Foreign Corrupt Practices Act (FCPA)

In 2008, global technology giant Siemens Aktiengesellschaft (“Siemens”) pleaded guilty to violations of the books and records provision of the Foreign Corrupt Practices Act (“FCPA”).  Siemens paid approximately $450 million in fines for its alleged violations and another $350 million to settle a civil suit brought by the US Securities and Exchange Commission.  In addition, as part of the plea agreement, Siemens agreed to hire Monitor to evaluate and report on its FCPA compliance efforts to the US Department of Justice. The Monitor submitted numerous work plans and annual reports to the DOJ over the next several years.

In 2013, 100Reporters LLC (“100Reporters”), a non-profit organization focused on investigative journalism, submitted Freedom of Information Act (“FOIA”) requests seeking the Monitor’s reports and related documents. The DOJ denied the requests and the administrative appeal.  Accordingly, 100Reporters brought suit in the United States District Court for the District of Columbia.  The DOJ subsequently produced some redacted documents but continued to withhold other documents based on certain Exemptions, including privileged and confidential information, attorney-client and attorney work product (“deliberative process”) privileges, personal privacy, and a lack of segregability due to the intertwined nature of the public and protected information.

In a recent 73-page opinion, the D.C. District Court denied, in part, motions for summary judgment filed by the DOJ, Siemens, and the Monitor and requested in camera review of representative documents.  The Court will now determine what aspects of the Siemens’ post-plea FCPA compliance program should be available for public consumption.  If the Court determines that substantive portions of Siemens’ FCPA compliance efforts should be produced under FOIA, it could offer an unprecedented look inside the FCPA program of a major multi-national corporation.  Further, and while not suggesting that Siemens has anything to hide, the public airing of post-plea compliance efforts could cause a stir if the Monitor’s are less robust than the public might anticipate.   Nevertheless, the mere potential that one’s FCPA compliance efforts could be in the public domain should give companies large and small pause and they should consider whether their policies and training would withstand the trial by public opinion.

 

 

Copyright: bedo / 123RF Stock Photo
Copyright: bedo / 123RF Stock Photo

In a complaint recently filed in Delaware Chancery Court, a shareholder of General Cable Corp. (“General Cable”) has asked the Court to compel the release of documents related to General Cable’s $82 million settlement of claims under the Foreign Corrupt Practices Act (FCPA).

In January, General Cable, a Kentucky-based industrial cable manufacturer, agreed to the $82 million settlement with the US Department of Justice and the US Securities and Exchange Commission. The DOJ and SEC alleged that between 2002 and 2013 General Cable paid approximately $13 million in bribes to secure more than $50 million in contracts in Africa and Asia.  General Cable’s penalties were reduced based its voluntary disclosure of the payments and the SEC noted that there was no evidence of personal misconduct by the former CEO and CFO who had already returned millions in compensation.

In the recent shareholder complaint, the shareholder alleges that he has been improperly denied access to corporate records regarding the investigation and settlement of the FCPA claims.  The shareholder previously requested, and was provided, board meeting transcripts and materials from 2011 to 2015.  The shareholder alleges that General Cable has refused his subsequent requests, including requests for internal audit reports, emails, and other document related to the improper payments and the settlement with authorities.  The shareholder asserts that the documents are necessary to evaluate potential steps to improve corporate governance.

Potential shareholder litigation is yet more collateral damage extending from FCPA violations.  Should the shareholder be successful, there may be significant new precedent as to what investigative and settlement documents a shareholder has the right to review.  Well documented compliance policies and education remain the best way to avoid FCPA violations and the ancillary challenges that so often follow.

 

In written responses released earlier this week, Senator Jeff Sessions of Alabama reaffirmed that he will enforce the Foreign Corrupt Practices Act and the International Anti-Bribery Act of 1988 if he is confirmed as US Attorney General.  Sen. Sessions was responding to the questions of Sen. Sheldon Whitehouse (D-RI), and others, following Sen. Session’s nomination hearing before the Senate Judiciary Committee.  Sen. Whitehouse’s question focused on a comment by President Trump during a 2012 interview in which President Trump referred to the FCPA as a “terrible law.”  [Editor’s note, President Trump refered to the FCPA as a “horrible law,” not a “terrible law,” during the 2012 interview].  Sen. Whitehouse asked:

13) President Trump has called the Foreign Corrupt Practices Act a “terrible law.” But the Act, as amended by the International Anti-Bribery Act of 1998, is the cornerstone of federal efforts to prevent and prosecute bribery of foreign officials by U.S. corporations, and to maintain a fair and level playing field for small and mid-size corporations doing business overseas. Since 2008, the federal government—DOJ, SEC, and the FBI—have maintained about 150 active investigations at any given time, resulting in $1.56 billion in fines in 2014.

Will you commit to continued vigorous enforcement of the Foreign Corrupt Practices Act and the International Anti-Bribery Act of 1998?

Sen. Sessions responded:

Yes, if confirmed as Attorney General, I will enforce all federal laws, including the Foreign Corrupt Practices Act and the International Anti-Bribery Act of 1998, as appropriate based on the facts and circumstances of each case.

One must take Sen. Sessions at his word and assume that the FCPA and Anti-Bribery Act will enforced to the letter of the law until there is an indication of a shift of DOJ priorities to the contrary.  As always, training and compliance programs remain the as a critical foundation for any company doing business abroad.

Earlier today, the Department of Justice announced that construction conglomerate Odebrecht SA and its affiliate Braskem SA have pleaded guilty to their maintenance of an elaborate bribery scheme which paid out approximately $788 million in bribes to government officials around the world since 2001.

To facilitate its massive bribery scheme, Odebrecht established its “Division of Structured Operations,” which federal prosecutors dubbed the “Department of Bribery.” The Division of Structured Operations operated on its own floor and used its own communication and computer networks. Code names and secure emails were used by those requesting bribes, bribe recipients, and financial institutions to make payments out of a ‘shadow budget.’ The shadow budget, which accounted for and tracked all bribe payments in complex spreadsheets, was comprised of funds funneled by Odebrecht into off-shore entities and then back into the Division of Structure Operations.

Under their respective plea agreements, Odebrecht and Braskem agreed to pay, at least, a combined $3.5 billion in penalties.  Odebrecht agreed with the DOJ that $4.5 billion would be an appropriate criminal fine, but has claimed that is unable to pay a fine of that amount.  Accordingly, the plea agreement states that Odebrecht will pay at least $2.6 billion, however, an ongoing review of Odebrecht’s ability to pay may result in Oberbrecht paying an amount closer to $4.5 billion. Braskem will pay approximately $957 million in criminal fines.  Brazil, where both of the companies are headquartered, will receive 80% of the fines and the United States and Switzerland will each receive 10%.  Notably, Oderbrecht was credited with 25% reduction in the fine sought based on its cooperation with investigators. Braskem was credited with a 15% reduction based on its partial cooperation.

This blockbuster plea agreement highlights the growing trend of global enforcement. While few companies will ever consider implementing a bribery scheme of the magnitude Odebrecht’s, even small acts to grease the wheels create a slippery slope and companies of all sizes must take precautions — through compliance and training programs — to make sure that a culture where bribery is condoned and supported never begins to gain momentum.

In a recently released report, TRACE International, an international anti-bribery business association, ranked 199 countries based on the risk of encountering bribery within the country’s public sector.

trace-map

Go to Interactive Map (credit: TRACE International)

The TRACE Matrix’s rating are based on four core domains: business interactions with government, anti-bribery laws and enforcement, government transparency, and capacity for civil oversight.  As part of the part of the business interactions with government domain, the report examines the extent to which business must interact with government officials and weight of regulatory burden which may increase the number of bribery opportunities as well as the reported expectation of businesses that they will have to pay a bribe somewhere along the way.  As part of the second domain, the report considers both enacted anti-bribery laws as well as the actual level of enforcement of any anti-bribery statutes. Government transparency is measured by indicators such as the public availability of government budgets and conflict of interest training conducted with civil servants.  Finally, the civil oversight domain examines the freedom of the press and social development.

Topping the list of least-bribery-prone countries were: (1) Sweden, (2) New Zealand, (3) Estonia, (4) Hong Kong, and (5) Norway.  The United States ranked 20th on the list, just behind Australia and Luxembourg and just ahead of Mauritius and Latvia.  Nigeria was ranked the most bribery prone country with Angola (198) and Yemen (197) rounding out the bottom three.

Assessing the potential risk of conducting business or routing supply chains through certain countries is the first step in managing potential liability under the Foreign Corrupt Practices Act. Even in the least risky countries, training and compliance programs are a necessity. However, in high risk countries, trainings must be tailored to anticipate the level of bribery and other corruption pressures which officers and employees will face with regularity.

In a pair of recent articles (available here and here), practitioners have been crunching the numbers, and 2016 is on near-record pace for Foreign Corrupt Practices Act (FCPA) enforcement action dispositions.  Through October, 2016 has seen 39 FCPA enforcement actions resolved, a pace that would have government agencies end the year with 48-plus dispositions and would be second only to the 72 dispositions in 2010.  Even if the number of enforcement action dispositions stays at 39, 2016 would still have as many or more dispositions than every other year since 2006.

The numbers are staggering, but what is driving this dramatic rise enforcement? A key contributing factor to this enforcement trend has been a significant increase in standalone FCPA enforcement actions brought by the SEC.  In fact, thus far in 2016, the SEC has resolved twice as many FCPA enforcement actions (26) than the DOJ (13). The SEC has not outpaced the DOJ in FCPA enforcement actions since 2007 when it resolved 20 actions to the DOJ’s 19.  Interestingly, the recent articles demonstrate that the SEC’s involvement in FCPA investigations is not a new phenomenon as the agency has been involved in 70% to 90% of FCPA investigations since 2006, though many of these were dubbed ‘parallel’ enforcement actions alongside the DOJ.  It also appears that the DOJ has recently turned its resources to pursuing high-value enforcement actions, potentially explaining the dramatic shift in the volume of actions resolved.

With enforcement at near record levels, companies must be more vigilant than ever with their FCPA compliance programs.  Further, as the SEC takes the lead in investigations and prosecutions, its agents may ask new questions and press compliance officers and their programs in new ways.  Therefore, it is imperative that companies continue to update and improve their FCPA compliance and training programs as there is no indication that this trend of enhanced enforcement is waning.

UK-Based biopharmaceutical company AstraZeneca agreed to pay the U.S. Securities and Exchange Commission (SEC) $5.5 million to settle claims that its Chinese and Russian subsidiaries had made improper payments to state-controlled health care providers in violation of the Foreign Corrupt Practices Act (FCPA).

In an order released earlier this week, the SEC outlined both the claims against AstraZeneca and the company’s cooperative and remedial efforts which were taken into account as part of the settlement.

Between 2007 and 2010 in China, sales staff made payments and gave gifts to physicians and administrators to ensure that state-owned health care providers would purchase AstraZeneca products. In one scheme described in the SEC Order, Chinese sales staff paid individuals for their appearance at fabricated speaking engagements. The conduct in Russia occurred between 2005 and 2010 and similarly paid members of state-owned health care providers to use AstraZeneca products.

AstraZeneca did not self-report its violations; however, it was still able to work toward a settlement based on its cooperation with the SEC. The SEC specifically noted that AstraZeneca disclosed documents and information collected during its own internal investigation including translations of key documents. The SEC also cited AstraZeneca’s remedial efforts including creation of a centralized compliance program with key compliance individuals placed in high-risk markets. AstraZeneca also took appropriate steps with regard to the employees involved ranging from trainings and reassignment to lower-risk areas of responsibility to voluntary separations and dismissals.

Yet again, full and complete cooperation appears to be the key to forging settlement of FCPA claims. Even after failing to self-report, the SEC lauded AstraZeneca’s cooperation and the information that the company’s internal investigation provided which would not have been discernable without the company’s assistance. In addition, the SEC recounted the numerous remedial steps that AstraZeneca undertook. If a company does not have the capacity to guide its own internal investigation or plan and implement remedial measures, it should contact a law firm that has the knowledge and resources to help the company make meaningful contributions to the investigation of any claims that arise.

AstraZeneca will pay $5.5M to the Securities and Exchange Commission to settle claims that it violated the Foreign Corrupt Practices Act by making improper payments to state controlled health care providers in China and Russia.

Background

The SEC complaint provides that the staff of AstraZeneca’s foreign
subsidiaries bribed health care providers in China and Russia with cash and 123rf.comgifts to persuade them to purchase products from the company.   In addition, the SEC stated that AstraZeneca lacked proper internal accounting controls over the relations of its China and Russia subsidiaries and government officials and falsely recorded the improper payments as “bona fide business expenses” in its financial statements.  The SEC added that AstraZeneca did not track employee reimbursements or speaker fees, gifts, travel and entertainment, and did not enforce its corporate policy against improper payments to government officials in China and Russia.  It also did not provide adequate FCPA training to sales staff who regularly interacted with local officials in the health care industry, according to the SEC.

The SEC indicates that AstraZeneca has taken steps to become compliant with the Foreign Corrupt Practices Act by providing anti-corruption training and revamping its internal controls and procedures.

Implications for U.S. Companies that do Business Abroad

AstraZeneca’s settlement and the $5.5M payment that it must make emphasizes the importance of FCPA compliance by U.S. companies that do business abroad.  The line between proper and improper payments, gifts, travel and entertainment expenses to foreign officials under the FCPA can be difficult to draw by company staff without proper training.  Doing business in countries where the level of corruption is high, such as Russia and China, can make FCPA compliance especially challenging.

As such, it is key for U.S. companies to have robust FCPA compliance programs and audit testing, to provide careful due diligence for particular transactions and relationships, to keep proper records, and to promptly respond to violations or indications of violations.  Our team of international trade attorneys at Fox Rothschild can assist with any of these matters.

Earlier this year, the US Department of Justice announced a one-year pilot program under which US corporations could mitigate their own liability for violations of the Foreign Corrupt Practices Act (FCPA) by voluntarily self-disclosing FCPA violations within their organization, in addition to fully cooperating with DOJ investigations and taking steps to remediate any misconduct. Skeptics, however, wondered if and when evidence that voluntary self-disclosure was impacting FCPA prosecutions would ever come to light.

The DOJ’s decision not to pursue charges against Johnson Controls, a global conglomerate which produces among other things, automotive parts and large scale HVAC components, may be the bellwether that everyone has been waiting for.

On July 11, 2016, the US Securities and Exchange Commission imposed $14 million in sanctions and served Johnson Controls with a cease-and-desist order regarding certain practices in China. The SEC alleged a scheme in which 16 Johnson Controls employees (including high-level executives of its Chinese subsidiary) created inflated and sham purchase orders and then used the money paid toward these purchase orders to bribe Chinese officials.

Significantly for those watching the DOJ pilot program, while SEC imposed penalties, the DOJ issued a declination letter and closed its investigation without bringing charges against Johnson Controls. The declination letter specifically cited the the DOJ pilot program as part of its basis for not pursuing charges. Further, the declination letter explained the factors leading to its decision, including: Johnson Control’s voluntary self-disclosure of of the matter, the company’s extensive investigation, its cooperation in the investigation, and its remedial steps such as terminating all the individuals involved.

If the pilot program is extended, and voluntary self-disclosure is the new cost of admission to meaningful mitigation of corporate liability for FCPA violations, then internal monitoring, auditing, and investigation of such activities are more valuable than ever. Further, training employees to identify potential FCPA violations and creating mechanisms through which they can report suspicious conduct internally is also critical because it gives the company an opportunity to investigate and self-disclose, ideally, before the conduct has become a target of US authorities.

The Louis Berger Group, Inc., a subsidiary of global engineering and construction company, Berger Group Holdings, Inc., recently brought an action against former executive Richard J. Hirsch who pled guilty to violations of the Foreign Corrupt Practices Act (FCPA) in 2015.

The suit raises breach of fiduciary duty claims against Hirsch stemming from his involvement with the payment of over a half-million dollars in bribes to Vietnamese officials between 1999 and 2004. In 2015, after a four year investigation by the Department of Justice, following a voluntary disclosure by Louis Berger, Hirsh pled guilty to violations of the FCPA and Luis Berger agreed to pay a $17.1 million penalty. Louis Berger now seeks to recoup not only its $17 million penalty and $50,000 in legal fees, but an undisclosed amount for loss of reputation and other injuries to the company.

The stakes continue to rise for individuals who violate the FCPA. Not only has the Department of Justice announced a new focus on individual liability, this recent action demonstrates that executives may be personally liable to the companies who defend them throughout their criminal proceedings. For individuals and companies a like, meaningful FCPA policies which include strong personal educational components remain an absolute necessity as liability continues to increase.