FCPA Compliance and Ethics Blog

January 2, 2014

The 2013 FCPA Year in Review-Corporate Enforcement Actions

In my final post of 2013, I reviewed all of the individual Foreign Corrupt Practices Act enforcement actions which occurred in the past year. In this first post of 2014, I review all the corporate enforcement actions in 2013. If you would like to have a handy reference on all of the 2013 FCPA enforcement actions, I am pleased to announce the publication of my latest book, entitled, “2013-the FCPA Year in Review”. It is available in an eBook format on Amazon.com.

A.     Total

Total SA engaged in a nearly decade long, breathtaking bribery scheme. In this scheme, Total paid approximately $60MM to an un-named Iranian Official of the National Iranian Oil Company (NIOC), who steered two major projects Total’s way. The projects for which Total paid the bribes were the Sirri A and E oil and gas fields and South Pars gas field. Total paid a criminal penalty to the DOJ of $245.2 million and civil penalty of $153 to the SEC.” Total’s agreed monetary penalty of $398MM was the fourth biggest FCPA resolution.

B.     Parker Drilling

The company was involved in a bribery scheme to pay-off judges in a Nigerian Tax Court to allow Parker Drilling to pay lower than warranted tax assessments for its drilling rigs in the country. Due to its efforts to create a gold standard compliance program all the while undergoing its own internal investigation, Parker Drilling’s conduct earned it an “approximately 20 percent reduction off the bottom of the fine range” which suggested a fine of between $14.7MM to $29.4MM. The final DOJ fine was $11,760,000. The company also agreed to pay disgorgement of $3,050MM plus pre-judgment interest of $1,040,818, to the SEC.

C.     Ralph Lauren

The Ralph Lauren Company received Non-Prosecution Agreements (NPA) granted by the SEC and DOJ. The illegal conduct at issue related to its Argentinian subsidiary and efforts by the General Manager of that operation, who conspired with a customs clearance agency to make payments “to assist in improperly obtaining paperwork necessary for goods to clear customs, to permit clearance of items without the necessary paperwork, to permit the clearance of prohibited items, and to avoid inspection.” For its conduct, Ralph Lauren agreed to pay $882K to the DOJ and $593K in disgorgement and $141K in pre-judgment interest to the SEC.

D.    Weatherford

In late November, Weatherford International Limited (Weatherford) concluded one of the longest running open FCPA investigations when it agreed to the ninth largest FCPA fine of all-time and one of its subsidiaries, Weatherford Services Limited (WSL), agreed to plead guilty to violating the anti-bribery provisions of the FCPA. The total amount of fines and penalties for the FCPA violations was $152.6 million. The company was also hit with another $100 million in fines and penalties for trade sanctions bringing its total amount paid to $252.6 million. The bribery schemes that Weatherford used were varied but stunning in their brazen nature. But in spite of how things began, Weatherford was able to make a turnaround and substantially improve its position by reversing this initial nose-thumbing at US regulators.

E.     Stryker

In an interesting FCPA enforcement action resolved in October, the Stryker Corporation agreed to settle with the SEC via an Administrative Order, not a criminal action filed by the DOJ. According to the FCPA Blog, “The SEC said Stryker Corporation will pay $13.2 million to resolve FCPA violations. The bribes totaled about $2 million and were ‘incorrectly described as legitimate expenses in the company’s books and records,’ according to the SEC. Stryker will disgorge to the SEC $7.5 million and prejudgment interest of $2.28 million. It is also paying a penalty of $3.5 million.” SEC Complaint. There was not even a civil Complaint filed by the SEC and Stryker is not required to have a Corporate Monitor to assess its ongoing compliance efforts or its commitment to having a compliance program.

F.     Diebold

In late October, Diebold, an Ohio company which makes ATM machines, agreed to pay a criminal fine of $25.2 million to the DOJ and $23 million in disgorgement and prejudgment interest to the SEC to resolve allegations it violated the FCPA by covering up bribes to bank officials in China, Indonesia and Russia. The total fine of just over $48MM. The DOJ charged it in a two-count information with conspiring to violate the FCPA’s anti-bribery and books and records provisions and a substantive books and records offense. There were no charges under the anti-bribery provisions, which apply only to corrupt payments to foreign officials. The Diebold resolution took the form of a DPA with the DOJ, along with a fines and a Corporate Monitor. From its resolution with the SEC in addition to the profit disgorgement and prejudgment interest paid the company agreed to an agreed injunction to stop, once again, violating the FCPA.

G.    Bilfinger SE

In early December, DOJ announced it had resolved an ongoing FCPA with German entity Bilfinger SE (Bilfinger). This case involved the same background facts and events as the Willbros corporate FCPA enforcement action and the related individual enforcement actions with some of its former employees. The facts in this case were bad, bad, bad. The Bilfinger enforcement action moves towards the ending of one of the sorriest examples of corporate malfeasance in the FCPA world. While it took a long time, justice has certainly been a long time coming. With the continued flight from justice of former Willbros employee James Tillery who renounce his US citizenship to try and escape prosecution by taking refuge in Nigeria; perhaps things are coming to an end. But with the conclusion of this corporate enforcement action against Bilfinger, perhaps there may be additional individual enforcement actions.

H.    Archer-Daniels-Midland

In late December, it was announced by the DOJ and SEC that they had settled both a criminal and civil enforcement action with Archer-Daniels-Midland Company. The DOJ resolved the criminal action when a subsidiary of ADM pled guilty and agreed to pay more than $17 million in criminal fines to resolve charges that it paid bribes through vendors to Ukrainian government officials to obtain value-added tax (VAT) refunds, in violation of the FCPA. In a parallel civil FCPA action settled with the SEC and the SEC Press Release noted that “The payments were then concealed by improperly recording the transactions in accounting records as insurance premiums and other purported business expenses. ADM had insufficient anti-bribery compliance controls and made approximately $33 million in illegal profits as a result of the bribery by its subsidiaries.” In addition to the DOJ fine of $17.8MM, ADM agreed to pay “disgorgement of $33,342,012 plus prejudgment interest of $3,125,354.”

What Did It All Mean?

The clear message from these corporate enforcement actions is that early detection and remediation can lead to a significant reduction in fines and penalties. I believe that these corporate enforcement actions make clear that a company’s actions during the pendency of the investigation, in addition to the underlying FCPA violations, will be evaluated and assessed to determine the final penalty. The DOJ and SEC continue to communicate not only what they believe constitutes a best practices compliance program but equally importantly what actions a company can engage in which will significantly reduce a company’s overall fine and penalty. Both the DOJ and SEC continue to communicate, through their enforcement actions, to the compliance practitioner what they expect from companies in the way of a best practices compliance program and what a company should do if they discover a potential FCPA violation. These communications, through enforcement actions, DPAs, NPAs and Declinations, are consistent with the information provided by the DOJ/SEC in the FCPA Guidance. These enforcement actions demonstrate that if a company gets ahead of the curve, it can significantly lessen its overall penalty and pain.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

December 23, 2013

Supermarket to the World – The ADM FCPA Enforcement Action

Last week, it was announced by the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) that it had settled an enforcement action with Archer-Daniels-Midland Company (ADM). The DOJ resolved a criminal action when, according to the DOJ Press Release, a subsidiary of ADM pled guilty and agreed to pay more than $17 million in criminal fines to resolve charges that it paid bribes through vendors to Ukrainian government officials to obtain value-added tax (VAT) refunds, in violation of the Foreign Corrupt Practices Act (FCPA). In a parallel civil FCPA action settled with the SEC and the SEC Press Release noted that “The payments were then concealed by improperly recording the transactions in accounting records as insurance premiums and other purported business expenses. ADM had insufficient anti-bribery compliance controls and made approximately $33 million in illegal profits as a result of the bribery by its subsidiaries.” In addition to the DOJ fine of $17.8MM, ADM agreed to pay “disgorgement of $33,342,012 plus prejudgment interest of $3,125,354.”

At this point, the Non-Prosecution Agreement (NPA), Plea Agreement between the company and the DOJ and the Criminal Information is not available. However the SEC Civil Complaint is available, as are Press Releases from both the DOJ and SEC. In today’s blog I will review the underlying facts as set out in the SEC Civil Complaint. In a subsequent blog post, I will review the NPA, Plea Agreement and Criminal Information.

The underlying facts centered on ADM’s ongoing issues related to the receipt of VAT refunds in Ukraine. The company had many years of slow and no response to its application for refunds where goods purchased in Ukraine were then exported. From 2002 to 2010, the company’s Ukrainian subsidiary rolled up VAT receivables of up to $46MM. The company employed three different bribery schemes to help them get this money that they were owed out of the country. ADM’s two entities which were directly involved in the bribery scheme were Alfred C. Toepfer, International GmbH (“the German subsidiary”) and its affiliate, Alfred C. Toepfer International (Ukraine) Ltd. (“the Ukrainian subsidiary”).

Charitable Donation Scheme

According to the SEC Complaint, “an ADM executive in the tax department sent an e- mail to the head of an international tax organization and stated, “One of our affiliates operates in the Ukraine. In order to recover 100% of their input VAT they have to pay 30% of the amount to local charities.” While recognizing that this requirement was not illegal and that there were avenues for appeal and assistance with this issue through the US government and trade groups, the SEC Complaint noted that “Given ADM’s insufficient anti-bribery compliance policies and procedures at the time, it did not prevent or detect the improper payments made by” the German subsidiary or the Ukrainian subsidiary.

Use of Third Parties

A second bribery scheme entailed the German and Ukrainian subsidiaries making “payments to a stevedoring company in the port of Odessa (the “Shipping Company”) so that it could pass on nearly all of those payments to Ukrainian officials in order to obtain VAT refunds on behalf of ACTI Ukraine.” The Shipping Company would present inflated invoices to the German subsidiary and this inflated amount “represented a sum that was available for the Shipping Company to pass to Ukraine government officials.” Further, when the German subsidiary would receive an invoice from the Shipping Company, “it withheld payment of a portion of the amount in the invoice, and then upon receiving the relevant VAT refund, ACTI Hamburg released the funds to the Shipping Company.”

Mischaracterization of Write-offs

In yet another bribery scheme, the German subsidiary reported to the US parent that it would negotiate with the Ukrainian government over the amount of the VAT refund and if there was a negotiated settlement it would be less than the full refund due the company. The German subsidiary would then write-off 18% of the total amount of any VAT refund due to it from the Ukrainian government. However when the VAT refund was actually made it would be at 100% of the total due. As the German subsidiary would have taken a write off of 18% of this total, the corresponding amount of money would be funneled to “third-party vendors so that nearly all of those monies could be provided to Ukrainian government officials.”

Fake Insurance Premiums

In an inventive bribery scheme, the Ukrainian subsidiary General Manager “organized a scheme through which ACTI Ukraine used a Ukrainian insurance company (the “Insurance Company”) to funnel improper payments to Ukrainian government officials. ACTI Ukraine arranged for the Insurance Company to falsely bill it for crop insurance, which the Insurance Company never intended to honor, adjusting the premiums to be roughly 20% of the VAT refund.” This bribery scheme succeeded in the face of email reports from the Ukrainian subsidiary to the German subsidiary that said “The contracts completed here, either sporadically or ad hoc, include no kind of insurance protection, but serve the purpose only of generating a commission for the VAT repayment in this manner. Regardless of the wording of the contract, the content is completely different. That means that in case of conflict, claims could not be made successfully.”

Discussion

The problems that ADM subsidiaries faced in the VAT refund issue is one faced by many companies in many countries. Governments usually have little incentive to timely or otherwise process tax refunds, especially in the amounts which ADM was seeking. From the SEC Compliant it does appear there is not any issue that ADM was seeking or did obtain VAT refunds that it was not entitled to receive, only that the Ukrainian tax authorities were sitting on these refunds. In other words, it may be construed that ADM was involved in a situation where it was paying bribes for something it was otherwise entitled to receive but as noted in the SEC Civil Complaint it that the company received VAT refunds “earlier than they otherwise would have.”

While I might disagree that by speeding up the process, the company obtained some unfair business advantage, I do believe that the payments can in any way be considered legal or otherwise in compliance with the FCPA. Simply considering the amounts of money involved and the false accounting entries are enough to show a FCPA violation. In many ways, I found the most interesting sentence in the SEC Civil Complaint to be the following, “ADM violated Section 13(b)(2)(B) of the Exchange Act by failing to maintain an adequate system of internal controls to detect and prevent the illicit payments.” The SEC Complaint expanded on this when it stated, “ADM failed to implement sufficient anti-bribery compliance policies and procedures, including oversight of third-party vendor transactions, to prevent these payments” at the German and Ukrainian subsidiaries. The message from the SEC Civil Complaint is that your compliance program must have both a prevent and detect component and if it does not, you are susceptible to a books and records violation, with a fine and profit disgorgement assessment.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

December 3, 2013

The Weatherford FCPA Settlement, Part II

Yesterday, I reviewed the Weatherford International Limited (Weatherford) Foreign Corrupt Practices Act (FCPA) settlement. Today I will take a more focused look at the bribery schemes involved and the failure of the company to bring internal controls up to standard or even follow its own compliance program. Weatherford’s compliance program was a joke but worse was its conduct, which many in the company knew was illegal and reported internally but the company did not stop the conduct. The company also, early on in the investigation, actively impeded regulators access to personnel and documents. However, and this is one of the key messages from the Weatherford FCPA enforcement action, the company truly ‘turned it around’. Tomorrow we will explore how the company made this dramatic turnaround.

The bribery schemes had four basic scenarios and, for those of you keeping score at home, I have summarized them below.

I.                   Corrupt Conduct

Weatherford Bribery Box Score

Country Bribery Scheme Government or SOE Official Involved Amount of Bribe Paid
Angola Payments through 3rd parties Sonagol Drilling Manager $250K
Angola JV Partners Government Ministers, wives and other relatives $810K
Congo Payments thru 3rd parties SOE officials $500K
Middle East Countries Unauthorized distributor discounts SOE officials $11.8MM
Algeria Improper travel and entertainment SOE officials $35K
Albania Misappropriation of company funds Tax Auditors $41K

Angola

In Angola two separate bribery schemes were used. The first involved payment of a $250,000 bribe to the Sonagol Drilling Manager. To funnel the bribe the company retained a Swiss agent who paid the money. This Swiss agent billed Weatherford for non-existent and fraudulent services. He would retain a percentage of the total he billed as a commission and would pass the remainder to the Sonagol Drilling Manager. The bribery of the Drilling Manager also included a week long, all-expenses paid trip to Italy and Portugal, where only one of the days was business related.

The company continued this further creativity when it set up a joint venture (JV) which had two local JV partners, JV Partner A and JV Partner B. Partner A consisted of Sonagol government officials, their wives and other relatives and held a 45% stake in the overall JV. JV Partner B’s principals included the relative of an Angolan Minister, the relative’s spouse, and another Angolan official. It held 10% of the overall JV interest. Neither of these JV Partners contributed capital, expertise or labor to the JV. In addition to the straight quid pro quo of awarding Weatherford 100% of the Angolan well screens market, these JV Partners had contracts which were awarded to Weatherford competitors, revoked after the initial award and then awarded them to Weatherford.

Congo

In the Congo, Weatherford made over $500,000 in commercial bribe payments through the same Swiss Agent they had utilized in the initial Angolan bribery scheme to employees of a commercial customer, a wholly-owned subsidiary of an Italian energy company, between March 2002 and December 2008. The Swiss Agent’s role in the scheme included submitting false invoices and sending payments to individuals as directed by Weatherford Services Limited (WSL) employees and others. WSL employees created and sent false work orders to the Swiss Agent. The Swiss Agent, WSL employees and others knew the services would not be performed and that the work orders were a pretext to funnel money to the Swiss Agent. The Swiss Agent forwarded the money, less a commission, once again based on fraudulent invoices for non-existent services.

The Middle East

In certain un-named Middle Eastern countries between the years of 2005 and 2011 another Weatherford subsidiary employed another bribery scheme to funnel payments to officials of state owned National Oil Company (NOC). This bribery scheme entailed the awarding of improper “volume discounts” to a company that served as an agent, distributor and reseller which supplied Weatherford products to a state-owned and controlled NOC, believing that those discounts were being used to create a slush fund with which to make bribe payments to decision makers at the NOC.

The Securities and Exchange Commission (SEC) Complaint noted that as early as 2001, officials at the un-named national oil company directed Weatherford to sell goods to the company through a particular distributor. Prior to entering into the contract with the distributor, Weatherford did not conduct any due diligence on the distributor, despite: (a) the fact that the distributor would be furnishing Weatherford goods directly to an instrumentality of a foreign government; (b) the fact that a foreign official had specifically directed the company to contract with that particular distributor; and (c) the fact that Weatherford executives knew that a member of the country’s royal family had an ownership interest in the distributor. In late 2001, the company entered into a representation agreement with the distributor to sell its Completion and Production Systems products to the NOC.

Thereafter, the distributor created a slush fund by providing the distributor with unauthorized volume and pricing discounts, in addition to the agent’s 5% commission. Company employees intended that the slush fund would be used to pay officials at the un-named NOC. The “volume discounts” to the distributor were typically between 5-l0% of the contact price. The discounts allowed the distributor to accumulate funds which were used to pay bribes to the NOC officials.

Algeria

Weatherford also provided improper travel and entertainment to officials of the Algerian NOC, Sonatrach, which did not have any legitimate business purpose. The SEC Complaint detailed the following improper travel and entertainment provided to Sonatrach officials:

  • June 2006 trip by two Sonatrach officials to the FIFA World Cup soccer tournament in Hanover, Germany;
  • July 2006 honeymoon trip of the daughter of a Sonatrach official; and
  • October 2005 trip by a Sonatrach employee and his family to Jeddah, Saudi Arabia, for religious reasons that were improperly booked as a donation.

In addition, on at least two other occasions, Weatherford provided Sonatrach officials with cash sums while they were visiting Houston. For example, in May 2007, Weatherford paid for four Sonatrach officials, including a tender committee official, to attend a conference in Houston. Further, the company provided an approximate $24,000 cash advance for the trip where there was no evidence of any legitimate business purpose or promotional expenses.

Albania

In Albania, Weatherford had a tax evaluation problem. To deal with this issue the general manager and financial manager of the company’s Italian subsidiary misappropriated over $200,000 of company funds, to fund a bribery scheme involving Albanian tax auditors. The general manager, financial manager and the Albania country manager made $41,000 in payments to Albanian tax auditors who questioned details of the company’s accounts and demanded payment to close out the audit or speed up the certification process in 2001, 2002 and 2004.

The general manager and financial manager misappropriated the funds by taking advantage of Weatherford’s inadequate system of internal accounting controls. They misreported cash advances, diverted payments on previously paid invoices, misappropriated government rebate checks and received reimbursement of expenses that did not relate to business activities. A memo drafted by the general manager and financial manager in the months after their co-worker confronted them discussed the misappropriated funds and indicated that funds were paid to tax auditors in Albania and others for the benefit of Weatherford. This was the bribery scheme which was reported to the company and the internal whistle-blower employee was terminated.

II.                Program Deficiencies Lack of Cooperation

The DPA laid out in equally stark terms the complete and utter disregard, non-existence of and/or complete failure of any systemic compliance program, prior to 2008. These deficiencies included:

  • Failure to establish internal accounting controls to prevent bribery and corruption;
  • Failure to perform due diligence on any prospective third parties, including who they were, ultimate beneficial ownership and business justifications;
  • Failure to perform due diligence or in any meaningful manage joint venture partners;
  • Failure to have any meaningful internal controls for gifts, travel and entertainment;
  • No effective internal reporting system for FCPA violations or issues; and
  • (Most amazingly) No Chief Compliance Officer or even compliance professionals in a multi-billion dollar, multi-national company in the energy industry.

In addition to all of the above, Weatherford engaged in active conduct to impede the investigations of both the SEC and DOJ. In one instance, the company told investigators that a key witness was dead when he was not only still alive and well but working for Weatherford. In other instances, the company, emails were deleted by employees prior to the imaging of their computers. It was also noted that Weatherford failed to secure important computers and documents and allowed potentially complicit employees to collect documents subpoenaed by the staff.

Tomorrow, the Weatherford compliance comeback.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

October 29, 2013

Notes from the Diebold and Stryker FCPA Enforcement Actions

Last week was a heck of a week in the Foreign Corrupt Practices Act (FCPA) enforcement world. Both Diebold Incorporated (DBD) and the Stryker Corporation (SYK) agreed to resolutions of their outstanding FCPA violations.

A.     Diebold

The DBD resolution took the form of a Deferred Prosecution Agreement (DPA) with the Department of Justice (DOJ), along with a fine of $25.2MM, and a Corporate Monitor from the Securities and Exchange Commission (SEC) including $22.9MM in disgorgement and prejudgment interest to the SEC along with an agreed injunction to stop, once again, violating the FCPA. That’s a total fine of $48MM.

The conduct at issue was approved at the highest level of the company and involved multiple bribery schemes, in multiple countries for multiple years. The bribery box score is as follows:

DBD Bribery Box Score

List of DBD Executive, Employee or 3rd Party Involved in Bribery Schemes Illegal Conduct Around Type of Illegal Conduct Those Involved
Executive A Officials at Banks 1 & 2; both in China; Banking officials in Indonesia Approved payments of $1.75 MM over five years; improper trips, gifts and entertainment Executive A & B, Employee A & B
Executive B Officials at Banks 1 & 2; both in China; Banking officials in Indonesia Approved payments of $1.75 MM over five years; improper trips, gifts and entertainment
Executive C Banks in Russia Approved payments of at least $1.2MM
Employee A Banks in Russia Hid illegal payments in books and records
Employee B Hid illegal payments in books and records
Employee C Banks in Russia Distributor 1 & 2,  Executive A & C
Distributor 1 Banks in Russia Made illegal payments
Distributor 2 Banks in Russia Made illegal payments

B.     Stryker

SYK’s penalties were considerably less than those paid by DBD. According to the FCPA Blog, “The SEC said Stryker Corporation will pay $13.2 million to resolve FCPA violations. The bribes totaled about $2 million and were ‘incorrectly described as legitimate expenses in the company’s books and records,’ according to the SEC. Stryker will disgorge to the SEC $7.5 million and prejudgment interest of $2.28 million. It is also paying a penalty of $3.5 million.” SYK received only an Administrative Order, not even a SEC Complaint. Further, unlike DBD, SYK is not required to have a Corporate Monitor to assess its ongoing compliance efforts or its commitment to having a compliance program. The Stryker Bribery Box Score is as follows:

Stryker Entity Bribery Scheme Used Amount of Bribes Paid Illicit Profits
Stryker Mexico Cash payments $76,000 $2.1MM
Stryker Poland Cash payments, illegal travel, lodging, gifts and expenses; charitable donations $460,000 $2.4MM
Stryker Romania Illegal travel, lodging, gifts and expenses $500,000 $1.7MM
Stryker Argentina Commission Payments or Honoraria to Doctors $966,500 $1.04MM
Striker Greece Charitable Donations $197,055 $183,000

C.     Some Comments

1. DBD’s China Investigation

The FCPA Professor noted an interesting nugget from the DBD DPA, in a blog post entitled “Of Note From The Diebold Enforcement Action”, the “It is merely one paragraph in the SEC’s complaint, but it may be perhaps the most notable issue in the Diebold enforcement action (an action based primarily on excessive travel and entertainment payments by subsidiaries – the bulk of which occurred in China). Para. 28 of the SEC’s complaint states:

“Other executives at Diebold were on notice of potential corruption issues at Diebold China. In 2007, a regional government agency in China, the Chengdu Administration of Industry & Commerce (“CDAIC”), opened an investigation involving, among other issues, leisure trips and gifts Diebold China had provided to bank officials. Company executives in China and the U.S. learned of the investigation after a Diebold field office in Chengdu was raided by authorities. Executives A and B took the lead in responding to the investigation. Diebold was able to settle the matter with no corruption charges filed, by paying CDAIC an administrative penalty of 600,000 RMB (approximately $80,000) for business registration violations. Despite being on notice of potential corruption issues at Diebold China, Diebold failed to effectively investigate and remediate these problems.”

In short, the bulk of the conduct at issue in the $48 million Diebold enforcement action was previously investigated by a foreign law enforcement agency and was resolved without corruption charges.”

While I disagree that the bulk of DBD’s illegal conduct involved its Chinese operations, I do agree with the Professor that this is certainly interesting. Is this the mechanism by which the DOJ/SEC were informed about DBD’s conduct? DBD did receive a discount of -5 base points for self-disclosure, full cooperation and demonstrating responsibility for its conduct but it is not clear which, if any, of these three prongs were met. Or, indeed, all of them? Equally interesting is speculating on the level of cooperation between the Chengdu Administration of Industry and Commerce and the DOJ. Or perhaps did it go in a different direction, as the persons cited as taking the lead in responding to this Chinese investigation, Executives A & B, have something to do with resolving the matter at the relatively low cost of $80,000?

2.         Stryker Greece’s Donation to a Public University

From the SYK Cease and Desist Order, there is some interesting information regarding the bribery scheme the company used in Greece. Here the company made a “sizeable and atypical donation of $197,055 to a public university…” Normally I would say that donations to public, i.e. state-owned, universities would not be subject FCPA scrutiny because they are gifts directly to a foreign government. But here the Order specifies that “The donation was made pursuant to a quid pro quo arrangement with the foreign official, pursuant to which Stryker Greece understood it would obtain and retain business…in exchange for making the donation to the foreign official’s pet project. In addition to emails attesting to this quid pro quo nature of the donation, the Order specifies that the donation was “improperly booked as legitimate marketing expense in an account entitled “Donations and Grants.””

Readers will recall the gift of $135 Million by Wynn Resorts Ltd (WYNN) to a foundation which supports the University of Macau. A Wall Street Journal (WSJ) article on this donation, entitled “Macau School Ties Roil Wynn Resorts” and was co-authored by Kate O’Keefe and Alexandra Berzon, reported the Chairman of Wynn’s Board “told analysts last month that the donation was vetted in advance by outside experts,” relative to the FCPA. The donation is apparently not for construction or other infrastructure projects but “the gift will support academic activities.” The WSJ article also reports that the Board of the University foundation includes “current and former government officials” and “a member of the committee to elect Macau’s chief executive”, who is the chancellor of the university.” The SEC opened and closed an investigation into this matter with no enforcement action.

Perhaps it is the clear email trail showing the quid pro quo for the donation but I wish there was more information about the illegal nature of the Stryker Greece donation versus the apparent non-action in the Wynn donation.

For the compliance practitioner, I think there are several clear messages that the DOJ and SEC are communicating in these two enforcement actions. From the DBD enforcement action, if your company finds itself in an investigation which becomes an enforcement action, it must take serious remediation steps during the pendency of the enforcement action. If not you will probably have a Corporate Monitor appointed. So do not wait, remediate now. From the SYK enforcement action, the SEC once again emphasized the importance of internal controls and accurately recording your expenses in your books and records. Neither of these messages are new or earth-shattering but both bear repeating and perhaps providing to your management in a teaching moment.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

June 14, 2013

Lunch with the FCPA Compliance & Ethics Blog – Phil Wedemeyer and the Audit Perspective in Compliance

One of my weekend reading pleasures is the Saturday section in the Financial Times (FT) entitled “Lunch with the FT”. Each week, this column highlights a weekly interview with leading cultural and business figures. In addition to an excellent interview with fascinating people, the column discusses the food served and lists the prices of all items purchased. The column is so smartly done that even the Men In Blazers talk about it in their weekly podcasts on all things soccer.

Since imitation is the most sincere form of flattery, today I will inaugurate a “Lunch with FCPA Compliance and Ethics Blog” series of posts. While it will not be a weekly feature, nor will I detail the costs for lunch, I will commit to you the cost will be in line with that of a Foreign Corrupt Practices Act (FCPA) or UK Bribery Act compliance program business entertainment lunch. My inaugural guest is Phil Wedemeyer, who is a retired former partner of a Big Five accounting firm (when there was a Big 5); the former Director of the Office of Research and Analysis at the Public Company Oversight Accounting Board and currently sits on the Board of Directors of two corporations; one public, where Phil is the Chairman of the Audit Committee, and one private. As you might guess from someone with such a professional background, Phil tends to view things through the prism of an audit perspective.

This week Phil and I sat down for a couple of Houston’s finest cheeseburgers to catch up. Phil asked me what might be happening on the FCPA front and I told him that I thought the news about the National Security Agency (NSA) information collection programs was going to make the job of the compliance practitioner more difficult. Many of America’s allies are up in arms over not only the collection of information but the revelation that such collection of information can be used in monitoring FCPA compliance across the globe. I think this will mean that companies will face greater data privacy laws and have more difficulty not only getting information out of foreign countries and into the US for evaluation but even in collecting types of data and information.

Great Board Oversight Required?

Phil had another take on it, which I found equally interesting. He questioned whether this information about the US government could put an additional burden on not only the compliance practitioner but on a board of directors? When I asked him what he meant by this, he questioned if a company had reliable information that the US government was employing oversight techniques to search for evidence of bribery and corruption (or non-compliance with other laws or regulations) beyond more traditional law enforcement techniques (e.g., whistleblowers, self-disclosure and competitor reporting); should this cause that company to increase its oversight of compliance with the FCPA? In particular, more comprehensive government monitoring activity could increase the chances of discovery of the types of illegal activities at lower levels of the company that is one of the primary objectives of whistleblower procedures and that may not always be known to upper level management. Further, if so, would this change in risk put a director on notice that they need to perform additional oversight of the compliance function?

Transaction Analysis

Phil also inquired about any trends that I might have seen over the past six to 12 months on FCPA enforcement. I told him that one of the things I have seen is the introduction of transaction monitoring, beginning with the Morgan Stanley declination. I then discussed the Eli Lilly enforcement action and particularly the bribery scheme used in Poland where charitable contributions were made to a charity run by the head of a provincial health service. This led to sales spiking in that province rather dramatically. These cases, and some others, have led me to advocate that companies engage in transaction monitoring from the compliance perspective to identify any anomalies.

Phil’s observation here was once again based on his auditing background. He said that, in considering variations in operating results as a director, he asks two questions of management: What happened and how do you know? In answering these questions, it is clearly important that management understands the business cause of significant sales increases and that there could be other issues involved in the situation that may require consideration by the compliance practitioner. Phil thought analysis of variations needs to occur at the level at which the sales increase was material. As an example, he conjectured that, in the Lilly scenario, such a sales spike would likely not be material to the company’s consolidated financial statements or, for that matter, to the European business unit. However, such a sales increase would most probably be material for the country of Poland and certainly for the province in which the sales increase occurred.

Once the material level is determined, direct questions should be asked and answered at that level. Explanations of a sales increase as being the result of the appointment of a new head of business development or a more aggressive sales manager should not simply be taken at face value. Questions such as what techniques were used; what was the marketing spend; how much was spent on business entertainment or other specific categories; were charitable donations made to any non-core business charities and other questions might help to get at the true underlying reason for a sales spike. Further, a company should review its findings in subsequent periods for confirmation. So, for example, if a sales increase legitimately appears to be due to the efforts of a new person in the territory or region, is that same increase sustained in later periods. The answer to such a question might identify red flags indicating the need for further review.

One of the key things that I learned from my lunch is the need for the compliance practitioner to talk to other non-compliance professionals to get their perspectives on how they view issues. So, just as I had lunch with Phil Wedemeyer, you could take out the head of your internal audit group for a lunch and chat; or HR; or IT. The list of possibilities is lengthy. I hope that you have enjoyed my inaugural, Lunch with the FCPA Compliance and Ethics Blog as much as I have bringing it to you.

———————————————————————————————————————————————————————-

I will be discussing transaction monitoring on a free Webinar entitled, “A Winning Strategy for Automating FCPA Compliance” hosted by SAP, next Wednesday, June 19 at 2 PM EDT. For registration and information, click here.

———————————————————————————————————————————————————————-

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

May 27, 2013

Board Responsibility under the FCPA – A Herculean Task?

The nightmare of every corporate director is to wake up to find out that the company of the Board he or she sits on is on the front page of a national newspaper for alleged illegal conduct. This nightmare came true for the Directors of Wal-Mart when the New York Times (NYT), in an article entitled “Vast Mexico Bribery Case Hushed Up by Wal-Mart After Top-Level Struggle”, alleged that Wal-Mart’s Mexican subsidiary had engaged in bribery of Mexican governmental officials and that the corporate headquarters in Bentonville, Arkansas, had covered up any investigations into these allegations.

I.                   Legal Standard

What are the obligations of a Board member regarding the US Foreign Corrupt Practices Act (FCPA)? Are the obligations of the Audit Committee under the FCPA at odds with a director’s “prudent discharge of duties to shareholders”? Do the words prudent discharge even appear anywhere in the FCPA? Under the US Sentencing Guidelines, the Board must exercise reasonable oversight on the effectiveness of a company’s compliance program. The US Department of Justice (DOJ) Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program?; and (2) Are Directors provided information sufficient to enable the exercise of independent judgment?

As to the specific role of ‘Best Practices’ in the area of general compliance and ethics, one can look to Delaware corporate law for guidance. The case of Stone v. Ritter holds for the proposition that “a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate exists.” From the case of In re Walt Disney Company Derivative Litigation, there is the principle that directors should follow the best practices in the area of ethics and compliance.

Board failure to heed this warning can lead to serious consequences. David Stuart, a senior attorney with Cravath, Swaine & Moore LLP, noted that FCPA compliance issues can lead to personal liability for directors, as both the Securities and Exchange Commission (SEC) and DOJ have been “very vocal about their interest in identifying the highest-level individuals within the organization who are responsible for the tone, culture, or weak internal controls that may contribute to, or at least fail to prevent, bribery and corruption”. He added that based upon the SEC’s enforcement action against two senior executives at Nature’s Sunshine, “Under certain circumstances, I could see the SEC invoking the same provisions against audit committee members—for instance, for failing to oversee implementation of a compliance program to mitigate risk of bribery”.

II.                When Things Get Bad

While generally the role of a Board should be to keep really bad things from happening to a Company, once really bad things have occurred the Board needs to take charge and lead the effort to rectify the situation or perhaps even save the company. While giving oversight to risk management through an Audit Committee or a Compliance Committee is a good first step, such a committee needs to have sufficient independence from the management which got the company into such hot water.

In a recent White Paper entitled “Risk Intelligence Governance – A Practical Guide for Boards the firm of Deloitte & Touche laid out six general principles to help guide Boards in the area of risk governance. These six areas can be summarized as follows:

  • Define the Board’s Role – There must be a mutual understanding between the Board, Chief Executive Officer (CEO) and senior management of the Board’s responsibilities.
  • Foster a culture of risk management – All stakeholders should understand the risks involved and manage such risks accordingly.
  • Incorporate risk management directly into a strategy – Oversee the design and implementation of risk evaluation and analysis.
  • Help define the company’s appetite for risk – All stakeholders need to understand the company’s appetite, or lack thereof, for risk.
  • How to execute the risk management process – The risk management process must maintain an approach that is continually monitored and had continuing accountability.
  • How to benchmark and evaluate the process – Systems need to be installed which allow for evaluation and modifying the risk management process as more information becomes available or facts or assumptions change.

All of these factors can be easily adapted to FCPA compliance and ethics risk management oversight. Initially, it must be important that the Board receives direct access to such information on a company’s policies on this issue. The Board must have quarterly or semi-annual reports from a company’s Chief Compliance Officer (CCO) to either the Audit Committee or the Compliance Committee. This commentator recommends that a Board create a Compliance Committee as an Audit Committee may be more appropriate to deal with financial audit issues. A Compliance Committee can devote itself exclusively to non-financial compliance, such as FCPA compliance. The Board’s oversight role should be to receive such regular reports on the structure of the company’s compliance program, its actions and self-evaluations. From this information the Board can give oversight to any modifications to managing FCPA risk that should be implemented.

There is one other issue regarding the Board and risk management, including FCPA risk management, which should be noted. It appears that the SEC desires Boards to take a more active role in overseeing the management of risk within a company. The SEC has promulgated Regulation SK 407 under which each company must make a disclosure regarding the Board’s role in risk oversight which “may enable investors to better evaluate whether the board is exercising appropriate oversight of risk.” If this disclosure is not made, it could be a securities law violation and subject the company, which fails to make it, to fines, penalties or profit disgorgement.

III.             What the Board wants to know from compliance

In an article in the May issue of Compliance Week Magazine, entitled “What the Board Wants to Know from Compliance”, author Joe Mont explored some of the issues he believes that a Board will want to know about their company’s compliance program. Mont quoted Michael Bramnick, senior knowledge leader for LRN, who said, “Boards really only want an answer to the question: ‘How do we know it is working?’ In other words, is a company’s compliance program living “up to the hallmarks of an effective compliance program in the eyes of the government.”

A.     Questions About Process

Mont believes that Boards should “want more information on the processes to carry out the compliance function, rather than details on specific compliance issues”. He quotes Dennis Beresford, professor of accounting at the University of Georgia’s Terry College of Business, for the following “Boards want to know that there is a single individual or project management office keeping track of all this stuff and making sure that it is being handled properly. They want the comfort of knowing that there is a system in place that keeps track of compliance requirements.”

B. Questions About Internal Reporting

Another area of Board interest is compliance hotlines. In this area, Mont believes that Boards desire “to know details about who answers the calls or e-mails that come in, how they are trained, if the process is outsourced, and assurances that the hotline is truly anonymous, with no use of caller-ID or GPS tracking. Other common questions from the board include: How are calls classified and routed? Who gets notified for what types of calls? How is the investigative process divided among various functions?” If the company hotline is used, this may show that “employees are comfortable enough to speak up and that, when they do, about good things or bad, they are listened to, there is follow-up, and trends are evaluated and reported back to them.”

C. Questions About Accountability

Responsibility is yet another topic that Mont believes Boards need to stay abreast on as “directors want more details on who’s responsible for what. Boards want assurance that the compliance function has developed a charter that makes it clear to them where obligations fall across management so it can assess accountability.” He quotes Bramnick who stated that “Effective boards let management do their job running the business on a day-to-day basis, and they understand that their job is to set long-term strategy,” he says. “It is not for them to be looking at every contract.”

D.  Questions About Strategic Planning

Jaclyn Jaeger, writing in the December 2011 issue of Compliance Week Magazine, in an article entitled Board Checklist: What Every Director Should Know, wrote about a panel discussion at the Association of Corporate Counsel’s 2011 Annual Meeting. In the article she quoted panel participant Amy Hutchens, General Counsel and Vice President of Compliance and Ethics at Watermark Risk Management International, on the need for strategic planning by the Board. Hutchens believes that “a truly effective and informed board knows where the company stands not only at the present moment, but also has the strategic plan for how the compliance and ethics program can continue to grow.” Similarly, Stephen Martin, a partner at Baker and McKenzie, suggests that such knowledge is encapsulated in a 1-3-5 year compliance game plan. However, a compliance program should be nimble enough to respond to new information or actions, such as mergers or acquisitions, divestitures or other external events. If a dynamic changes, “you want to get your board’s attention on the changes which may need to happen with the [compliance] program.”  Hutchens believes that such agility is best accomplished by obtaining buy-in from the Board through it understanding the role of forecasting the compliance program going forward.

Mont quoted Bramnick that “Boards have really a Herculean task in today’s regulatory climate.” But more than simply the regulatory climate, shareholders are taking a much more active role in asserting their rights against Board members. It is incumbent that Boards seek out and obtain sufficient information to fulfill their legal obligations and keep their company off the front page of the New York Times, Wall Street Journal or Financial Times, just to name a few, to prevent serious reputational damage.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

February 13, 2013

Distributors under the FCPA

If there was ever a question that distributors were covered under the Foreign Corrupt Practices Act (FCPA), in 2012, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) made it emphatically clear that this class of entities in a company’s sales chain would be treated that same as any other sales agent, reseller or any other entity which sells a US company’s products outside the United States. While the terms agent, reseller and distributor have distinct definitions in the legal world, they no longer do for FCPA purposes.

The three enforcement actions which made clear that there were no distinctions between agents and distributors in 2012 were the Smith & Nephew, Inc., (S&N) Deferred Prosecution Agreement (DPA) for criminal FCPA violations, the Oracle SEC Complaint for books and records violations and the Eli Lilly and Company (Lilly) SEC Compliant for books and records violations. Each of these enforcement actions had different FCPA violations and they each revealed separate steps which a company should take to both prevent and detect FCPA violations in their company.

Smith & Nephew

On February 1, 2012, the DOJ announced that it entered into a DPA with Smith & Nephew, Inc., a medical equipment manufacturer, for violations of the FCPA. The violations revolved around Greek distributors of S&N who paid bribes to Greek doctors so that they would purchase and use S&N products. According to the Criminal Information, “S&N, certain of its executives, employees, and affiliates agreed to sell to [the] Greek Distributor at full list price, then pay the amount of the distributor discount – between 25 and 40 percent of the sales made by [the] Greek Distributor – to an off-shore shell company controlled by [the] Greek Distributor, in order to provide off-the-books funds for [the] Greek Distributor to pay cash incentives and other things of value to publicly-employed Greek HCPs to induce the purchase of S&N products, while concealing the payments.” Additionally, S&N “falsely recorded or otherwise accounted for the payments to the shell companies on its books and records as ‘marketing services’ in order to conceal the true nature of the payments in the consolidated books and records of S&N and GmbH.”

Oracle

Oracle got into FCPA hot water because its Indian subsidiary directed its distributor to set up a separate slush fund of monies which could be, and were, used to pay monies to persons unknown. As specified in the SEC Compliant, “certain Oracle India employees created extra margins between the end user and distributor price and directed the distributors to hold the extra margin in side funds. Oracle India’s employees made these margins large enough to ensure a side fund existed to pay third parties. “At the direction of the Oracle India employees, the distributor then made payments out of the side funds to third parties, purportedly for marketing and development expenses.” The SEC Compliant noted that “about $2.2 million in funds were improperly “parked” with the Company’s distributors.” To compound this problem, employees of Oracle India concealed the existence of this side fund from Oracle in the US and hence there was an incorrect accounting in Oracle’s books and records.

Lilly

In Brazil, Lilly used the distributor model to market its drugs through third-party distributors who then resold these products to public and private entities. As noted by Matt Ellis, in his post entitled “Eli Lilly’s Distributor in Brazil: The Non-Obvious FCPA Risk”, the discounts that distributors typically receive from manufacturers such as Lilly can be problematic under the FCPA because “enforcement officials can see these discounts as potential “loose money” that can be used for bribe payments. This is especially the case when the distributor is engaging in other activities on behalf of the producer, like marketing, licensing, and customs clearance.”

This was the situation that Lilly found itself in in Brazil, where Lilly sold drugs to distributors who then resold the products to both public and private entities. It was the classic distributor model where Lilly sold the drugs to the distributors at a discount and then the distributors would resell the products “at a higher price and then took their discount as compensation.” There was a fairly standard discount given to the distributors which generally ranged “between 6.5% and 15%, with the majority of distributors in Brazil receiving a 10% discount.”

However, in early 2007, at the request of a Lilly sales manager, the company awarded an unusually high discount of between 17% and 19% to a distributor for the sale of a Lilly drug to the government of one of the states of Brazil. The distributor used approximately 6% of this additional discount to create a fund to pay Brazilian government representatives to purchase the Lilly drugs from him. Further, the Lilly sales manager who requested this unusual discount was aware of the bribery scheme. Moreover, this increase in the discount was approved by the company with no further inquiry as to the reason for the request or to substantiate the basis for such an unusually high discount. If there were any internal controls they were not followed.

Prevention and Detection

These three separate bribery schemes call for three different but overlapping responses. In the case with Lilly, the SEC Complaint noted the following “Lilly-Brazil’s pricing committee approved the discounts without further inquiry. The policies and procedures in place to flag unusual distributor discounts were deficient.” Lastly, as stated by Ellis, “It noted that the company relied on representations of the sales and marketing manager without adequate verification and analysis of the surrounding circumstances of the transactions.”

The Lilly enforcement action also makes clear the need for internal audit to follow up with ongoing monitoring and auditing. Internal audit can be used to help determine the reasonableness of a commission rate outside the accepted corporate norm. As noted by Jon Rydberg, of Orchid Advisors, in an article entitled “Eli Lilly’s Remedial Efforts for FCPA Compliance – After the Fact”, the company should be “implementing compliance monitoring and corporate auditing specifically tailored to anti-corruption” for the distributor sales model.

The Oracle enforcement action demonstrates that Oracle needed to institute the proper controls to prevent its employees at Oracle India from creating and misusing the parked funds in the distributor’s account. The Company needed to audit and compare the distributor’s margin against the end user price to ensure excess margins were not being built into the pricing structure. Oracle should have sought to either (1) seek transparency in its dealing with the distributor or (2) audit third party payments made by the distributors on Oracle’s behalf, both of which would have enabled the Company to check that payments were made to appropriate recipients.

What are some of the factors that demonstrate the distributors used by S&N were fraudulent and did not have a legitimate business purpose? It was clear that S&N did not perform sufficient due diligence on these distributors nor did they document any. I would note that the distributor was domiciled in a location separate and apart, the UK, from the sole location it was designed to deliver products or services into, Greece. This clearly demonstrated that the entities were used for a purpose that the company wished to hide from Greek authorities. While it is true that a distributor might sell products into a country different than its domicile, if the products are going into a single country, this should have raised several Red Flags.

However, the biggest indicium of corruption was the amount of the commission paid. The traditional sales model for a distributor has been to purchase a product, take the title, and therefore the risk, and then sell it to an end user. Based upon this sales model, there has been a commission structure more generous than those usually accorded a reseller or sales agent, who is usually only a negotiator between the Original Equipment Manufacturer (OEM) and the end user. This difference in taking title, and risk of loss, have led to a cost structure which has provided a deeper discount of pricing for distributors than commission rates paid to resellers or sales agents. The sales structure used by S&N had pricing discounts of between 26-40% off the list price. Further, this money was used precisely to pay bribes to Greek Doctors to use S&N products.

These three enforcement actions make clear that distributors will be treated like any other representative in the sales chain. This means that distributors need to go through the same rigorous due diligence and review, contracts and management going forward as agents or resellers.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

January 10, 2013

Internal Audit Review of Charitable Donations Under the FCPA

When is a rose not a rose? When it is a charitable donation not made for philanthropic purposes and it violates the Foreign Corrupt Practices Act (FCPA). I thought about that concept when reviewing the Eli Lilly and Company (Lilly) FCPA enforcement action brought by the Securities and Exchange Commission (SEC) late last month. The Lilly enforcement action discussed a bribery scheme utilized by Lilly in Poland. The scheme and FCPA violations mirrored an earlier FCPA enforcement action, also brought by the SEC as a civil matter, rather than by the Department of Justice (DOJ) as a criminal matter, against another US entity Schering-Plough, for making charitable donations in Poland which violated the FCPA. One of the remarkable things about both of these enforcement actions, brought almost eight years apart, was that they involved improper payments to the same Polish charitable foundation to wrongfully influence the same Polish government official to purchase products from both of these companies.

I.                   The Bribery Schemes

Both companies were involved in negotiations for the sale of products with the Director of the Silesian Health Fund (Health Fund). He had also established a charitable foundation, the Chudow Foundation to engage in restoration of ancient castles in Poland. Both companies made donations to the Chudow Foundation at or near the time decisions were made regarding the purchase of their respective products by the Health Fund. The FCPA books and records violations for the donations stated that they were all mischaracterized on the respective company’s books. The donations were made by each company with the description for the donations as follows:

LILLY BOX SCORE OF DONATIONS MADE TO CHUDOW FOUNDATION

  Date Amount of Donation Listed Reason for Donation
1 6/21/2000 $2,730 Purchase of computers
2 11/13/2000 $1,855 To support the foundation in its goal to develop activities in [Chudow Castle]. It was also noted that the ‘value of the request’ was indirect support of educational efforts of foundation settled by Silesian [Health Fund]
3 5/22/2001 $8,019 Rental of castle for conferences
4 11/05/2001 $2,438 Rental of castle for conferences
5 3/27/2002 $7,779 Rental of castle for conferences
6 6/14/2002 $7,434 Rental of castle for conferences
7 11/20/2002 $5,112 Rental of castle for conferences
8 1/29/2003 $2,622 Rental of castle for conferences
  Total $37,989

Although all of these donations were approved by a team within Lilly, the “Medical Grant Committee [MGC]”, who reviewed the request for such donations, the MGC’s approval was “largely based on the justification and description in the submitted paperwork.” While Requests 1 & 2 may have had tangential value to the stated purpose of the Chudow Foundation to restore castles in Poland, even Request 3 was clearly a quid pro quo as an action to obtain business. Just as clearly, ‘rental of castle’ is not a charitable donation but an expenditure, even with that understanding, the SEC Complaint noted that Lilly held no conferences at any castles so it was an outright misrepresentation.

SCHERING-PLOUGH BOX SCORE OF DONATIONS MADE TO CHUDOW FOUNDATION

  Date Amount of Donation Listed Reason for Donation
1 2/23/1999 $777 Covering fight against viral hepatitis
2 3/17/2000 $4,909 Support of health campaign within county of Gliwice
3 7/19/2000 $8,065 Financing second stage of health prevention campaign in Gliwice
4 11/8/2000 $8,766 Financing for the Foundation
5 12/20/2000 $9,292 Financing second stage of research
6 3/19/2001 $4,340 Financing lung cancer prevention program
7 3/22/2001 $4,854 Financing screening examinations to detect skin cancer
8 4/25/2001 $4,958 Support of lung cancer prevention program
9 6/4/2001 $5,019 Support of lung cancer prevention program
10 10/29/2001 $4,878 Support of a coronary disease prevention program and promote the image of the company in the medical community
11 12/18/2001 $10,067 Support of an anti-chain smoking health program and promote the company as one that cares about the people of Silesia
12 12/19/2001 $5,067 Financing of Foundation
13 3/25/2002 $4,868 Support actions of Foundation in preventing infectious diseases of the liver
  Total $75,860

The Schering-Plough SEC Complaint noted that the company Manager involved in the payment scheme, “provided false medical justifications for most of the payments on the documents that he submitted to the company’s finance department.” Additionally, he structured the payments so that they were at or below his approval limit so that he did not have to ask for permission to make the improper payments. The Manager in question viewed the donations as “dues that were required to be paid for assistance from the Director.”

II.                The Red Flags for Charitable Donation

 a.     Schering-Plough

What were the factors which should become red flags for the review of charitable donations under the FCPA? The Schering-Plough SEC Complaint listed several items which it deemed indicia of red flags.

1.      No due diligence. The first is that no due diligence was performed on the charity to identify the Director of the Silesian Health Fund as the founder or his role in the Chudow Foundation.

2.      Donations not related to health care. While the company permitted donations to healthcare related programs there was no follow up to determine the purposes or uses of the donated funds.

3.      Outside normal range of donation. The next red flag was that the donations made to this single charitable foundation approximately 40% of the company’s promotional budget in 2000 and 20% in 2001.

4.      Disproportionate sales. The company’s sales increased disproportionately compared with its own sales of the same products in other areas of Poland. Up to 53% of one product was sold in the region run by the Director of the Silesian Health Fund.

b.  Lilly

The Lilly SEC Complaint listed several items which it deemed indicia of red flags.

1.      No due diligence. Once again there was no due diligence performed on the charity to identify the Director of the Silesian Health Fund as the founder or his role in the Chudow Foundation.

2.      Donations not related to health care. Unlike Schering-Plough, the reasons listed for the charitable donations did not relate to health care. Moreover, they were approved by a Lilly committee specifically tasked with reviewing such requests failed to investigate beyond the submitted paperwork, which was apparently not correct.

3.      Outside normal range of donation. The SEC Complaint quoted an email from a Lilly manager who said that he had decided to commit 70-75% of the [charitable donation] budget and the Director of the Silesian Health Fund was given a “free hand to manage the Lilly investment, emphasizing the fact we only doing this for him…”

4.      Suspicious Timing. The donations were made at or near the time that decisions on the purchase of Lilly products were made by the Director of the Silesian Health Fund. One donation was made two days are the Director of the Silesian Health Fund agreed to make a purchase of Lilly products.

Here Lilly used charitable donations to a charitable foundation which was, as stated in the SEC Complaint, “founded and administered by the head of one of the regional government health authorities at the same time that the subsidiary was seeking the official’s support for placing Lilly drugs on the government reimbursement list.” There were a total of eight payments made to the charitable foundation. In addition to the charitable donations made, Lilly “falsely characterized the proposed payments”. Lilly had a group which reviewed the request for such donations called the “Medical Grant Committee [MGC]” which approved the payments “largely based on the justification and description in the submitted paperwork.”

III.       The Role of Internal Audit

Jon Rydberg, Principal of Orchid Advisors, has categorized the Lilly situation as one of a failure of internal controls. I would add that there was also a failure of internal audit. What does internal audit need to review in the context of charitable donations under the FCPA? Internal audit needs to start with the DOJ FCPA Guidance regarding charitable donations. Internal audit should begin by asking the following five initial questions:

(1)   What is the purpose of the payment?

(2)   Is the payment consistent with the company’s internal guidelines on charitable giving?

(3)   Is the payment at the request of a foreign official?

(4)   Is a foreign official associated with the charity and, if so, can the foreign official make decisions regarding your business in that country?

(5)   Is the payment conditioned upon receiving business or other benefits?

Next internal audit should make inquiries based upon the DOJ Opinion Releases issued regarding charitable donations. Some of the protections a company can do to comply with the FCPA regarding charitable donations are as follows:

1)      Have the donation recipients certified that they or the entity will comply with the requirements of the FCPA;

2)      Has the recipient provided audited financial statements; and

3)      Has the recipient restricted the use of the donated funds to humanitarian or charitable purposes only;

4)      Were the funds transferred to a valid bank account; and

5)      Ongoing auditing and monitoring of the efficacy of the charitable donation program.

Based upon the Schering-Plough and Lilly SEC enforcement actions, there are some additional inquiries that internal audit should make, they are as follows:

a.      What was the timing of the charitable donation or promise to make a donation in relation to the obtaining or retaining of business?

b.      Did the company follow its normal protocol for requesting, reviewing and making a charitable donation or is there a pattern of unusual donations outside the protocol?

c.       Did any one person make multiple donations just below their authority level so that it did not have to go up the line for review?

d.      Was the total amount donated to one charitable foundation out of proportion to the rest of the country or region’s charitable donation budget?

e.       Did the sales in one area, region or country spike after a pattern of charitable donations?

The information on the red flags from the prior Opinion Releases and the best practices, as set out in the FCPA Guidance, have been available for some time. I think that the information found in both the Schering-Plough and Lilly enforcement actions have a different focus for internal audit. In addition to looking at the timing of charitable donations to see if they are at or near the time of the awarding of new or continued business, I think that internal audit may now need to look at overall increases in sales to determine if they are tied to a pattern of charitable donations. I once heard my colleague Henry Mixon explain how the award of a contract may be the product of fraud or corruption. By looking at the timing and quantum of charitable donations, internal audit may be able to ascertain that a spike in sales is tied to corrupt conduct. This may not be something that is on the current radar of auditors when they review charitable donations, but may now be something they need to consider.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

October 2, 2012

Tyco NPA and Chris Economaki – Details from the Pits

“This is Chris Economaki in the pits.”

That was the signature line of race car announcer Chris Economaki, who died last week at the age of 91. For a generation of us who grew up watching ABC’s Wide World of Sports, Chris Economaki was the voice of the Indy 500, the Dayton 500, the Summer and Winter Nationals of the National Hot Rod Association (NHRA) and a host of other auto races. In addition to having one of the most unique names this Southerner had ever heard of, Economaki had a staccato vocal delivery that, as noted in his obituary in the New York Times (NYT) by writer Douglas Martin, “reminded some of a rumbling racing engine.”

The Bribery Schemes

I thought about Chris Economaki and the detail he brought as a track-side commentator to a generation of Wide World of Sports’ aficionados when considering the various documents released last week in connection with the Tyco International Ltd (Tyco) Foreign Corrupt Practices Act (FCPA) enforcement action. For the most comprehensive summary of the Department of Justice’s (DOJ) criminal enforcement action and the Securities and Exchange Commission’s (SEC) civil action, I recommend either of the FCPA Professor’s excellent posts on Tyco. In addition to the points raised by the Professor I believe that there are significant lessons learned for the FCPA compliance practitioner. With a tip of our collective caps to the baseball pennant races which are down to the final few days, I present the Tyco Bribery Box Score.

Tyco

Subsidiary

Bribe Amount Paid

Profits Earned by Conduct

M/A Com Not reported $71,770
TTC Huzhou and TTC Shanghai $196,267 $3,470,180
TWW Germany and Erhard $2,371,094 $4,684,966
TFC HK and Keystone $137,000 $378,088
TFCT Shanghai $24,000 $59,412
ET Thailand $292,268 $879,258
TFIS France $363,839 $1,256,389
THC China $250,000 $353,800
TVC ME $488,479 $1,153,500
ADT Thailand $78,000 $473,262
Tatra $96,000 $226,863
Eurapipe $358,000 $1,298,453
THC Saudi Arabia Not reported $1,900,600
Dulmison $68,426 $109,249

I set out the full Box Score of bribes paid by Tyco in this detail to emphasize how bad the conduct of the company is and this is in the VERY BAD CONDUCT realm, coupled with the facts that (a) Tyco is now a two-time loser under the FCPA and (b) most of the illegal conduct occurred after Tyco agreed to an initial FCPA based Deferred Prosecution Agreement (DPA) in 2006 for prior FCPA sins. Yet even with all of this Tyco was able to obtain a Non Prosecution Agreement (NPA). Such a result is fairly stunning if you think about it in a superficial basis. However, if you consider what Paul McNulty continually says, and which I continually write about, the most important question will be What did you do when you found out about it?

As noted in the letter from the DOJ to counsel for Tyco, the DOJ entered into the NPA with Tyco based upon the following factors: (1) timely and voluntary self-disclosure; (2) a full and complete global investigation by Tyco; (3) extensive remediation including implementation of an enhanced compliance program, termination of employees responsible for the conduct at issue, severing contracts with third party agents who were parties to the frauds, closing subsidiaries involved in the illegal conduct; and (4) provide annual written reports to the DOJ on progress of the company’s enhanced compliance program.

Corporate Compliance Program

Tyco agreed to a robust corporate compliance program that either currently exists or will be implemented in the future. This Corporate Compliance Program is somewhat different than most of the 13 minimum best practices compliance regimes reported in DPAs and NPAs since the Panalpina DPA of November, 2010. Tyco agreed to a point compliance regime, which consists of the following.

1. High level commitment. The Company will ensure that its senior management provides strong, explicit, and visible support and commitment to its corporate policy against violations of the anti-corruption laws and its compliance code.

2. Policies and Procedures. Tyco will promulgate compliance standards and procedures designed to reduce the prospect of violations of the anti-corruption laws and the Company’s compliance code, and the Company should take appropriate measures to encourage and support the observance of ethics and compliance standards and procedures against foreign bribery by personnel at all levels of the company. These anti-corruption standards and procedures shall apply to all directors, officers, and employees and, where necessary and appropriate, outside parties acting on behalf of the Company in a foreign jurisdiction, including but not limited to, agents and intermediaries, consultants, representatives, distributors, teaming partners, contractors and suppliers, consortia, and joint venture partners (collectively, “agents and business partners”), to the extent that agents and business partners may be employed under the Company’s corporate policy. The Company shall notify all employees that compliance with the standards and procedures is the duty of individuals at all levels of the company. Such standards and procedures shall include policies governing:

  1. gifts;
  2. hospitality, entertainment, and expenses;
  3. customer travel;
  4. political contributions;
  5. charitable donations and sponsorships;
  6. facilitation payments; and
  7. solicitation and extortion.

3. Internal Controls. Tyco will ensure that it has a system of financial and accounting procedures, including a system of internal controls, reasonably designed to ensure the maintenance of fair and accurate books, records, and accounts to ensure that they cannot be used for the purpose of foreign bribery or concealing such bribery. This system should be designed to provide reasonable assurance that:

  1. Transactions are executed in accordance with management’s general or specific authorization;
  2. Transactions are recorded to permit preparation of financial statements in accordance with GAAP;
  3. Access to assets is permitted only in accordance with management’s general or specific authorization; and
  4. Recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken if discrepancies are found.

4. Periodic Risk-Based Reviews. Tyco agreed to develop these compliance standards and procedures, on the basis of a risk assessment addressing the individual circumstances of Tyco, in particular the foreign bribery risks it faces including, its geographical organization, interactions with various types and levels of government officials, industrial sectors of operation, involvement in joint venture arrangements, importance of licenses and permits in the company’s operations, degree of governmental oversight and inspection, and volume and importance of goods and personnel clearing through customs and immigration.

5. Proper Oversight and Independence. Tyco will (or once again has) assign responsibility to one or more senior corporate executives of the Company for the implementation and oversight of the Company’s anti-corruption policies, standards, and procedures. Such corporate official(s) shall have direct reporting obligations to the Tyco’s independent monitoring bodies, including internal audit, the Board of Directors, or any appropriate committee of the Board of Directors, and shall have an adequate level of autonomy from management as well as sufficient resources and authority to maintain such autonomy.

6. Training and Guidance.

  1. Training. Tyco will implement mechanisms designed to ensure that its anti-corruption policies, standards, and procedures are communicated effectively to all directors, officers, employees, and where appropriate, agents and business partners. These mechanisms shall include periodic training for all directors and officers, and, all employees in positions of leadership or trust or positions which might otherwise pose a risk of corruption to the company. The training shall also be provided to agents and business partners. Lastly there shall be biannual certifications by all such directors and officers, and, where necessary and appropriate, employees, agents, and business partners, certifying compliance with the training requirements.
  2. Guidance. Tyco is required to maintain an effective system for providing guidance and advice to directors, officers, employees, and, where necessary and appropriate, agents and business partners, on complying with Tyco’s anti-corruption compliance policies, standards, and procedures, including when they need advice on an urgent basis or in any foreign jurisdiction in which Tyco operates.

7. Internal Reporting and Investigation. Tyco will provide an effective system for internal and where possible, confidential reporting by, and protection of, directors, officers, employees, and, where necessary and appropriate, agents and business partners, concerning violations of the Company’s compliance program. Tyco also agreed to dedicate sufficient resources to respond to such requests and undertaking necessary and appropriate action in response to such reports.

8. Enforcement and Discipline. Tyco will institute appropriate disciplinary procedures to address, violations of the anti-corruption laws and the Company’s anti-corruption compliance code, policies, and procedures by the Company’s directors, officers, and employees. This shall include disciplining of those within the company no matter how the position of the person or their perceived authority. In addition to discipline, Tyco agrees to add appropriate mechanisms to incentivize compliant behavior.

9. Third Party Relationships. Tyco agreed to institute appropriate due diligence and compliance requirements pertaining to the retention and oversight of all agents and business partners, including: (a) properly documented risk-based due diligence pertaining to the hiring and appropriate and regular oversight of agents and business partners; (b) informing agents and business partners of the Company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the Company’s ethics and compliance standards and procedures and other measures for preventing and detecting such bribery; (c) seeking a reciprocal commitment from agents and business partners and (d) including appropriate compliance terms and conditions in the contract.

10. Mergers and Acquisitions. Tyco agreed to develop and implement appropriate compliance policies and procedures for any acquisition based upon an appropriate risk-analysis which would be completed as soon as practicable. Further such changes would be implemented as soon as practicable. Directors, officers and employees of newly acquired entities would be trained as soon as practicable.

11. Monitoring and Testing. Tyco agreed to conduct periodic review and testing of its anti-corruption compliance code, standards, and procedures designed to evaluate and improve their effectiveness in preventing and detecting violations of anti-corruption laws and the Company’s anti-corruption code, standards and procedures, taking into account relevant developments in the field and evolving international and industry standards.

So the prior 13 point best practices program is now folded down to 11 for Tyco. Nevertheless, the general concepts are still the same for a company seeking to implement or enhance its compliance solution. Much like Chris Economaki reporting from the Pits at the Indy 500, the level of detail provided in the Tyco NPA should allow the compliance practitioner to evaluate their company’s compliance program.

============================================================================================

The Wall Street Journal has a series of articles today on the FCPA. In conjunction with these articles I will join Joe Palazzolo, Law Blog lead writer, for a conversation on the FCPA at 2:30 PM EDT. We will take your questions. To join us, click here.

===========================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

September 26, 2012

Tyco International – The Importance of the Books and Records under the FCPA

On Monday, the Securities and Exchange Commission (SEC) and Department of Justice (DOJ) announced settlement with Tyco International (Tyco) for books and records violation of the Foreign Corrupt Practices Act (FCPA). Tyco agreed to a fine of $26MM for “at least twelve different, post-injunction illicit payment schemes occurring at Tyco subsidiaries across the globe. The schemes frequently entailed illicit payments to foreign officials that were inaccurately recorded so as to conceal the nature of the payments” and failure “to devise and maintain internal controls sufficient to provide reasonable assurances that all transactions were properly recorded in the company’s books, records, and accounts”. $10,564,992 of the fine was paid in disgorgement and an additional $2,566,517 in prejudgment interest was paid to the SEC and the remainder of $13.68MM was paid as fine to the DOJ. All of this was discovered because Tyco was already a FCPA violator, having admitted to violations back in 2006 and these additional violations were discovered as a part of a companywide review required under its 2006 Deferred Prosecution Agreement (DPA). Tyco received a Non-Prosecution Agreement (NPA) from the DOJ for this post-DPA conduct and I will discuss the NPA in a subsequent post.

While a large portion of the FCPA commentaratti focused on the damning email which read “”Hell, everyone knows you have to bribe somebody to do business in Turkey. Nevertheless, I’ll play it dumb”; another portion of the commentaratti seemed somewhat amazed that hiding bribery and corruption in a company’s books and records is a stand-alone violation of the FCPA.   As part of the 2006 settlement Tyco agreed to engage in a companywide review of its operations to determine if there was “anything else”. Not only did it turn out there was something else “rotten in Denmark” but this bribery and corruption continued after the first enforcement action. This companywide review determined that Tyco had engaged in “illicit payment schemes”; that these bribery schemes “were inaccurately recorded so as to conceal the nature of the payments” and Tyco “failed to devise and maintain internal controls sufficient to provide reasonable assurances that all transactions were properly recorded in the company’s books, records, and accounts.”

So with a nod to the final week of the baseball season we present the Tyco Bribery Box Score

Subsidiary Location

Bribe Amount Paid

Inaccurate Books and Records Description

Turkey Not reported Equipment sold at a mark-up over invoice price
China $3700 Commission to sales team
Germany Not reported Commission to sales team
France Not reported Commissions to agents for ‘business introductions’
China-different sub $483K Commissions to agent
Thailand $50K Renovation work
Malaysia Not reported Commissions to agents
Egypt $282K Disguised as inflated invoices from agent
Saudi Arabia Not reported Promotional expenses and sales development
Poland Not reported Bogus service contracts

What I find so interesting about all of this is that it occurred, in large part, after the 2006 DPA. As Bill Clinton might say, “It takes some brass” to initiate or continue a bribery scheme while you are under a DPA for FCPA violations. With the above in mind I was intrigued by an article in the Navigant Quarterly, 2012 Volume 1, Issue 13, entitled “If You Think You Are Done Looking…Keep Looking”, by Eileen Felson and Nicole Wrigley. In their article, the authors note that “every fraud has to be hidden somewhere on a company’s books. Most financial statement frauds grow in size, scope and duration.” The authors also talk about “collusive fraud” which is the situation where “fraudsters work together to manipulate the balance sheet and actually launder the fraud through various accounts.” It sounds like a description of the machinations folks must go through to hide corrupt payments while under a FCPA DPA. Although the authors specifically address frauds, their concepts are certainly broad enough to include bribery and corruption.

The authors detail several types of corrupt practices and end their article with some tips on investigation. They note that the “logical start-off point in conducting a forensic investigation of how a fraud was committed includes a detailed review of revenue and expense account activity.” But more importantly, a forensic examiner must keep looking. The reason for this is simply because if evidence of bribery or corruption is found in one area the entire scheme is revealed. Therefore a forensic examiner needs to review unrelated accounts to see if there are other indicia of corruption.

What does all of this mean for a compliance program? There is some very clear guidance for the role of Internal Audit in detecting bribery and corruption in a best practices FCPA compliance program. First and foremost, if there are any types of commission payments being made, Internal Audit needs to review the documentation supporting why such payments are being made. A review of contracts or other legal requirements which may obligate a company to make such payments should be a basic undertaking in any internal audit. After an internal auditor has determined if commission payments are legally authorized, the internal auditor should review evidence that such commission payments have been earned. In other words, is there any evidence in the company’s books and records that the person or entity performed the services which might have entitled them to such commission payments? And do not forget that another role for Internal Audit is to correctly classify payments so that the books and records of the company accurately reflect them as expenses.

The Tyco SEC Compliant is chocked full of information regarding what an internal auditor needs to look for in reviewing expenses charged by employees; commissions paid to employees; invoices by agents and other third party representatives and over-inflated sales contracts; all used to disguise corrupt payments. The sad fact, as noted by authors Felson and Wrigley, is that many corruption schemes are not “committed for personal gain (such as stealing cash) but for other incentives, such as continued employment/advancement, fear of delivering bad news to investors or an intimidating supervisor, or a desire to increase the value of performance-based bonuses.” While it is not clear why it took Tyco so long to uncover these ongoing acts of bribery and corruption or why Tyco employees continued to engage in conduct violative of the FCPA while under a DPA; I think that the Tyco example speaks to the need for an overall, comprehensive robust compliance program that focuses on all factors which led to the continued bribery and corruption in the company which was reported in the SEC Complaint.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Next Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 4,514 other followers