The Biden administration has signaled numerous cross-border enforcement updates that carry compliance implications, including updated anti-corruption, financial and sanctions measures.
President Biden has repeatedly promised to make the fight against corruption in the U.S. and abroad a central part of his administration. He has nominated a Securities and Exchange Commission (SEC) chairman who many expect to increase SEC regulatory and enforcement activity. Now, as we near the end of President Biden’s first 100 days, this article will review the new administration’s key priorities and trends in areas that will impact compliance officers at multinational companies and recommend ways their cross-border compliance programs can address these areas.
Biden’s pre- and post-campaign statements, and those of key cabinet members, indicate that new anti-corruption investigations and prosecutions may once again increase. Prior to taking office, Biden stated that he would “issue a presidential policy directive that establishes combating corruption as a core national security interest and democratic responsibility, and [he] will lead efforts internationally to bring transparency to the global financial system, go after illicit tax havens, seize stolen assets … and make it more difficult for leaders who steal from their people to hide behind anonymous front companies.”
Biden is expected to issue this policy directive in connection with an international “Summit for Democracy,” at which he will rally support for the fight against corruption. After taking office, in an Interim National Security Strategic Guidance document, Biden blamed many ills of society on corruption. Echoing Biden’s emphasis on anti-corruption, National Security Advisor Jake Sullivan stated one of his chief goals is to “rally our allies to combat corruption and kleptocracy … and to hold systems of authoritarian capitalism accountable for greater transparency and participation in a rules-based system.”
In addition, the Department of Justice (DOJ) and the SEC will likely continue, and even accelerate, cooperation with foreign regulatory authorities in anti-corruption investigations, placing an increased emphasis on the overseas operations of U.S. companies. Shortly before Biden took office, in remarks delivered at the American Conference Institute’s 37th Annual Conference on the Foreign Corrupt Practices Act (FCPA), former Acting Assistant Attorney General Brian C. Rabbitt stated that many of the DOJ’s corporate resolutions in 2020 included coordination with foreign enforcement authorities, which constitute “an increasingly important aspect of our work.” Moreover, as more countries enact anti-corruption laws and recognize the political and economic benefit of bringing anti-corruption investigations and cases with the U.S., cross-border regulatory cooperation likely will increase.
Companies with operations in Latin America should pay particular attention, due to the U.S.’s focus on anti-corruption efforts there. Indeed, the DOJ’s first FCPA charges this year were against two Ecuadorian citizens on allegations that they used a Florida account to pay bribes in connection with a money-laundering scheme involving Ecuador’s police pension fund. We may also see an increased focus on Central America specifically. While campaigning, Biden pledged to address “endemic corruption” in Central America and called to create a new section in the Treasury Department’s Office of Foreign Asset Control to investigate corruption in the “Northern Triangle” – Guatemala, El Salvador and Honduras; provide additional funding to train prosecutors in specialized anti-corruption policies and procedures; and establish a regional commission to fight corruption.
US wants life in prison for brother of #Honduras president. #AML expert @robertmazur writes about the case and #DOJ's continuing effort to dismantle multi-national drug network. https://t.co/xfph2q4rYT
— Corporate Compliance Insights (@cci_compliance) March 30, 2021
The U.S. now has additional law enforcement tools to investigate overseas conduct. Under the Anti-Money Laundering Act of 2020, contained within the broader National Defense Authorization Act (NDAA), the DOJ and Treasury Department were authorized to subpoena non-U.S. banks for records from any account at the bank anywhere in the world, as long as the bank has a U.S. correspondent bank account (see National Defense Authorization Act for Fiscal Year 2021, H.R. 6395, 116th Cong. (NDAA), at § 6308; 31 U.S.C. § 5318 (as amended)).
This new power is particularly noteworthy in light of recent federal court decisions allowing wire fraud and money laundering charges to be brought against foreign actors for conduct occurring overseas where the only domestic activity consisted of wires through the U.S. (see, e.g., United States v. Napout, 963 F.3d 163 (2d Cir. 2020); United States v. Hussain, 972 F.3d 1138 (9th Cir. 2020); United States v. Grubisich, No. 16-CR-102(RJD) (E.D.N.Y. Oct. 22, 2020), ECF No. 69).
The NDAA also included the Kleptocracy Asset Recovery Rewards Act (KARRA), which establishes a pilot whistleblower reward program for those who help the government identify and recover foreign funds tainted by corruption that are located in the U.S. (see NDAA at §§ 9701–9703 (2020)). Intended to strengthen both FCPA and related civil asset forfeiture cases, the new KARRA whistleblower regulations are expected to be similar to those of the SEC, although the potential awards under KARRA are currently more limited. Since 2012, the SEC whistleblower program has yielded successful results for the government, having awarded approximately $759 million to 142 individuals. Notably, the SEC receives numerous tips from, and pays substantial bounties to, individuals located abroad. Just this past March, the SEC awarded over $5 million to joint whistleblowers located abroad whose tips resulted in a successful enforcement action. KARRA’s purpose of identifying illicit foreign funds should similarly lead to the program’s broad use by individuals located overseas.
U.S. sanctions enforcement is expected to remain robust, although priorities may change. Administration officials have vowed to be “laser focused” on national security, and to “use … our sanctions regime to hold bad actors accountable.” While sanctions enforcement concerning certain countries, such as Iran, might remain the same, at least for the near future, U.S. regulators may increase focus on other countries, including Russia, China and North Korea. We may also see an increase in sanctions against entities and individuals in the Northern Triangle countries discussed above. The recently passed Northern Triangle Enhanced Engagement Act requires publication of a list of corrupt and undemocratic actors from the Northern Triangle who will be denied entry into the U.S. (see 22 U.S.C. § 2277a). The act may also lead to sanctions activity against identified individuals.
The administration may also shift the focus of new sanctions to penalize foreign individuals and entities involved in human rights violations. Recently, the U.S., alongside Canada, Britain and the EU, announced sanctions on Chinese officials with links to a genocidal campaign against Uyghur Muslims. This followed the U.S.’s announcement of sanctions on 24 individuals linked to China’s crackdown on democracy in Hong Kong. In general, we should expect more international coordination here, due to the administration’s emphasis on building international support for its sanctions.
On March 22, @SecBlinken announced the Global Magnitsky sanctions issued in concert with Canada, the UK & the EU against top officials with two PRC entities that carry out Beijing’s repressive policies against Uyghur & other ethnic minorities in Xinjiang. https://t.co/LZ8TGIEyPX
— U.S. Asia Pacific Media Hub (@eAsiaMediaHub) April 3, 2021
As discussed below, U.S. companies with international operations should ensure that their compliance programs account for the Biden administration’s new sanctions priorities.
Specific Items Related to Financial Institutions
The SEC is expected to increase regulation and enforcement activity under incoming chairman Gary Gensler, an aggressive regulator as Commodity Futures Trading Commission (CFTC) chair under President Obama. This has a number of implications for financial institutions with cross-border operations.
Since Gensler has not yet been confirmed and other senior positions at the SEC, such as director of enforcement, have not yet been filled, it is difficult to forecast these areas with specificity. However, certain areas of cross-border enforcement were recently forecast in the SEC’s 2021 Examination Priorities. The SEC identified fintech – providing advice and services to clients through automated investment tools, platforms and mobile applications – as a focus and stated that its examinations will evaluate whether firms are operating consistently with their representations and handling customer orders in accordance with customer instructions. It will also review compliance around trade recommendations made in mobile applications. In July 2020, the European Commission also announced that the European Securities and Markets Authority would review regulation of fintech throughout Europe. As both U.S. and EU regulators are focused on fintech issues, cross-border coordination and cooperation in fintech investigations are anticipated. For example, in June 2020, the New York Department of Financial Services and the French Authorité de Contrôle Prudential et Résolution entered into a memorandum of understanding to boost cross-border fintech cooperation.
The SEC also stated that it will continue to prioritize examinations of anti-money laundering (AML) compliance at broker-dealers and registered investment companies. The SEC will assess, among other things, whether firms have established appropriate customer identification programs and whether they are satisfying their Suspicious Activity Report filing obligations, conducting due diligence on customers, complying with beneficial ownership requirements and conducting robust and timely independent tests of their AML programs.
Aside from examination priorities, we may see an increase in cross-border investigations and cases brought by the SEC for market manipulation. In 2020, both U.S. and U.K. regulators escalated investigations and sharpened their focus on a specific type of market manipulation known as spoofing – the practice of placing sham orders to artificially inflate or depress the value of a security and then making bona fide trades on the opposite side of that order to take advantage of the manipulated price.
Over the past several years, U.S. regulators have brought several spoofing actions for overseas conduct, with varying degrees of success. The CFTC initiated an aggressive anti-spoofing regime under Gensler, and the SEC appears to have already begun increasing its spoofing enforcement activity. In 2020, the commission entered into two settlements with traders and financial institutions in alleged spoofing cases.
U.K. regulators have also increasingly focused on alleged market manipulation and spoofing. In March 2020, the Financial Conduct Authority disclosed several active spoofing investigations. Its focus on spoofing is expected to continue through 2021 and beyond. We can expect coordination between U.S. and U.K. regulators in this area to increase.
What This Means for Compliance Officers at Multinational Companies
Given the Biden administration’s key priorities and trends, compliance officers at multinational companies should ensure that their companies’ compliance programs are well designed to prevent and detect potential misconduct in their overseas operations. To start, compliance officers should refer to the guidance issued by U.S. regulators for assessing the effectiveness of corporate compliance programs, including the DOJ’s Evaluation of Corporate Compliance Programs, the DOJ and SEC’s FCPA Resource Guide, and the Framework for OFAC Compliance Commitments. These guidelines share several common core elements, including:
Risk assessment: A critical component of a well-designed compliance program is the quality of a company’s risk assessment and the manner in which the company’s compliance program is tailored to the risk assessment results. Companies should ensure that their risk assessments include their overseas operations.
Policies, procedures and internal controls: Companies should integrate all of their operations into their compliance structure and devote appropriate resources to policies, procedures and internal controls aimed at preventing and detecting potential misconduct in their overseas operations. Based on the new administration’s expected priorities, compliance officers should focus on anti-corruption and AML compliance. Compliance programs should maintain robust procedures that identify and prohibit potentially unlawful payments to foreign government officials and employees of state-owned or state-controlled businesses and other suspicious activity. Compliance programs should include strong protocols for vetting and managing relationships with third-party agents and business partners. Moreover, companies should ensure that their sanctions compliance programs are updated to reflect the new administration’s priorities. Sufficient resources should be allocated to “know your customer” diligence practices in high-risk areas.
Financial institutions should also ensure that they have appropriate policies, procedures and internal controls for any fintech operations and that prohibit market abuse practices such as spoofing. Financial institutions should monitor and supervise the activity of their overseas traders and proactively investigate any instances of potential misconduct.
With the ongoing impact of COVID-19, companies will continue to have significant remote footprints. The challenges of compliance in a remote environment make it even more important to consider implementing data analytics into compliance programs, for both domestic and overseas operations. The DOJ has raised expectations for companies to use data analytics in order to monitor the effectiveness of their compliance programs and identify potential misconduct.
Training: Companies should ensure that training curricula include identified risks in their overseas operations and that training is rolled out to overseas locations, as appropriate.
Finally, compliance officers should ensure that their companies’ whistleblower complaint policies are robust; encourage employees, wherever located, to internally report compliance concerns or suspicious activities; and include procedures to thoroughly investigate foreign and domestic complaints and tips.
By maintaining an up-to-date, risk-based global compliance program, companies can avoid or mitigate their potential exposure to the new local and international enforcement priorities of U.S. regulators.