US Foreign Corrupt Practices Act & Dodd Frank - Written by Barry & Richard on Thursday, May 12, 2011 0:04 - 6 Comments
Is the Bribery Act ban on commercial bribery such a big deal?
Foreign commercial bribery is not prohibited by the US Foreign & Corrupt Practices Act and commentators point to it as a key difference between the US and the new UK Bribery Act.
On Monday we broke bread with Howard Sklar and had a great evening. Howard’s view on the issue (we paraphrase) is that the US is not really enforcing commercial bribery and that for many FCPA compliant US companies to scale up their compliance programs to deal with commercial bribery will be practically unworkable. Existing systems and resources simply could not cope.
As a result Howard favours a wait and see approach for FCPA compliant companies. The UK will not enforce the commercial bribery prohibition the argument goes so why gear up for something which won’t happen.
We disagree with Howard on the lack of enforcement by UK regulators in relation to commercial bribery.
However, there are two sides to the US coin too. Here’s another side.
By David Simon, Foley & Lardner
There is considerable debate over the question of whether the UK regulators will strictly enforce the commercial bribery prohibitions of the UK Act, and, if they do, how aggressively. In the US there have been recent defense challenges to the US DOJ’s broad interpretation of the FCPA’s “foreign official” element to include employees of state-owned enterprises.
To me, these two sets of issues are closely related and the outcomes may impact anti-corruption compliance in significant ways going forward. The key compliance question, in my mind, is whether we are moving toward a regime where commercial bribery is prohibited (and prosecuted) or whether we are moving toward a regime focused on bribery of government officials for official acts.
I think we’re headed toward a world where commercial bribery is prohibited and violations are prosecuted.
The DOJ view: Work for a state owned [insert anything]? You’re a foreign official.
First, some background on the FCPA “foreign official” challenges. For years, the DOJ and the SEC have secured guilty pleas and other enforcement action resolutions that were premised on the payment of bribes to employees of state-owned enterprises. The FCPA itself, however, does not refer to state-owned enterprises, instead relying on a statement that a “foreign official” includes any officer or employee of an “instrumentality” of a foreign government. No clear indication of what this term encompasses is found in either the text of the FCPA or its legislative history. The term thus is ambiguous, in the FCPA context and elsewhere.
Nonetheless, it has been generally accepted in the FCPA compliance world that improper payments to employees of state-owned or controlled entities can subject companies to FCPA liability. Most importantly, it is the view of the DOJ and the SEC that either partial ownership or control can turn even a purely commercial enterprise into one filled with foreign “officials.”
As a result, elaborate compliance systems have been created to track and monitor dealings with SOE customers. With the exception of a few half-hearted challenges, the U.S. regulators’ interpretation of “foreign official” has gone unchallenged.
Until this year.
Time to push back?
Since the beginning of 2011, there have been three serious challenges to the government’s “foreign official” definition. The three cases are: United States v. Noriega et al., Case No. 2:10-cr-01031 (“Lindsey Manufacturing”); United States v. Carson et al., Case No. 8:09-cr-00077 (“Control Components”); and United States v. O’Shea, Case No. 4:09-cr-00629.
As of today, only one of these challenges has been decided by the presiding court. In the Lindsey Manufacturing case, the judge rejected the challenge, concluded that the question of whether the bribe recipients were “foreign officials” was a question of fact for the jury, and that the government had proffered sufficient evidence that the Mexican utility at issue in that case was in fact an “instrumentality” of the state. Just yesterday, a jury found the defendants guilty of violations of the FCPA. This case will not be the final word on the topic. Probably the strongest challenge to the DOJ’s interpretation comes in the Carson/Control Components case. The court held oral argument on the defense motion earlier this week. While the motion to dismiss the indictment was taken under advisement, reports from the argument suggest that the judge will rule similarly to the judge in Lindsey Manufacturing – likely based on similar reasoning. A decision in the O’Shea case is still forthcoming.
These judicial decisions are not likely to settle conclusively the “foreign official” question. In my view, all of these cases are at least susceptible to the argument that the bribe recipient at issue was in fact an instrumentality of the state – i.e., the entity at issue had at least some attributes of what is thought of as traditional government functions, even if they were presented in a commercial setting.
But U.S. regulators have taken a much more expansive view of the meaning of “foreign official” and the question of whether any employee of a straight commercial enterprise that happens to be majority owned by a government qualifies remains open. Thus, such difficult questions as whether government ownership of a purely commercial enterprise that has no indicia of traditional governmental functions or whether the government needs to be in a position of active control still will remain subject to challenge in future cases.
Who cares anyway?
But that begs the question, so what?
The DOJ in particular has been increasingly aggressive in prosecuting straight commercial bribery under the U.S. Travel Act. Even a single interstate or international telephone call, fax, or e-mail can trigger the application of the Act, provided that they are made in furtherance of specific underlying unlawful conduct, which can include not only a violation of the FCPA but also a state law forbidding bribery. In fact, in the Control Components case (where the Carson defendants are fighting about whether a bribe paid to an employee of an SOE is a violation of the FCPA), Flavio Riccoti, an Italian citizen and former CCI employee, pled guilty to violating the FCPA and the Travel Act – in part based on improper payments to purely private, commercial entities.
Similarly, in the corruption case involving the Salt Lake Bid Committee, the Travel Act was used to reach the bribery of private Olympic officials. Further, the DOJ also has access to a number of other statutes that could be construed to reach acts of private bribery, including, among others, the Racketeer Influenced and Corrupt Organizations Act (RICO), the federal mail and wire fraud statute, and anti-money laundering laws. Indeed, even before the FCPA itself was passed, these other statutes were used to prosecute both public and private bribery.
DOJ has a number of tools available to reach private bribery, and it is increasingly willing to use them. Beyond the official actions cited here, DOJ representatives have made it clear that they believe commercial bribery is illegal and that corporate compliance policies should prohibit it. At a recent FCPA conference, one of the chief FCPA enforcers from DOJ, Nat Edmonds, said something to the effect of: “Corrupt payments to commercial entities are illegal. We may not have jurisdiction to prosecute all of them, but that shouldn’t make a difference from a compliance perspective. DOJ believes that US company compliance programs should prohibit conduct that is illegal wherever it occurs.”
Look to the direction of travel
To me, this DOJ view, combined with the UK Bribery Act’s commercial bribery prohibition, presents a fairly easy call for multinational corporations from a purely compliance perspective. Although it is common for corporate compliance programs to focus on bribery of government officials, the distinction is becoming less and less meaningful.
Corporate compliance programs should prohibit any corrupt payments to anyone to obtain or retain business – period. There may be good legal and policy defense arguments to be made if a company is defending an enforcement action premised on commercial bribery, but given all the tools available to prosecute such bribery, both in the United States and abroad, I’d rather my clients not be in that position.
6 Comments
Gents
I would like to take a different perspective from both David and Howard.
I do not believe that is the DOJ which is leading the fight against commercial bribery but that effort is being led by international, as in non-US, enforcement efforts. The UK Bribery Act is but one example but recently Russia, China and India have all passed anti-corruption laws with a commercial bribery component. I think the OECD has led this international effort and I would expect it to continue. Based upon the foregoing, I believe the DOJ use of the Travel Act may be seen in that light.
I would also take a view different from Howard on a couple of points. First I am counseling clients to go ahead and put commercial bribery safeguards in place and not to take a wait and see approach. I believe that there is a fair chance that the initial prosecution for commercial bribery will be made against a non-UK company and I believe that no US company wants to be in the position of being made an example of by being the first prosecution under the Bribery Act. So if a US company has a UK subsidiary I believe the appropriate protections should be put in place, proportionate to the risk.
Second, I do not believe that putting such protections in place will be as difficult as Howard believes because such internal controls should already be in place. The commercial bribery aspects which will need to be managed are travel, entertainment, gifts and hospitality. Every corporation I have worked at already had such controls in place. Indeed for US public companies, such controls are required under SOX. And if they do not have such internal financial controls in place they should do so regardless of their FCPA exposure.
No company I have worked at allowed reimbursement for travel and entertainment without a receipt and description of who attended. Further there were guidelines on the amount which could be spent without supervisory approval. The same was true for gifts, hospitalities and business courtesies. All of these were part of the company’s overall financial controls and there were written policies on each issue. So while these controls and policies may not have resided in the compliance department, I do not think setting up risk management for commercial bribery will require a complete overhaul of a company’s policies and procedure, internal controls and books and records. While such modification may take 10 paces of work, it will not be 100 paces or more.
My advice to clients who may be subject to the Bribery Act is to put controls in place for commercial bribery now and not to wait and see. At some point, you will probably have to do so to comply with other country’s legislation as well as the DOJ’s use of the Travel Act in the context of the FCPA.
I Love the Back and Forth at thebriberyact.com « Howard@OpenAir
[…] 13 May I just wrote a comment on an article at The Bribery Act that is so long it probably deserves its own post here. But instead, I’ll just link to it. […]
Prof Bruce W. Bean
Having practiced for 30 years, both as a corporate partner and a General Counsel, I cannot imagine my advice to a client to be “hope they don’t enforce.” Commercial bribery needs to be tracked for books and records purposes in any case. Commercial bribery is a focus of a compliance system because it is part of the control of a firm’s assets.
The more difficult aspect of the Bribery Act for a compliance program is its extraordinary jurisdictional reach. The Act applies to a firm with “a part” of its business anywhere in the UK; It applies to “associated persons;” it applies to hospitality and facilitating payments. These terms -whatever the UK courts determine that they mean – cannot be ignored.
This dialog is very helpful for those seriously addressing the UKBA. Many thanks to those who participate.
Arguing with Tom is usually a losing proposition. But that’s not going to stop me. (Come on, you’d be disappointed if it did).
First, let’s start with what we agree on. I completely agree that the US isn’t taking the lead on private-sector bribery. Then again, I don’t think anyone is “taking the lead” on prosecuting private-sector bribery. The UK Bribery Act prohibits it, but it remains to be seen whether they prosecute it. Let’s remember that the average investigation/prosecution lead time is 18 months. So the earliest we can expect an actual case is in January 2013. And even then, I wonder whether it will be a private-sector case. I’m not willing to bet against it—I’ve heard some people say that it’s a distinct possibility—but I’m not quite ready to put my own money down either.
And while I think it’s wonderful that China, Russia, and India are passing anti-corruption laws…let’s hope they don’t hurt their arms patting themselves on the back. They have a long, long way to go before anyone takes them seriously. Let’s not forget that these states all already have antibribery laws. In China, they execute people for economic crime, as long as your network of allies isn’t stronger than your competitor’s. In Russia, they have antibribery laws, but they kill the anti-corruption cops there. In India, bribery is against the law, unless you know the right person, and have the right amount of cash, in which case the investigation goes away.
I also agree with Tom that you don’t want to be the first company charged under the UK Bribery Act. I’m not so sure it’ll be a non-UK company, but it wouldn’t surprise me. I’m also not sure that being first will matter that much, but I understand why you wouldn’t want it to be you.
As to Tom’s it-won’t-be-that-expensive argument, we’ll have to agree to disagree. I believe Tom’s argument fails because, in his own words, “such internal controls [preventing or detecting private-sector bribery] should already be in place.” I would place the emphasis in that sentence on the word “should.” I would be very surprised indeed to find a robust anti-foreign-private-sector bribery audit report in any company. It’s just not something that many companies are focused on. There might be controls in place, but I’m not so certain that companies can easily shift gears to have those controls cover private-sector as well.
The reason that I don’t think the controls currently cover private-sector bribery is that the things that we worry about in the FCPA space, meals, gifts, travel, entertainment, etc, just aren’t considered bribes when applied to private sector. Sure, $50,000 in a bag is supposed to be caught by your current internal controls, whether it’s to a government official or not. But a $600 bottle of wine? I don’t think so.
There are mindset issues, training issues, and—most of all in my opinion—there are control scalability problems that will cause massive headaches. There are also what I’ll call “internal marketing” issues. Compliance will need to become more integrated with the sales and marketing departments. These are two areas who traditionally resist compliance the most.
I see also that Professor Bruce Bean has commented, and disagrees with me, saying—and I see his point—essentially that “hope isn’t a strategy.” My response to him is that while I agree that it’s counterintuitive to say “wait and see,” or as he puts it, “hope they don’t enforce,” my argument isn’t so much to ignore it as deprioritize it until the landscape becomes clearer.
Compliance departments have finite budget and resources. There are greater, more definite, more pressing risks to mitigate than the off chance that one piece of one country’s anti-corruption law will be strictly enforced, despite a history that militates to the contrary. While I agree I don’t like telling a company, “hope they don’t enforce,” I also don’t like telling a company, “spent a ton of money, a ton of time, and a ton of political capital on a law that may or may not pose a real risk to you.”
Just one man’s opinion.
This Week in the FCPA # 3 (May 17, 2011) by Thomas Fox & Howard Sklar
[…] Fox and Howard Sklar continue their discussion of the UK Bribery Act, the Lindsey Manufacturing case, the latest SAR Activity Review featuring foreign corruption, […]
David makes some excellent points.
But before I explain why he’s wrong, let me clarify my position on UK enforcement.
I don’t know whether the UK will enforce the private-sector bribery provisions of the UK Bribery Act. Honestly, I’ll be unhappy if they don’t. As I said in London, it’s like the UK government traded in a Taxicab for an Aston Martin, but are going to keep it in the garage.
So it’s not that I think they won’t, I just don’t know that they will. So yes, I do advocate a wait-and-see approach. The main driver (no pun intended) of my wait-and-see isn’t the odds of enforcement, it’s that this particular change will have a dramatic, disproportionate effect on the cost of compliance programs. Because, in my opinion, the cost-benefit analysis is adverse, I would recommend waiting. If they actually enforce, it’ll be worth what it will cost your company to change. If they don’t, it won’t. My natural cynicism says that the MOJ will fold like a napkin once UK companies start screaming about the cost, but that’s just me.
So, on to David’s comments.
David’s basic premise is that the DOJ’s expansive definition of “foreign official,” plus their use of the Travel Act, so closely resembles a commercial bribery prohibition that it’s as if we had one. We are moving, he says, toward a regime that investigates and prosecutes commercial bribery. I respectfully disagree.
He also argues that this state of affairs makes it a “fairly easy call” for multinationals to change their program to prohibit private-sector bribery. My disagreement here is still respectful, but a little less so: I think David is plain wrong on this one.
David is correct in saying that the DOJ’s defining “foreign official” to include SOEs has influenced corporate compliance programs. But when he says that “elaborate compliance systems have been created to track and monitor dealings with SOE customers,” frankly the first thought to go through my head is to ask for the same drugs he’s taking, because they’re obviously powerful and mind-altering. Companies don’t even know how to identify SOEs consistently. Really, companies can barely track and monitor their dealings with straight-up government officials. And even there, it takes a tremendous amount of will, skill, and work to make that happen. Some companies have the will, fewer the skill, and fewer still are companies willing to put in the work. Not because they’re evil, mind you, but because they’re not willing to put that many resources into compliance.
But where I think his argument seriously runs off the rails is where he starts discussing the Travel Act. It’s true that the DOJ has dipped its toe into the water of commercial bribery, in the CCI case and in a couple of others too. But I’ll believe that the DOJ is going into this area in a real way only when they bring a case charging solely the Travel Act. Right now, it’s always—always—been an add-on. They find a public-sector bribery case, and tack on an additional charge. Charging a lesser included offense does not a doctrine make.
At one point, David makes my argument for me: he says—and rightly so—that the DOJ has other weapons at its disposal to charge private-sector bribery. He mentions the RICO Act, mail and wire fraud, and AML laws. So if they have the tools, and the desire, where are all the cases? The DOJ has enough on its hands with public-sector cases; they’re not going to jump into private sector unless it presents as an adjunct to a true FCPA case. They won’t ignore it when it’s in front of their face, but they’re not going looking for it, either.
Without that piece, I think David’s argument falls apart.
I therefore completely disagree when David says that the DOJ’s attitude that all bribery should be banned makes this an easy call for companies. In my view, it’s unclear what the SFO will do, and the DOJ doesn’t do commercial bribery cases without an FCPA entrée. But what really argues against change is the cost of change. Does David have any idea how much these changes would cost? Right now, compliance programs are structured around public-sector only: whatever monitoring they have in place revolves around public-sector, their training all talks about public-sector, they’re interaction with the business is always on the basis of impacting only public-sector, their third-party diligence programs only deal with public-sector. The cost of change will be massive. There is a lack of compliance program scalability that I believe is THE major problem, and no one is talking about it. I’m going to be doing a post about this issue myself in the next day or so.
Plus, let’s not forget all the other violations that compliance programs must prevent or detect. Would you prioritize successful implementation of commercial bribery prohibitions over, say, OFAC violations? Or data privacy issues? Or antitrust issues? All these are significantly more of an actual risk than the DOJ or the SFO bringing a private-sector bribery case.
Ultimately, my argument is that there’s a finite pool of money and people to address these risks, even before you get into—and this is one of my favorite phrases—“control fatigue” issues. Business people just get sick of policies and controls after a while. Attention span is a real limitation.
I’m not saying that commercial bribery is acceptable, but I do think that it’s not a DOJ priority, or an SFO imperative (yet), and, honestly, there are bigger fish to fry.
So, David or Barry…where am I wrong?