This prior post highlighted the DOJ’s apparent new compliance program certification requirement in connection with certain FCPA enforcement action and demonstrated how the underlying certification process is plagued by legal standards that simply do not exist; internally inconsistent standards; and/or vague or ambiguous terms.
This prior post also highlighted how the SEC is now including apparent new certification language in certain FCPA settlements.
The SEC’s certification language (significantly different – and much less problematic – compared to the DOJ’s certification language although the SEC’s language also includes a legal standard that simply does not exist in the FCPA) first appeared in the KT Corp. enforcement action in February 2022, continued with the Stericycle enforcement action in April 2022, and continued with the Tenaris enforcement action in June 2022.
But then in the September 2022 Gol Airlines enforcement action, the certification language was left out of the resolution document.
Same with the September 2022 Oracle enforcement action – the second time the company has resolved an FCPA enforcement action in the approximate decade – the certification language was left out of the resolution document.
The SEC often talks about consistency and transparency in its enforcement program.
However the above variability of including or not including certification language in enforcement actions concerning the same alleged legal violations is just another example of inconsistency in the SEC’s enforcement program.
More broadly, as these pages have highlighted for many years, the SEC seemingly has an inconsistent approach to enforcing the FCPA’s books and records and internal controls provisions. Enforcement actions finding violations of those provisions in the general context of foreign bribery seem to be treated differently than enforcement actions finding violations of those provisions outside the context of foreign bribery (even though the later category of enforcement actions more frequently involve executive officer conduct and/or materially false and misleading disclosures).
For instance, in the KT Corp. enforcement action the SEC found violations of the FCPA’s books and records and internal controls provisions and as a condition of settlement the company was required to certify its ongoing compliance. However, in the recent non-FCPA, FCPA enforcement actions against Tupperware Brands an (enforcement actions also finding violations of the FCPA’s books and records and internal controls provisions) there was no certification language.