop innovative records and control systems, to modify and improve them as circumstances change, and to correct recordkeeping errors when they occur without a chilling fear of penalty or inference that a violation of the Act is involved.”
The above comments by Williams are even more significant when one considers that the FCPA Williams was speaking about in 1981 did not contain the good faith compliance provisions added to the FCPA’s books and records and internal control provisions in 1988.
Those provisions currently state as follows.
“Where an issuer […] holds 50 per centum or less of the voting power with respect to a domestic or foreign firm, the [FCPA’s books and records and internal control provisions] require only that the issuer proceed in good faith to use its influence, to the extent reasonable under the issuer’s circumstances, to cause such domestic or foreign firm to devise and maintain a system of internal accounting controls consistent with [the provisions]. Such circumstances include the relative degree of the issuer’s ownership of the domestic or foreign firm and the laws and practices governing the business operations of the country in which such firm is located. An issuer which demonstrates good faith efforts to use such influence shall be conclusively presumed to have complied with the requirements of [the provisions].
In short, the FCPA’s books and records and internal control provisions focus on reasonable. Are the SEC’s enforcement theories as to these provisions reasonable?