The Lascaux Cave Paintings And Mergers And Acquisitions Under The FCPA

by Thomas Fox

Today is the anniversary of one of the greatest finds in ancient archeology. 73 years ago, the Lascaux cave paintings discovered by four teenagers who stumbled upon the ancient artwork after following their dog down a narrow entrance into a cavern. This stunning find, consisting mostly of animal representations which ranged in age from 15,000 to 17,000 years-old, are considered to be among the finest examples of art from the Upper Paleolithic period. The pictures depict, in excellent detail, numerous types of animals, including horses, red deer, stags, bovines, felines, and what appear to be mythical creatures. Archaeologists believe that the cave was used over a long period of time as a center for hunting and religious rites.

Fortunately you do not have to look for something so rare when it comes to the steps you need to take when considering your mergers and acquisitions (M&A) obligations under the Foreign Corrupt Practices Act (FCPA). M&A now rates its own step in the FCPA Guidance’s Ten Hallmarks of an Effective Compliance Program. In No. 10, monikered “Mergers and Acquisitions: Pre-Acquisition Due Diligence and Post-Acquisition Integration”, the Guidance states, “In the context of the FCPA, mergers and acquisitions present both risks and opportunities. A company that does not perform adequate FCPA due diligence prior to a merger or acquisition may face both legal and business risks. Perhaps most commonly, inadequate due diligence can allow a course of bribery to continue—with all the attendant harms to a business’s profitability and reputation, as well as potential civil and criminal liability.” In other words, good FCPA compliance is also good business.

Auspiciously for all of us Carol Switzer, President of the Open Compliance and Ethics Group (OCEG), has provided a compendium of steps that the compliance practitioner should take, in a Compliance Week article, entitled “How to Boost Your Merger and Acquisition IQ”, together with another in the OCEG Anti-Corruption Illustrated Series, entitled “M&A Corruption Due Diligence”, Switzer breaks the M&A compliance process into three general areas, with the specific steps she recommends under each.

I.                   Advance Risk Assessment

  1. Make Strategic Decisions. Why would you select this opportunity as opposed to others? Here Switzer writes that your company’s risk tolerance should come into play. Are there some markets where the risk of corruption is simply too high. Witness GlaxoSmithKline PLC (GSK) which has implied it may leave the Chinese market after the recent corruption allegations against it. But, more than simply a market analysis, you should consider whether you wish to grow organically or strategically. If through strategic acquisitions, what criteria should you use for your targets?
  2. Identify Top Level Corruption Threats. Here the list is the usual suspects of concepts. Is the operation that you are considering in a high risk country? Does it have multiple government touch points? Is the sales model third party representatives or internal resources? Are a large amount of goods or services moved across borders? How about sales to foreign governments or state owned enterprises? Thinking about GSK in China, is there a history of payments to or entertainment of government officials? Have you looked at the owners, directors and key employees of the target to see if there is any evidence of corruption?
  3. Make Tactical Decisions. Here a company needs to analyze the findings for each target location to answer such questions as to whether it is better to build or buy, what markets a company targets or avoids and other upstream determinations can help to lower the likelihood of selecting acquisition targets with high corruption risks. Switzer writes that “By sniffing out top-level corruption threats in the risk assessment phase, the company can identify and resolve corruption issues earlier and at a lower cost than it would incur when scrambling to react to these same issues later in the transaction process.” I would add that your assessment needs to be documented as well.

II.      Pre-Transaction Activities

  • Dig Deeper. At this point, Switzer states that it is time to begin to dig deeper into the proposed target. After you have established your M&A team members, you should being to assess the target’s compliance awareness and program, the nature of any dealings it has ongoing with foreign governments and determine if compliance related policies and procedures are in place. The next step is to inspect. To accomplish this, hard copies of documents should be obtained and reviewed. In addition to the overall policies and procedures, you should review the accounting records and contracts with third parties, including any due diligence performed. You need to determine and review if there any specific policies and procedures related to the following areas: gifts, entertainment, travel and hospitality.

Next you will need to interview key personnel, including the executive team, high production employees and compliance professionals. You should also perform independent background checks and due diligence on this group. This same exercise should occur with key third party relationships of the target.

From here you should move to transaction testing. Your testing should include sales and business expenditures, payments to third party consultants, related third party transactions, travel and entertainment expenditures, charitable donations and political contributions.

All of this information then needs to be analyzed to determine if you wish to move forward. Switzer advises some of the key considerations should be potential successor liability, unsustainable business models due to corruption and the potential costs of any remediation going forward. Once again you need to document any decisions you make to go forward if red flags have appeared.

III.             Post-Closing Activities

  1. Analyze. Under this step, Switzer advises that you should begin to determine risks for ongoing business, prioritize ongoing compliance needs of the now acquired company, evaluate in detail the anti-corruption training that the target had provided to its employee basis to determine sufficiency and evaluate in detail all accounting process and policies and procedures if you did not have the opportunity to do so pre-acquisition.
  2. Remediate Outstanding Issues. Now you need to fix any identified shortcomings in the newly acquired entity. This could include the tone at the top, the Code of Conduct, any third party procedures and training.
  3. Integrate. You should use this step to instill a culture of compliance in the newly acquired entity if such was not present, though both training and the implementation of enterprise wide policies. To the extent possible you should establish uniform accounting and technology.
  4. Communicate. In this final step, Switzer suggests that you need to communicate directly with the newly acquired entity so as to enlist their help in managing the change that will go forward. This would include all stakeholders, employees, third party representatives and even customers. Finally, be sure to inform your management, Board of Directors and regulators, such as the Department of Justice (DOJ), as appropriate.

Switzer notes that the earlier you can deploy these steps the better off your company will be at the end of the day. Near the end of her article Switzer quotes from an Ernst & Young white paper, entitled “Increased Oversight of M&A: An Expanding Role for Audit Committees”, that “Failed M&A can destroy a company’s market value, destabilize its financial position and credit ratings, impair its strategic position, weaken the organization and damage the company’s reputation”. She then ends with these words of wisdom, “By treating their deal-drivers as organizational protectors and vice versa, acquiring companies can ace their due diligence and improve their odds of avoiding a failed deal.” To which I can only add – indeed.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Thomas Fox, Compliance Evangelist | Attorney Advertising

Written by:

Thomas Fox

Compliance Evangelist on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.