When it comes to compliance, the waning days of summer can be a good time to look at the state of government enforcement of anti-corruption laws, as well as what we’re doing in our own companies to guard against corrupt activities.
Foreign Corrupt Practices Act violations remain an enforcement target under the new presidential administration. In April, acting principal deputy assistant attorney general of the Department of Justice’s criminal division, Trevor N. McFadden, stated that FCPA enforcement was “as alive as ever.”
During his talk, he clarified the DOJ’s current focus:
The Fraud Section and FCPA Unit’s aims are not to prosecute every company we can, or break our own records for the largest fines or longest prison sentences. Our aim is to motivate companies and individuals voluntarily to comply with the law.
It is by working with companies transparently and in partnership that we can achieve this goal. We recognize that business organizations are our partner in the fight against corruption, because they are in the best position to detect risk, to take preventative measures and to educate those who act on its behalf on best practices.
We hope that, in this cooperative effort, we can reduce corruption with effective compliance programs that prevent nefarious conduct from happening and through effective prosecutions to resolve violations in a way that punishes the conduct and deters similar future misconduct.
2017 has already been a lively year for DOJ FCPA enforcement actions with 12 just in the first half, according to Gibson Dunn’s 2017 Mid-Year FCPA update. Compare this number with 2016, where we saw a total of 21 enforcement actions from DOJ the entire year.
The Securities and Exchange Commission also had a busy 2016 with 32 enforcement actions. Now in the first half of 2017, the SEC already has six FCPA enforcement actions.
With FCPA violations, there is the run-of-the-mill, low-level, one-off-instances of corruption that pop up in companies from time to time. This can make it feel like we’re playing “Whack-a-Mole” but it’s important to be aggressive about this type of fraud. Clearly, no well-run company is going to tolerate it.
Then there are areas of more difficult corruption to address: multi-jurisdictional, elaborate schemes of corruption. In addition to being difficult to detect, when the government gets involved prosecutors are not hesitant to bring all possible enforcement resources to bear.
Consider the phenomenon of an investigation that starts in one country and is picked up by governments in other countries. Putting aside the money and the time it takes to fight these, it’s difficult to overstate how distracting this kind of investigation is for management.
One such case that was resolved earlier this year involved Rolls-Royce. This case involved multijurisdictional anti-bribery enforcement actions and ended with more than $800 million in settlements in the UK, US and Brazil.
Understanding the scope and expense of this type of case is a helpful reminder that the “return on investment” is potentially quite high when it comes to supporting the compliance activity of your company.
Another difficult scenario is the one that may arise when an acquisition of a company ends in FCPA enforcement, as was the case of Mondelēz acquiring Cadbury. Mondelēz acquired Cadbury in 2010; in doing so Mondelēz inadvertently also acquired Cadbury India’s FCPA violations. The SEC charged Mondelēz this year for violating the internal controls and books-and-records provisions of the FCPA.
Prevention Is Better Than the Cure
When it comes to best practices in 2017, remember that driving awareness of anti-corruption issues is important. Companies can do this by refreshing their internal education efforts.
In addition, review your policies and procedures on a regular basis. Have an eye to updating them to comply with any changes in the law or new enforcement activity at other companies. Then, use new cases to start an internal discussion about how you would respond if those scenarios happened to you.
Earlier this year, the DOJ released guidance on how it evaluates corporate compliance programs when it comes to fraud. One major law firm has noted that this release “represents the most universally applicable and clearly articulated statement of the Fraud Section’s primary focus areas when determining the efficacy of corporate compliance programs. It’s worth reviewing the release for the specificity it provides for both topics and sample questions that the DOJ finds relevant to the question of compliance.
As one might expect, a major section of the DOJ release is devoted to the topic of training and communication. In light of this, now may be a good time to have a speaker come in for FCPA compliance training. (As a reminder, this is a service that Woodruff Sawyer offers to its D&O insurance clients. Contact your account executive or me to learn more about this.)
If you are looking for a quick way to access a lot of great information about the latest in FCPA enforcement actions, check out the outstanding FCPA database maintained by Stanford Law School in collaboration with the law firm Sullivan and Cromwell.
FCPA enforcement actions are alive and well. Companies mustn’t allow themselves to become complacent when it comes to ensuring that officers and employees are well trained in corporate compliance.