New FCPA Team at the SEC 1

There has been a lot of buzz about the new FCPA team at the SEC. We asked Richard Grime to tell us how the team might change anti-bribery enforcement. Richard, currently a partner in O’Melveny’s Washington office, spent over nine years in the Division of Enforcement at the U.S. Securities and Exchange Commission in Washington, DC. In his last four years at the Commission he was an Assistant Director.

* * *

“On August 5, 2009, Robert Khuzami the SEC’s Director of the Division of Enforcement announced the creation of five specialized units within the Division. One of the groups will be dedicated to the FCPA with a mandate to “focus on new and proactive approaches to identifying violations.” No announcement has been made on who will be the FCPA Unit Chief.

Typically, FCPA cases at the SEC are investigated at each of the agency’s regional offices as well as in Washington. That practice was part of a deliberate program begun 4-5 years ago to push significant investigations out to the regional offices rather than focus all of them in Washington. The approach complicated the relationship with the principal FCPA criminal enforcement body — the Fraud Section at the Department of Justice — because all of its resources are based in Washington and no criminal FCPA case can be filed without its approval.

Now, assuming the FCPA unit chief will be based in Washington, there should be greater coordination and cooperation between the two agencies, both in the prioritization of investigations and in the conduct of investigations. Through this change, the agencies will also be able to pool resources.

Ultimately, if the FCPA unit reaches its full potential, we will likely see the following trends:

• more cases developed with the SEC’s overseas counterparts, as relationships are deepened rather than being based on one-off cases;
• lessons learned about corrupt payment methods will be applied in subsequent cases;
• industry-wide investigations will become more common, as members of the FCPA unit compare notes about different but related investigations; and
• cases should move more quickly.

Much will depend on the composition of the new Unit, but it has the potential to reshape FCPA enforcement and will inevitably compete with the DOJ for its share of the limelight. Companies subject to the FCPA should establish, maintain, reinforce, and most importantly test and refine their FCPA programs to match the increased risks they will face. In the current economy, finding those compliance resources is a challenge but the message from Director Khazami is clear — FCPA enforcement is and will remain a key priority for the SEC.”

Caveat Emptor: Getting a Grip on Pre-M&A Due Diligence 1

It’s been a busy year for Billy Jacobson. Last year, he was working FCPA cases as Assistant Chief of the Fraud Section at the Department of Justice. More recently, he became a partner in the Washington office of Fulbright & Jaworski. And then, to complete the hat-trick, he joined Weatherford International as Vice President and Chief Compliance Officer. It’s safe to conclude that he has seen most FCPA challenges from all angles. We asked Billy to talk about due diligence specifically in the context of international mergers and acquisitions and he sent this summary of a recent article posted here.

* * *

“In today’s increasingly aggressive enforcement climate, it is a legal and business imperative for entities to conduct thorough due diligence prior to consummating a merger or acquisition. Due diligence should further two primary, related goals: (1) learning as much as possible about the target in order to properly evaluate and address any anti-corruption risks and (2) creating a due diligence file sufficient to withstand later scrutiny. That is easy in theory, but how much diligence is enough? Based upon how FCPA liability may be imposed on acquirers, significant applicable enforcement actions, recent DOJ guidance, and practical experience, I’ve attempted to answer that question in the article “Caveat Emptor: Why and How FCPA Due Diligence Should Be Conducted Prior to Mergers and Acquisitions.” The article is summarized below.

The threshold step of any pre-merger or acquisition due diligence is to identify risk areas. The risk areas can be categorized as environmental considerations, including the level of corruption in the country where the target is based, and specific organizational considerations, including the target’s anti-corruption policies, procedures, and internal controls. Early identification of these risk areas facilitates the identification of initial red flags and further serves as a guidepost for ongoing fact-finding.

Fact-finding, the most expensive and time-consuming portion of due diligence, should consists of several steps. First, the acquirer should conduct initial, high-level and in-person interview(s) with target management before a review of documents and accounting records to understand the target’s operational and financial structure and to learn of potential problem areas. Second, the acquirer should examine and assess the target’s anti-corruption compliance procedures and internal controls. The lack of anti-corruption compliance procedures and/or internal controls speaks volumes about the potential risk. The existence of anti-corruption policies and/or internal controls is great, but an acquirer should conduct an assessment of whether and how they actually work. Third, unless the target has no, or minimal, business with government customers, the acquirer should conduct a forensic review of the target’s books to identify suspicious payments to third parties. The forensic review should cover, among other areas, petty cash accounts, travel and expense records, and approved vendor lists for potential red flags including, but not limited to, large and/or round-dollar payments, patterns of recurring payments, payments to employees outside of the payroll system, third-country payments, and payments with unacceptable descriptors.

Depending on the nature of the questions and/or red flags raised during the fact-finding steps described above, the acquirer should follow-up as needed with supplemental interviews, additional review of accounting records, or even selected searches of electronic and hard copy data. The acquirer should then evaluate the facts and judge whether a potential risk should be classified as a yellow light or a roadblock, depending on the anticipated nature, likelihood, and severity of consequences associated with the risk. If the anticipated risk is low, the acquirer may decide to proceed with the transaction. If the risk is high, the acquirer should think long and hard before proceeding with the transaction.

If problems are discovered within the target, the acquirer should consider whether to alert the government prior to the acquisition in an effort to avoid liability flowing to the acquirer. The acquirer must also, of course, consider how to remediate the problems found within the target if the acquisition proceeds. Additionally, the acquirer should integrate its anti-corruption policies, procedures, and accounting controls into the former target. This includes training personnel of the former target as quickly and as extensively as practicable, and where necessary, completing due diligence on any issues not finalized in the pre-acquisition due diligence. The acquirer should also continue to monitor the former target’s compliance with its representations and warranties and the acquirer’s anti-corruption policies, procedures and internal controls by, among other methods, conducting reviews or audits, requiring personnel to annually certify their compliance, and where needed, appropriately disciplining rogue personnel.

While the above-summarized steps are neither convenient nor inexpensive, acquirers must adapt to the current enforcement environment. Conducting robust due diligence demonstrates adherence to applicable anti-corruption laws and will more than pay for itself if the acquirer is able to avoid buying itself a big legal liability.”

Benchmarking: Facilitation Payments Reply

There has been considerable discussion in compliance circles recently about how best to handle facilitation payments. These are payments (bribes) to foreign officials to induce them to provide or expedite a routine service. Facilitation payments to foreign officials are not prohibited by the FCPA or by the anti-bribery laws of Canada, Australia or New Zealand. (The payments are, however, prohibited in every country in which they’re made.) For those companies that permit facilitation payments, there is concern about how to define them, how to ensure that the definition is not interpreted too broadly, how to address local laws that prohibit them and how best to account for them to avoid books and records violations. For companies that don’t permit facilitation payments, there are often concerns that the company may not have a clear understanding of how much delay is attributable to non-payment, if any, and to what extent rogue employees or agents pay them anyway.

We have argued for some time that facilitation payments are risky, corrosive of high compliance standards and undermining of a company’s reputation in the markets in which they’re paid, but we know that some companies have concluded that it’s simpler to pay them than to fight each battle.

Because of the different approaches taken and the general uncertainty surrounding this issue, TRACE is launching a brief benchmarking survey and we would appreciate it if you would take just a few minutes to answer these primarily multiple choice questions. A summary of the results will be posted here in a few weeks.

Click here for the survey. Thank you.

“Ethics” Terminology in the Compliance Discourse 1

A well-written anti-bribery compliance policy – or a corporate code of conduct more generally – should (i) be easy to find, (ii) be written in simple, clear language, (iii) be thorough, but not exceedingly lengthy, (iv) clearly describe the proscribed behavior, (v) delineate sanctions for breaches of the policy, and (vi) provide mechanisms for reporting potential violations and for seeking guidance and clarifications. The ideal policy will also set an appropriate and credible management tone for the organization. With regard to this latter quality, companies can take very different linguistic approaches in setting the tone for their policies or codes. One preliminary question is whether to incorporate the term “ethics” in the policy, whether in the title itself or throughout the text. “Ethics” is a broad term. It can encompass morality and personal beliefs in a number of contexts; “compliance,” on the other hand, generally addresses rules and legal liability.

Does a reference to ethics help set a better tone or make a compliance policy more effective? Or is it possible that, instead, it distracts the reader from the core focus of the policy and the many grey areas that characterize anti-bribery compliance? Does the language help or hinder the dissemination of a universal policy to a diverse, multiethnic and multinational organization? Both Sarbanes-Oxley and the Federal Sentencing Guidelines specifically use the term “ethics” – should this be construed as a prescription for corporations or are there legitimate reasons to avoid the term? Could the direct translation of SOX and the Guidelines into multinational corporate policy be misinterpreted as American moral conceit? While the target of the two documents is obviously American corporate wrongdoing, how are they interpreted abroad?

The U.S. is known for its rules-based approach to corporate governance, while Europeans generally take a more principles-oriented perspective. U.S. attorneys, whether outside counsel or in-house, are frequently accused of “American arrogance” when interacting with company personnel or their counterparts overseas, both in the context of investigations and in more benign settings. The choice of language in an anti-bribery compliance policy or code of conduct – usually an employee’s first introduction to a company’s compliance program – makes a difference. Does the use of “ethics” terminology support or impede the message?

This posting asks more questions than it answers. Readers are invited to share their thoughts and comments.