4 Compliance Learnings from the FCPA
20 Jan 2017 8:54 am by Mark Dunn
Israel, Brazil, United States, Netherlands—companies headquartered in each of these countries settled U.S. Foreign Corrupt Practices Act (FCPA) enforcement actions in 2016. They weren't alone; 23 other companies in countries around the world faced similar actions, driving the amounts paid to resolve FCPA cases last year to a record-setting $2.48 billion. And that's not the only record that was shattered. Over the past decade, the average number of enforcement actions per year was 13; 2016 saw more than double the average.
In addition, the four above-mentioned companies each paid settlements so large that they each earned a place in the ten largest FCPA cases of all time. Those actions include:
- Teva Pharmaceuticals Industries Ltd. (Israel)—Agreed to pay the U.S. Department of Justice (DOJ) $238 million under a three-year deferred prosecution agreement and an additional disgorgement of $236 million to the U.S. Securities and Exchange Commission (SEC) for a total of $519 million for FCPA offenses in Ukraine, Mexico, and Russia.
- Odebrecht S.A. and Baskem S.A. (Brazil)—Pleaded guilty to conspiring to violate the FCPA, resulting in a combined total of $419.8 million to be paid in criminal penalties, disgorgement and interest.
- Och-Ziff Capital Management Group (U.S.)—Paid the DOJ and SEC $412 million for criminal and civil FCPA violations as part of a three-year deferred prosecution agreement that charged the venture capital firm with conspiracy to violate anti-bribery provisions in the FCPA, falsifying records and failing to implement internal controls.
- VimpelCom Limited (Netherlands)—The parent company and its subsidiary in Uzbekistan, Unitel LLC, paid $397.6 million to the DOJ and SEC for conspiracy to violate anti-bribery provisions in the FCPA, falsifying records and failing to implement internal controls over bribes paid to an Uzbek government official during a six-year span ending in 2012.
The message is clear: companies need adequate internal controls, as well as a robust due diligence and monitoring strategy, to effectively mitigate compliance risk.
4 Regulatory Compliance Learnings from 2016
Of course, compliance experts had already predicted that the extraterritorial reach of the FCPA, as well that of the Office of Foreign Assets Control (OFAC), would spawn similar anti-bribery and corruption (ABC) and anti-money laundering (AML) legislation in other jurisdictions around the world. Then came the release of the Panama Papers, which only strengthened the resolve of government agencies and non-governmental organizations to improve transparency and reduce corruption in the global business community. Global Finance writes, "Today acronyms like FATF (Financial Action Task Force), OFAC (the US Treasury's Office of Foreign Assets Control), KYC (Know Your Costumer), FCPA (the U.S. Foreign Corrupt Practices Act) and MiFID 2 (the EU directive on markets in financial instruments), among many others, are the stuff of nightmares for compliance professionals everywhere." How can you stay prepared to maintain compliance in an increasingly complex—and evolving—regulatory landscape?
Lesson 1—Expect the FCPA's extraterritorial reach to continue
If nothing else, the 2016 FCPA enforcement actions prove that companies can be held accountable, regardless of where they are located. Of the 27 cases, 16 companies are headquartered in the U.S. The rest of the cases impact two companies in Brazil and two in the U.K., along with one company each in Belgium, Canada, Chile, Germany, Israel, the Netherlands and Switzerland.
Lesson 2—Any industry with global operations is vulnerable
Certain industries have earned a reputation for corruption, but it's not just Financial Services, Construction or Extractives that need to implement robust risk mitigation strategies. The companies subject to FCPA enforcement actions last year represented a range of industries—Aerospace, Banking Beverages, Computer (software, cloud services and hardware), Entertainment, Pharma/BioMed, Transportation and others.
Lesson 3—Subsidiary oversight is critical to compliance
Several of the FCPA violations addressed in 2016 involved subsidiaries operating in foreign countries.
Regulators cited parent companies for faulty internal controls that failed to spot improper payments and gifts used by subsidiaries to win contracts in their local jurisdictions. The subsidiaries typically were charged with the bribery offences themselves. This risk is particularly high in the Pharma/BioMed industries expanding into China and Russia where doctors and other decision makers at state-run health institutions qualify as government officials.
Lesson 4—Countries are coordinating enforcement efforts
The VimpelCom Limited DOJ FCPA enforcement action involved law enforcement in at least 11 countries. Likewise, the SEC's related investigation received assistance from securities regulators in nine countries. The cross-border cooperation was emphasized by the Dutch Public Prosecutors Office—which for the first time published its press release in English—writing, "Corruption is combatted internationally. This international approach signifies that corruption is not tolerated and that high penalties will be imposed." Because of the joint effort, the OM receives a share of the DOJ's portion of the fines.
Focus on Curtailing Corruption Is Truly Global
While the DOJ and SEC stayed busy last year, they aren't the only enforcement bodies ramping up efforts to eradicate bribery and corruption. Early in 2016, the UK finalized its first Deferred Prosecution Agreement (DPA) related specifically to the corporate offence of failing to prevent bribery by an associated person under the UK Bribery Act 2010, giving companies insight into what to expect in coming years. Just last November, France adopted new anti-corruption legislation intended to "speed up lengthy legal procedures," says VOA News. Allowing fines up to 30 percent of a company's annual revenue, the new legislation also requires that settlements be reviewed at a public hearing, elevating the reputational cost as well as financial cost of non-compliance. Both Canada and Brazil introduced anti-bribery and corruption laws with extraterritorial reach in recent years as well—the Fighting Foreign Corruption Act (2013) and Clean Company Act (2014), respectively. The bottom line for 2017: Companies must ensure that the scope of their due diligence and monitoring is just as global as their business operations to address the growing number of laws and sanctions regimes that impact their compliance efforts.
3 Ways to Apply This Information Now
1. Get a copy of our eBook to read more about FCPA enforcement
2. See how LexisNexis solutions complement your due diligence and monitoring workflow
3. Share this blog on LinkedIn to keep the dialogue going with your colleagues and contacts