It’s been a busy year for Billy Jacobson. Last year, he was working FCPA cases as Assistant Chief of the Fraud Section at the Department of Justice. More recently, he became a partner in the Washington office of Fulbright & Jaworski. And then, to complete the hat-trick, he joined Weatherford International as Vice President and Chief Compliance Officer. It’s safe to conclude that he has seen most FCPA challenges from all angles. We asked Billy to talk about due diligence specifically in the context of international mergers and acquisitions and he sent this summary of a recent article posted here.
* * *
“In today’s increasingly aggressive enforcement climate, it is a legal and business imperative for entities to conduct thorough due diligence prior to consummating a merger or acquisition. Due diligence should further two primary, related goals: (1) learning as much as possible about the target in order to properly evaluate and address any anti-corruption risks and (2) creating a due diligence file sufficient to withstand later scrutiny. That is easy in theory, but how much diligence is enough? Based upon how FCPA liability may be imposed on acquirers, significant applicable enforcement actions, recent DOJ guidance, and practical experience, I’ve attempted to answer that question in the article “Caveat Emptor: Why and How FCPA Due Diligence Should Be Conducted Prior to Mergers and Acquisitions.” The article is summarized below.
The threshold step of any pre-merger or acquisition due diligence is to identify risk areas. The risk areas can be categorized as environmental considerations, including the level of corruption in the country where the target is based, and specific organizational considerations, including the target’s anti-corruption policies, procedures, and internal controls. Early identification of these risk areas facilitates the identification of initial red flags and further serves as a guidepost for ongoing fact-finding.
Fact-finding, the most expensive and time-consuming portion of due diligence, should consists of several steps. First, the acquirer should conduct initial, high-level and in-person interview(s) with target management before a review of documents and accounting records to understand the target’s operational and financial structure and to learn of potential problem areas. Second, the acquirer should examine and assess the target’s anti-corruption compliance procedures and internal controls. The lack of anti-corruption compliance procedures and/or internal controls speaks volumes about the potential risk. The existence of anti-corruption policies and/or internal controls is great, but an acquirer should conduct an assessment of whether and how they actually work. Third, unless the target has no, or minimal, business with government customers, the acquirer should conduct a forensic review of the target’s books to identify suspicious payments to third parties. The forensic review should cover, among other areas, petty cash accounts, travel and expense records, and approved vendor lists for potential red flags including, but not limited to, large and/or round-dollar payments, patterns of recurring payments, payments to employees outside of the payroll system, third-country payments, and payments with unacceptable descriptors.
Depending on the nature of the questions and/or red flags raised during the fact-finding steps described above, the acquirer should follow-up as needed with supplemental interviews, additional review of accounting records, or even selected searches of electronic and hard copy data. The acquirer should then evaluate the facts and judge whether a potential risk should be classified as a yellow light or a roadblock, depending on the anticipated nature, likelihood, and severity of consequences associated with the risk. If the anticipated risk is low, the acquirer may decide to proceed with the transaction. If the risk is high, the acquirer should think long and hard before proceeding with the transaction.
If problems are discovered within the target, the acquirer should consider whether to alert the government prior to the acquisition in an effort to avoid liability flowing to the acquirer. The acquirer must also, of course, consider how to remediate the problems found within the target if the acquisition proceeds. Additionally, the acquirer should integrate its anti-corruption policies, procedures, and accounting controls into the former target. This includes training personnel of the former target as quickly and as extensively as practicable, and where necessary, completing due diligence on any issues not finalized in the pre-acquisition due diligence. The acquirer should also continue to monitor the former target’s compliance with its representations and warranties and the acquirer’s anti-corruption policies, procedures and internal controls by, among other methods, conducting reviews or audits, requiring personnel to annually certify their compliance, and where needed, appropriately disciplining rogue personnel.
While the above-summarized steps are neither convenient nor inexpensive, acquirers must adapt to the current enforcement environment. Conducting robust due diligence demonstrates adherence to applicable anti-corruption laws and will more than pay for itself if the acquirer is able to avoid buying itself a big legal liability.”