FCPA Compliance and Ethics Blog

January 30, 2012

Apollo 1 and a Compliance Dozen – How to Design a Program for Foreign Business Partners

Friday, January 27 was the 45th anniversary of the Apollo 1 disaster. As reported by Brian Vastag, in an article in the Washington Post entitled “45 years after America’s first space tragedy, lessons linger, it was a “launchpad fire which killed three NASA astronauts during testing of the then-new Apollo capsule. Reviews found that the early design of the craft was fatally flawed. Faulty wiring probably sparked the blaze that killed Roger Chaffee, Gus Grissom and Ed White. Among other problems, engineers saved weight by filling the capsule with pure, low-pressure oxygen instead of air, which is 80 percent inert nitrogen.”

One of the clear pieces of guidance from the Department of Justice (DOJ) is that a ‘tick-the-box’ compliance program is not only insufficient; it will not protect a company if a Foreign Corrupt Practices Act (FCPA) violation is discovered. However, many compliance practitioners do not know what should be analyzed regarding foreign business partners. I recently attended the ACI FCPA Boot Camp in Houston, home of the Johnson Space Center. One of the presentations dealt with how to design an overall program to evaluate, contract with, and manage foreign business partners. Furthermore, the presentation focused on how to assess the information obtained through the due diligence process. The presenters discussed a 12 point evaluation process for reviewing, assessing, then contracting with and managing foreign business partners. The steps are as follows:

  1. Consider reputation for corruption in the country. You clearly need to review information from governmental organizations, such as the US Department of Commerce and State. A widely used source is from non-governmental organizations, such as Transparency International. Additionally, there are private sources such as World Check’s Country Check and the FCPA Database that you can use to review and determine a country’s overall reputation for corruption.
  2. Competence of foreign business partner. This is a two-part analysis. It includes a review of the qualifications of the candidate for subject matter expertise and the resources to perform the services for which they are being considered. However, it also in includes an identification of the representative’s expected activities for your company.
  3. Determine the integrity of the foreign business partner. There are several different methods that can and should be employed for this inquiry. Initially there should be an internal point of contact with the potential foreign business representative who can be used to obtain documents and financial, commercial and compliance references. After obtaining this initial information, you should review US and non-US restricted party lists and other media/internet searches. Next you should, at a minimum, obtain comments back from all references and if needed interview these references. Lastly, you should consider conducting an interview with the candidate. This can be done in house or through a company which specializes in investigations.
  4. Identify relationships between agent and foreign governmental official. This inquiry requires a detailed review of the ownership and officers/directors and key employees of the foreign business partner. You will need to obtain and review entity information and documentation. If this is in a foreign language you will need to have it translated. One last point here is that you may now need  to look at customers as well to ascertain past and present relationships with government agencies.
  5. Business justification for use of agent and reasonableness of compensation. Here you should begin the entire process by requiring the relevant business unit which desires to obtain the services of any foreign business partner to provide you with a business justification including current opportunities in territory, how the candidate was identified and why no currently existing foreign business relationships can provide the requested services. Your next inquiry should focus on the terms of the engagement, including the commission rate, the term of the agreement, what territory may be covered by the agreement and if such relationship will be exclusive.
  6. Ensure that answers provided by the representative or business partner to due diligence questions are accurate and complete. This is the old Ronald Reagan maxim of ‘trust but verify’. You must verify information received from the prospective foreign business partner with interviews of business references and background searches.
  7. Ensure compliance with local laws. This means that both the relationship that you envision is legal within the foreign jurisdiction and that the foreign business partner will comply with all local laws.
  8. Integrate FCPA contract safeguards. You will need to incorporate the DOJ required language, listed in its 13 point minimum best practices compliance program. These compliance terms and conditions are found in Attachment C of all Deferred Prosecution Agreements (DPAs), entered into by the DOJ since at least November, 2010.
  9. Provide for continuing oversight. After you have performed your due diligence, evaluated it and then entered into the contract for services, now the real work begins. You must manage that relationship. I suggest that you do so through a business unit sponsor for all foreign business partners. Such person must be assigned to and be responsible for ensuring continuing oversight of the foreign business partner.
  10. Maintenance of books and records. This requirement also has two parts. Clearly your company must maintain appropriate internal controls over all its foreign business partners but your foreign business partner must also maintain such accurate records. I would go further to add that you should audit these records to ensure compliance.
  11. Seek guidance from DOJ. As I mentioned above there are several different resources available to the compliance practitioner for information relating to foreign business partners. These include the minimum best practices as set forth in Attachment C to each DPA; DOJ Opinion Releases; Securities and Exchange (SEC) enforcement actions. Also remember your company can avail itself of the Opinion Release procedure and request guidance from the DOJ via that mechanism.
  12. Use consistent standards and common sense. You should not check your common sense at the door when you become a compliance officer. The surest way to get into trouble is by ignoring your own internal warning signs. If a relationship feels bad to you, or something does not quite ‘smell right’ about a proposed foreign business partner, listen to that sensation. It may be a situation where more due diligence is required or a situation where you should walk away. Additionally, you should use consistent terms and conditions across industries and services, such as with customs brokers and freight forwarders.

The Apollo 1 tragedy still haunts NASA today. Vastag noted that “The tragedy is still etched on NASA’s collective psyche.” One NASA veteran, Travis Thompson, worries that the commercial companies which now lead most of American’s space efforts “have not absorbed the prime lesson of Apollo 1 — that bad design begets tragedy.” The 12 point program set out above will help your company to work through any issues with foreign business partners and by following it, you may well prevent your company from having its own compliance failure.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Blog at WordPress.com.