Saturday, December 14, 2019
Corporate Compliance Insights
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home FCPA

Inconsistencies in FCPA Enforcement: Key Considerations for a Potential FCPA Voluntary Disclosure

Two Recent Resolutions and the Pros and Cons of Self-Disclosure

by Lindsey Fetzer, Thad McBride and Abby Yi
November 11, 2019
in FCPA, Featured
FCPA in neon on black brackground

In multiple recent cases, it seems the DOJ has softened its approach on charging self-disclosing companies for FCPA crimes involving aggravated circumstances. Bass, Berry & Sims’ Lindsey Fetzer, Thad McBride and Abby Yi discuss the implications.

The U.S. Foreign Corrupt Practices Act (FCPA) does not mandate self-disclosure of potential violations.[1] However, when determining whether to charge a corporation and how to resolve such matters, prosecutors take into consideration a company’s timely and voluntary disclosure of a violation and its cooperation with the government’s investigation, among other factors. Accordingly, some companies choose to self-disclose potential FCPA violations to the U.S. Department of Justice (DOJ). Others decide not to self-report. Companies must carefully consider the costs and benefits of a self-disclosure to the DOJ.

This article:

  • Examines recent policy changes surrounding voluntary disclosure, including the March 2019 revised FCPA Corporate Enforcement Policy (Enforcement Policy).
  • Considers two recent enforcement actions illustrating the factors companies should evaluate when deciding whether to self-report violations of the FCPA.
  • Provides guidance on factors to consider when evaluating whether to disclose a potential FCPA violation.

FCPA Corporate Enforcement Policy

In recent years, the DOJ has been updating its guidance in part to incentivize companies to make voluntary disclosures of FCPA violations. The most recent update was announced in March 2019. Under the March 2019 revised Enforcement Policy, self-reporting companies will receive presumption of a declination, absent aggravating circumstances, provided that the company fulfills the following requirements:

  • Makes a voluntary disclosure: The voluntary disclosure must be made “within a reasonably prompt time” after the company became aware of the misconduct. The disclosure must include all relevant facts known to the company, including the identity of individuals substantially involved in the misconduct. The disclosure of individuals “substantially” involved in the misconduct is a shift from the previous policy, which required disclosure of all individuals involved in the misconduct, regardless of role.
  • Fully cooperates: Self-disclosing companies are required to fully cooperate. This requires timely disclosure of relevant facts and documents, including documents located overseas and documents in the possession of third parties. Companies are also required to, when requested, produce witnesses for interviews, including overseas employees and agents.
  • Demonstrates timely and appropriate remediation steps: The self-reporting company must remediate the misconduct at issue, which includes a “root cause” analysis, implementation and/or enhancement of a compliance program, and disciplinary measures. Additionally, companies must take appropriate measures to retain business records, including the implementation of policies on the use of ephemeral messaging.

Even if the above steps are taken, the presence of one or more aggravating factors can rebut the declination presumption. Aggravating circumstances include involvement of senior executives in the misconduct, significant profit from the misconduct, pervasiveness of the misconduct within the company and whether the company is a repeat offender.

Case Studies: Lessons from Real-World Scenarios

First Case: A Declination Despite the Presence of an Aggravating Factor

The first case study involves the DOJ’s decision to issue a declination despite the presence of one aggravating factor: criminal misconduct by two senior executives.

In September 2016, a U.S. public company reported to the DOJ and the U.S. Securities and Exchange Commission (SEC) its investigation into potential FCPA violations. The misconduct involved two senior executives who allegedly authorized payment to foreign government officials. The payment was made through a third-party intermediary to secure a required license for the development of an office park. The bribes totaled more than $2 million related to this project. Furthermore, the company apparently concealed the bribe by falsifying invoices.

Despite the fact that senior executives were involved in the bribe payments to foreign officials (an aggravating factor), the DOJ declined to prosecute the company for FCPA violations. According to the DOJ, the declination decision was made on the basis of extraordinary cooperation. In particular, the DOJ highlighted that the company:

  • Promptly and voluntarily disclosed the violations upon learning of them.
  • Conducted a thorough and comprehensive investigation of the matter.
  • Provided full and proactive cooperation in the matter.
  • Agreed to pay a civil penalty and disgorge an amount “fairly attributable to the bribery conduct.”
  • Took significant steps to remediate the misconduct, including terminating the employment of and disciplining employees involved in the misconduct.

In addition, in connection with the declination, the company agreed to continue to fully cooperate with the DOJ’s ongoing investigations.

Following the declination, the DOJ individually charged the executives involved in the misconduct, holding them individually responsible.

Second Case: A Non-Prosecution Agreement Despite Voluntary Disclosure

The second case study illustrates the importance of undertaking a comprehensive internal investigation to understand the full scope of potential misconduct, promptly remediating that misconduct and providing full and proactive cooperation after self-reporting.

This matter involved an international health care company. Despite making a voluntary disclosure of the misconduct to both the DOJ and the SEC, the company settled FCPA-related charges with the DOJ through a non-prosecution agreement (NPA), which required the company to pay a criminal penalty and retain an independent compliance monitor. The company also settled charges with the SEC and agreed to disgorge ill-gotten profits. This company did not receive a declination of prosecution.

Between 2007 and 2016, the company made improper payments to custom officials and health care professionals employed by state-owned enterprises in over 10 countries. To make these improper payments, the company reportedly used schemes such as sham contracts for services never rendered, lavish gifts and entertainment, cashing checks made out to employees to make a cash bribe payment and falsifying invoices and other documents.

When electing to resolve the allegations through an NPA – rather than declining to prosecute – the DOJ pointed to the company’s failure to: (1) promptly respond to certain DOJ requests and (2) provide fulsome responses to the DOJ’s requests for information. The DOJ also pointed to the pervasiveness and breadth of the misconduct. In addition, the DOJ noted that the misconduct continued in certain countries until four years after the company’s voluntary disclosure. Although the company did not qualify for declination because of the cited factors above, it received a settlement reduction of 40 percent below the low end of the U.S. Sentencing Guidelines fine range.

Conclusion

Under the Enforcement Policy, the DOJ provides specific benefits to companies that cooperate in the context of FCPA violations. The evidence of those benefits can be found in the 12 declinations (including the company described above) the DOJ has announced to date under the Enforcement Policy – and under its predecessor pilot program – since June 2016.

Nevertheless, companies evaluating whether to self-report violations of the FCPA should carefully consider whether the potential benefits of voluntary disclosure outweigh the risks. The risk calculus is complicated and fact-intensive. Companies considering whether to self-report potential FCPA violations should consider the following factors:

  • Whether the company is a recidivist.
  • The scope of the internal investigation.
  • The seriousness and pervasiveness of the misconduct, including the presence of aggravating factors such as senior executive involvement and associated dollar amount.
  • The likelihood of similar, but undiscovered, misconduct in other locations or countries in which the company operates.
  • Whether the company is in a position to make a “timely” disclosure.
  • The likelihood of the ability to fully cooperate with the DOJ, including the production of documents and witnesses, both within the United States and overseas.
  • The company’s ability to pay the estimated restitution dollar amount.
  • The company’s compliance program and internal controls and their willingness to enhance that program.
  • Whether the company has implemented policies regarding ephemeral messaging.
  • The likelihood of exposure to parallel investigation by another regulator, such as the SEC or a non-U.S. government, and civil litigation (g., shareholder lawsuit).
  • If the company is publicly owned, the likelihood of a whistleblower complaint of the misconduct being filed with the SEC if the company chooses not to self-report.

There is surely a benefit to the certainty that comes with disclosing an issue to the government, investigating it fully, remediating the shortcomings identified and concluding the matter with something of a clean slate. This is particularly true for an issuer of securities, which likely would have to re-state its books and otherwise adjust securities filings upon learning of significant issues. On the other hand, it is also true that there are significant costs to self-disclosing companies, even when a declination is received. It is therefore critical for companies to think carefully about all the benefits and all the costs of making a disclosure to the government.

 


[1] The FCPA is the primary U.S. anti-corruption law that criminalizes bribery payments made by companies to foreign government officials in an effort to obtain or retain business.


Tags: DOJfcpa enforcement actionsSEC
Previous Post

Managing the Impact of AML Compliance: Technology vs. Human Capital

Next Post

The Unaoil Exec's Guilty Pleas: The Ahsanis' Criminal Information

Lindsey Fetzer, Thad McBride and Abby Yi

Lindsey Fetzer is a member at Bass, Berry & Sims PLC in the firm’s Washington, D.C., office. She focuses her practice on white collar and corporate compliance matters, including health care fraud and abuse issues, representing clients in foreign and domestic matters involving the DOJ, SEC and other primary enforcement agencies.

 

 

Thad McBride is a member at Bass, Berry & Sims PLC in the firm’s Washington, D.C. office. He counsels clients on compliance with and investigations involving the FCPA, economic sanctions and embargoes, export and import controls and other U.S. trade laws.

 

 

Abby Yi is an associate with Bass, Berry & Sims PLC in the firm’s Washington, D.C., office. She works with clients on white collar and corporate compliance matters.

Related Posts

change is coming text on city background at sunset

Future-Proofing the Compliance Professional

December 13, 2019
futuristic technology projecting 2020 in white text

The Future of Data Privacy Regulation

December 12, 2019
illustration of businessmen shaking hands through smartphone screens

FINRA Reveals Top Areas of Interest: Supervision and Digital Communications Compliance Programs

December 12, 2019
new york city skyline at sunset

The Early Days: The Birth of the Independent Monitoring Concept

December 11, 2019
Next Post
Unaoil whitepaper graphic with gavel

The Unaoil Exec's Guilty Pleas: The Ahsanis' Criminal Information

Free Downloads

OFAC whitepaper cover
Compliance Job Interview Q&A
Reputation Risk Management Research

RSS SEC Litigation News

  • John Special, Defendant, and Michael Murphy, Relief Defendant, John Kenneth Davidson December 12, 2019
    SEC Obtains $3 Million Settlement in Insider Trading Action
  • Palm Beach Atlantic Financial Group, LLC and William A. Smith December 11, 2019
    SEC Charges Florida Resident and His Corporate Entity for Fraudulent Securities Offerings
  • Nanotech Engineering, Inc., Michael James Sweaney (also known as Michael Hatton), David Sweaney, and Jeffery Gange December 11, 2019
    SEC Obtains Asset Freeze to Halt Alleged Offering Fraud

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks Big Data blockchain board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management corporate culture corporate governance culture of ethics cyber risk data analytics data breach data governance decision-making Dodd-Frank DOJ due diligence fcpa enforcement actions GDPR GRC HIPAA information security internal audit internet of things (IoT) KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • Audit
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • HR Compliance
  • Leadership and Career
  • News
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights