No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home FCPA

10 FCPA Myths and Misconceptions, Debunked

by Matteson Ellis
July 11, 2014
in FCPA
10 FCPA Myths and Misconceptions, Debunked

When it comes to FCPA compliance and enforcement, myths and misconceptions abound. I’m not surprised to hear them from foreign business people with limited exposure to the FCPA. I am more concerned when I hear them in boardrooms, from the very executives most often exposed to individual liability under the law. These myths sometimes reflect a mere lack of knowledge about the FCPA. Other times they flow from a more “active” misunderstanding of the law – when employees hear what they want to hear and misconstrue rules in the most convenient way possible.

FCPA misconceptions are dangerous and compliance officers should be alert to them. A compliance program’s value depends on everyone understanding the rules to mean the same thing. This article overviews several common FCPA myths related to compliance and enforcement.

Compliance-Related Misconceptions

1. “Our third party is big and reputable, so we don’t need to vet it.”

Shady, unknown agents and consultants in foreign territories create obvious risk under the FCPA. But third-party intermediaries that are large and established – and their employees – can violate the law too. Just ask Baker Hughes – it settled an FCPA action with the SEC when KPMG paid a bribe to Indonesian officials to reduce the tax liability of its Indonesian subsidiary from $3.2 million to $270,000. Similarly, Pride International, Tidewater Marine, Transocean, Shell and others used the well-known Swiss freight forwarder Panalpina, only to learn that the firm was making payments to customs officials in Nigeria on their behalf. All wound up with FCPA issues.

When relying on larger, established third parties in high-risk jurisdictions, it is particularly important to vet the local operations of these global entities. The local units might not share the same reputations or control structures as headquarters. They might also rely on local partners, who might themselves engage in wrongdoing.

2. “We don’t need to perform due diligence on our lawyers.”

Companies too often assume that their foreign lawyers are exempt from third-party due diligence and monitoring. After all, lawyers are usually bound by stricter codes of ethics and can usually lose their licenses if they engage in corruption. But lawyers have been involved in numerous FCPA enforcement violations. In Stryker, a lawyer served as a conduit for a $46,000 improper payment to Mexican officials so that the company could retain a contract. The TSKJ joint venture in Nigeria, which spawned the series of “Bonny Island” FCPA enforcement actions for improper payments to win EPC contracts, relied on a British lawyer, Jeffrey Tesler, to serve as the bagman. Certain roles for lawyers are high-risk by their very nature, such as when they serve as intermediaries with regulatory or judicial officials (including judges). In some jurisdictions, lawyers have especially poor reputations.

3. “Employees that don’t interact with foreign officials don’t need compliance training.”

Anti-corruption compliance training should not stop with “front-office” employees who interact with foreign officials. Other employees can be pulled into schemes even if they have no connection to an official. Some employees might manage third parties that interact with officials on the company’s behalf, and they should be prepared to spot red flags. Employees in finance manage the accounting controls that help a company spot corruption and that ensure compliance with the FCPA’s accounting provisions. Legal positions are particularly important to a compliance infrastructure, even if their occupants never leave the United States. As such, tailored FCPA training should be given to a wide range of employees to ensure that they know the rules, understand how their functions support FCPA compliance and know where to report knowledge of violations. One of my favorite compliance mantras is: “Everyone is a Controller.”

4. “We have a policy, so we’re fine.”

Executives sometimes think it is enough to adopt an FCPA policy and communicate it to their company’s employees. Unfortunately, that is not the view of enforcement officials. The DOJ and SEC say that there must be a significant check on the back end, too – through testing, monitoring and audits – for a program to be fully effective. It is not enough to promote compliance rules and blindly expect employees to follow them. Detection must also lead to remediation when weaknesses are uncovered.

5. “Risk assessments don’t really matter.”

Companies often adopt policies and launch programs before they have assessed their actual risk profiles. But enforcement officials expect to see a formal risk assessment. This makes sense – without analyzing a company’s actual FCPA risks, it is very difficult to design a credible program to address those risks. Companies can easily waste resources setting up stringent controls for risks they do not face while failing to tailor their “generic” program to address the risks they do face.

Enforcement-Related Misconceptions

6. “This is just a facilitating payment.”

One of the most frequent areas of FCPA misunderstanding relates to the facilitating payments exception. It is not uncommon to hear someone describe a $15,000 customs payment or a $9,000 immigration payment as a “facilitating payment,” when they clearly are not. The facilitating payments exception is quite limited. To qualify, a payment must be made to expedite or secure a “routine government action” and the official action must be non-discretionary (i.e., the official must have no legal basis to refuse to provide the service). While there is no statutory value limit on facilitating payments, in practice it would be very difficult to justify a four-figure payment as a facilitating payment.

The lack of statutory specificity seems to encourage creative interpretations of the facilitating payments exception. To address this, compliance officials should be careful to point out that any sizable payment, even one that might arguably fit within the exception, can invite the scrutiny of enforcement officials. This means that, even if a company were to prevail in its view that a large payment qualifies for the exception, that victory would come only after the disruption and expense of a formal investigation. Moreover, other international anti-corruption laws, like the UK Bribery Act, still prohibit facilitating payments.

7. “But the payment was extorted.”

Legitimate extortion payments can constitute exceptions to the FCPA – the FCPA Guidance provides that “payment[s] made in response to imminent threats to health and safety do not violate the FCPA.” If an official holds a gun to an employee’s head or is about to poke the employee with a dirty needle at immigration, bribe payments will not be considered FCPA violations.

The problem occurs when companies try to stretch the exception to other types of threats. Commercial necessity does not trigger the exception. Holding goods at customs unless an employee pays a bribe would not qualify. Therefore, all explanations of economic coercion should be considered suspect. A general rule of thumb, as provided in the FCPA Guidance, deals with whether the payor “could have turned his back and walked away.”

8. “The employee used his or her own funds, not the company’s.”

Suggesting that improper payments benefiting a company were not made with company funds raises a lot of questions, including “why?” Very few employees are willing to spend their own money on behalf of their employer. Employees paying bribes for a company’s benefit likely have a plan for getting paid back. This could be through fraud or theft. They may have made other arrangements with account managers, third parties or their supervisors. The fact that an employee is making personal payments to benefit the company, and that a company’s compliance program is not preventing such activity, could also be evidence of controls failures at the company, which could constitute FCPA “internal controls” violations themselves. Moreover, if the company is ultimately benefiting, the government could assert that the company was part of a conspiracy to violate the FCPA.

9. “We’re not a big company. The government won’t apply the FCPA to us.”

It is true that large multinational corporations are regularly in the crosshairs of FCPA enforcement. But smaller companies can be subject to enforcement, too. In fact, smaller companies are often more vulnerable because they are more likely to go out of business as a result of an FCPA investigation. For example, in 2013, the Wall Street brokerage firm Direct Access Partners was caught up in an investigation, and it only had 30 employees. As a result, the firm went out of business. The small Philadelphia-based export company, Nexus Technology, pled guilty to conspiracy to violate the FCPA and went out of business.

10. “The FCPA applies only to large payments.”

Not so. There is no materiality threshold for an FCPA violation. Moreover, FCPA actions have been built on a series of smaller payments that, in the aggregate, amount to significant expenditures. This can include not only payments of money, but things like gifts and entertainment, as well. For example, Diageo gave rice cakes and other gifts in South Korea ranging in value from $100 to $300 per recipient that, in the aggregate, amounted to $64,184 over four years (that action involved payments in other countries, too). The current “princeling” investigation into the activities in China of various banks does not appear to deal with specific monetary payments; instead, it focuses on firms that provided jobs to children of high-ranking Chinese officials.

Even if authorities are less likely to prosecute companies for individual smaller payments, the detection of smaller payments can prompt wider investigations to determine whether those small issues are actually systemic. These investigations, in themselves, can be costly and disruptive. Thus, by assuming that authorities are only interested in large payments, companies run the risk of ignoring the full picture.


Previous Post

Communications Challenges of the Valeant/Pershing Square Bid for Allergan

Next Post

Orthofix International Names New Compliance Director in Latin America

Matteson Ellis

Matteson Ellis

Matteson Ellis serves as Special Counsel to the FCPA and International Anti-Corruption practice group of Miller & Chevalier in Washington, DC.  He is also founder and principal of Matteson Ellis Law PLLC, a law firm focusing on FCPA compliance and enforcement. He has extensive experience in a broad range of international anti-corruption areas. Previously, he worked with the anti-corruption and anti-fraud investigations and sanctions proceedings unit at The World Bank. Mr. Ellis has helped build compliance programs associated with some of the largest FCPA settlements to date; performed internal investigations in more than 20 countries throughout the Americas, Asia, Europe and Africa considered “high corruption risk” by international monitoring organizations; investigated fraud and corruption and supported administrative sanctions and debarment proceedings for The World Bank and The Inter-American Development Bank; and is fluent in Spanish and Portuguese. Mr. Ellis focuses particularly on the Americas, having spent several years in the region working for a Fortune 50 multinational corporation and a government ethics watchdog group. He regularly speaks on corruption matters throughout the region and is editor of the FCPAméricas Blog. He has worked with every facet of FCPA enforcement and compliance, including legal analysis, internal investigations, third party due diligence, transactional due diligence, anti-corruption policy drafting, compliance training, compliance audits, corruption risk assessments, voluntary disclosures to the U.S. government and resolutions with the U.S. government. He has conducted anti-corruption enforcement and compliance work in the following sectors: agriculture, construction, defense, energy/oil and gas, engineering, financial services, medical devices, mining, pharmaceuticals, gaming, roads/infrastructure and technology. Mr. Ellis received his law degree, cum laude, from Georgetown University Law Center, his masters in foreign affairs from Georgetown’s School of Foreign Service, and his B.A. from Dartmouth College. He co-founded and serves as chairman of the board of The School for Ethics and Global Leadership in Washington, D.C. He is a member of the District of Columbia, Texas, New York, and New Jersey bar associations. Mr. Ellis is also author of The FCPA in Latin America: Common Corruption Risks and Effective Compliance Strategies for the Region.

Related Posts

NAVEX Top 10 Risk and Compliance Trends 2023 ebook

Top 10 Trends in Risk & Compliance for 2023

by Corporate Compliance Insights
March 29, 2023

Industry experts predict the risk and compliance trends we're likely to see in 2023 eBook Top 10 Trends in Risk...

parliament

Coming Soon to the UK: Sweeping Corporate Criminal Liability Reforms?

by Peters and Peters
March 28, 2023

UK legislators have proposed major amendments to the Economic Crime and Corporate Transparency Bill currently passing through Parliament. If adopted,...

wind turbines

What Companies Around the Globe Need to Know About EU Sustainability Reporting

by John Peiserich
March 28, 2023

By the beginning of next year, large companies in the EU or that do a substantive amount of business in...

amsterdam

At a Gathering of Compliance Practitioners, No Shortage of Food for Thought

by Mary Shirley
March 28, 2023

Last week, about 300 ethics and compliance professionals descended upon Amsterdam’s Hotel Okura to participate in SCCE’s European Compliance &...

Next Post
navex logo

Orthofix International Names New Compliance Director in Latin America

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT