The U.S. Securities and Exchange Commission has agreed to a $28 million settlement with software producer PTC, Inc. following allegations of bribes paid to Chinese officials between 2006 and 2011 in violation of the Foreign Corrupt Practice Act (FCPA).

In the administrative proceeding (No. 3-17118), the SEC alleged that two of PTC’s Chinese subsidiaries bribed Chinese officials by paying for trips to the United States.  Although the trips were ostensibly for training purposes, nearly $1.5 million dollars were spent on trips which included touring and golfing across the United States.

The settlement represents $14.5 million in fines and $13.6 million in disgorgement ($11.8 million plus $1.8 million in interest) to be paid by PTC.  Although the penalty is significant, the toll may have been much greater.  Significantly, PTC publicly reported the potential FCPA violations in 2011 and, since then, has cooperated with investigators and made significant improvements to its own compliance protocols.

The SEC has also agreed to defer the prosecution of Yu Kai Yuan, a former employee of one of PTC’s Chinese subsidiaries, based on his cooperation in the investigation.  This is potentially significant in light of the recent memorandum of Assistant Attorney General Sally Quillian Yates (the “Yates Memo“), which announced a new focus among federal agencies on holding individuals accountable for corporate acts.  Following the Yates Memo, there has been concern that individuals would be unable to avoid personal liability as part of a large-scale corporate settlement.  The SEC’s agreement with Mr. Yuan may signify that personal cooperation may still help individuals avoid the full measure of potential penalties.

Nevertheless, the penalties PTC is to pay are significant and come despite its efforts to cooperate with the investigation and improve their own compliance protocols.  Compliance programs that engage not only U.S.-based employees but also foreign subsidiaries are an absolute necessity for any company dealing in foreign markets.  Moreover, FCPA compliance programs must be tailored to anticipate the social and cultural norms in a company’s target market and, perhaps most significantly, must be meaningfully implemented across your organization.