The expectation for anti-corruption enforcement in the coming year is more of the same, with continued vigorous enforcement of the U.S. Foreign Corrupt Practices Act (FCPA), and slow but steady advances internationally.
In last year’s Risk Forecast, we described a “maturation” of FCPA enforcement, characterized by more selectivity in prosecutions, more flexibility on settlement terms, and a heightened emphasis on the quality of corporate cooperation and prevention efforts. These trends continued in 2013 and will shape enforcement over the coming year. While the aggregate number of settled corporate cases was off for a third consecutive year, penalty levels were up sharply, and individual prosecutions and overall investigative activity remained at a high level. Global enforcement efforts also saw a modest uptick, with growing caseloads in several countries. Corporate executives continue to rate corruption among the most serious risks facing their companies, with nearly 40 percent in one year-end survey reporting the prospect that they would be required to investigate allegations of employee bribery “somewhat likely” or “possible” over the next two years.
Hot topics for the coming year include a renewed focus on program “assessment and verification” mechanisms (such as certifications), broader and more sophisticated application of “collective action” initiatives to address the so-called “prisoner’s dilemma” faced by ethical companies in challenging markets and more attention to managing corruption risk in global supply chains.
FCPA Baseline
We begin this year’s forecast once again with the FCPA, which – despite advances elsewhere – continues to drive risk assessment and mitigation planning at most multinational companies. While the UK Bribery Act is beginning to make its mark, speculation that it would displace the FCPA model or require wholesale changes to FCPA-oriented programs has not proven out. The U.S. continues to lead the world in anti-bribery enforcement by a wide margin, with more than 250 concluded cases and upwards of 100 open investigations at any one time, as well as corporate penalties that still dwarf those elsewhere.1 As such, the FCPA has remained an essential baseline for most companies, even as anti-corruption programs have adopted a more global tone and nomenclature.
Although the FCPA remains central to most global programs, there have been notable changes in several areas in response to the UK Bribery Act. Chief among these has been the elimination from many programs of any formal reference to so-called “facilitation” payments, the nominal payments allowed under the FCPA—but not under the UK Bribery Act and some other national laws—to secure certain routine and non-discretionary services such as visa processing and utility hookups. While actual practice is as varied and challenging as ever,2 the UK Bribery Act proscription on facilitation payments has altered the general public debate and could eventually lead to a further narrowing of the FCPA practice. A second common program change, also in response to the UK Bribery Act, has been to add more explicit prohibitions on commercial bribery.3
Enforcement Highlights
FCPA enforcement in 2013 followed the pattern of the past several years, with a number of high-profile settlements, prominent additions to the corporate investigations docket, and an ongoing focus on criminal prosecutions of individuals. The aggregate number of completed corporate enforcement actions was down for a third consecutive year, with only nine corporate settlements compared to a high of 20 in 2010.
Total Aggregated Corporate Cases: 2002-2013 – source: Sherman & Sterling, FCPA Digest (Jan. 2013).
However, enforcement remained robust by most other measures. Average corporate penalties were up sharply from 2012, rising nearly fourfold to $80 million per corporate settlement. This outsized figure reflects two blockbuster settlements, but even adjusted for these and a third case with only nominal penalties, the average rose to $28 million—$4 million above what had been the record FCPA penalty prior to 2008.4 The Department of Justice (DOJ) and Securities and Exchange Commission (SEC) also continued to add new cases to the investigations pipeline, advance sectoral initiatives and target violations by non-U.S. companies.5 Substantial resources were again devoted to individual criminal prosecutions, often in parallel with corporate proceedings.
Case highlights from 2013 included a $398 million settlement with the French oil and gas company Total, described by the DOJ as “the first coordinated action by French and U.S. law enforcement in a major foreign bribery case,” and a $158 million settlement with Swiss-based Weatherford International for FCPA violations in the Middle East and Africa. Other notable corporate settlements were with agribusiness giant ADM ($54 million for bribes in Ukraine to secure VAT refunds), Ohio-based Diebold Inc. ($48 million for public and private overseas bribes in connection with ATM sales), the German engineering and services company Bilfinger ($32 million for bribes to secure Nigerian energy contracts), Houston-based Parker Drilling Company ($15.8 million for bribery involving customs violations) and Koninklijke Philips Electronics ($4.5 million for bribes and kickbacks to public health care officials in Poland).
The SEC also broke new ground with its first-ever use of a non-prosecution agreement (or NPA) to resolve an FCPA accounting offense and a first books and records action against a Chinese-based company. The NPA came in a widely reported case involving U.S. apparel company Ralph Lauren Corp., resolving charges of customs-related bribery in Argentina by a local affiliate. The China books and records action involved Keyuan Petrochemicals, resulting in a $1 million fine for inadequate accounting controls.
The cases reflect several trends that will continue to shape FCPA enforcement in 2014:
- More corporate cases. DOJ and SEC officials at a year-end conference cautioned practitioners not to be misled by the recent dip in the number of corporate resolutions, noting that two-thirds of the 20 largest FCPA cases had been brought in the past three years and there are “lots of cases in the pipeline.” With more than 100 cases in the pipeline, both agencies continue to receive new leads from a variety of sources, including self-reporting by companies, whistleblower reports and information from other governments.
- Sectoral spin-offs. Sector-based enforcement also will continue to feature prominently, in line with a government decision several years ago to be more proactive identifying industries for FCPA enforcement and leveraging leads into broader investigations. While the rhetoric on industry “sweeps” has softened, “spin-off” enforcement actions have been common and top agency officials have made clear their commitment to “follow up” when a company indicates that its competitors are also engaged in corrupt conduct.6
- Non-U.S. companies. Foreign companies subject to FCPA jurisdiction remain a particular focus, especially those from jurisdictions with weak transnational bribery enforcement. Non-U.S. companies accounted for four of nine settled cases in 2013 and the lion’s share of fines, including two (Total and Weatherford) that joined the notorious “top 10” list of FCPA settlements.7
- Agents and intermediaries. The DOJ and SEC continue to emphasize the heightened bribery risk when international business is conducted using agents, consultants and other third-party business partners. Roughly two-thirds of the current FCPA caseload involves allegations of improper payments routed to foreign officials through intermediaries, and companies are being encouraged to redouble their prevention efforts. Minimum requirements, detailed in the 2012 Resource Guide to the FCPA, include risk-based due diligence and monitoring for common red flags.
- Travel and entertainment. The government will also continue to bring “bright line” cases for improper travel, gifts and entertainment. Travel and entertainment issues featured prominently in recent settlements with Diebold (vacation travel for multiple officials), Weatherford (World Cup tickets and honeymoon travel for an official’s daughter), and Stryker (holiday travel to New York and Aruba). At the same time, officials have made clear that their focus is on “problematic entertainment” rather than the “small things” that do not rise to the level of bribery.8
- Rewarding good practice. Corporate cooperation and remediation efforts featured prominently in many of the enforcement actions in 2013, as well as the record number of public declinations. As we had predicted last year, the DOJ and SEC have been far more robust and public in their efforts to encourage and reward good practice—in particular, through more transparency about settlement calculations and the types of cooperation worthy of meaningful credit.9
Looking Ahead
All signs point to a continuation of these trends in 2014, with more cases against both individuals and companies, more large corporate settlements and further application of FCPA jurisdiction to non-U.S. companies. Efforts also will continue to encourage and reward better and more effective ethics and compliance practices.
Although not much is likely to change on these basics, the enforcement landscape could shift in some important details.
One is a possible upsurge in whistleblower-generated investigations under the Dodd-Frank whistleblower program. Now in its third year, the Dodd-Frank program offers substantial monetary rewards to individuals who voluntarily provide the SEC with original information leading to successful enforcement action for securities law violations.10 While it is still early, the number of reported tips rose sharply in 2013 and a handful of awards have already been made, including a $14 million award last November in a financial fraud case. Whistleblower tips were up 8 percent overall, and nearly 30 percent for the FCPA.11 No rewards have yet been made in an FCPA case, but given the level of activity, it is only a matter of time. As one senior SEC official observed at a recent industry conference, the Commission is “increasingly sourcing [its] own cases through whistleblower tips” and sees FCPA violations as “an increasingly fertile ground” for whistleblowing.
We can also expect more attention to program “assessments” and associated “verification” measures that test the quality of a company’s anti-corruption program. While the core elements for an effective program are by now well established, associated operational practices vary widely across industries and companies and over time. Boiled down, the expectation is that a company will follow “good practice” — or in more formal Sentencing Guidelines terms, practices that are “reasonably effective” in preventing and detecting violations. Good practice is not a fixed value, however, but a set of continually evolving benchmark standards informed by practical experience. Board oversight, for example, has become far more rigorous and structured in response to heightened enforcement risk, as has the program content, training and auditing now considered standard. The very best compliance programs understand this evolution and build periodic benchmarking and refinement into their systems and controls.
This has two practical implications for FCPA enforcement. First, the devil in compliance is very much in the details, and this is increasingly factoring into government judgments about the quality of a company’s education and prevention efforts. DOJ guidelines for prosecuting organizations have long warned that a company must have more than a “paper program,” and this can now be seen at the operational level—most notably, in comprehensive program guidelines detailed in the 2012 joint DOJ-SEC “FCPA Resource Guide,” and in their application in recent corporate settlements. Second, and related, has been a move toward more regular and robust “verification” reviews to test and refine a company’s anti-corruption program. Self-assessments are still most common, but a range of third-party verification services (including formal certification) has recently become available.12
Supply chain management is another emerging area with implications for the enforcement landscape. As anti-corruption practices within global companies have improved, the spotlight has begun shifting to their extensive supply chains. Broadly defined, the supply chain includes not only a company’s agents and consultants, but also its suppliers, distributors and other business partners. As was earlier noted, bribes by an agent or other intermediary are already a common source for FCPA liability. Increasingly, companies are also being held accountable, both legally and in the court of public opinion, for the conduct of their suppliers and distributors. Misdeeds by a supplier can directly affect product quality, while those by distributors who carry a manufacturer’s brand can transfer to the manufacturer in the public mind. Global companies have long understood this for product safety, the environment and human rights, and the connection increasingly is now being made for corruption.13
Managing for corruption in the supply chain is an enormously complicated and difficult challenge, especially for large global companies working in difficult markets. Even so, there are emerging practices—described in a new LRN handbook and course—that can provide a framework for working through these challenges. These range from tailored procedures for targeting priority risks and avoiding bad suppliers to better mechanisms for communicating and supporting minimum supplier integrity standards and then monitoring supply chain performance.
Various forms of so-called “collective action” are another emerging area that will be important for some companies. The term covers several different types of joint voluntary action by businesses designed to supplement traditional government enforcement, especially important to “leveling the economic playing field” for ethical companies in jurisdictions with a weak rule of law. Companies are finding that it is not enough in some contexts simply to prevent bribery by their own people, and that it can be difficult to win new contracts or conduct business unless competitor standards rise as well.
One type of collective action known as an “integrity pact” contractually commits bidding companies to specified minimum integrity standards, together with an oversight and enforcement mechanism. (These are also sometimes imposed governmentally, as in India for most major agency procurements.) Another type of collective action focuses on raising standards of integrity and compliance on a broader basis through “code-based initiatives.” These typically are national or regional in scope, but can also have a sectoral focus. National initiatives tend to focus on smaller businesses with limited past experience and will often combine a formal public commitment to minimum integrity standards with practical implementation support of various kinds.14 Sectoral initiatives can also serve small businesses, but more commonly are aimed at larger companies and the different challenges they face. A third type of collective action, with both small business and multinational applications, focuses on regulatory and policy reforms that can reduce the opportunities for corruption—for example, through regulatory reforms that eliminate opportunities for extortion by corrupt local officials.
Additional Global Considerations
Although the FCPA remains central to risk assessment and mitigation planning for most international companies, counterpart laws in other jurisdictions are gaining traction. Chief among these is the UK Bribery Act, but other countries (notably Germany, Canada and China) also stand out. Global enforcement efforts continue to lag behind the U.S., with only modest gains over the past year. By one measure, there are still only four OECD (Organisation for Economic Co-operation and Development) countries with “active enforcement” and another four rated as “moderate.” In addition to the U.S., active enforcers include the UK, Germany and Switzerland.15 Although the number of reported actions in most countries is still small, considerably more is happening beneath the radar screen (in particular through cross-border information sharing and other cooperation). Elsewhere, host countries (most notably China, India and Brazil) have advanced new measures to counter corruption in their markets.16
Some more notable developments:
- Change in tone at the Serious Fraud Office (SFO). Although the UK Bribery Act has yet to generate the large-scale international corruption prosecutions anticipated upon its passage, this appears to be only a matter of time. A number of corporate cases are in the pipeline and new leadership at the SFO — the lead enforcement agency for foreign bribery — has signaled a much tougher line on enforcement.17 This has included a rolling back of informal guidance which suggested that (a) self-reporting would insulate a company from criminal action and (b) a more flexible approach would be taken in interpreting the UK Bribery Act’s rule against facilitation payments. The SFO is also developing guidelines for FCPA-like deferred prosecution agreements, based on new legal authority established last year.
- Amendments to Canadian law. Canada’s version of the FCPA—the Corruption of Foreign Public Officials Act (CFPOA)—was significantly strengthened last February through amendments establishing “nationality jurisdiction,” a “books and records” offense and stricter penalties for bribery violations. This brought the law into line with OECD convention standards, allowing for the first time legal action in cases involving bribery wholly outside Canada and, as under the FCPA, based solely on faulty recordkeeping or controls. Several corporate cases have since been brought and a number of others are under investigation.
- Enforcement in China. China is one of a number of developing countries that, for political and other reasons, have stepped up their enforcement of domestic anti-corruption laws. In China, this has included prosecutions of both public officials for demanding or taking bribes (including a former Politburo member) and multinational employees for paying bribes. Last July, Chinese authorities detained 22 GSK executives and employees in an expanding corruption investigation said to involve as many as 60 domestic and multinational pharmaceutical companies operating in China.
As this brief listing suggests, the pace of action internationally clearly is picking up. For risk managers, the essential message remains the importance of a comprehensive global approach to anti-corruption risk forecasting and compliance. Although enforcement in most countries is still spotty—and well below U.S. levels even in the most active countries—there are now important exceptions. And even for the laggards, multinational companies (especially from the U.S.) will remain an appealing early target. The challenge ahead will be to build and maintain effective global compliance programs that can capture relevant laws, reconcile differences (for example, on facilitation payments) and, above all, communicate company standards and expectations to an increasingly diverse workforce. Stepped-up enforcement in China and other developing countries will also raise the stakes for supply chain integrity.
_____________
Footnotes
1 Exporting Corruption, Progress Report 2013: Assessing Enforcement of the OECD Convention on Combatting Foreign Bribery, Transparency International at 89 (Aug. 2013).
2 A growing number of companies have affirmatively rejected the FCPA exception as a matter of corporate policy, while many others that continue to rely on the exception no longer mention it in formal policy documents. In both cases — but especially for companies that take a “zero tolerance” pledge on facilitation payments — transforming commitment into daily practice continues to present training and operational challenges.
3 For most global programs, the change has been more a matter of presentation than substance. Commercial bribery was already proscribed in its various forms, just not with explicit reference to foreign public bribery. For a detailed comparative analysis of commercial bribery prohibitions under U.S. and UK law, see “Coordinating UK Bribery Act and FCPA Compliance” (April 2011).
4 This figure excludes disgorgement amounts (which, in concept if not always in practice, are equitable rather than punitive), plus penalties in two exceptionally large settlements (Total and Weatherford) and a third de minimis one (Ralph Lauren). Prior to 2008, the record penalty in an FCPA case had been $21 million in Baker Hughes (in addition to $23 million in disgorgement).
5 A recent compilation of “corporate investigations” published by The FCPA Blog lists 92 companies subject to ongoing or unresolved FCPA-related investigations.
6 Spin-off investigations have been so common that many companies now include FCPA action against a similarly situated competitor among their “red flags” for risk assessment and mitigation planning.
7 Eight of 10 companies on the “Top 10” list of FCPA settlements are foreign-based. As might be expected, companies from jurisdictions that have not had robust foreign bribery enforcement (i.e., most countries outside of the U.S. and Germany), or with limited practical experience designing and implementing “effective” anti-corruption programs, have tended to have more severe and systemic problems. This will change as global enforcement and corporate prevention practices converge. In the interim, non-U.S. companies with potential FCPA exposure would be well-advised to draw on U.S.-derived benchmark practices for their prevention programs, globally as well as for U.S. affiliate operations.
8 At a recent conference for FCPA practitioners, a senior SEC official noted illustratively the “nice dinner” for a foreign official that might follow an otherwise legitimate plant tour. While the occasional dinner or other modest gift may run afoul of a company’s ethics rules, as well as those established by a government for its officials or contractors, these have never been a priority focus for the FCPA. The underlying policy concern is that the often disproportionate attention that routine gift and hospitality issues receive in field training do not distract from efforts to raise awareness about broader and more serious bribery risks.
9 The SEC press release announcing its non-prosecution agreement with Ralph Lauren is illustrative, outlining the reasons for the nominal penalty imposed ($800,000), and thereby suggesting a roadmap for cooperation and remediation in other cases.
10 Under the program, a qualifying whistleblower is entitled to receive from 10 percent to 30 percent of monies collected by the Commission in a successful enforcement action. This and other program requirements are detailed in a January 2011 Compliance Update, available on LRN’s ECA website.
11 In its annual report to Congress on the Dodd-Frank program, the SEC reported an 8 percent rise in the total number of whistleblower tips in 2013, from 3,011 to 3,238. FCPA-related whistleblower tips jumped almost 30 percent from the prior year, from 115 to 149.
12 In the broadest sense, assessment and verification requires a check to determine that an anti-corruption program is well designed and is working as intended. Such reviews are implicit in the Federal Sentencing Guidelines framework, reflected in the directive that a company periodically assess its risk profile and “take appropriate steps to design, implement or modify” individual elements in its compliance program. Currently available “verification” methods are the subject of a pending study sponsored by the Siemens Integrity Initiative.
13 See, for example, the UN Global Compact’s Fighting Corruption in the Supply Chain: A Guide for Customers and Suppliers (2010). The Rana Plaza factory collapse in April 2013 brought home for Bangladesh and global textile manufacturers the considerable risk (legal, reputational, operational) from supplier corruption (in this case, payoffs to circumvent building code standards), even when a supplier is acting independently.
14 Apart from aiding smaller local businesses, these initiatives can also benefit larger global companies by providing a local baseline and rationale for the supply chain integrity programs mentioned earlier.
15 Progress Report 2013: Assessing Enforcement of the OECD Convention on Combating Foreign Bribery, Transparency International (August 2013). The four countries with a moderate enforcement rating are Italy, Australia, Austria and Finland.
16 The UN Convention against Corruption (UNCAC) establishes a comprehensive framework for combating corruption, committing signatory countries to wide-ranging measures that criminalize bribery, strengthen enforcement and international cooperation, establish legal mechanisms for asset recovery and provide for technical assistance and information exchange. While UNCAC implementation has been slow and uneven, significant progress is being made. Of particular note is a recent handbook for authorities in developing countries on corporate sanctions and incentives. UN Office on Drugs and Crime, A Resource Guide on State Measures for Strengthening Corporate Integrity (2013).
17 Observing that under prior leadership the SFO’s role had become blurred, a senior official recently promised that the SFO “will start acting [more] like a law enforcement agency.”