Over the past 15 months the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) has made clear through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations and best practices compliance programs. Every compliance professional should study each of these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about the priorities.

The three FCPA enforcement actions are ABB from December 2022; Albemarle from November 2023 and SAP from January 2024. Taken together they point a clear path for the company which finds itself in an investigation, using extensive remediation to avoid a monitor and insight for the compliance professional into what the DOJ expects in a best practices compliance program on an ongoing basis.

Over this series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions for compliance professionals who find themselves in an enforcement action. Today we continue  with Number 8, Enhancement of Compliance. The DOJ has made clear that any company going through a FCPA enforcement action you must significantly enhance your compliance program, with budget, head count and expertise its reporting, investigations and consequence management processes.

Albemarle

The Albemarle NPA cited several remedial actions by the company which helped Albemarle obtain the superior result in terms of the discounted fine and penalty. These steps were taken during the pendency of the DOJ investigation so that when the parties were ready to resolve the matter, Albemarle had built out an effective compliance program and had tested it. The NPA provided that Albemarle

• Strengthening its anti-corruption compliance program by investing in compliance resources, expanding its compliance function with experienced and qualified personnel, and taking steps to embed compliance and ethical values at all levels of its business organization;
• Transformed its business model and risk management process to reduce corruption risk in its operation and to embed compliance in the business, including implementing a go-to-market strategy that resulted in eliminating the use of sales agents throughout the Company, terminating hundreds of other third-party sales representatives, such as distributors and resellers, and shifting to a direct sales business model;
• Provided extensive training to its sales team and restructuring compensation and incentives so that compensation is no longer tied to sales amounts;
• Used data analytics to monitor and measure compliance program’s effectiveness; and
• Engaged in continuous testing, monitoring and improvement of all aspects of its compliance program beginning almost immediately following the identification of misconduct.

The NPA noted that Albemarle engaged in holdbacks, as they did not pay bonuses to certain employees involved in the conduct or those who had oversight. The NPA stated, “the Company withheld bonuses totaling $763,453 during the course of its internal investigation from employees who engaged in suspected wrongdoing.” The illegal conduct involved those who “(a) had supervisory authority over the employee(s) or business area engaged in the misconduct; and (b) knew of, or were willfully blind to, the misconduct.” The significance of this effort was important as it qualified Albemarle for an additional fine reduction of a dollar-for-dollar credit of the amount of the withheld bonuses under the Criminal Division’s March 2023 Compensation Incentives and Clawbacks Pilot Program.

Indeed, Deputy Attorney General Lisa Monaco specifically cited the Albemarle FCPA resolution, where “the company received a clawback credit for withholding bonuses of employees who engaged in misconduct. Not only did Albemarle keep the bonuses that would have gone to wrongdoers, the company also received an offset against its penalty for the same amount. That’s money saved for Albemarle and its shareholders – and a concrete demonstration of the value of clawback programs.”

SAP

SAP did an excellent job in its remedial efforts building out its compliance program. In addition to the prior discussions of SAP’s remedial efforts the DOJ also pointed out the company’s Enhancement of Compliance. Here the company significantly increasing the budget, resources, and expertise devoted to compliance; restructuring its Offices of Ethics and Compliance to ensure adequate stature, independence, autonomy, and access to executive leadership; enhanced its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties; enhanced its reporting, investigations and consequence management processes.

Next was the holdback actions engaged in by SAP. The DPA noted, SAP withheld bonuses totaling $109,141 during the course of its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation, or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

ABB

The ABB Plea Agreement reported that ABB “engaged in extensive remedial measures, including hiring experienced compliance personnel and, following a root-cause analysis of the conduct described in the Statement of Facts, investing significant additional resources in compliance testing and monitoring throughout the organization; implementing targeted training programs, as well as on-site supplementary case-study sessions; conducting continuing monitoring and testing to assess engagement with new training measures; restructuring of reporting by internal project teams to ensure compliance oversight; and promptly disciplining employees involved in the misconduct.” This final point was expanded on in the SEC Order which reported that all employees involved in the misconduct were terminated.

Additionally, ABB essentially created its own monitorship around testing its compliance program and reporting to the DOJ. In a section entitled “Written Work Plans, Reviews and Reports”, ABB agreed to conduct a first review and prepare a first report, followed by at least two follow-up reviews and reports. But more than simply reporting, ABB agreed to create and submit for review a workplan for this ongoing testing of its compliance program, as the program was detailed in the DPA. The DPA specified, “No later than one (I) year from the date this Agreement is executed, the Company shall submit to the Offices a written report setting forth:

• a complete description of its remediation efforts to date;
• a complete description of the testing conducted to evaluate the effectiveness of the compliance program and the results of that testing; and
• its proposals to ensure that its compliance program is reasonably designed, implemented, and enforced so that the program is effective in deterring and detecting violations of the FCPA and other applicable anti-corruption laws.”

The bottom line is that all these companies worked very hard to significantly enhance their compliance programs, with budget, head count and expertise its reporting, investigations and consequence management processes. None of the actions by these companies was particularly new or even innovative; as with the innovations around data analytics programs. Indeed, these strategies have been available from the DOJ since at least the first edition of the FCPA Resource Guide, from 2012. It was however the work by each company to understand the deficiencies in their compliance programs and their superior efforts to upgrade them.

[View source.]