FCPA Corporate Enforcement Policy extended to M&A

October 02, 2019 by Mark Dunn

The U.S. Corporate Enforcement Policy, which incentivises companies to self-disclose bribery and corruption when they come across it, now applies to U.S. companies which are merging with or acquiring foreign companies. That’s according to a recent speech by a senior official at the Department of Justice (DOJ). If M&A is in your future, do you have appropriate due diligence and risk monitoring processes in place?

The carrot not the stick

The U.S. Corporate Enforcement Policy, which was announced by the DOJ last year, uses the carrot rather than the stick to encourage companies to disclose to regulators any breaches of the Foreign Corrupt Practices Act (FCPA). If a company voluntarily self-discloses a breach, cooperates with the investigation and remediates the offence by improving its compliance programme, it can receive a declination and receive a 50 percent reduction off the low end of the normal fine range. Now, the DOJ has announced that the policy also applies to companies which are merging with or acquiring foreign companies.

The extension was announced at the Ninth Global Forum on Anti-Corruption Compliance in High Risk Markets by Matthew S. Minor, a senior official at the DOJ, He said the DOJ realises that law-abiding companies trying to acquire a foreign firm can “inherit problems that are not of their own making”. He recognised that “the acquiring company is in a position to right the ship by applying strong compliance practices to the acquired company”. The announcement provides another incentive for U.S. companies engaging in mergers or acquisitions to conduct thorough due diligence on their targets. It is also a warning to foreign companies seeking to be acquired: if they breach the FCPA, the violation might become public during or after their acquisition.

A reminder of the threat of the FCPA came only this week, when it was revealed that U.S. manufacturer United Technologies Corporation will pay $13.9 million to resolve U.S. charges that it made illicit payments in its elevator and aircraft engine business. The Securities and Exchange Commission (SEC) found that United Technologies breached the FCPA when its subsidiary made unlawful payments to Azerbaijani officials to facilitate the sale of elevator equipment in Azerbaijan and China.


The trend towards the carrot

The Corporate Enforcement Policy is part of a global trend by regulators to root out financial crime by encouraging companies to cooperate with them. A 2014 report from the OECD found that 69 percent of foreign bribery settlements with companies are now resolved by negotiated settlements. In 2014, the UK introduced Deferred Prosecution Agreements (DPAs) which give more lenient sentences to companies that self-report instances of financial crime, cooperate and improve their compliance regime. Last year, France introduced its own equivalent as part of the new anti-bribery law Sapin II. Its first DPA was agreed in November, when the Swiss-based private banking unit of HSBC agreed to pay €300 million for helping French clients to evade local taxes and launder money.

M&A risk

Mergers and acquisitions can expose the acquiring company to a risk of historic bribery and corruption, and this risk has only been increased by globalisation. It has become common for U.S. companies to acquire a foreign company to enter a new country, but that country could have a higher level of corruption. In 2016, the food and beverage company Mondelēz paid $13 million to settle an FCPA breach which actually occurred years earlier in the Indian subsidiary of Cadbury, which Mondelēz acquired in 2010. U.S. investigators said Mondelēz failed to identify these practices in its post-acquisition due diligence and, when it did discover the corruption, it failed to disclose the information to the authorities. The DOJ hopes that by extending the Corporate Enforcement Policy, it will encourage a company in Mondelēz’s position to disclose the violation as soon as it discovers it in future.

It is important that an acquiring firm carries out due diligence on its target company before, during and after the acquisition. But the level of corruption risk a company poses depends on the industry and jurisdiction in which it operates. Transparency International’s Corruption Perceptions Index suggests that the risk of corruption is highest in Sub-Saharan Africa, Eastern Europe and Central Asia. While industries like the extractive sector have a heightened risk of bribery, and the financial services sector has a reputation for money laundering. So companies should do a risk assessment of their target before considering what level of due diligence to apply.

What now?

The DOJ’s announcement provides yet another reason why companies should implement a good compliance programme. What can you do next?
1. Download our ISO 37001 eBook for guidance on establishing an effective process for mitigating regulatory compliance risk.
2. Learn how our due diligence and monitoring solutions can enhance your current risk mitigation workflow.
3. Share this blog with your colleagues on LinkedIn to keep the conversation going.