The Securities and Exchange Commission (SEC) settled a Foreign Corrupt Practices Act (FCPA) enforcement action against an individual earlier this month when it announced the resolution of a matter involving Jun Ping Zhang, via a Cease and Desist Order (Order). The matter involved Harris Corporation (Harris) and its Chinese business unit Hunan CareFX Information Technology, LLC (CareFx China). Ping, a US citizen served as both Harris Corporation’s Vice President of Technology and CareFx China’s Chairman and Chief Executive Officer (CEO) in 2011 and 2012. Harris employed Ping with its acquisition of the US entity CareFX Corporation.
Harris interviewed Ping in its pre-acquisition phase of due diligence of CareFX and its Chinese subsidiary. However, Ping was not asked any questions about engaging in bribery or corruption, failed to disclose he was leading a massive bribery effort or lied to the pre-acquisition due diligence investigators. He continued to lead this bribery and corruption effort after Harris closed the acquisition of CareFX and thus the Chinese subsidiary of Harris made “approximately $200,000 to $1 million in improper gifts to Chinese government officials.” For these illegal gifts, CareFX China was awarded “over $9.6 million in contracts with state-owned enterprises.” Ping agreed to a civil penalty of $46,000.
It was in the post-acquisition integration phase that Harris became aware of its troubles in China. As Jaclyn Jaeger reported in Compliance Week, “Following the closing, the company said it “became aware that certain entertainment, travel and other expenses in connection with the Carefx China operations may have been incurred or recorded improperly.”
“In response, we initiated an internal investigation and learned that certain employees of the Carefx China operations had provided pre-paid gift cards and other gifts and payments to certain customers, potential customers, consultants, and government regulators, after which we took certain remedial actions.”
This matter involved yet another US company which came to FCPA grief because of (1) the corrupt actions of its Chinese subsidiary and (2) where the US had entered the Chinese market through acquisition rather than an organic growth strategy. The bribery scheme was funded by fraudulent expense reimbursements which were created and/or approved by Ping. The Order stated, “With Ping’s knowledge and under his management, CareFx China sales staff submitted bogus expense receipts labeled as “entertainment,” “office expenses,” or “transportation” to CareFx China’s accounting department for cash reimbursement.” The “sales staff used the cash generated from these sham expense reimbursements to pay for gifts to government officials. Ping and the supervisors that he managed authorized the bogus expense claims, knowing that they were fabricated and that the “reimbursed” funds were used to pay for gifts to government officials to influence their decisions to purchase CareFx China’s products and services.”
The Order confirmed Ping knew what he was doing when it said, “Ping knew that these bogus expenses were improperly recorded in CareFx China’s books and records as legitimate sales expenses or consulting fees and that, as a result, their true nature would not be disclosed to Harris.” However, “After the Harris acquisition, it was Ping’s responsibility to review CareFx China’s monthly expense summary reports before they were submitted to Harris. Ping consistently permitted these monthly expense summary reports to be submitted despite knowing that they contained false information. By doing so, Ping enabled CareFx China to cloak its illicit gifts to government officials in the guise of legitimate business expenses and, thereby, hide the practice from Harris.”
This continued reliance on Ping to review and approve the illegal expense reimbursements speaks to a wider and more systemic failure of Harris’s internal controls, particularly around the issue of segregation of duties (SODs). It is a basic rule of any financial control process that there should be a second set of eyes in the reimbursement process. Clearly here, where Ping set up the fraudulent scheme to create the pot of money to fund the bribes, he was also in the position to approve all the fraudulent submissions by his sales team in China. This should be a key point for any Chief Compliance Officer (CCO) or compliance practitioner, whether a Country or Regional Manager has this type of approval which does not have an appropriate level of corporate oversight.
This individual SEC FCPA enforcement action may well portend another enforcement action involving Harris going forward. Whatever happens to Harris, this case makes clear the need for robust pre-acquisition due diligence, followed up by an even more robust post-acquisition forensic audit of the books and records of high-risk business units. China has been on the FCPA radar for many years and since 2010, approximately 20% of all enforcement actions have come out of China. This is not new information and companies are on clear notice that failure to perform these basic steps can lead to some catastrophic results.
The cost for Harris’s failures have not been insignificant even though CareFx’s revenues accounted for less than 1% of Harris’s gross revenues. In December 2011, Harris dissolved CareFx as a separate business entity. According to the order, in 2012 Harris sold all of CareFx China’s “outward facing operations” and in “2015, Harris terminated all employees in CareFx China and no longer has any active China-based business operations.” The inability of companies to do business in compliance with the FCPA has now caused two recent enforcement actions to note that the companies have pulled out of jurisdictions entirely. The first was Key Energy and now we have this same effect with Harris.
Yet all was not negative news for as the SEC announced it would not be pursuing the company for any FCPA violations. A SEC Press Release stated, “The SEC determined not to bring charges against Harris, taking into consideration the company’s efforts at self-policing that led to the discovery of Ping’s misconduct shortly after the acquisition, prompt self-reporting, thorough remediation, and exemplary cooperation with the SEC’s investigation.” This follows on from the May, 2016 Department of Justice (DOJ) decision, also reported by Jaclyn Jaeger in Compliance Week, to decline to pursue criminal charges against the company. These actions led Robert Kent, a partner with law firm Baker & McKenzie, to note in a Client Release that the declinations by both the SEC and DOJ make this a key a case, because it “represents the first time in a ‘pure’ FCPA investigation that a multinational corporation has avoided prosecution entirely, while one of its former employees was sanctioned for FCPA violations that created clear potential FCPA liability for the company.” (Emphasis supplied).
[View source.]
