We continue this multipart exploration of the recent announcement of the Fresenius Medical Care AG & Co. KGaA (FMC) Foreign Corrupt Practices Act (FCPA) enforcement action. The company settled with the Department of Justice (DOJ) through a Non-Prosecution Agreement (NPA) and the Securities and Exchange Commission (SEC) settled its portion of this matter with a Cease and Desist Order (Order). Today I want to explore the lessons learned for the compliance professional from the information presented in the settlement documents detailing the numerous and varying bribery schemes used by the company to make corrupt payments.
There were multiple bribery schemes employed by FMC. These included the setting up of joint ventures (JVs) as a mechanism to pay corrupt doctors, employees of state-owned health care enterprises and government officials who were also medical officials. There was one such JV in Angola and two in Turkey set up for illicit purposes. In both bribery schemes, 35% of the JV interest was doled out to the corrupt officials. Typically, there was no capital contribution required from the employees of state-owned enterprises and government officials and there may or may not have been distributions to them during the term where held interests in the JV. Finally, the employees of state-owned enterprises and government officials were all cashed out at some point for values far above their individual values in the JVs.
One of the more novel yet troubling bribery schemes was found in Saudi Arabia. It was novel because it is a bribery scheme rarely seen and troubling because a large portion of the country-wide business unit was apparently in on the scheme. The company made commission payments to employees via hard copy checks. These checks were then cashed by the employees and the funds received were handed over to the Saudi business unit General Manager. To hide what they were doing, the transactions were falsely recorded as project marketing expenses and collection commissions in SRS’ books and records.
While fake or even no contracts for services which are never provided is an old and standard form of mechanism to pay bribes, FMC used with it with an interesting twist. The company paid both employees of state-owned enterprises, government officials and their family members for storing facilities in which no goods were stored. When the company’s internal audit function brought the inconvenient fact there was no contract present for these storage services, the local business unit simple created one out of thin air.
FMC utilized a large number of traditional bribery schemes to make corrupt payments in all the countries in which they engaged in illegal acts. The bribery schemes used in many of these countries were schemes we had previously seen but they are worth mentioning for all compliance professionals to review. They included (1) sham consulting contracts for paying bribes to government officials where no services were performed, (2) fake collection commission agreements, (3) fraudulent payments to a charity controlled by a foreign government official ($90,000 to a government charity run by a Saudi doctor), (4) gifts in the form of laptop computers for nurses in Saudi Arabia, (5) payments to publicly employed doctors for travel with no business or educational justification (a six-night stay at the Atlantis Palm Hotel in Dubai to the tune of $7,579.20 for Saudi doctor and his wife), (6) excessive payments ($1.7 million total) to customs officials where the payments were inaccurately recorded, (7) payments through third parties and payments through a third-party distributorship, all as a way to funnel bribes to government officials.
The lessons for the compliance professional are numerous based upon this FCPA enforcement action. JVs continue to be problematic for companies, most especially where the local JV partners are employees of state-owned enterprises and government officials. There should be a written business justification as to why certain employees of state-owned enterprises, government officials or their family members are to be granted interest in a JV. Due diligence must be performed on all your JV partners, separate and apart from local business unit assurances there are no conflicts, red flags or illegal activities. Any monies paid out to your JV partners must pass all internal requirements for such payments and if the interest is purchased outright, there must be a valid business appraisal, performed at arms-length by an impartial third-party. Of course, the JV must also be managed on an ongoing basis from the compliance perspective.
As I indicated the Saudi-wide business unit check cashing scam is more troubling because it speaks to an entire business unit compliance failure. Obviously, the tone from the Saudi business unit was not one of compliance or even lawfulness. This speaks to multiple failures at FMC in business leadership, training and oversight. Commission payments in high-risk areas must be monitored to see if there is an increase which would warrant additional scrutiny. Getting out of the corporate office to put on training has the additional benefit of putting a compliance face with a name on an email so that hopefully such a massive bribery scheme can be identified much sooner.
The biggest key to the usual suspects of bribery schemes employed by FMC in a wide variety of other countries is the failure of internal controls. Whether hiding corruption by mischaracterizing it in books and records or simply creating pots of money out of air, a more robust financial internal controls system will help the compliance professional identify potential compliance failures more quickly.
[View source.]
