FCPA Violations: Still A Big Deal In 2018

The US Department of Justice and US Securities and Exchange Commission generated fewer FCPA enforcement actions in 2017 (39 versus 52 the year prior)—but don’t take your eye off the ball when it comes to global corruption.

Global law firm Gibson Dunn put together a useful analysis of current trends when it comes to FCPA enforcement in its “2017 Year-End FCPA Update.” The conclusion: the DOJ is being very aggressive in its enforcement activities.

As a reminder, the Foreign Corrupt Practices Act of 1977 (FCPA) is enforced by the DOJ and the SEC, and is applicable both to public and to private companies. There are two main aspects of FCPA:

1. Anti-bribery, which prohibits bribery of public officials of other countries, such as trying to influence an official by authorizing payment or anything of value directly or indirectly to obtain or retain business.
2. Bookkeeping, which forbids concealing the fact that bribes are being paid.

For US corporations with operations around the globe, FCPA compliance is a big deal. Of the countries with the most violations, China takes the lead, followed by Nigeria then Mexico.

Source: “2017 Year-End FCPA Update,” Gibson-Dunn

(For a refresher on FCPA, read more from an earlier post I wrote on “FCPA: What’s the Big Deal?”)

In its “2017 Year-End FCPA Update", Gibson Dunn analyzed 40 years of FCPA enforcement actions since 1978. The chart below shows combined enforcement actions by the DOJ and SEC:

Separately, the two agencies showed very different results in 2017 from the year prior. The DOJ increased its enforcement actions from 21 in 2016 to 29 in 2017, while the SEC showed a dramatic drop in enforcements from 32 in 2016 to 10 in 2017.

The DOJ results are no surprise; in 2017, I wrote about the DOJ’s continued focus on FCPA enforcement to “reduce corruption with effective compliance programs.” In fact, the DOJ released a very helpful document in 2017 on how it evaluates corporate compliance programs.

The total value of monetary resolutions that corporations have had to pay has been on the rise over the years, with 2016 peaking at over $2 billion.

Some have suggested that these amounts have become excessive. Perhaps the DOJ is trying to remedy this.

Along those lines, in May 2018, the DOJ announced a new policy against “piling on”—which is to say that the DOJ now wants its departments and other enforcement agencies to coordinate their efforts so as to avoid multiple penalties for the same misconduct.

This article at the FCPA blog reports on why the DOJ made this move:

Piling on hurts companies by creating uncertainty. It's harder for them to make "full and final settlements."

"We need to consider the impact on innocent employees, customers, and investors who seek to resolve problems and move on," Rosenstein [Deputy Attorney General Rod Rosenstein] said.

(I’ll be writing a more in-depth post on “piling on” in the near future, so stay tuned.)

Major FCPA Trends

Gibson-Dunn notes five trends from FCPA enforcements in 2017 as we ponder what to expect this year (head over to the report—linked to above—to read more). All five trends fall into the category of aggressive government enforcement, in some cases notably so:

1. The DOJ and the SEC bring FCPA cases absent proof of bribery: In 2017, “The DOJ and the SEC utilized these provisions to bring several cases predicated upon aggressive theories of FCPA liability,” according to Gibson-Dunn. In other words, the government is very comfortable proceeding on the basis of internal controls violations—and the government has been effective in doing so.
2. The DOJ and the SEC pushed the boundaries of “foreign official”: Gibson-Dunn gives an example case:
   

   The SEC’s final FCPA charges of 2017 were levied against Massachusetts-based medical diagnostic test manufacturer Alere, Inc. On September 28, 2017, the SEC announced that Alere consented to a cease-and-desist order alleging a variety of accounting violations, principally related to alleged revenue recognition violations, but which also included the failure to prevent and properly record improper payments to foreign officials in Colombia and India … The SEC alleged that Alere made corrupt payments to a manager of a health insurance company in Colombia. Although the health insurance company was privately incorporated, the SEC alleged that Colombia’s Ministry of Health took control of the company following allegations of mismanagement.  According to the SEC, the health insurance company thus became “an instrumentality of the Government of Colombia and its employees were officials of the Government of Colombia.”

3. Multi-jurisdictional anti-corruption resolutions: According to Gibson-Dunn, “One of the most important efforts in FCPA enforcement has been DOJ and SEC lawyers helping to build an aligned multinational network of law enforcers, aided by expanded legal tools, that together are making it increasingly more difficult for corrupt actors to engage in bribery with impunity.”
4. The DOJ continues to demonstrate a focus on individuals: The DOJ’s “Yates Memo” was a key communication regarding the agency’s focus to hold individuals accountable for wrongdoings. According to Gibson-Dunn, “This focus on individual liability has survived and even flourished through the shift in administrations, with nearly 70 percent of DOJ’s 2017 FCPA enforcement docket constituting prosecutions against individual defendants.”

In fact, the following chart shows prison sentences as a result of FCPA violations year by year:

5. Recurring enforcement actions occurred for some companies, including Zimmer Biomet Holdings (formerly Biomet, Inc.) and Orthofix International with enforcements in 2017 after enforcement actions in 2012.

Your Corporate Response

Bottom line: FCPA violations are still a big deal for directors and officers. As I’ve outlined in previous posts, prevention is the best course of action when it comes to FCPA misconduct. This means:

• Reviewing your policies and procedures on a regular basis.
• Updating them with changes in the law or with new enforcement activity at other companies.
• Using new FCPA cases as a basis for internal discussion about how you would respond if those scenarios happened to you.

In addition, consider thinking ahead of time in what circumstances your company might choose to self-report an FCPA violation to the DOJ pursuant to the “FCPA Corporate Enforcement Policy” that the DOJ announced in November of 2017. With its Enforcement Policy, the DOJ has also provided a big carrot: the serious benefit of the DOJ’s deciding not to pursue an enforcement action against a company that self-reports, fully cooperates and implements timely remediation.

The DOJ’s own report on the 2017 activities of the Fraud Section of the DOJ’s Criminal Division emphasizes the DOJ’s view that self-reporting is an important sign of corporate FCPA compliance. According to the DOJ’s annual 2017 report, it declined to prosecute companies that cooperated in this manner seven times under the pilot program predecessor of the FCPA Corporate Enforcement Policy. For a nice summary of the particulars of the Enforcement Policy, you can access law firm Paul Weiss’ summary of the program in its annual FCPA review, here.