Is Your Company in Denial About FCPA Risk?

If your company conducts significant business overseas, you’ve likely heard a four-letter “F” word uttered in more than a few meetings.

Assuming you work in a professional setting, I’m not thinking of the first “F” word that probably comes to mind. No, I mean the FCPA, short for the Foreign Corrupt Practices Act. Enacted in 1977, the FCPA generally prohibits U.S. businesses and their employees from bribing foreign government officials to win business or to obtain improper competitive advantage. For public companies that file reports with the U.S. Securities and Exchange Commission, the FCPA also was the genesis of the now-familiar laws that require accurate accounting entries and effective internal controls.

Over the past decade, FCPA compliance has become one of the highest law-enforcement priorities at both the SEC, which has jurisdiction to seek and impose civil penalties, and the U.S. Department of Justice, which can pursue criminal fines and imprisonment for violations. Each agency filed nearly twice as many FCPA enforcement cases in 2010 as it did in 2009, and each has significantly beefed up its FCPA enforcement staff in recent years. According to various media reports, the DoJ currently has at least 130 criminal FCPA investigations open.

The government’s most recent FCPA target was liquor giant Diageo plc. Just last week, the company agreed to pay $16 million to settle civil SEC charges that it improperly accounted for suspicious payments to government officials in Thailand and South Korea and lacked effective internal controls to prevent or detect the payments.

Are you and your company at risk for FCPA liability? If you don’t think so, read further. Below are five of the most common false comforts taken by executives at U.S. companies.

FCPA Fallacy #1: Our foreign sales are too immaterial to create FCPA risk.
Even a nominal bribe to secure a modest contract can trigger FCPA liability for both the company and anyone who authorized or approved it. In fact, one of the few undisputed points about the FCPA is that neither the amount of an illicit payment nor the volume of business it helps secure has to be material for liability to arise. Materiality may affect the harshness of the penalties that regulators ultimately impose but not their decision over whether the law was violated.

FCPA Fallacy #2: None of our foreign customers are governmental departments or agencies.
The DoJ and SEC have adopted an expansive view of who is a foreign official under the law. For example, they say employees of commercial businesses that are even partially owned by foreign governments can be officials, and the courts have agreed with that interpretation. In recent months, two federal courts sided with the government’s view that employees of a Mexican electrical utility could be considered foreign officials under the FCPA. Using similar reasoning, the DoJ and SEC have long considered doctors and nurses at hospitals owned by foreign governments, as well as executives and employees of state-owned banks and state-owned oil companies, to be foreign officials.

FCPA Fallacy #3: Our employees never interact directly with anyone from foreign governments.
Nowadays, few FCPA penalties result from illicit payments that U.S. companies make directly to foreign officials (however defined). The majority of cases involve payments made indirectly by third parties such as local sales agents, distributors, joint venture partners, and consultants (including foreign lawyers and tax accountants). Does local management of a subsidiary depend on such third parties to interact with your governmental customers or regulators, particularly in the belief that they are an effective buffer of protection from a corrupt business environment? If so, consider giving these relationships closer scrutiny. As far as the DoJ and SEC are concerned, if anyone at your company has reason to suspect that a third party is making illicit payments on your company’s behalf and doesn’t interfere, that person and the company could face FCPA liability.

FCPA Fallacy #4: We’re better off not knowing what our foreign personnel and agents do to get business done.
It is generally true that people can’t be convicted if they lacked any awareness that a crime was being committed. But the DoJ and SEC have taken extremely aggressive positions regarding what they consider “willful blindness,” lax internal accounting controls, and failures to conduct “due diligence” in connection with foreign transactions and the retention of foreign business partners. The law in this area remains murky. And regardless of the potential legal consequences, it is rarely a good business practice to ignore how your foreign business is being conducted.

FCPA Fallacy #5: Everybody else does it and never gets caught.
If your competitors in a particular country are making illicit payments to secure business, chances are high that eventually one or more of them will be investigated by the DoJ and SEC. Indeed, they (or even one of your disgruntled former employees or agents) may already be under investigation and earning leniency by building a case against your company without you knowing it. And consider this: Once any investigation is under way, the enforcement agencies will undoubtedly assume that “birds of a feather flock together” — that is, if one company in the marketplace is making illicit payments, others are likely doing so as well.

Russell G. Ryan, a former assistant director of the SEC’s Division of Enforcement, is a partner in the Washington, D.C., office of the law firm King & Spalding LLP.