5 Risky Mistakes Companies Make
Third-party relationships result in a majority of FCPA resolutions and investigations. Dan Wendt, member at Miller & Chevalier, discusses why third-party due diligence should be a central part of any anti-corruption program and shares insights into some of the customary ways companies fall short in terms of anti-corruption due diligence.
Agents and third parties create most bribery problems these days. It is relatively rare for companies to create legal liabilities under the Foreign Corrupt Practices Act (FCPA) or similar laws by making payments directly to government officials. Instead, a majority of corporate FCPA resolutions in recent years involve fact patterns in which the infringing companies make payments to a third party, which in turn passes on some of the payments to a government official. For this reason, the U.S. Department of Justice (DOJ) and U.S. Securities and Exchange Commission (SEC) repeatedly emphasize the importance of third-party due diligence as a critical part of an effective anti-corruption compliance program. Moreover, in conducting investigations of foreign bribery, both the DOJ and SEC initially ask for all relevant third-party due diligence files in order to assess corporate wrongdoing.
Consequently, anti-corruption third-party due diligence is critically important for companies, especially companies that operate in high-risk jurisdictions. In general, third-party due diligence may be more of an art than a science, but there are many pitfalls or shortcuts that should be avoided. This article summarizes a few common mistakes seen in third-party due diligence efforts.
Settling for Incomplete Ownership Information
Often, especially in high-risk markets, it may be quite difficult to identify the true beneficial owners of an enterprise. For example, a company may use offshore entities with nominal directors as shareholders, and it may be unwilling to provide any further information. Additionally, one owner may have a contract or informal agreement to hold a beneficial interest on behalf of someone else. Solid due diligence requires special efforts for identifying ownership in cases where the business partners may not be fully transparent.
First, it is important to insist on identifying individuals, not holding companies, assuming the company does not have an inordinate number of shareholders. Any due diligence questionnaire should establish this expectation so there is no doubt of a company’s expectations during the process. And, while receiving full ownership information in writing is of course best, there may be instances in which business partners are willing to identify full ownership only through oral disclosures, so companies may want to offer this option in some instances (and document these meetings in their own files).
Second, it is important to understand the resumes of the individuals who own shares and assess the likelihood of whether they are the true owners of the stock or whether they are holding the beneficial interest for someone else. In some cases, it may be appropriate to insist on speaking directly with the owners to test their claims. It is also appropriate to conduct independent research on the owners, either by using in-house resources or through the retention of investigative firms.
Overreliance on Representations and Warranties
In the Peanuts Halloween television special, Charlie Brown receives a signed document statement from Lucy that she will not pull the football away from him (as she always does) before he attempts to kick it. He is persuaded to trust her, declaring, “I guess if you have a signed document in your possession, you can’t go wrong.” Lucy still pulls the football away and notes that the document was never notarized.
Similarly, it is often tempting to rely on written representations and warranties in contracts and other agreements to address doubts and concerns about potential business partners. Representations and warranties are a critical part of the due diligence process, in large part to set the expectations for the business partner. For example, it is an important data point whether a potential business partner is willing to sign such representations and warranties or whether it wants to avoid or curtail them. However, representations and warranties generally should not be used to mollify concerns and doubts about the business partner; such issues should be addressed through other means, such as further inquiry before and after any contract. And to the extent that companies expect representations and warranties to protect them from DOJ and/or SEC enforcement in the event that bad facts emerge in the future, they will likely provide little value if the companies accepted the representations and warranties in the face of red flags (as Charlie Brown did).
Evaluating the Business Partner Without Consideration of the Proposed Transaction
Sometimes business people use a binary framework to say that companies are either clean and trustworthy or not. This binary model does not take into account the type of transaction under consideration. But just as individuals have different standards for people whether they are seatmates on the subway or potential spouses, companies must take into account what kind of relationship is under consideration when assessing third parties.
Effectively, this means that companies should apply higher standards for higher risk or more involved relationships. Whereas it may be acceptable to work with a business partner owned by a relative of a government official when buying widgets using market prices, it may be very different in deciding whether to rent a premium office space from that same business partner, let alone entering into a joint venture with that third party.
Lack of Direct Communication Regarding Red Flags or Concerns
Often, due diligence requirements are communicated to a potential business party by someone in the business who wants to engage them (and not the legal or compliance personnel managing the due diligence process determinations). That is a reasonable arrangement, especially in companies with high volumes of due diligence reviews, but in situations where serious concerns or issues have arisen, it is often helpful for the legal or compliance personnel to establish direct communication with the business partner. Direct communication helps to ensure that all communications are trustworthy (and not being funneled through other agents or third parties), and it allows the legal or compliance personnel to directly assess the credibility of the business partner.
Dismissing Reputational Issues, Litigation or Other Conflicts
Due diligence may reveal that while a potential business partner may have a clean record with respect to corruption, the business or its related personnel may have other issues. These issues may include fraud, conflicts of interest, bankruptcy (by related entities), sexual harassment, environment problems, forced labor, sanctions violations and more. In these instances, these problems may be siloed and walled-off from anti-corruption due diligence, but it is better to take a broader look at a potential business partner’s compliance history, as problems in one area (for example, treating other business partners or employees respectfully) may relate to the company’s willingness and ability to engage in corrupt or questionable business transactions.
Overall, third-party due diligence may seem like the challenge in the famous “I Love Lucy” episode when Lucy and Ethel are responsible for wrapping chocolates as they come down a conveyor belt, facing the threat of being fired if they let one chocolate pass them without getting wrapped. It seems manageable as long as the conveyor belt does not move too fast, in which case Lucy and Ethel quickly resort to various shortcuts. With anti-corruption third-party due diligence, however, shortcuts can lead to distressing results for the company, its shareholders and the people responsible for third-party due diligence (among others). Hopefully, this article can help company personnel to avoid these pitfalls.