All U.S. firms seeking to do business in foreign markets must be familiar with the FCPA. Enacted in 1977 and amended several times since then, the FCPA generally states that if a foreign company has any footprint in the U.S., even simply wiring money through it, that company is subject to prosecution if involved in corrupt payments to foreign officials for the purpose of obtaining or keeping business.
The FCPA applies to any individual, firm, officer, director, employee, or agent of a firm and any stockholder acting on behalf of a firm. U.S. parent corporations also may be held liable for the acts of foreign subsidiaries where they authorized, directed, or controlled the activity in question, as can U.S. citizens or residents, who were employed by or acting on behalf of such foreign subsidiaries. The same provisions essentially extend to intermediaries which include joint venture partners or agents.
Between 2006 and 2009, the U.S. Department of Justice (DOJ) and the Securities and Exchange Commission (SEC), both of which have jurisdiction over the FCPA, initiated more enforcement actions than in the first 28 years of the FCPA’s existence. And the financial penalties for violations have skyrocketed. In December 2008, Siemens AG, Europe’s largest engineering firm, pleaded guilty to violating U.S. anti-corruption laws and was ordered to pay $1.6 billion to settle bribery charges in U.S. and Germany.
To ensure FCPA compliance, the DOJ recommends that companies exercise risk-based due diligence to ensure that they are doing business with reputable and qualified entities and representatives. The due diligence process, at minimum, should include investigating potential foreign representatives and joint venture partners to determine their general reputation and qualifications, whether they have personal or professional ties to the government, the reputation of their clients, and their history with the U.S. Embassy or Consulate, local bankers and other business associates. Additionally, the U.S. firm should be aware of “red flags,” i.e., unusual payment patterns or financial arrangements, indicators of corruption in the country or the particular industry, or refusal by the foreign joint venture partner or representative to provide certification that it will not engage in actions to further an unlawful offer, promise, or payment to a foreign public official and not cause the firm to be in violation of the FCPA (such as paying unusually high commissions, lacking transparency in expenses and accounting records, or retaining a joint venture partner or representative that has been referred by a government official.)
Capturing recent headlines are the changes to the FCPA-related compliance and ethics provisions of the Federal Sentencing Guidelines for Organizations that will become effective in November 2010. The amendments provide that a meaningful compliance program requires, among other actions, that when criminal conduct is detected, the company implement “reasonable steps to respond appropriately … to prevent further similar conduct.” An annotation to that provision specifies that the actions include “assessing the compliance and ethics program and making modifications necessary to ensure that the program is effective … and possibly including the use of an outside professional advisor to ensure adequate assessment and implementation of any modifications.”
The Guidelines also state that a board must be knowledgeable about the content and operation of the company’s compliance program and must “exercise reasonable oversight with respect to the implementation and effectiveness of its compliance and ethics.” Likewise, the DOJ’s prosecution guidelines consider whether the board exercises independent reviews of the compliance program and whether it is provided with information sufficient to enable the exercise of independent judgment. Directors have similar “Caremark” oversight duties arising under case law and various other directives, such as stock exchange rules, Sarbanes-Oxley, and audit committee charters.