2018 has been a record year of penalties issued for breaches of the Foreign Corrupt Practices Act (FCPA). Settlements totalling more than $2.96 billion were agreed by corporations found to be in breach of the Act. The year saw further indications of the FCPA’s global reach, witnessed the first judgements issued under the FCPA Corporate Enforcement Policy and saw that policy extended to cover international mergers and acquisitions activity. All these served to underline the critical importance of robust FCPA compliance programs, effective due diligence and ongoing risk monitoring for multinational corporations.
This year provided increasing evidence of the global reach of the FCPA to hold organizations to account, coupled with signs of a trend towards closer cooperation between national authorities in identifying and prosecuting corporate financial crime.
Of the 16 FCPA corporate enforcement actions in 2018, fewer than half involved U.S.-based companies. The remainder affected organizations or individuals based in France, Chile, Brazil, Canada, Israel and Japan. The diversity of sectors involved, from manufacturing to mining and financial services to pharmaceuticals, demonstrates no industry is immune to the risks of regulatory non-compliance.
The Petroleo Brasiliero S.A (Petrobras) settlement of $1.78 billion in September made history as the highest-ever fine issued under the FCPA, as the company resolved violations relating to systematic bribery of politicians and political parties in Brazil.
In June France’s Société Générale (SocGen) agreed to pay a total of $585 million to settle charges related to bribery in Libya during the Qaddaffi regime. This is the fifth highest FCPA settlement and the first coordinated enforcement action by the DOJ and French Authorities in an overseas corruption case. The DOJ received “significant cooperation” from international counterparts the Parquet National Financier, the UK Serious Fraud Office, the Federal Office of Justice in Switzerland, and the Office of the Attorney General in Switzerland.
This strong appetite for cross-border cooperation was underlined in a speech by the US Attorney General Rod J. Rosenstein in November, where he praised successful collaboration with foreign authorities and warned would-be transgressors that “the arm of American law enforcement is long”.
Japan’s Panasonic Corporation, together with its U.S. subsidiary Panasonic Avionics, was the third company in the mega breach category after reaching a settlement of $280 million to resolve FCPA offences relating to payments to consultants in the Middle East.
The Petrobras settlement would have set an even higher record if the company had not qualified for reductions under the terms of the recently implemented FCPA Corporate Enforcement Policy The policy, introduced in November 2017, incentivises companies to self-disclose potential FCPA violations and cooperate fully with subsequent investigations.
Companies that: 1) voluntarily self-disclose potential violations 2) proactively co-operate in investigations and 3) carry out timely and comprehensive remediation activities qualify for a 50 percent reduction in fine based on the low end of the U.S. sentencing guidelines. Also, if the company has implemented an effective FCPA compliance program it will not generally require the appointment of an ongoing monitor.
Companies that initially fail to self-disclose, but subsequently offer full cooperation and implement an effective compliance program, qualify for a 25 percent fine reduction. This was applied in the Petrobras case, as the company proactively participated in the investigation, providing real-time information and taking robust remedial action.
Companies that fully apply the principles of the FCPA Corporate Enforcement Policy and agree to pay disgorgement, forfeiture or restitution can receive a declination. This means no DOJ prosecution will take place and the investigation will be closed. The two cases to date include UK company Guralp, which received a declination in August following its voluntary disclosure of bribery and money laundering, remedial activity and cooperation with the investigation.
In further evidence of cross-border cooperation, the DOJ’s decision to grant Guralp a declination rests on the fact that the company remains under investigation by the UK’s Serious Fraud Office for the same offences under the UK Bribery Act and has committed to accepting responsibility under the SFO’s jurisdiction.
In all the FCPA cases, the importance of a visible commitment to preventing future violations has been emphasised. By adopting a robust risk monitoring program companies can stay informed of evolving risks in their sector, improve visibility of country-related risks and demonstrate their commitment to achieving compliance with the FCPA.
To qualify for declination or fine reductions, companies must self-disclose well before information about the suspected breach becomes public knowledge. This again highlights the need for a comprehensive compliance and monitoring program that alerts the company to potential violations before they become public.
The importance of robust due diligence and risk monitoring during mergers and acquisitions was underlined in August as the DOJ announced that the FCPA Corporate Enforcement Policy also applies to U.S. companies merging with or acquiring foreign companies. The announcement emphasised companies’ obligations to identify and remedy instances of FCPA violations uncovered within target organisations. This makes a full risk assessment of target companies and applying the appropriate level of due diligence critical to companies’ FCPA compliance efforts.
Companies that identify potential FCPA violations prior to closing a deal are advised to seek DOJ opinion on whether the suspected activity could result in enforcement before proceeding. Companies that discover violations subsequent to M&A are strongly encouraged to disclose them at the earliest opportunity in order to benefit from the possibility of declination or fine reduction that may result.
The FCPA Corporate Enforcement Policy, though still in its infancy, provides a greater degree of certainty for companies who uncover violations. It helps them to assess the impacts of disclosure and puts a solid financial incentive on the table. Its extension to cover M&A activity is recognition that companies may inherit problems, but that they should take a proactive and timely approach to resolving these and implementing the appropriate due diligence and ongoing risk monitoring programs to address weaknesses and reduce regulatory risk.
The policy is an important step towards setting a culture of greater corporate transparency by rewarding companies that do the right thing when they uncover corrupt practices. It is the carrot that should be weighed against the stick of the full force of prosecution under the FCPA.
1. Download our ISO 37001 eBook for guidance on establishing an effective process for mitigating regulatory compliance risk.
2. Learn how our due diligence and risk monitoring solutions can enhance your current risk mitigation workflow.
3. Share this blog with your colleagues on LinkedIn to keep the conversation going.