On July 3, 2020, the U.S. Department of Justice (DOJ) and U.S. Securities and Exchange Commission (SEC) jointly released the second edition of the “Resource Guide to the U.S. Foreign Corrupt Practices Act,” which was originally published in November 2012. In the intervening eight years, the DOJ and SEC have brought over 275 criminal and civil Foreign Corrupt Practices Act (FCPA) actions and secured over $7 billion in monetary penalties. Following this period of sustained activity, the guide now includes several investigative, settlement and litigation developments since the first edition, in many cases highlighting the broad views that the DOJ and SEC have taken over jurisdiction and substantive liability in settlements, and in other areas acknowledging judicial rulings that clarify or limit the scope of the FCPA. In reviewing these updates, note that certain expansive theories pursued by the DOJ and SEC are reflected in corporate settlements rather than litigated matters.
Although the guide remains largely unchanged in its fundamental approach to and evaluation of key jurisdictional and substantive legal issues, its updates provide insight into DOJ and SEC thinking on certain enforcement challenges and will be of relevance from a practical perspective. The updates include: expanded guidance on pre- and post-acquisition due diligence and successor liability; guidance on internal controls and compliance programs; current DOJ and SEC interpretations of the scope of the statute; information on the DOJ’s Corporate Enforcement Policy; and examples of enforcement actions. The guide also comprehensively sets forth the enforcement policies applicable to the FCPA, making it a useful resource for companies and their compliance and legal functions in particular. In addition, the guide highlights the DOJ’s and the SEC’s continued focus on international cooperation, noting that the DOJ has coordinated resolutions in cooperation with foreign authorities in more than ten cases and the SEC has coordinated resolutions with foreign authorities in at least five.1 We summarize below the key takeaways from the updates reflected in the second edition.
Recognizing the Benefits of Corporate M&A Activity and Practical Realities of Pre-Acquisition Due Diligence
As in the first edition, the guide continues to emphasize that successor liability attaches when a company merges with or acquires another company, assuming the acquired company was previously subject to the FCPA. However, new language in the guide notes that the DOJ and the SEC “recognize the potential benefits of corporate mergers and acquisitions, particularly when the acquiring entity has a robust compliance program in place and implements that program as quickly as practicable at the merged or acquired entity.”2 Consistent with the recently updated guidance in the DOJ’s “Evaluation of Corporate Compliance Programs,” the guide now states that the DOJ and the SEC recognize that robust pre-acquisition due diligence may not always be possible, but that timely and thorough post-acquisition due diligence and compliance integration efforts are expected.
As reflected by prior enforcement actions, the guide explains that the DOJ and the SEC are more likely to pursue enforcement actions against the predecessor company rather than the acquiring company where the acquiring company uncovered and timely remedied FCPA violations.3 The guide also flags that under the DOJ’s FCPA Corporate Enforcement Policy, “in appropriate cases, an acquiring company that voluntarily discloses misconduct may be eligible for a declination, even if aggravating circumstances existed as to the acquired entity.”4
Interaction Between Internal Accounting Controls and a Compliance Program
Under the FCPA’s internal controls provision, issuers are required to devise and maintain a system of “internal accounting controls sufficient to provide reasonable assurances” that transactions are properly executed and recorded. The guide recognizes that internal accounting controls are not coterminous with a company’s broader compliance program. However, it notes that effective compliance programs may have components that overlap with an issuer’s internal accounting controls. The guide suggests that the SEC may examine an issuer’s compliance program in connection with evaluating its internal controls.
As is set forth in the first edition, a company’s internal controls “must take into account the operational realities and risks attendant to the company’s business, such as: the nature of its products or services; how the products or services get to market; the nature of its work force; the degree of regulation; the extent of its government interaction; and the degree to which it has operations in countries with a high risk of corruption.” The new edition further states that “[j]ust as a company’s internal accounting controls are tailored to its operations, its compliance program needs to be tailored to the risks specific to its operations.”5
Update to the “Hallmarks of Effective Compliance Programs”
The often referenced “Hallmarks of Effective Compliance Programs” remain substantively the same in the new edition of the guide. However, in this new edition, the DOJ and the SEC have added “investigations, analysis, and remediation of misconduct” as one of the hallmarks, bringing the guide in line with the DOJ’s recently updated Evaluation of Corporate Compliance Programs guidance. (See our June 15, 2020, analysis of the DOJ’s updated guidance.)
The guide now states that, to be effective, compliance programs “should have a well-functioning and appropriately funded mechanism for the timely and thorough investigation[s] of any allegations or suspicions of misconduct by the company, its employees, or agents.”6 The guide also states that companies should have in place not only mechanisms to respond to specific incidents of misconduct, but also systems to integrate lessons learned “into the company’s policies, trainings and controls” by analyzing the root causes of the misconduct and implementing timely and appropriate remediation. Inserting these factors from the DOJ policy into the guide extends the DOJ-specific guidance to the SEC, which does not have a standalone policy on evaluating corporate compliance programs or internal controls.
Use of Conspiracy and Complicity Theories and Jurisdictional Reach
The second edition of the guide also provides a window into the DOJ’s and the SEC’s view of current case law and the approach they are likely to take in interpreting the FCPA’s provisions where case law is not yet fully developed.
For example, the guide discusses the closely watched criminal prosecution of Lawrence Hoskins, a former vice president of Alstom S.A., which resulted in Hoskins’ acquittal on FCPA charges in February 2020 on the grounds that the government had failed to prove that he was an “agent” of a U.S. entity. (See our September 4, 2018, client alert on U.S. v. Hoskins.) The guide is careful to narrowly interpret the application of this case by noting that it applies to FCPA anti-bribery provisions only, and that it is binding precedent only in the Second Circuit. As such, the substance of the guide on this topic remains unchanged in stating that individuals and companies, including foreign nationals and companies, may also be liable for conspiring to violate the FCPA — i.e., for agreeing to commit an FCPA violation — even if they are not, or could not be, independently charged with a substantive FCPA violation. The guide also explains that a foreign company or individual may be held liable for aiding and abetting an FCPA violation or for conspiring to violate the FCPA even if the foreign company or individual did not take any act in furtherance of the corrupt payment while in the territory of the United States.7
Notably, recent case law has not addressed several bases of jurisdiction upon which the DOJ has relied in past enforcement actions, such as wire transfers and emails transmitted through the U.S. As in the 2012 edition, the guide states that placing a telephone call or sending an email, text message, or fax from, to or through the United States; sending a wire transfer from or to a U.S. bank or otherwise using the U.S. banking system; or traveling across state borders or internationally to or from the U.S. may all give rise to jurisdiction over issuers and domestic concerns as well as their officers, directors, employees, agents or stockholders.8
With respect to individuals who are not entities or domestic concerns, the guide continues to state that “[they] may be prosecuted under the FCPA if they directly, or through an agent, engage in any act in furtherance of a corrupt payment while in the territory of the United States, regardless of whether they utilize the U.S. mails or a means or instrumentality of interstate commerce. Thus, for example, a foreign national who attends a meeting in the United States that furthers a foreign bribery scheme may be subject to prosecution.”9
Perhaps in response to Hoskins and in acknowledgment that certain limitations may exist on the DOJ’s ability to rely on conspiracy theories to establish a violation of the anti-bribery provisions with respect to co-conspirators not subject to the FCPA (who also did not take any action in the United States), the second edition guidance no longer states that “any co-conspirators, even if they did not themselves attend the meeting” may be subject to prosecution. Moreover, the second edition guidance no longer states that liability extends to foreign nationals or companies that aid or abet, conspire with, or act as agents of an issuer or domestic concern, “regardless of whether the foreign national or company itself takes any action in the United States.”10
Criminal Violations of the Accounting Controls Provisions
The guide now states that a six-year statute of limitations period applies to criminal violations of the FCPA’s accounting provisions based on 18 U.S.C. § 3301 because the accounting provisions qualify as securities fraud offenses. Criminal violations of the anti-bribery provisions, on the other hand, are subject to a five-year statute of limitations. For practical purposes, the guide notes that companies or individuals cooperating with the DOJ may enter into a tolling agreement that voluntarily extends the limitations period “so that they may have additional time to do their own investigation of the conduct, as well as to give them an opportunity to meet with the government to discuss the case and attempt to reach a negotiated resolution.”11
The guide also clarifies that “willfulness” applies to the “intent” requirement with respect to companies when determining potential criminal violations of the act’s accounting controls provisions. Citing two corporate settlements, the guide now states that “[c]riminal liability can be imposed on companies and individuals for knowingly and willfully failing to comply with the FCPA’s books and records or internal controls provisions.”12 The guide generally explains that “willfulness” means acting with knowledge that the conduct at issue was unlawful, and that proof of willfulness is not required to establish corporate civil or criminal liability under the anti-bribery provisions, though proof of corrupt intent is.13 By contrast, willfulness is required to prove criminal liability against an individual defendant under the FCPA.14
To illustrate the intent requirement applicable to companies with respect to potential violations of the act’s accounting controls provisions, the guide includes two case references. In one, the company admitted to falsifying its books and records by falsifying records related to the retention, services and payments to an intermediary to conceal the true nature of the payments. The company also admitted that it failed to implement a system of internal controls relating to due diligence and oversight of third-party intermediaries.15 In the other example, the company admitted that it retained so-called consultants who did little or no consulting work, mischaracterized the payments in its general ledger, and admitted that its senior executives provided false or incomplete representations about the effectiveness of the company’s internal controls to the parent on their Sarbanes-Oxley certifications. Given these factors, the DOJ determined that the company knowingly and willfully caused its parent issuer to falsify its books and records.16
Incorporation of DOJ Policies and Added Emphasis on Factors That May Lead to a Declination Presumption
The guide helpfully incorporates and summarizes the DOJ’s recent policies with respect to corporate enforcement, monitorships, “anti-piling on” and evaluation of corporate compliance programs.
Notably, in its discussion of the DOJ’s FCPA Corporate Enforcement Policy, the guide now provides three detailed examples of declinations, illustrating the DOJ’s policy that where a company voluntarily self-discloses misconduct, fully cooperates, and timely and appropriately remediates, there is a presumption that the DOJ will decline to prosecute absent aggravating circumstances. The examples are notable because the improper payment amounts were relatively high and the improper conduct involved high-level executives. The declination examples also reflect that the DOJ will consider a company’s agreement to disgorge all profits made from illegal conduct and whether the DOJ is able to identify and charge the culpable individuals, among other factors.17
Other Relevant Updates
Gifts, Travel, Entertainment and Other Things of Value
The guide provides more recent examples in corporate settlements of what is likely to be considered improper gift-giving, and continues to emphasize that clear and easily accessible guidelines and processes for gift-giving are an essential part of an effective compliance program.18 The newly added examples focus on high-value extravagant gift-giving, travel and entertainment, but also serve as a reminder regarding other “things of value” that have been key factors in past enforcement actions, such as paying for school tuition, per diems and travel; providing entertainment related to purported “factory visits” or “training” trips arranged for foreign officials; or hiring, promoting and retaining children of foreign officials in order to win business with those officials. As in the first edition, the guide states that “[t]he larger or more extravagant the gift, however, the more likely it was given with an improper purpose.”19
The Meaning of “Instrumentality of a Foreign Government”
As in the first edition, the guide states that “foreign officials” under the FCPA include officers or employees of a department, agency, or “instrumentality” of a foreign government. To further refine the factors used to identify an “instrumentality,” the guide now cites to a seminal 2014 case, United States v. Esquenazi, which was the first appellate court interpretation of the meaning of “foreign official.”20 In that case, the Eleventh Circuit concluded that an “instrumentality” under the FCPA is “an entity controlled by the government of a foreign country that performs a function the controlling government treats as its own.” The guide sets forth the nonexhaustive list of factors that the Eleventh Circuit used to determine whether the government “controls” an entity as well as factors to determine whether the entity performs a function that the government treats as its own. These factors are in line with the nonexhaustive list in the first edition of the guide derived from final jury instructions used in various circuit courts, and do not signal a significant departure from the DOJ’s and the SEC’s approach with respect to identifying “instrumentalities” of a foreign government.
The guide cites new examples of companies using third-party sales agents in foreign countries to win business.21 The examples support the DOJ’s and the SEC’s warning that paying bribes through a third party, particularly in the form of “commissions” to sales agents, does not eliminate the potential for criminal or civil FCPA liability, and that violations of the FCPA on this basis frequently lead to high penalties.
Foreign Written Law Defense
The guide now relies on a 2019 case to support the DOJ and the SEC position that the “local law” affirmative defense is narrow and rarely viable, except where a written local law or regulation explicitly permits corrupt payments.22 In United States v. Ng Lap Seng, the U.S. District Court for the Southern District of New York rejected the defendant’s request to provide the jury with an instruction that the jury must acquit if the payments at issue were lawful under the written laws and regulations of the foreign countries at issue. The court found the proposed instruction was “inconsistent with the plain meaning of the language of the written laws and regulations affirmative defense contained in the FCPA.”23
Disgorgement of Ill-Gotten Gains as Equitable Relief
The guide now references recent cases that discuss the SEC’s ability to disgorge profits generated from FCPA violations.24 In Kokesh v. SEC, the U.S. Supreme Court ruled that because the civil disgorgement remedy constitutes a “penalty,” it is subject to the five-year statute of limitations set forth in 28 U.S.C. § 2462. Subsequently, in SEC v. Liu, the Supreme Court affirmed the SEC’s ability to seek disgorgement as long as (i) the amount does not exceed a wrongdoer’s net profits and (ii) it is awarded for victims.25
* * *
The second edition of the FCPA guide’s reflection of new enforcement actions, case law and enforcement policies is especially useful given that FCPA enforcement has continued apace in recent years. Although the backbone of the guidance remains largely similar to the first edition, the updates reflect the DOJ’s and the SEC’s continued focus on FCPA enforcement and emphasis on adequate, effective and responsive compliance programs and internal controls.
1 A Resource Guide to the U.S. Foreign Corrupt Practices Act, Second Edition (2020) (Resource Guide), p. 71.
2 Resource Guide, p. 29.
5 Resource Guide, pp. 40-41.
6 Resource Guide, p. 67.
7 Resource Guide, pp. 35-36 (internal citations omitted).
8 Resource Guide, p. 10.
9 Resource Guide, pp. 10-11.
10 A Resource Guide to the U.S. Foreign Corrupt Practices Act (2012), p. 12.
11 Resource Guide, p. 37.
12 Resource Guide, p. 45.
13 See Resource Guide, p. 13.
14 See Resource Guide, p. 13.
15 Resource Guide, p. 45, citing Deferred Pros. Agreement, United States v. Och-Ziff Capital Mgmt. Group LLC, No. 16-cr-516 (E.D.N.Y. Sept. 29, 2016).
16 Resource Guide, p. 46, citing Deferred Pros. Agreement, United States v. Panasonic Avionics Corp., No. 18-cr-118 (D.D.C. Apr. 30, 2018).
17 Resource Guide, pp. 52-53.
18 Resource Guide, pp. 14-15.
19 Resource Guide, p. 15.
20 Resource Guide, p. 20.
21 Resource Guide, p. 22.
22 Resource Guide, p. 24.
24 Resource Guide, p. 37
25 Resource Guide, p. 71.