Including the first time I proposed this concept in 2010, this is the 11th time I have written this general post (see here, here, here, here, here, here, here, here, here, and here for the previous versions).
Until things change, I will keep writing it which means I will probably keep writing this same general post long into the future.
The proposal is this: when a company voluntarily discloses an FCPA internal investigation to the DOJ and/or SEC and when one or both of the enforcement agencies do not bring an enforcement action, have the enforcement agency publicly state, in a thorough and transparent manner, the facts the company disclosed and why the enforcement agency did not bring an enforcement action based on those facts.
As highlighted in this prior post, in February 2021 Cisco Systems disclosed:
“The Company is investigating allegations of a self-enrichment scheme involving now-former employees in China. Some of those employees are also alleged to have made or directed payments from the funds they received to various third parties, including employees of state-owned enterprises. The Company voluntarily disclosed this investigation to the Department of Justice (“DOJ”) and Securities and Exchange Commission (“SEC”). We take such allegations very seriously and we are providing results of our investigation to the DOJ and SEC. While the outcome of our investigation is currently not determinable, we do not expect that it will have a material adverse effect on our consolidated financial position, results of operations, or cash flows.”
Cisco recently disclosed:
We have completed our investigation into allegations of a self-enrichment scheme involving now-former employees in China, and shared the results of the investigation with the Securities and Exchange Commission (“SEC”) and the Department of Justice (“DOJ”). Based on the investigation results, both the SEC and the DOJ have informed the Company that they do not plan to take any action against the Company in connection with these allegations.”
If the FCPA enforcement agencies are sincere about transparency in their FCPA enforcement programs as enforcement officials frequently mention, the public (not to mention Cisco shareholders who likely shelled out millions in connection with the investigation) should be made aware of the facts the company disclosed and why the enforcement agency did not bring an enforcement action based on those facts.
Here is why the proposal makes sense and is in the public interest.
For starters (as I first wrote in 2010 and even more relevant today), the DOJ and the SEC are already wildly enthusiastic when it comes to talking about FCPA issues. Enforcement attorneys from both agencies are frequent participants on the FCPA conference circuit and there seems to be no other single law that is the focus of more DOJ or SEC speeches than the FCPA. Thus, there is clearly enthusiasm and ambition at both agencies when it comes to the FCPA.
Further (as I first wrote in 2010 and even more relevant today), both the DOJ and the SEC have the resources to accomplish this task. Both agencies have touted the increased FCPA resources in their respective offices and the new personnel hired to focus on the FCPA. Combine enthusiasm and ambition with sufficient resources and personnel and the proposal certainly seems doable considering that there are likely less than 10 relevant examples per year.
In addition, the DOJ is already used to this type of exercise. It is called the FCPA Opinion Procedure Release (see here), a process the DOJ frequently urges those subject to the FCPA to utilize. For instance, as highlighted in this prior post high ranking DOJ officials have stated: “not enough companies are taking advantage of this process” and that “the opinion process is a tremendous resource and we want to encourage greater use of it going forward.” Under the Opinion Procedure regulations, an issuer or domestic concern subject to the FCPA can voluntarily disclose prospective business conduct to the DOJ which then has 30 days to respond to the request by issuing an opinion that states whether the prospective conduct would, for purposes of the DOJ’s present enforcement policy, violate the FCPA. The DOJ’s opinions are publicly released and the FCPA bar and the rest of FCPA Inc. study these opinions in advising clients largely because of the general lack of substantive FCPA case law.
If the DOJ is able to issue an enforcement opinion as to voluntarily disclosed prospective conduct there seems to be no principled reason why the enforcement agencies could not issue a non-enforcement opinion as to voluntarily disclosed actual conduct. If the enforcement agencies are sincere about providing guidance on the FCPA, as they presumably are, such agency opinions would seem to provide an ideal platform to accomplish such a purpose.
Requiring the enforcement agencies to disclose non-enforcement decisions after a voluntary disclosure could also inject some much needed discipline into the voluntary disclosure decision itself – a decision which seems to be reflexive in many instances any time facts suggest the FCPA may be implicated. Recall, Cisco’s initial disclosure concerned “allegations” and based on the wording of its disclosure not even the company knew if those “allegations” were true.
Why a company would disclose mere “allegations” to the U.S. government is beyond me, but then again see this prior post regarding the role of FCPA counsel in voluntary disclosures. Or as stated by the DOJ’s former fraud section chief: “if you get two of these [FCPA investigations] a year as a partner, you’re pretty much set.” (See here).
Notwithstanding the presence of significant conflicting incentives to do otherwise, it is hoped that FCPA counsel would advise clients to disclose only if a reasonably certain legal conclusion has been reached that the conduct at issue actually violates the FCPA. Accepting this assumption, transparency in FCPA enforcement would be enhanced if the public learned why the enforcement agencies, in the face of a voluntary disclosure, presumably disagreed with the company’s conclusion as informed by FCPA counsel. If the enforcement agencies agreed with the conclusion that the FCPA was violated, but decided not to bring an enforcement action, transparency in FCPA enforcement would similarly be enhanced if the public learned why.
A final reason in support of the proposal is that it would give the disclosing companies (and others similarly situated) a benefit by contributing to the mix of public information about the FCPA.
In most cases, companies spend millions of dollars investigating conduct that may implicate the FCPA and on the voluntary disclosure process. When the enforcement agencies do not bring an enforcement action, presumably because the FCPA was not violated, these costs are forever sunk and company shareholders can legitimately ask why the company just spent millions investigating and disclosing conduct that the DOJ and the SEC did not conclude violated the FCPA.
However, if the enforcement agencies were required to publicly justify their decision not to bring an enforcement action after a voluntary disclosure, the company would achieve, however small, a return on its investment and contribute to the mix of public information about the FCPA – a law which the company will remain subject to long after its voluntary disclosure and long after the enforcement agencies no enforcement decision. Thus, the company, the company’s industry peers, and indeed all those subject to the FCPA would benefit by learning more about the DOJ and the SEC’s enforcement conclusions.
Transparency, accountability, useful guidance, a return on investment.
All would be accomplished by requiring the enforcement agencies to publicly justify a non-enforcement decision after a voluntary disclosure.
All points to ponder … until the next time I write this same general post.
FCPA Institute - Zoom (May 16-18, 2023)
Elevate your FCPA knowledge and practical skills. Nine hours of integrated and cohesive instruction led by Professor Koehler (an FCPA expert with teaching experience). Learn more, spend less. Professional credential available.