FCPA Compliance and Ethics Blog

November 2, 2010

Proposed Reforms to the FCPA: the Compliance Defense and Respondeat Superior

In a Whitepaper entitled “Restoring Balance-Proposed Amendments to the Foreign Corrupt Practices Act”, authors Andrew Wiessmann and Alixandra Smith, writing on behalf of the US Chamber Institute for Legal Reform who recently proposed amending the Foreign Corrupt Practices Act (FCPA), argue that the time is ripe to amend the FCPA to make the statute more equitable and its requirements clearer. They propose five (5) amendments to the FCPA which they argue would serve to improve the Act. This post will discuss, in greater specificity, their first proposal: to create a compliance defense available to a company if it has an adequate compliance program, similar to the “adequate procedures” defense available under the UK Bribery Act. 

Under this suggestion the authors believe that companies will increase their compliance with the FCPA because they will now have a greater incentive to do so. They envision a defense similar to the “adequate procedures” defense available under the UK Bribery Act where companies will be protected if a rogue employee engages in corruption and bribery despite a company’s diligence in pursuing a FCPA compliance program; and lastly “it will give corporations some measure of protection from aggressive or misinformed prosecutors, who can exploit the power imbalance inherent in the current FCPA statute—which permits indictment of a corporation even for the acts of a single, low-level rogue employee—to force corporations into deferred prosecution agreements.” 

The authors set out the recently released UK Bribery Act Consultative Guidance as one basis of this proposed compliance defense. This Guidance listed 6 Principles of an effective anti-bribery and anti-corruption program which are: 

1.         Risk Assessment – knowing and keeping up to date with the bribery risks you face in your sector and market.

2.         Top Level Commitment – this concerns establishing a culture across the organization in which bribery is unacceptable.

3.         Due Diligence – knowing who you do business with; knowing why, when and to whom you are releasing funds; seeking reciprocal anti-bribery agreements; and being in a position to feel confident that business relationships are transparent and ethical.

4.         Clear, Practical and Accessible Policies and Procedures – this concerns applying them to everyone you employ and business partners under your effective control.

5.         Effective Implementation – going beyond ‘paper compliance’ to embedding anti-bribery in your organization’s internal controls, recruitment and remuneration policies, operations, communications and training on practical business issues.

6.         Monitoring and Review – auditing and financial controls that are sensitive to bribery and are transparent, considering how regularly you need to review your policies and procedures, and whether external verification would help. 

The authors also discuss the Italian Anti-Bribery Bill, which was enacted in 2001. The statute provides a defense under which a business may avoid liability if it can demonstrate that, before employees of the company engaged in a bribery or corruption, the company had (1) adopted and implemented a model of organization, management and control designed to prevent that crime, (2) engaged an autonomous body to supervise and approve the model, and (3) the autonomous body adequately exercised its duties. Further, to determine whether the compliance program was effectively designed, the Italian law required consideration of the following factors: 

1.         Management of Resources – whether financial resources were managed in a way that discouraged the prohibited conduct.

2.         Provision of Information to Management – whether the compliance program required officers and employees to supply the persons responsible for monitoring the compliance program with the necessary information to ensure their compliance with it.

3.         Disciplinary Measures – where there measures in the compliance program which punished those employees who violated the program. 

The authors note that while concepts from both of the above laws are embedded within the US Sentencing Guidelines, they are considered at a very different phase of the criminal process than in the US. Under both the UK and Italian laws, these factors are considered during the liability phase of an anti-bribery or anti-corruption proceeding. In the US, the factors of the adequacy of a compliance program are considered by the Department of Justice (DOJ) in deciding if a corporation “should have a slight reduction in its culpability score when sentencing it for FCPA or other violations.” The authors believe that the adoption of such a compliance defense will not only increase compliance with the FCPA by providing businesses with an incentive to deter, identify and self-report potential and existing violations, but will also protect corporations from employees who commit crimes despite a corporation’s diligence. 

The authors go on to state that the institution of a compliance defense will bring enforcement of the FCPA in line with US Supreme Court precedent, which has recognized that it is appropriate and fair to limit the legal doctrine of respondeat superior liability where a company can demonstrate that it took specific steps to prevent the offending employee’s actions. In the employment context involving punitive damages, the authors cite to the case of Kolstad v. American Dental Ass’n, 527 U.S. 526 (1999) for the proposition that, “an employer may not be vicariously liable for the discriminatory employment decisions of managerial agents where these decisions are contrary to the employer’s ‘good-faith efforts to comply with Title VII.’” The authors believe that this holding was motivated by a concern that the existing standard was “dissuading employers from implementing programs or policies to” comply with Title VII for fear that such programs would bring to light violations for which a company would ultimately be liable, no matter what steps it had undertaken to prevent such violations. From this Title VII case involving punitive damages, the authors extrapolate that businesses may similarly be dissuaded from instituting a rigorous FCPA compliance program for fear that the return on such an investment will be only to expose the company to increased liability and will do little to actually protect the company. A FCPA compliance defense will help blunt this. 

Other commentators have noted that the doctrine of respondeat superior puts a company a great disadvantage in any FCPA enforcement proceeding. In a blog post entitled, “Quiz Time Answer”, the FCPA Professor explained: 

Individual FCPA defendants tend to work for companies. Under respondeat superior theories of liability, the company is going to have a very difficult time “distancing” itself from its employees conduct.” 

The FCPA Blog went further, opining that the doctrine of respondeat superior “does more harm than good” and that corporations are “defenseless once employees are found to have committed [FCPA] violations” in an enforcement action because of the doctrine of respondeat superior. In a blog post entitled, “Naked Corporate Defendants”, the FCPA Blog said: 

Sure, it produces a 100% corporate “conviction” rate in FCPA cases, which must go down well at the Justice Department. But, it probably doesn’t deter illegal behavior or encourage better compliance programs. And it puts overwhelming pressure on organizations to resolve threatened criminal cases. Because of the catastrophic effects of any potential conviction, companies have to settle with the government. So they rush into agreements that may require them to waive the attorney–client privilege, hand over employees’ private documents and data, cut off support for their legal defense, and fire those who don’t cooperate with government investigations. ”

This pressure to settle and avoid the fate of Arthur Anderson is often on the minds of many corporate General Counsel’s and other corporate officers. The FCPA Professor, in the same blog post cited above, noted that “corporate FCPA enforcement actions tend to be resolved through a non-prosecution agreement, a deferred prosecution agreement, or a plea. Entering into one of these resolution vehicles is often easier, more cost efficient, and more certain than actually mounting a legal defense based on the FCPA’s statutory elements. Further, because these resolution vehicles are subject to little or no judicial scrutiny and are entered into the context of the DOJ possessing certain “carrots” and “sticks” they do not necessarily reflect the triumph of one party’s legal position over the other.” 

Many corporations are faced with a true Hobson’s Choice during a FCPA enforcement action. Simply put, they do not believe that they can face the prospect of a guilty verdict after trial to a judge or jury. While there is the example of Aibel Group Ltd., which pled guilty to a FCPA charge during the pendency of its Deferred Prosecution Agreement and survived; the example of Arthur Anderson is the one which is foremost in the minds of all corporate officers. The provision of a compliance defense as suggested by authors Wiessmann and Smith may provide companies with a mechanism to actually defend themselves from a FCPA enforcement action. However, it is not clear at all what the DOJ position will be on this issue.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2010

US Sentencing Guidelines Changes Become Effective November 1

Yesterday, on November 1, 2010, the proposed changes in the US Sentencing Guidelines became effective. This post will highlight the changes and what they may import for the FCPA compliance professional. The US Sentencing Guidelines are used in the sentencing of organizations and serve as the de facto blueprint for corporate ethics and compliance programs. The changes, which were approved at an April meeting of the US Sentencing Commission and were formally submitted to Congress by May 1, became effective yesterday. These proposed changes followed public hearings and public comment period which ended in March. The most significant changes in the Sentencing Guidelines are as follows.

1. Direct Report. The amendment changed the reporting structure in corporations where the Chief Compliance Officer (CCO) reports to the General Counsel (GC) rather than a committee on the Board of Directors. The change reads “the individual…with operational responsibility for the compliance and ethics program…have direct reporting obligations to the governing authority or any appropriate subgroup… (e.g. an audit committee or the board of directors)”. If a company has the CCO reporting to the GC, who then reports to the Board, such structure may not qualify as an effective compliance and ethics program under the amended Sentencing Guidelines. The better practice would now appear to be that the CCO should be a direct report to the Board or appropriate subcommittee of the Board such as compliance or audit. 

2. Discovery of Problem Inside the Organization Rather Than Outside. This amendment encourages a company to have a hotline and other mechanisms to detect any compliance and ethics violations internally. While most companies have a Code of Conduct, with attendant implementation policies and procedures in place, training thereon and a hotline; many companies have yet to implement any type of self-audit program to measure Foreign Corrupt Practices Act (FCPA) compliance program performance. This encourages companies to not only monitor its internal self reporting to actively test the information available to it through a system such as continuous controls monitoring. 

3. Promptly Report. This amendment inserts specific language regarding the “prompt” reporting of any violation of a compliance and ethics program. While no definition of the word “prompt” is provided, the revisions to the Commentary note that an organization will be “allowed a reasonable time to conduct and internal investigation” and that no reporting is required if “… the organization reasonably concluded…that no offense has been committed”. Nevertheless this language reiterates what many former Department of Justice (DOJ) employees tell industry representative at conferences and events regarding the FCPA. It is always preferable to report a violation to the US government rather than the US government finding out and coming to you. 

4. No Person With Operational Responsibility Condoned or Was Willfully Ignorant. This proposed amendment is aimed at those personnel within a company’s compliance and ethics organization. While operational responsibility could be defined to mean only those who might report to the Board, this commentator would suggest the better approach is to include all company personnel with direct reporting responsibility in the compliance and ethics group. The definition of “willfully ignorant” has not changed from the current version of the Sentencing Guidelines, which is provided in Application Note 3 of Commentary to §8A1.2 (Application Instructions-Organizations). The definition reads in full “An individual was “willfully ignorant of the offense” if the individual did not investigate the possible occurrence of unlawful conduct despite knowledge of circumstances that would lead a reasonable person to investigate whether unlawful conduct had occurred”. 

All companies subject to the Foreign Corrupt Practices Act should review their compliance policies and procedures to ascertain if they are in compliance with these changes. With the upcoming effective date of the UK Bribery Act on April 1, 2011, companies should have a comprehensive review of their compliance program to determine if any changes need to be made.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author can be reached at tfox@tfoxlaw.com.

Blog at WordPress.com.