Other than this website (see here, here, here, here, here, here, here and here), there seems to be little focus on the SEC’s inconsistent approach to enforcing the FCPA’s books and records and internal controls provisions.
Which is too bad because consistency is a basic rule of law principle.
In other words, the same legal violation ought to be sanctioned in the same way. When the same legal violation is sanctioned in materially different ways, trust and confidence in law enforcement is diminished.
As highlighted in the numerous prior posts as well as the latest example described below, there sure does seem to be a lack of consistency between how the SEC resolves Foreign Corrupt Practices Act books and records and internal controls violations.
As most readers no doubt know, the FCPA has always been a law much broader than its name suggests. The anti-bribery provisions are just one prong of the FCPA.
Indeed, most FCPA enforcement actions do not involve allegations of foreign bribery, but rather violations of the FCPA’s generic books and records and internal controls provisions. These provisions generally require that issuers shall: (i) maintain books and records which, in reasonable detail, accurately and fairly reflect issuer transactions and disposition of assets (the books and records provisions); and (ii) devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that transactions are properly authorized, recorded, and accounted for (the internal controls provisions).
For lack of a better term, let’s call such actions “non-FCPA FCPA enforcement actions.”
Such actions are not dissected in the FCPA space and do not appear on the DOJ or SEC’s FCPA websites (here and here). Yet such actions are deserving of analysis because they highlight a troubling aspect of FCPA enforcement: that being how the same alleged legal violations are sanctioned in materially different ways.
“This case concerns accounting and disclosure fraud by Pareteum, a telecommunications company, spanning from 2018 through mid-2019 (the “relevant time period”). During this time, Pareteum’s public filings materially overstated revenue by approximately $12 million for fiscal year 2018 (60% of the ultimately restated revenue), and by approximately $30 million for the first and second quarters of 2019 (91% of the ultimately restated revenue).
These misstatements resulted from improper accounting practices, whereby certain now former executives directed that revenue be recognized based on non-binding purchase orders and prior to product shipment, which is not in accordance with generally accepted accounting principles (“GAAP”). Further, former senior accounting employees took steps to conceal these practices from Pareteum’s auditor.
On October 21, 2019, Pareteum issued a press release announcing that Pareteum’s financial results for 2018 and the first half of 2019 required restatement, and on December 14, 2020, Pareteum restated its financial results for 2018, reducing the full year revenue from $32.4 million to $20.3 million. On March 12, 2021, Pareteum reported its financial results for 2019, reporting a full year revenue of $62.05 million, including restated quarterly financial results for the first half of 2019 – reducing its stated revenue for the first quarter of 2019 from $23.04 million to $13.07 million, and for the second quarter of 2019 from $34.2 to $16.9 million.”
In short, the SEC found that Pareteum’s financial statements were materially misleading (a finding that is generally rare in traditional FCPA enforcement actions) and involved concealment by senior accounting employees (a finding that is also generally rare in traditional FCPA enforcement actions).
Based on the above, the SEC found that Pareteum violated, among other things, the FCPA’s books and records and internal controls provisions. Without admitting or denying the SEC’s findings, Pareteum agreed to pay a $500,000 civil penalty.
Compare this paltry civil penalty for materially misleading financial statements and concealment by senior accounting employees with – for instance – the BHP Billiton enforcement action (see prior posts here, here and here) in which the SEC assessed a $25 million civil penalty for – better sit down for this one – the company’s “failure to devise and maintain sufficient internal controls over a global hospitality program that the company hosted in connection with its sponsorship of the 2008 Beijing Summer Olympic Games.” Or the SEC’s enforcement action against Telefonica Brasil (see prior posts here and here) in which the SEC assessed a $4.1 million civil penalty for – hopefully you are still sitting down – “a hospitality program that the company hosted in connection with the 2014 World Cup and 2013 Confederations Cup.”
As the Pareteum enforcement action once again demonstrates, the SEC has some explaining to do and owes the legal and compliance community an explanation for why FCPA books and records and internal controls violations are not sanctioned in similar ways.
Save Money With FCPA Connect
Keep it simple. Not all FCPA issues warrant a team of lawyers or other professional advisers. Achieve client and business objectives in a more efficient manner through FCPA Connect. Candid, Comprehensive, and Cost-Effective.