Due Diligence | FCPA Compliance and Ethics Blog

April 10, 2013

Q: Do You Tell The Central Bank What To Do? A: ‘In Which Country’?

Filed under: Adequate Procedures,Best Practices,Bribery Act,compliance programs,Department of Justice,Due Diligence,FCPA,Financial Times — tfoxlaw @ 1:01 am
Tags: best practices, Bribery Act, compliance programs, Due Diligence, FCPA, FT

Last weekend in the Financial Times (FT) was a report by Tim Burgis of an interview he held over a lunch meeting with the Angolan Isabel dos Santos, who Forbes magazine recently declared “the continent’s first female billionaire.” Ms. dos Santos is the daughter of José Eduardo dos Santos, who has been Angola’s president for the past 33 years. The interview was a fascinating insight into how doing business in some countries under US or UK anti-corruption and anti-bribery laws can be so challenging.

Burgis quoted an un-named expert who described Angola as a place of “corny capitalism” where those with connections to “the Futungo, as the presidential coterie is known (after Futungo de Belas, the old presidential palace) have made fortunes.” Ms. dos Santos denied that she is involved in politics, claiming that she is only interested in business. Interestingly, Burgis quoted her as stating “I’m not involved in politics and I’ve never had any political role. I’ve never been in office. I’ve never taken any public administrative jobs. So, like I said, I don’t work with the government.”

Some of her business interests “include stakes in two Portuguese banks, BIC and BPI, and a communications group called ZON Multimédia and an indirect holding in Galp, a Portuguese energy group with assets from Mozambique to Venezuela.” While admitting that the “oil industry is politically driven” she insisted that in the business sectors in which she is involved “politics don’t come into it”, she says, even if her own big moment came when she was part of a consortium that won a public tender for Angola’s second mobile telephony licence in the late 1990s.”

Burgis noted that there are believed to be many ways for the well connected to make lots of money in Angola. He wrote, “There are, however, easy ways to make money if you’re connected in Angola, particularly in the resources industries, where top officials and generals have been known to take hidden stakes in ventures led by oil majors and to enjoy titles to diamond-bearing land.” He also went on to note that these systems may be perpetuating the overall poverty in African countries such as Angola when he said that “There are those who would say that corrupt models lie at the heart of the power structures that keep most Africans poor and unable to call their rulers to account.”

He noted that Ms. dos Santos has recently become involved in the energy sector through her partnership with the Portuguese businessman, Américo Amorim and his company Amorim Enereria. Burgis wrote “I ask her to clarify how those energy interests tie in with Sonangol, the Angolan state-owned oil company with assets from Iraq to Brazil that some critics perceive as a Futungo fiefdom. She fends off my questions before fixing me with the look one might give a particularly vexing eight-year-old. “The business is relatively complex because, when you structure a business, you have to look at different aspects from legislation to taxation, to governance, issues like that.”

Near the end of their lunch Burgis asks the following question do you “call up the governor of the central bank and tell him what to do? “In which country?” she quips. We laugh merrily.” She went on to explain how she did have the reputation for extraordinary power. Burgis quoted her as saying, “Well, it’s very difficult, I would imagine, to distinguish father and daughter. And maybe some of it comes as I’m doing my thing and my father being a very strong political African figure for so many years. Whatever he does is almost like some kind of cloud on top,” she says, reaching for the right metaphor and waving a hand over her head, as though her father were some celestial phenomenon. “So maybe some of these ideas come from this cloud-over effect from his position. But, no, I don’t call the central bank and I most certainly don’t give them instructions.”

Even from the head feigns, non-responsive and jocular tone of many of these answers, one can see just how challenging doing business in Angola can be for any company subject to the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. The first issue that would seem to pop up is just who are you doing business with and are they a Politically Exposed Person (PEP). Burgis specifically states “top officials and generals have been known to take hidden stakes in ventures led by oil majors”. Whether such interests are hidden or not, it is the responsibility of any US or UK company to perform the appropriate level of due diligence to ascertain whether they are doing business with such governmental officials. I have heard more than one Chief Compliance Officer (CCO) say that they had to pull the plug on a business proposition because they could not determine the beneficial owners of an entity with which they were considering doing business.

What about a country such as Angola, where people move freely between government and business. Once again if it is later determined that your company is in a joint venture or other business relationship, and your local partner obtains a government appointment during the pendency of the business relationship, it is up to your company to find out that information. This requires ongoing monitoring through company or software which alerts you when someone moves to becoming a PEP.

This is where it is critical that compliance terms and conditions be put into a contract for any such business relationship. Initially, you should have contract protections in place which require any business partner who obtains a government appointment to notify you. This should also be included with a clause that allows the contract to be terminated if the appropriate anti-corruption/anti-bribery protections cannot be put in place if such an eventuality occurs.

Clearly there are no easy answers to the quandary of doing business in a country such as Angola. With many of the top government officials, energy company higher-ups and extractive mineral elite not only closely related to each other but moving seamlessly between all three groups; a company under the FCPA or Bribery Act must tread very carefully. Or to quote the signature line from Hill Street Blues, “Let’s be careful out there.”

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Leave a Comment

January 28, 2013

Boeing and the Conduct of Due Diligence on Sub-Suppliers

Filed under: compliance programs,Due Diligence,FCPA,James Stewart,New York Times,Sub-Suppliers,Supply Chain — tfoxlaw @ 12:20 pm
Tags: best practices, Boeing, compliance programs, Due Diligence, FCPA, James Stewart, New York Times, NYT

The Foreign Corrupt Practices Act (FCPA) act has language which makes illegal a direct or indirect act which might be used to obtain or retain business from prohibited parties. This has caused companies to begin to look at their suppliers as one area which might give them FCPA exposure. I have been considering the role of suppliers in a compliance program as I followed the issue of the smoldering batteries in the Boeing 787 Dreamliner.

As reported in a New York Times (NYT) article by James B. Stewart, entitled Japan’s Role in Making Batteries for Boeing, the construction of the batteries at issue was outsourced by Boeing to a Japanese company called GS Yuasa. Stewart’s article points out the need for close review of suppliers and what can happen if the quality does not meet the standards required for the project. However, I considered the article from the FCPA perspective. Stewart initially noted that “No one has claimed that GS Yuasa was chosen for the 787 for anything but merit.” But then he goes on to say that “Boeing has long been dogged by suspicion that in return for awarding major contracts to Japanese companies, which also receive subsidies from the Japanese government, the countries airlines buy Boeing aircraft almost exclusively.”

The question all of this raised for me is just how much due diligence should a company engage in for its suppliers? The first thing to note is that GS Yuasa is not a direct contractor to Boeing. The Japanese company is a subcontractor to a French company named Thales, which was contracted by Boeing to supply the electrical system. However, Stewart noted that Boeing approved the Thales/GS Yuasa contract and relationship. Does this mean that Boeing performed any kind of due diligence on GS Yuasa? The article does not specify any of these facts. However, Stewart asks the question of whether the outsourcing of this work was a for the benefit of sales of planes to Japan? He quotes Richard L. Aboulafia who said, “And then there’s Japan. All the normal ways of doing business are upended.” When asked if there might be a ‘quid pro quo’ Aboulafia said, “Yes, absolutely. But no one will talk about it, and no one can prove it.” He went on to say that in Japan “there is a unique relationship between the airlines, the suppliers and the government. The government supported the airlines, the government and the industries and they developed together. The government has enormous influence. They all work together.”

Are these questions which should be explored in due diligence? I think this situation brings up the issue of how far down in the supply chain that a company needs to go in performing due diligence. Many contracts with suppliers require that if there is a sub-supplier that sub needs to go through due diligence. However, in the case of GS Yuasa, Boeing had the right to select the supplier and if you have that right you probably need to perform due diligence on the supplier.

The key question that Stewart raises in his article is whether Boeing is using the hiring of GS Yuasa as leverage to gain sales to the Japanese government. GS Yuasa admitted that the battery component of its company is a money loser, even with the Boeing contract. This obviously raises the question of why the company is in such a business. The company also admitted that it had received subsidies to the tune of $3.5 billion from the Japanese Ministry of Economy, Trade and Industry to “begin mass production of lithium-ion batteries…”.

However, does Boeing has strong supplier relationships with other Japanese companies? In addition to the sales to Japan Air, Boeing works closely with Japan’s Defense Ministry and Boeing was quoted in the article as saying that it had “a long history of working together to meet Japan’s defense needs.” In addition to the hiring of GS Yuasa, Boeing said that its Japanese partners had “designed and developed 35 percent of the 787 airframe structure, including the main box wing, which is the first time Boeing has ever entrusted such a critical design component to another company.”

Stewart penultimately notes that “any questions about GS Yuasa may be premature.” In addition to the investigation of GS Yuasa, both the French company Thales and Securaplane, an American subsidiary of the UK engineering company Meggitt which makes the battery chargers, are also being looked at in connection with the fires aboard the Boeing planes. Stewart does believe the “whatever the outcome, experts said that with so many lives at stake, the design and manufacturing of new aircraft should be based solely on legitimate issues of cost and quality, and the selection process for suppliers should be transparent and untainted by other commercial or political concerns.

To end his article, Stewart quotes Aboulafia who states that “The greatest enemy of good aircraft is people who interfere with the freedom to shop for the highest quality.” I think that the same could be said in conjunction with the FCPA and the Supply Chain. If a company allows inferior quality into its supply chain through the bribery or corruption that the FCPA is designed to stop it could well allow an inferior product to be constructed. While such actions may not have the catastrophic and very public impact that the apparent battery failures on the 787 have sustained the damage can be severe.

© Thomas R. Fox, 2013

Comments (3)

December 30, 2012

The Lilly FCPA Enforcement Action Part I – Key Lessons Learned on Sportsmanlike Conduct

Filed under: Agents,Charitable donations,Distributors,Due Diligence,Eli Lilly and Company,Enforcement Actions,FCPA,Jay Rosen,Matt Kelly,Offshore Payments,Wall Street Journal — tfoxlaw @ 5:54 pm
Tags: compliance programs, Due Diligence, FCPA, Offshore Payments, Wall Street Journal

As you see from today’s picture I am enthusiastically wearing a New England Patriots (classic) shirt. You may ask yourself why am I wearing this shirt? The reason is because of a rather rash wager I made with Jay Rosen, Vice President of Merrill Brink, earlier this month on the Patriots/Texans football game. (I also made the same wager with Matt Kelly, Editor of Compliance Week, who says he will use the photo for marketing Compliance Week 2013, good luck with that!) I can’t quite seem to remember the final score but I do recall that it was what we in Texas might call a full ‘butt-whoopin’. Up until that game, the Patriots were 19-1 at home in the month of December over the past ten years, after beating the Texans, they became 20-1. The key lesson I learned from this experience is to evaluate your risk and then manage that risk accordingly.

Earlier this month, the Securities and Exchange Commission (SEC) announced the settlement of the Eli Lilly and Company’s (Lilly) violations of the Foreign Corrupt Practices Act (FCPA). The enforcement action details a number of bribery schemes that Lilly had engaged in for many years in multiple countries. Indeed Lilly used four different styles of bribery schemes in four separate countries; all of which violated the FCPA. In China, corrupt payments were falsely called reimbursement of expenses; in Brazil, money that was characterized as a discount for distributor was used to pay a bribe; in Poland, charitable donations were falsely labeled and used to induce a Polish government official to approve the purchase of Lilly products; and, finally, Lilly’s subsidiary in Russia, paid bribes to Offshore Agents who were domiciled outside Russia and who performed no services for which they were compensated.

I think the most noteworthy information found in this enforcement action is that it provides significant guidance to the compliance practitioner on not only the different types of bribery schemes used, but more importantly, by reading into the types of conduct the DOJ and SEC finds violates the FCPA, it is valuable as a lesson on how to structure tools to manage FCPA risks going forward. In this post I will detail the bribery schemes that Lilly engaged in and in Part II, I will discuss how the Lilly enforcement action should inform your FCPA compliance program.

I. China – Use of False Expense Reports to Cover Improper Gifts and Cash Payments

In China, Lilly employees used the classic system of submitting inflated expense reports and using the excess reimbursements to pay bribes. More ominously, not only did the sales representatives engage in this tactic but their supervisors did and also instructed subordinates to do so as well. The list of gifts that were provided to Chinese government officials was as wide ranging as it was creative. There were gifts consisting of specialty foods, wines and a jade bracelet. There were paid trips to bath houses, karaoke bars and spas. There was money paid to purchase “door prizes and publication fees to government employed physicians.” It was even noted that bribes were paid consisting of cigarettes. In the SEC complaint it stated that “Although the dollar amount of each gift was generally small, the improper payments were wide-spread across the [China] subsidiary.”

II. Brazil – Use of Distributor Discounts to Fund Bribes

In Brazil, Lilly sold drugs to distributors who then resold the products to both public and private entities. It was the classic distributor model where Lilly sold the drugs to the distributors at a discount and then the distributors would resell the products “at a higher price and then took their discount as compensation.” There was a fairly standard discount given to the distributors which generally ranged “between 6.5% and 15%, with the majority of distributors in Brazil receiving a 10% discount.”

However in early 2007, at the request of a Lilly sales manager, the company awarded an unusually high discount of between 17% and 19% to a distributor for the sale of a Lilly drug to the government of one of the states of Brazil. The distributor used approximately 6% of this additional discount to create a fund to pay Brazilian government representatives to purchase the Lilly drugs from him. Further, the Lilly sales manager who requested this unusual discount was aware of the bribery scheme. Moreover, this increase in the discount was approved by the company with no further inquiry as to the reason for the request or to substantiate the basis for such an unusually high discount. If there were any internal controls they were not followed.

III. Poland – Use of Charitable Donations to Obtain Sales of Drugs

In Poland we see our old friend the Chudow Castle Foundation (Foundation). You may remember this charity as it was the subject of a prior SEC enforcement action involving Schering-Plough Corporation. The thing that got both Lilly and Schering-Plough into trouble was that the Foundation was controlled by the Director of the Silesian Health Fund (Director) and with this position he was able to exercise “considerable influence over the pharmaceutical products local hospitals and other health care providers in the region purchased.”

Just how did this bribery scheme camouflaged as a charitable donation work? Initially it started while Lilly was in negotiations with the Director for the purchase of one of Lilly’s cancer drugs for public hospitals and other health care providers in the region. The Director actually made a request for a donation directly to representatives of Lilly. Thereafter, the Foundation itself made “subsequent requests” for donations.

In addition to this obvious red flag, Lilly did no due diligence on the Foundation and falsely described the nature of the payments not once but three separate times with three separate descriptions. Lilly turned some of the monies over not to the Foundation, but to the Director for use at his “discretion”. Interestingly, the donations were not only made at or near the time of a contract execution, with one donation being made two days after the Director authorized the purchase of the drugs from Lilly. Internally Lilly even discussed the size of a donation, calling it a “rebate” and said “it will depend on the purchases of medicines.”

IV. Russia – Use of Offshore Agents Who Performed No Services

As with Brazil, Lilly used a distributor sales model in Russia. However, there was a further twist which got Lilly into FCPA hot water. Lilly would enter into an agreement with a third party other than the distributor who was selected by the government official making decisions on the purchase of Lilly products. The other third parties were usually not domiciled in Russia, nor did they have bank accounts in Russia. In other words, they were Offshore Agents who were paid a flat fee or percentage of the total sales with no discernible work or services performed.

There was little to no due diligence performed on these Offshore Agents. In one instance, detailed in the SEC Complaint, Lilly ran a Dun and Bradstreet report on a third party agent, coupled with an internet search on a third party domiciled in Cyprus. There was no determination of the beneficial ownership of this Offshore Agent nor was there any determination of the business services which this Offshore Agent would provide, subsequently this . This Offshore Agent was paid approximately $3.8MM. An additional Offshore Agent, again in Cyprus, which Lilly conducted little to no due diligence on, received a $5.2MM commission. Under another such agreement, yet another Cypriot Offshore Agent received a commission rate of 30% of the total sale.

What about the services that these Offshore Agents provided to Lilly? First and foremost, they all had their own special “Marketing Agreement” which was actually a template contract prepared by Lilly. The services allegedly provided by these Offshore Agents included “immediate customs clearance” or “immediate delivery” of the product. There were other equally broad and vague descriptions such as “promotion of the products” and “marketing research”. But not only was there little if no actual evidence that these Offshore Agents provided such services; Lilly, or its regular in-country distributors, actually performed these services.

Unlike their experience in Poland, officials from Lilly simply inquired directly from government officials with whom it was negotiating if it could “donate or otherwise support various initiatives that were affiliated with public or private institutions headed by the government officials or otherwise important to the government officials.” As noted in the SEC Complaint, Lilly had neither the internal controls in place nor performed any vetting to determine whether it “was offering something of value to a government official for the purpose of influencing or inducing him or her to assist Lilly-Vostok in obtaining or retaining business.”

In my next post I will discuss how the compliance practitioner can use the information and facts presented in the Lilly enforcement action as teaching points to evaluate and enhance a company’s compliance program.

Although I rarely agree with Peggy Noone, I always read her Saturday column in the Wall Street Journal (WSJ) and would like to end my blogging year with the closing paragraph, which I quote in full, from her article entitled “About Those 2012 Political Predictions”:

Lesson? For writers it’s always the same. Do your best, call it as you see it, keep the past in mind but keep your eyes open for the new things of the future. And say what you’re saying with as much verve as you can. Life shouldn’t be tepid and dull. It’s interesting—try to reflect the aliveness in your work. If you’re right about something, good. If you’re wrong, try to see what you misjudged and figure out why. And, always, “Wait ’til next year.”

A safe and Happy New Year to all.

© Thomas R. Fox, 2012

Comments (2)

December 12, 2012

Doing More with Less in Your Compliance Program (Not the 2013 Astros)

Filed under: Best Practices,compliance programs,Due Diligence,Ethical Leadership,FCPA,New York Times — tfoxlaw @ 1:01 am
Tags: best practices, DD, Due Diligence, FCPA, New York Times, NYT

It was reported today that the Houston Astros pitchers and catchers report for Spring Training on February 11, 2013, with position players reporting on February 15. I thought about how much I used to look forward to Spring Training in conjunction with the phrase that I think that most people are aware of ‘how to do more with less’. Could it be that my Astros will try and do more with less next year? Alas, I do not believe that will be the situation with the Astros, who have apparently decided to do ‘less with less’ by not spending any of the $80MM they receive from the local television contract on their $30MM payroll. Either new owner Jim Crane needs some serious money to service his mountain of debt or he is just keeping the money and laughing all the way home. One thing neither Jim Crane nor I am laughing about is the smack down the Houston Texas received by the New England Patriots on Monday Night Football this week. Being on the short side of two ‘friendly’ wagers for this game, keep checking out my blog, as you will soon see me gracing a Patriots jersey so stay tuned. And for Matt and Jay, I wear an XL.

The Astros upcoming season came to mind when I was reading a recent Corner Office section in the New York Times (NYT), where reporter Adam Bryant interviewed Sandra L. Kurtzig, chairwoman and Chief Executive Officer (CEO) of Kenandy, in an article entitled “Don’t Chase Everything That Shines”. One of the things that Kurtzig said which struck me was “I am conservative in hiring. I don’t over-hire. The reason is that you can get a lot more work done with fewer people. If you have a lot of people, you have to give them something to do, and you have to give them something to manage, and then you have to manage them. You can get a lot less done. So you want to have a core set of people while you’re really trying to discover your product, your direction, your market. And the more people you have, the more difficult it is to take risks because it affects a lot more people.”

Kurtzig takes this same attitude to making decisions, particularly in the area of business opportunities. She was quoted as saying, “I don’t run after “shiny objects.” That’s a mistake that a lot of people make in running a company, especially in starting one. They tend to get a lot of opportunities from people who want to partner with them. And these are just shiny objects, because there are very few partners that end up being right for your company. So I’m much more selective. If I hear something, I’m very quick to think, ‘Hey, that’s a shiny object; let’s get back to work.’ I think that’s what’s so distracting to a lot of companies — they see a big customer or some other distraction, and they spend too much time on it and they lose their way.” This thought about not running after shiny objects; I think that it may be one of the most overlooked aspects of due diligence on third parties. An evolving best practice regarding third parties must include a step that requires a business unit person to provide a business case as to why your company may need another third party to provide the services, goods or products; whether on the sales side or in the supply chain. This Business Justification should be obtained before you send out your questionnaire, assign a risk ranking or begin due diligence. There needs to be a valid business reason for going through the time and expense of looking at another third party representative and not simply because someone wants another company.

Kurtzig said that one thing she strongly believes in is transparency. She said that she is constantly asking her employees for their opinions. So, for instance, she asks “what they like about their job and what they don’t like about their job. What can we be doing better? In your previous job, how did you do it? What worked better and what worked worse than what we are doing now?” She believes that you must really listen to someone, “two-way conversations are an important ingredient for building a company. Nowadays, I hear that so many younger people who are starting companies are so used to working on the Internet that they tend to send only e-mails and communicate with their screens more than they communicate with people around them. You need to interact with people and not just your computers.”

I often write about the need to listen as a part of your compliance program. Today, Jeffery Spalding, Assistant General Counsel at Halliburton, spoke at the Hanson Wade Pharmaceutical Anti-Corruption Compliance Conference that I am attending in Philadelphia. One of the things he spoke about is the live compliance training that Halliburton puts on around the globe for its employees. In addition to the benefits of receiving live training, employees get to meet Jeff and put a face to a name. He gets to not only meet them but hear some of their concerns in person. This leads to much better chance that they will call him for compliance advice in the future. One of the key points he highlighted is that he listens and that engenders respect from the company’s employees across the globe.

I found the Kurtzig interview to provide some interesting and well placed management pointers which have application to a compliance program and are useful to compliance practitioners. Now if I could just get the Astros to use some of them.

© Thomas R. Fox, 2012

Comments (2)

November 9, 2012

The Red Scare: Knowledge and the Importance of Due Diligence

Ed. Note-we continue our series of guest posts from our colleague Mary Shaddock Jones, who today looks at the importance of due diligence.

At midnight on November 9, 1989, East Germany’s rulers gave permission for the Berlin Wall, separating East and West Berlin, to be opened up. Ecstatic crowds immediately began to clamber on top of the Wall and hack large chunks out of the 28-mile barrier. I remember viewing the scene on T.V. It was a momentous moment in world history. For those of you who may not know, while East Germany never officially adopted a “red flag” for its country, on most official buildings, the national flag (black-red-gold with hammer and circle) was flown with a solid red flag flown next to it! Twenty-two years later the “fall of the Red Flag of East Berlin”, seems like distant memory. However, for businesses doing business internationally the “red flag” has once again come to represent a warning or a threat in terms of liability under the FCPA

The Lay Person’s guide to the FCPA published by the Department of Justice warns U.S. firms about their choice of overseas partners and agents. A bad choice is someone who is likely to make corrupt payments. That likelihood, the DOJ says, is usually indicated by warning signs called “red flags.” If there are red flags to start with, and if the intermediary does bribe a foreign official to help the business, the company will have trouble arguing it shouldn’t be responsible for an FCPA violation based on an indirect corrupt payment.

Red flags, as the name suggests are easy to spot, and include such things as: (1) unusual payment patterns or financial arrangements; (2) a history of corruption in the country; (3) a refusal by the foreign joint venture partner or representative to certify that it will not take any action that would cause the U.S. firm to be in violation of the FCPA; (4) unusually high commissions; (5) Lack of transparency in expenses and accounting records; (6) An apparent lack of qualifications or resources on the part of the joint venture partner or representative to perform the services offered; and, (7) a recommendation from the local government of the intermediary to hire this particular third party.

Although red flags are often relatively easy to discover, the failure to look may result in a company being subject to severe penalties. As a result, prior to dealing with any third party, companies should conduct Due Diligence in an attempt to discover whether the third party is involved in any prohibited corrupt practices or has some connection to a foreign government official that you may not be aware of. Due diligence is thus an essential tool, as it allows one to acquire knowledge of any existing or potential “red flags”, thus enabling entities to make informed decisions on whether or not to interact with or transact business with certain persons and entities.

The practical pointer for today’s blog is this- The undeniable truth is that Companies must know who they are doing business with and, as importantly, why they are choosing to do business with this particular entity. This requires the accumulation of information! In order to collect adequate information concerning prospective third-party Agents or Business Partners, many companies are now using a consistent set of tools, for example: (1) questionnaires requiring the person within the company who is recommending the retention of a third party to provide basic information such as the reasons for engagement, the specific services required, how prospective third-party individuals or companies were selected for possible service, relevant experience and capabilities of the prospective third party, whether the prospective third-party would need to interact with government officials, how much and in what manner the third party should be compensated, etc.; (2) a questionnaire submitted to the prospective third party requesting significant information regarding the ownership, physical location, management, experience, relationship to foreign government officials, references of the third party and an assurance by the third party that it understands and is willing to comply with anti-corruption laws and regulations; (3) some method of vetting the reputation and background of the prospective third-party representative or business partner. Ultimately, the level of due diligence required will generally be commensurate with the level of perceived risk.

When conducting due diligence of high-risk third parties, one should typically employ the services of third party professionals. These professionals can help insure that the high risk third party does not pose potential FCPA liability through the use of various means such as: checks of corporate filings and business records, legal proceedings, Internet searches, and adverse media checks. Furthermore, many emerging markets and developing countries pose such a great risk of FCPA liability, that additional due diligence procedures including “in-country” (a/k/a “boots on the ground”) searches may be required such as: conducting searches of localized public records, phone interviews, site visits, and reference checks.

Consider the following policy language:

Under the U.S. FCPA, the Company and its Personnel could be liable for indirect offers, promises of payments, or payments to any Government Official (or to private entity if the UK Bribery Act is involved) if such offers, promises, or payments are made through an Agent or Partner with the knowledge that a Government Official will be the ultimate recipient. As a result, it is important that the Company, through the Company Compliance Officer, consider the necessity of conducting anti-corruption due diligence on a prospective Agent or Partner. If after performing a risk assessment the Company concludes that a due diligence investigation should be conducted, then the extent of the investigation must be determined. The degree of due diligence the Company will perform depends upon a lot of factors, including the dollar value of the arrangement, the expected contact with government officials, and the country at risk. In making the determination, the Company will consider whether the transaction raises “red flags”.

Examples of common “red flags” with third parties are as follows:

The prospective acquisition target, Agent, or Partner insists that its identity remain confidential or refuses to divulge the identity of its owners, directors, or officers.
Family, business or other ‘special’ ties with government or political officials.
Reputation for violation of local law or company policy, such as prohibitions on commissions, or currency or tax law violations. Also negative press, rumors, allegations, investigations or sanctions.
The transaction or the prospective acquisition target, Agent, or Partner is or operates in a country where there is widespread corruption or a history of bribes and kickbacks
Requests from government officials or agencies to engage or hire specific third parties.
Inadequate credentials for the nature of the engagement or lack of an office or an established place of business.
Missing or inadequate documentation to support services and invoices. Unsupported charges or expenses, requests for payment of non-contracted amounts.
Convoluted or complex payment requests, such as payment to a third party or to accounts in other countries, requests for payments in cash or requests for upfront payment for expenses or other fees.
Requests for political, charitable contributions or other favors as a way of influencing official action.
Third party has a reputation for getting ‘things done’ regardless of circumstances or suggests that for a certain amount of money, he can fix the problem or “make it go away”.

All due diligence investigations conducted by the Company will include an analysis of potential “red flag” issues. Investigations of potential “red flag” issues should be carefully documented and relevant documents, such as due diligence, questionnaires, reports, and compliance certificates, should be maintained by the Company Compliance Officer or his or her designee.

On Monday, we will examine contractual language to consider when contracting with approved Agents and Partners. Stay tuned.

Mary Shaddock Jones has practiced law for 25 years in Texas and Louisiana primarily in the international marine and oil service industries. She was of the first individuals in the United States to earn TRACE Anti-bribery Specialist Accreditation (TASA). She can be reached at msjones@msjllc.com or 337-513-0335. Her associate, Miller M. Flynt, assisted in the preparation of this series. He can be reached at mmflynt@msjllc.com.

Leave a Comment

November 7, 2012

DEEP LEVEL DUE DILIGENCE: What you need to know

Filed under: compliance programs,Due Diligence,Ethics,FCPA — tfoxlaw @ 12:27 pm
Tags: best practices, Candice Tal, compliance programs, Due Diligence, FCPA, Foreign Corrupt Practices Act

Ed. Note-today we are pleased to have a guest post from our colleague Candice Tal.

Would you do business with an entity that has been in business less than 2 years, has no internet presence and uses a military-style compound that for it’s headquarters where no employees arrive to work each day? This may well be the next reseller or distributor your company works with in Africa, or some parts of Russia or China. How about the entrepreneurial young executive that is starting a new business which has no physical office yet—is that a risk factor? Is he still working for his old employer with whom you have a contractual relationship? Is there any possibility, or even perception, of kickbacks there? The old adage: “what you don’t know can’t hurt you” is certainly a reckless approach given today’s global anti-corruption initiatives.

Minimizing corporate liability exposure and effective regulatory compliance are key to your business’ global success. Business expansion through global growth, investments, M&A transactions, joint ventures, private equity deals, and other financial transactions are all higher risk endeavors, especially in emerging markets where bribes are commonplace, business relationships are often opaque and information may be extremely hard to pin down.

So what do you need to know about your prospective business partners & how do you find out these kinds of details when you are sitting in an office 5,000 miles away?

Progressive levels of due diligence form a great approach to cost-effectively and rapidly demonstrating compliance with international regulations designed to detect and prevent bribery of foreign officials. With FCPA fines and penalties averaging $18million, multi-level due diligence is a “no-brainer”. In fact most large corporations today (nearly 80%) perform fast, basic due diligence reviews of suppliers, resellers, distributors and third party agents for AML, KYC, FCPA, & UKBA compliance.

Although important as a first step in preventing bribery, basic due diligence is only a limited tool in detecting and preventing a host of other corrupt and criminal activities. Deeper levels of due diligence are essential steps in yielding valuable information to make critical business and financial decisions, and at the same time accomplish regulatory compliance.

First level due diligence typically consists of checking individual names and company names through several hundred Global Watch lists comprised of anti-money laundering, anti-bribery, sanctions lists & other financial corruption & criminal databases. These global lists create a useful first-level screening tool to detect potential red flags for corrupt activities. It is also a very inexpensive first step in compliance from an investigative viewpoint. This basic level is extremely important for companies to complement their compliance policies and procedures; demonstrating a broad intent to actively comply with international regulatory requirements.

What are next levels of due diligence? Supplementing these Global Watch lists with a deeper screening of international media (typically the major newspapers & periodicals from all countries) plus detailed internet searches, will often reveal other forms of corruption-related information and may expose undisclosed or hidden information about the company, it’s key executives and associated parties.

This combined information creates a more effective screening for corruption compliance purposes. Red/ yellow/green flag alerts based on these results can then be used to prioritize in-depth investigations. Summary reports should show the information sources reviewed and recommendations for further actions if indicated. Green flags suggest no further actions based on findings; however the information sources searched are limited and should not be considered the same as deep-level due diligence. Red flags indicate the possibility is high that corruption, bribery, money laundering and or undue political influence may be likely, or is actively occurring. Designing a multi-layered investigative approach from this point is essential in order to implement an effective business risk mitigation and compliance strategy.

These first two levels of due diligence alone are not sufficient if you have a substantial operation at stake, or a multi-million dollar investment, developing a new product, building a larger facility, developing a new market sector or creating a new supply chain for your existing products or services. After all, why take risks when you don’t have to.

Next level due diligence should also include an in-depth background check of key executives or principal players. These are not routine employment-type background checks which are simply designed to confirm existing information; but rather executive due diligence checks designed to investigate hidden, secret or undisclosed information about that individual.

Reputational information, involvement in other businesses, direct or indirect involvement in other law suits, history of litigious and other lifestyle behaviors which can adversely affect your business, and public perceptions of impropriety, should they be disclosed publically.

One litmus test would be: How would it look to the public and your shareholders if an executive immerses your company in questionable business practices or regulatory violations?

About 20% of executives do not check out well. As the saying goes: “people are people”, and executives reflect most of the same issues seen in other employee groups. Most frequently the adverse issues for executives involve undisclosed business dealings that may compromise your company’s new venture, SEC violations, criminal history, no degree(s) earned, loss of professional licensure, mis-statement of personal success/wealth, fraudulent activity and multiple bankruptcies. In many parts of the world bribery and corruption are considered a normal part of business dealings.

Deep-level due diligence investigations are designed to supply you with comprehensive analysis of all available public records data supplemented with detailed field intelligence to identify known and more importantly unknown conditions. Seasoned investigators who know the local language and are familiar with local politics bring an extra layer of depth assessment to an in country investigation.

Direction of the work and analyzing the resulting data is often critical to a successful outcome; and key to understanding the results both from a technical perspective and understanding what the results mean in plain English. Investigative reports should include actionable recommendations based on clearly defined assumptions or preferably well-developed factual data points.

What are the benefits of Deep Level Due Diligence? In addition to regulatory compliance and protecting your Board Of Directors, if a deal or business relationship is too risky the company has an informed option to re-negotiate or fundamentally change the terms of the deal, initiate damage control if needed, or even pull out of the deal entirely.

Comprehensive investigative reports will provide effective, meaningful results & actionable reports which are directly tied to corporate objectives.

Deep level due diligence should have a targeted approach articulated in a scope of work; these are not random investigations. The more that is known about your corporate objectives from the start of the investigation, the more likely the investigators are to provide useful information. All of this can be accomplished through NDA’s or other contract products.

Older style due diligence investigations used to include all available information, including vehicle descriptions, license plates & telephone numbers of all parties associated with the identified executives & businesses. These old-school investigations were based on traditional law enforcement fact-gathering and evidence based reporting. However unless you plan to conduct an undercover investigation or sting operation, these data points are rarely of significance for due diligence purposes.

What is of concern in deep level due diligence:

Physical description / confirmation of the premises
Photographic evidence of facility
Evidence of employees showing up to work (not a “shop-front” façade)
Business operational & trade reputation
Other significant business intelligence

Undisclosed business information
Transaction evaluation
Competitive intelligence
Well-developed internet presence
Regional business scalability Issues
Issues preventing scalability (politics, lack of infrastructure to deliver goods, etc)
History of business criminal & civil lawsuits
Executive background check due diligence
Undisclosed personal information of key managers
Involvement in other business entities
Identity of key individuals
Financial assets
Bankruptcy history
Sources of wealth
Tax evasion
Confirming prior business sales (successes/failures)

Misrepresentations in company/exec background
Significant managerial issues
Criminal history
Civil litigation history
Records of other disputes
Environmental liabilities
SEC violations
Sanctions
Sales history
Client /supplier relationships
Procurement fraud
Political influence issues & public official relationships
Public relations issues
Executive & BOD lifestyle issues
Ties to organized crime
Known family connections to various groups (org crime, politicians, activist groups)

These are some of the issues that may impact the progression of a deal, result in adverse PR, or yield ethics violations or regulatory non-compliance issues. In-country due diligence, using local investigators can reveal far more than public records information obtained in the more basic Tier 1 & 2 type investigations. Careful analysis of the information obtained is key to successful investigative due diligence.

Controlling identified risk factors will often yield greater mid-range and long-term profitability with a relatively small capital outlay. Due diligence investigations often form a key portion of large corporations’ emerging market & high growth markets success strategy in addition to meeting regulatory compliance objectives.

Deep level due diligence reports should provide corporate clients the assurance needed to comply with global anti-corruption regulations FCPA/UKBA and to engage in new markets with clearly identified and manageable risks.

For more information, contact: Candice Tal, CEO, Infortal Worldwide.

Leave a Comment

October 21, 2012

Brother Can You Swop a Car? FCPA and Bribery Act Implications in the Barter Economy

Filed under: Aaron Murphy,Agents,Bribery Act,compliance programs,Due Diligence,FCPA,Financial Times — tfoxlaw @ 6:46 pm
Tags: agents, Bribery Act, compliance, compliance programs, Due Diligence, FCPA, FT

While the economy has improved from the depths of the Bush Recession of 2008, things are not back where most businesses and governments would like them to be. One of the more interesting responses to the continuing economic doldrums that I have read about is the age old art of bartering. According to the International Reciprocal Trade Association (IRTA), the ongoing economic slump has encouraged companies to offset shrinking orders and ongoing skimpy credit from financial institutions to put excess products to use by bartering them. A recent article in the Financial Times (FT) by reporter Alicia Clegg, entitled “The art of good bartering”, further piqued my interest.

In her article, Clegg quoted Brian Petro, who has a blog entitled “Barterfanatic.com”, who said that bartering allows him continue operating his business through the exchange of goods. Additionally bartering is a way to overcome liquidity problems or by-pass currency restrictions. The IRTA says that bartering has increased substantially over the past four years or so in some of the following countries: the United States, Britain, the Netherlands, France, Italy, Spain, Portugal and “parts of Asia”.

The bartering system, as envisioned by the IRTA and others, has become quite a sophisticated system. Typically a smaller company will “barter their unsold goods and services through a barter exchange, selling to another exchange member in return for trade credits which can be used to buy something from another exchange member.” Larger businesses typically use a different model where they will barter slow moving stock with a trade barter company, who pays the company back in trade credits which the original entity will then use to purchase goods and services. Clegg reported that the barter exchange “typically charges buyer and seller a cash transaction fee of 5-6 percent.”

While the IRTA does have a Code of Ethics and Conduct for its members, it does not speak to anti-corruption or anti-bribery. While most people think that the biggest issue around bartering is tax, because both buyers and sellers need to assign market values to what they buy and sell in the process, there is also a Foreign Corrupt Practices Act (FCPA) and UK Bribery Act compliance issue involved, which revolves around these exchanges or other intermediaries who facilitate barter deals by providing the credits for goods or services received.

What might the relationship of these intermediaries be under the FCPA or Bribery Act? Let’s take the Bribery Act since that law clearly bans all bribery and corruption between private entities not just with foreign government officials as set forth in the FCPA. Under the Bribery Act, a company can be liable if someone who performs services on their behalf, like an employee or agent, pays a bribe specifically to get business, keep business, or gain a business advantage for the entity. It is not limited to agents, distributors, sales representatives and the like. The term in the Ministry of Justice’s Six Principles of Adequate Procedures is “associated persons” and an intermediary, such as a barter exchange or other similar entity, may well qualify as an associated person.

What if a barter exchange is based in a well-known money-laundering location? Think that might move up its risk profile? While the IRTA has on its website, that it is in “strategic partnership with the IRS Partnership Outreach” as a “collaborative effort to work with a major government group to educate business owners on reciprocal trade”, it does not take too much insight to see that other laws and regulations might be involved.

What are some of the questions you need to be asking from the compliance perspective if your business is going to engage in bartering? First, and foremost, is to know who you are doing business with and how you are doing business with them. If you are bartering through an exchange, you should perform due diligence on them as they may well be your agent under the FCPA and most probably an “associated person” under the Bribery Act. What compliance protocols do they have in place? Do you have any agreement with them that has FCPA or Bribery anti-corruption/anti-bribery terms and conditions? What rights do you have to protect your product after it has been exchanged?

Consider this “creatively structured” deal that Clegg wrote about. The automotive maker Kia struck an exchange with the UK bartering company Miroma, where Kia swopped some of its auto fleet with a publisher “in return for poster, cinema and press slots for Kia.” From the description in the FT article, it certainly sounded like Miroma acted as the agent for Kia in the series of transactions.

Just as my colleague Aaron Murphy wrote in his book “Foreign Corrupt Practices Act – a Practical Resource for Managers and Executives” about the FCPA issues that many retailers might face, the issues which companies engaging in bartering are in plain sight as well. However, just as those in retailing may not have looked closely and are now paying a high price to look, those companies which engage in bartering and who fail to look at the FCPA and Bribery Act as potential sources of liability should do so sooner rather than later.

© Thomas R. Fox, 2012

Leave a Comment

October 11, 2012

Send Lawyers, Guns and Money – Some Steps Law Firms Should Consider

Filed under: Uncategorized — tfoxlaw @ 1:04 am
Tags: Bribery Act, compliance programs, Due Diligence, FCPA, Fraud, Warren Zevon

One of my favorite lawyer songs is the Warren Zevon classic “Lawyers, Guns and Money”. I was reminded of that song when I sat on a panel on Wednesday with Dan Chapman and Mike Volkov, where we discussed recent enforcement actions and due diligence under the Foreign Corrupt Practices Act (FCPA). Dan is the Chief Compliance Officer (CCO) at Parker Drilling here in Houston and one of the points he raised was the company’s need to put their outside counsel through FCPA due diligence similar to other vendors. He said that law firms would yell, scream, kick and whine vociferously that their collective honor was being questioned but Dan made clear that foreign (and sometimes US) outside counsel often deal with foreign governmental officials.

It’s been since the last millennium since I practiced law in a law firm, other than in my current incarnation as a solo practitioner. So to say things have changed for law firms in the 12+ years since I practiced with other lawyers might be saying that ‘water is wet’. I thought about how much things have changed as I was perusing this week’s edition of the Texas Lawyer and saw an article, entitled “Simple Steps to Prevent Fraud at a Firm”, by Jacob Harris, Assistant District Attorney for the Dallas County District Attorney’s Office, Specialized Crimes Division. Harris believes that when lawyers focus on the practicing of law and relegate everyday business responsibilities to non-lawyers, they expose the firm to theft and fraud. He writes that the best way for lawyers to reduce their law firm’s fraud risk “begins with the attorneys in charge getting more involved with their firm’s everyday business affairs.” To this end Harris proposes five “simple, routine tasks that significantly lower a firm’s fraud risk.”

The lawyer in charge should receive and open mail. By personally receiving mail, an attorney can insure that no person in the firm has manipulated any items such as bank/credit card statements, vendor invoices or other types of mail which might involve or include accounts requiring payment. A common method used by fraudsters is “white out fraudulent transactions, making a copy of the statement and then replacing the statement into the envelope.” By reading all mail personally, a lawyer can assure this does not occur.
That lawyer should also review statements and invoices. Embezzlers can often set up personal bank accounts with the same name as the firm accounts. Lawyers need to check for multiple payments on the same accounts, multiple payroll checks to the same person for the same payroll period and for checks to unknown persons and vendors. Invoices and payments should be matched up contracts for services or the purchase of goods.
The attorney in charge should check online financial sources to review statements regularly and make sure that no one has changed passwords. With the increasing paperless world, banking is transacted online. More than one person at a law firm should know online and software passwords. This enables more and better monitoring.
Owners and partners should understand who works for the firm and what everyone’s duties are at the firm. Just as with non-law firm businesses, there should be a segregation of duties as it reduces the chance of fraud and is a basic internal control technique of fraud prevention. Further knowing who works for a firm can prevent the “ghost-employee scam.”
Lawyers should not assume others will detect fraud for them. Harris points out that “banks and certified public accountants normally do not catch thieves.” Simply because a check is made out to one party, does not mean that the same check cannot be deposited into a fraudster’s account. Further a fraudster may be operating with someone at a bank so lawyers need to verify that money sent to be deposited has actually been posted to the law firm’s back account.

Harris ends by noting that “by understanding how a [law] firm is vulnerable to fraud and making the proper adjustments to business practices, a firm can minimize its everyday fraud risk.” I found it useful to review some of these basic controls that my colleague Henry Mixon continually preaches on, many law firms neglect these basic controls. Dan Chapman’s comments on law firms as third party service providers who represent companies in front of government officials should also let lawyers know that companies may well begin anti-bribery due diligence on them. US law firms with international clients should also remember that if they represent a UK company in the US, it is the US law firm which is the international entity and that a UK company may be required under the UK Bribery Act to perform due diligence and require Bribery Act compliant anti-bribery terms and conditions included in the engagement letter.

© Thomas R. Fox, 2012

Comments (1)

August 14, 2012

Pfizer DPA Part III – What Does It All Mean?

Filed under: Agents,Best Practices,Board of Directors,Code of Conduct,compliance programs,Deferred Prosecution Agreement,Department of Justice,Discipline,Enforcement Actions,FCPA,Mergers and Acquisition — tfoxlaw @ 6:06 am
Tags: compliance programs, Department of Justice, DOJ, DPA, Due Diligence, ethical leadership, FCPA, Pfizer

Last week I began an exploration of the Pfizer Deferred Prosecution Agreement (DPA) which was announced last week by the Department of Justice (DOJ) in connection with its settlement of Foreign Corrupt Practices Act (FCPA) violations. In Part I, I reviewed the Corporate Compliance Obligations, Attachment C.1. In Part II, I reviewed the Enhanced Compliance Obligations, Attachment C.2 and Corporate Reporting Obligation, Attachment C.3, which Pfizer agreed to implement and operate under. In Part III, I will discuss some of the implications raised by the Pfizer DPA for the compliance practitioner.

Below is a comparison chart of the minimum best practices compliance program as set out in the Panalpina DPA and all DPAs coming forward with the minimum best practices compliance program as set out in the Pfizer DPA. While the number of compliance obligations is somewhat different, when read in conjunction with the Enhanced Compliance Obligations of Attachment C.2, there is not significant difference. Therefore, and initially, the compliance practitioner must read both the Corporate Compliance Obligations and Enhanced Compliance Obligations in conjunction with each other.

CORPORATE COMPLIANCE COMPARISON CHART

Panalpina Minimum Best Practices	Pfizer 9 Point Corporate Compliance Program
1. Code of Conduct. To ensure against FCPA violations.	1. Clearly articulated corporate policy against FCPA violations.
2. Tone at the Top. A company will ensure that its senior management provides visible support and commitment to its corporate anti-corruption policy.	2. Promulgation of compliance standards and procedures designed to reduce the prospect of violations of the anti-corruption laws and Pfizer’s compliance code.
3. Written policies and procedures. Should be created in the following areas (a) gifts; (b) hospitality, entertainment, and expenses; (c) customer travel; (d) political contributions; (e) charitable donations and sponsorships; (f) facilitation payments; and (g) solicitation and extortion.	3. Assignment of one or more senior corporate execs for implementation and oversight of compliance program. They shall report to the Board.
4. Risk Assessment. Perform risk assessment and use it to inform your compliance program. 9(b)-internal and confidential reporting system.	4. Effective communication of the compliance policies including training and certification of training.
5. Annual Reviews. No less than annually, a company should review and update as appropriate to ensure continued compliance program effectiveness.	5. An effective system for reporting illegal conduct or violations of the company anti-corruption program.
6. Senior Management Oversight and Reporting. Assignment of one or more senior corporate executives for implementation & oversight of compliance program and they shall report to Board of Directors	6. Appropriate disciplinary procedures.
7. Internal controls. These should include financial and accounting procedures which should ensure that the company has accurate and fair books and records, which cannot be used for or conceal bribery.	7. Appropriate due diligence for retention and oversight of agents and business partners.
8. Training. A company shall effectively communicate compliance program through training and annual certifications	8. Standard compliance terms and conditions in contracts including (1) reps and undertakings re: anti-corruption compliance; (2) right to audit; and (3) right to terminate for breach thereof.
9. Advice and Guidance. The Company should establish or maintain an effective system for: (a) Providing guidance; (b) Internal and confidential reporting; and (c) Responding to such requests and undertaking appropriate action in response to such reports.	9. Periodic testing of Pfizer compliance code and anti-corruption procedures.
10. Discipline. A company shall institute appropriate disciplinary procedures to address violations compliance policy or ant-corruption laws.
11. Third Party Reps. (a) Properly documented risk-based due diligence and regular oversight of agents and business partners; (b) Informing agents and business partners of the compliance standards; and (c) Seeking a reciprocal commitment from agents and business partners.
12. Compliance terms and conditions. Should be included in every agent agreement.
13. Ongoing Assessment. Period review and testing of compliance program to evaluate it and improve the program’s effectiveness.

In addition to a Chief Compliance Officer (CCO) and Risk Officer (RO) who will have report directly to the Chief Executive Officer (CEO), there was further specified requirements for compliance leads to be appointed with responsibility for each of its business units who would in turn report to the CCO and RO or General Counsel (GC). Finally, similar to the situation we observed in the Halliburton settlement of its shareholder derivative action, Pfizer will have an Executive Compliance Committee, which will sit below the Board of Directors to oversee Pfizer’s compliance program.

The Enhanced Compliance Obligations require that Pfizer maintain policies and procedures regarding gifts, hospitality, and travel in each jurisdiction that are appropriately designed to prevent violations of the anti-corruption laws and regulations, presumably tailored to each jurisdiction. This statement would seem to focus on reasonableness not only in terms of monetary value but also in factoring in the jurisdiction where the gift or hospitality is to be provided. Finally, and as always, travel and training must have a business purpose.

There was a very detailed plan laid out for a risk-based program of annual proactive anti-corruption reviews of high-risk markets. It consists of five markets which are at high risk for corruption because of the business and location. The specifics for each visit will be a useful guide for the compliance practitioner to compare with similar work done by his compliance group. It includes (a) On-site visits by an FCPA review team comprised of qualified personnel from the Compliance, Audit and Legal functions who have received FCPA and anti-corruption training; (b) Review of a representative sample, appropriately adjusted for the risks of the market, of contracts with, and payments, to individual foreign government officials or health care providers, as well as other high-risk transactions in the market; (c) Creation of action plans resulting from issues identified during the proactive reviews; these action plans will be shared with appropriate senior management and should contain mandatory remedial steps designed to enhance anti-corruption compliance, repair process weaknesses, and deter violations; and (d) a review of the books and records of a sample of distributors which, in the view of the FCPA proactive review team, may present corruption risk.

Interesting, the DPA specifies that Pfizer will maintain “significant” resources for the compliance function. These significant resources will be dedicated to several different types of compliance tools, including (a) an international investigations group charged with responding to and investigating anti-corruption compliance issues and ensuring that appropriate remedial measures are undertaken after the completion of an investigation; (b) an anti-corruption program office providing centralized assistance and guidance regarding the implementation, updating and revising of the FCPA Procedure, the establishment of systems to enhance compliance with the FCPA Procedure, and the administration of corporate-level training and annual anti-corruption certifications; and (c) a mergers and acquisitions (M&A) compliance team designed to support early identification of compliance risks associated with complex business transactions and to ensure the integration of Pfizer’s compliance procedures into newly acquired entities. There was a slightly different time schedule listed for Pfizer to complete post-acquisition auditing, training and implementation of the Pfizer compliance program into the acquired company. I have added to my recent FCPA M&A Box Score Summary.

Time Frames	Halliburton 08-02	J&J	DS&S	Pfizer
FCPA Audit	High Risk Agents - 90 days Medium Risk Agents - 120 Days Low Risk Agents - 180 days	18 months to conduct full FCPA audit	As soon “as practicable”	One year
Implement FCPA Compliance Program	Immediately upon closing	12 months	As soon “as practicable”	One year
Training on FCPA Compliance Program	60 days to complete training for high risk employees, 90 days for all others	12 months to complete training	As soon “as practicable”	One Year

While there was no new language regarding risk evaluation, due diligence on, or other management of third party business parties, the DPA did specify that when it is appropriate on the basis of a FCPA risk assessment, the company will provide FCPA and anti-corruption training to relevant agents and business partners, at least once every three years.

The company is also to use annual certifications from senior managers in each of Pfizer’s Business Units, Divisions, and operational functions confirming that their standard operating procedures adequately implement Pfizer’s anti-corruption policies, procedures and controls, including training requirements; that they have reviewed and followed up on any issues identified in FCPA trend analyses; and that they are not aware of any FCFA or other corruption issues that have not already been reported to the Compliance Division or the Legal Division.

There is a wealth of information in the Pfizer DPA and other documents relating to its resolution of these FCPA issues. I would commend all the documents to you to read and see what areas your company may need to look at more closely and how these Compliance and Enhanced Compliance Obligation Attachments may provide insight into areas where you might be lacking or need to enhance your compliance program and coverage. These enhanced obligations could well become the new minimum best practices in the FCPA compliance arena.

Leave a Comment

June 28, 2012

2012 First Half FCPA Enforcement Round-Up: Part II

Filed under: Biomet,DS&S,Due Diligence,Enforcement Actions,FCPA,Internal Audit,Mergers and Acquisition,Morgan Stanley — tfoxlaw @ 1:01 am
Tags: compliance programs, Department of Justice, DOJ, Due Diligence, ethics and compliance, FCPA, FCPA Blog, FCPA Professor, M&A

In yesterday’s post we reviewed three of the most significant enforcement actions so far for 2012. In today’s post we conclude with the final three enforcement actions that I believe provide the best or most recent insights for the compliance practitioner.

IV. Biomet

On March 26, 2012, both the Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) announced the resolution of enforcement actions against Biomet Inc. a US entity which manufactures and sells global medical devices around the world. It is headquartered in Fort Wayne, Indiana. The Company admitted to a lengthy run of bribery and corruption of doctors to purchase its products and paid a criminal fine of $17.3MM to resolve charges brought by the DOJ. It also agreed with the SEC to settle civil charges by paying $5.5MM in disgorgement of profits and pre-judgment interest.

A. Bribery and Corruption Facts

The Company engaged in an eight (8) year scheme to bribe and corrupt doctors in the countries of Argentina, Brazil and China to induce the physicians to purchase Biomet products. The SEC Complaint reported that “2000 to August 2008, Biomet Argentina employees paid bribes to doctors employed by publicly owned and operated hospitals in Argentina in exchange for sales of Biomet’s medical device products. The doctors were paid approximately 15-20 percent of each sale.” In Brazil, the SEC Compliant reported that from 2001 until 2008, Biomet’s “Brazilian Distributor, paid bribes to doctors employed by publicly owned and operated hospitals to purchase Biomet’s implants. Brazilian Distributor paid the doctors bribes in the form of “commissions” of 10-20 percent of the value of the medical devices purchased.” In China, Biomet subsidiaries and its Chinese distributor paid from 5% up to 25% commissions to doctors for the sale of its products which were used during surgeries and also paid for Chinese surgeons to travel for training “including a substantial portion of the trip being devoted to sightseeing and other entertainment at Biomet’s expense.”

B. Internal Audit Failures

The SEC Compliant reported that the Company’s Internal Audit was not only aware of the bribery program but discussed it in Memorandum to the Company’s home office, including the head of the Company’s Internal Audit Department. For instance in Argentina, the Company’s head of Internal Audit noted, as early as 2003, they “circulated an internal audit report on Argentina to Senior Vice President and others in Biomet in Indiana in which he stated, “[R]oyalties are paid to surgeons if requested. These are disclosed in the accounting records as commissions.” The Internal Audit report described the payments to surgeons, but only in the context of confirming that the amount paid to the surgeon was the amount recorded on the books.” However, the Company’s Internal Audit Department, took no steps to determine why royalties were paid to doctors or why the payments to the doctors were 15-20% of sales. Internal Audit did not obtain any evidence of services which the doctors might have performed entitling them to the payments. The SEC Complaint noted that Internal Audit “concluded that there were adequate controls in place to properly account for royalties paid to surgeons without any supporting documentation” and Internal Audit’s only recommendation was to change the journal entry from “commission expenses” to “royalties.”

The SEC Complaint also noted that “Biomet’s books and records did not reflect the true nature of those payments. The Company’s payments were improperly recorded as “commissions,” “royalties”, “consulting fees”, “other sales and marketing”, “scientific incentives”, “travel” and “entertainment.” The SEC Compliant concluded with the following “False documents were routinely created or accepted that concealed the improper payments.”

C. Lessons Learned for Internal Audit

The SEC Complaint had some very clear guidance for the role of Internal Audit in detecting bribery and corruption in a best practices Foreign Corrupt Practices Act (FCPA) compliance program. First, if there are any types of commission payments being made, Internal Audit needs to review the documentation supporting why such payments are being made. A review of contracts or other legal requirements which may obligate a company to make such payments should be a basic undertaking in any internal audit. After an internal auditor has determined if commission payments are legally authorized, the internal auditor should review the evidence that such commission payments have been earned. Another role delineated in the SEC Complaint for Internal Audit is to correctly classify payments so that the books and records of the company accurately reflect them as expenses. As noted, the Director of Internal Audit instructed that bribes paid during clinical trials of the Company’s products should be reclassified as ‘expenses’.

Key Takeaway: This enforcement action lists the specific role of Internal Audit in a FCPA compliance program.

V. Morgan Stanley and Garth Peterson

This is the first instance of the public release of a Declination to Prosecute a company under the FCPA, where an employee agreed to an underlying FCPA violation. Morgan Stanley Managing Director Garth Peterson conspired with others to circumvent Morgan Stanley’s internal controls in order to transfer a multi-million dollar ownership interest in a Shanghai building to himself and a Chinese public official. Peterson encouraged Morgan Stanley to sell an interest in a Chinese real-estate deal to Shanghai Yongye Enterprise (Yongye) a state-owned and state-controlled entity through which Shanghai’s Luwan District managed its own property and facilitated outside investment. However, the DOJ declined to prosecute Morgan Stanley and noted in its Press Release, “After considering all the available facts and circumstances, including that Morgan Stanley constructed and maintained a system of internal controls, which provided reasonable assurances that its employees were not bribing government officials, the Department of Justice declined to bring any enforcement action against Morgan Stanley related to Peterson’s conduct. The company voluntarily disclosed this matter and has cooperated throughout the department’s investigation.”

A. Declination to Prosecute

Both the DOJ and SEC went out of their way to praise the Morgan Stanley compliance program. This written praise demonstrated that not only do company’s receive credit from the DOJ for having a compliance program in place but also gave solid information as to why the DOJ declined to prosecute Morgan Stanley. In other words, it was a very public pronouncement of a declination to prosecute.

The SEC Complaint detailed the compliance program it had in place and how it directly related to Peterson.

(1) Morgan Stanley trained Peterson on anti-corruption policies and the FCPA at least seven times between 2002 and 2008.

(2) Morgan Stanley distributed to Peterson written training materials specifically addressing the FCPA.

(3) A Morgan Stanley compliance officer specifically informed Peterson in 2004 that employees of Yongye, a Chinese state-owned entity, were government officials for purposes of the FCPA.

(4) Peterson received from Morgan Stanley at least thirty five FCPA-compliance reminders.

(5) Morgan Stanley required Peterson on multiple occasions to certify his compliance with the FCPA.

(6) Morgan Stanley required each of its employees, including Peterson, annually to certify adherence to Morgan Stanley’s Code of Conduct.

(7) Morgan Stanley required its employees, including Peterson, annually to disclose their outside business interests.

(8) Morgan Stanley had policies to conduct due diligence on its foreign business partners, conducted due diligence on the Chinese Official and Yongye before initially conducting business with them, and generally imposed an approval process for payments made in the course of its real estate investments.

B. Compliance Program as Compliance Defense

If it was not clear that a company receives credit for having a best practices compliance program it is now. Recognizing that a compliance program is not available as a formal affirmative defense, it is clear that Morgan Stanley was able to use not only their written compliance program, but its ongoing maintenance, communication and due diligence aspects to shield the employer from liability. The bottom line is what the DOJ and SEC representatives have been saying all along and that is that companies with best practices compliance programs receive credit in negotiating with the government.

Key Takeaway: The compliance defense is alive and well.

Key Takeaway II (for the DOJ): Publicize Declinations to Prosecute. It is solid information for the compliance practitioner to use and it will help companies do business in compliance with the FCPA.

VI. DS&S

Last, but certainly not least, we end our Top 6 of 2012, to date, with the Data Systems & Solutions LLC (DS&S) case.

A. The Bribery Scheme

The bribery scheme involved payments made to officials at a state-owned nuclear power facility in Lithuania, named Ignalina Nuclear Power Plant (INPP). The payments were made to allow DS&S to obtain and retain business with INPP. The Information listed contracts awarded to DS&S in the amount of over $30MM from 1999 to 2004. Significantly, DS&S did not self-disclose this matter to the DOJ but only began an investigation after receiving a DOJ Subpoena for records.

The bribery scheme used by DS&S recycled about every known technique there is to pay bribes. The Information listed 51 instances of bribes paid or communications via email about the need to continue to pay bribes. The bribery scheme laid out in the Information reflected the following techniques used:

Payment of bribes by Subcontractors to Officials on behalf of DS&S;
Direct payment of bribes by DS&S into US bank accounts controlled by INPP Officials;
Creation of fictional invoices from the Subcontractors to fund the bribes;
Payment of above-market rates for services allegedly delivered by the Subcontractors so the excess monies could be used to fund bribes;
Payment of salaries to INPP Officials while they were ‘employed’ by Subcontractor B;
Providing travel and entertainment to Officials to Florida, where DS&S has no facilities and which travel and entertainment had no reasonable business purpose;

and last but not least…

Purchase of a Cartier watch as a gift.

B. The Discounted Fine

DS&S received a discount of 30% off the low end of the penalty range as calculated under the US Sentencing Guidelines, which specified a fine between $25MM down to $12.6MM. The ultimate fine paid by DS&S was only $8.82MM, which the Deferred Prosecution Agreement (DPA) states is “an approximately thirty-percent reduction off the bottom of the fine range…” In addition to its real-time internal investigation and extraordinary cooperation, the DPA reports that DS&S took the following extensive remediation steps:

Termination of company officials and employees who were engaged in the bribery scheme;
Dissolving the joint venture and then reorganizing and integrating the dissolved entity as a subsidiary of DS&S;
Instituting a rigorous compliance program in this newly constituted subsidiary;
Enhancing the company’s due diligence protocols for third-party agents and subcontractors;
Chief Executive Officer (CEO) review and approval of the selection and retention of any third-party agent or subcontractor;
Strengthening of company ethics and compliance policies;
Appointment of a company Ethics Representative who reports directly to the CEO;
The Ethics Representative provides regular reports to the Members Committee (the equivalent of a Board of Directors in a LLC); and
A heightened review of most foreign transactions.

C. Mergers & Acquisitions

There were two new additions are found on items 13 & 14 on Schedule C of the DPA that dealt with mergers and acquisitions (M&A). They draw from and build upon the prior Opinion Release 08-02 regarding Halliburton’s request for guidance during an attempted acquisition and the Johnson and Johnson (J&J) Enhanced Compliance Obligations which were incorporated into its DPA. The five keys under these new items are: (1) develop policies and procedures for M&A work prior to engaging in such transactions; (2) full FCPA audit of any acquired entities “as quickly as practicable”; (3) report any corrupt payments or inadequate internal controls it discovers in this process to the DOJ; (4) apply DS&S anti-corruption policies and procedures to the newly acquired entities; and (5) train any persons who might “present a corruption risk to DS&S” on the company’s policies and procedures and the law.

Key Takeaway: Minimum best practices evolve so you should stay abreast of them. IN the M&A arena, the DOJ continues to listen to comments on ‘buying a FCPA violation’ and provide guidance to manage the risk.

Leave a Comment

FCPA Compliance and Ethics Blog

April 10, 2013

Q: Do You Tell The Central Bank What To Do? A: ‘In Which Country’?

January 28, 2013

Boeing and the Conduct of Due Diligence on Sub-Suppliers

December 30, 2012

The Lilly FCPA Enforcement Action Part I – Key Lessons Learned on Sportsmanlike Conduct

December 12, 2012

Doing More with Less in Your Compliance Program (Not the 2013 Astros)

November 9, 2012

The Red Scare: Knowledge and the Importance of Due Diligence

November 7, 2012

DEEP LEVEL DUE DILIGENCE: What you need to know

October 21, 2012

Brother Can You Swop a Car? FCPA and Bribery Act Implications in the Barter Economy

October 11, 2012

Send Lawyers, Guns and Money – Some Steps Law Firms Should Consider

August 14, 2012

Pfizer DPA Part III – What Does It All Mean?

June 28, 2012

2012 First Half FCPA Enforcement Round-Up: Part II

January

Blogroll

Pages

Admin

Read by Email

Follow “FCPA Compliance and Ethics Blog”

May 2013
M	T	W	T	F	S	S
« Apr
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31