Policy debates can be diverted by simplistic rhetoric.
In the minds of some, “good companies don’t bribe – period.” Stated differently, in the minds of some, only “bad” and “unethical” companies are the subject of Foreign Corrupt Practices Act scrutiny or resolve FCPA enforcement actions.
Indeed, “good companies don’t bribe – period” was the title of a Minneapolis StarTribune business column which assailed those who have criticized various aspects of the FCPA or FCPA enforcement. In support of the position that “good companies don’t bribe – period,” the article stated:
“The [FCPA] has established America’s reputation as a strong proponent of ethical business practices abroad. As Microsoft recognizes in its anti-corruption policy: ‘corruption promotes poverty, hunger, disease and crime, and keeps societies and individuals from reaching their full potential. Corruption is one of the leading obstacles to economic and social development. Microsoft is committed to observing the standards of conduct set forth in the [FCPA] and the anti-corruption and anti-money-laundering laws of the countries in which it operates.’”
The absolutist position that “good companies don’t bribe – period” was undermined a few months later when it was reported that the DOJ and SEC both “opened preliminary investigations into bribery accusations involving Microsoft in China, Italy and Romania.” A Microsoft executive acknowledged the investigation and stated:
“Like other large companies with operations around the world, we sometimes receive allegations about potential misconduct by employees or business partners, and we investigate them fully regardless of the source. We also invest heavily in proactive training, monitoring and audits to ensure our business operations around the world meet the highest legal and ethical standards. […] We are a global company with operations in 112 countries, nearly 98,000 employees and 640,000 business partners. […] We have more than 50 people whose primary role is investigating potential breaches of company policy, and an additional 120 people whose primary role is compliance. In addition, we sometimes retain outside law firms to conduct or assist with investigations. This is a reflection of the size and complexity of our business and the seriousness with which we take meeting our obligations. We also invest in proactive measures including annual training programs for every employee, regular internal audits and multiple levels of approval for contracting and expenditure. In a company of our size, allegations of this nature will be made from time to time. It is also possible there will sometimes be individual employees or business partners who violate our policies and break the law. In a community of 98,000 people and 640,000 partners, it isn’t possible to say there will never be wrongdoing.”
How is it that Microsoft, a company championed as a leader in ethical and compliant business conduct, became the subject of FCPA scrutiny? For the same reasons that many ethically sound business organizations have resolved FCPA enforcement actions and for the same reasons that over one-hundred companies are currently the subject of active FCPA scrutiny. These reasons are broad concepts of corporate criminal liability and the inherent realities of doing business in the global marketplace.
Consider a multinational company that employs 10,000 individuals. Even if the company engages leading compliance professionals and spends millions of dollars conducting an FCPA risk assessment and implementing FCPA compliance policies and procedures consistent with best practices, and even if 99% of the company’s employees abide by the policy in all respects on a daily basis, this still means that 100 instances of non-compliance – and thus potential FCPA scrutiny – occur every day.
Consider also the frequency in which companies subject to the FCPA engage, often pursuant to foreign law requirements, various third parties when doing business in global marketplace. As survey data indicates, approximately 80% of U.S. companies partner with a third-party when doing business abroad and the average company works with between 1,000 and 10,000 different third parties. Even if the company engages leading compliance professionals and spends millions of dollars developing and implementing FCPA best practices applicable to third-parties, and even if 99% of the company’s third-parties abide by the policies in all respects on a daily basis, this still means that between 10 to 100 third-parties are non-compliant – and thus expose the company to potential FCPA scrutiny – on a daily basis.
Consider also the number of foreign licenses or permits a company may need to secure in a foreign country in order to do business – not with the government, but just in the general sense. For instance, in order to open up a new factory in Russia, one company first needed to obtain more than 240 certifications and inspections from Russian authorities. These requirements present 240 distinct points of contact with Russian foreign officials. Even if 99% of the certifications and inspections are secured by company employees or representatives acting consistent with the company’s FCPA compliance policies and procedures, this still means that 2 of the certifications or inspections may expose the company to FCPA scrutiny based on the enforcement theory that payments in connection with foreign licenses and permits satisfy the FCPA’s obtain or retain business element.
An FCPA practitioner (and former DOJ enforcement attorney) stated:
“I think that companies’ main frustration is that even with an outstanding compliance program and 99% of the employees maintaining strict adherence to the laws, you can still have violations which expose the entire company to extraordinarily serious penalties. I think the government has, at times, lost track of the main motivations for this statute and has become focused on the amounts of penalties, the imposition of compliance monitors, and exercising government control over what are basically private businesses. The vast majority of companies are absolutely committed to following the spirit and the letter of the FCPA, but when a company gets into trouble, the whole enterprise can be put at risk because of the conduct of a few people, and that doesn’t seem right.”
While a certain limited number of companies do business in the global marketplace intent on engaging in bribery as a business strategy and without a commitment to FCPA compliance, the overwhelming majority of business organizations subject to the FCPA do business in the global marketplace with a commitment to FCPA compliance yet subject to unrealistic legal standards and difficult and complex business conditions. On this issue, the insight of the former DOJ FCPA Unit Chief is worth noting.
“In my almost 40 years of experience, I have rarely seen American companies affirmatively offering bribes in the first instance; rather they are typically reacting to a world not of their making. It is a fact that corruption in government remains endemic worldwide and that is not likely to change. As the world shrinks companies who seek to do the right thing can’t help but confront corrupt officials – as customers, regulators, and adjudicators – and confront them often.”
Also insightful is the following from FCPA practitioners, including a former DOJ FCPA enforcement attorney.
“The world of business, … , frequently operates in territory that is somewhat grey: a world in which business persons strive to grow the company ethically in situations where the application of the existing rules are not entirely clear. For instance, in the current era of FCPA enforcement, international businesses struggle with their responsibilities to monitor and control the conduct of third parties with whom they do business: distributors and sub-distributors, joint venture partners, dealers, and resellers. Even for companies that are firmly dedicated to compliance with the FCPA, it is not always clear when a third party amounts to an agent whose improper conduct might someday be ascribed to the company and its employees. Good and ethical companies struggle, every day, with the concept of defining an agent of the company as opposed to an independent customer who engages in an arm’s-length transaction to purchase the company’s products.”
Recognizing that the absolutist “good companies don’t bribe – period” position is a fallacy allows one to better understand why FCPA compliance can be difficult for even the most well-managed and well-intentioned organizations and why FCPA risk can’t be eliminated when doing business in the global marketplace.
Recognizing the fallacy also allows one to engage in a meaningful policy debate about the FCPA and FCPA enforcement.
If a student scores 99% on my exam next week, it will be a phenomenal accomplishment worthy of celebration. If a pitcher takes the mound and throws 99% strikes, it will be a phenomenal accomplishment worthy of celebration. You get the point.
Yet if a company achieves 99% compliance with its pre-existing FCPA compliance policies and procedures across it business operations, well the above statistics tell the story.
