FCPA Compliance and Ethics Blog

November 9, 2012

The Red Scare: Knowledge and the Importance of Due Diligence

 Ed. Note-we continue our series of guest posts from our colleague Mary Shaddock Jones, who today looks at the importance of due diligence.

At midnight on November 9, 1989, East Germany’s rulers gave permission for the Berlin Wall, separating East and West Berlin, to be opened up.  Ecstatic crowds immediately began to clamber on top of the Wall and hack large chunks out of the 28-mile barrier.  I remember viewing the scene on T.V.  It was a momentous moment in world history.  For those of you who may not know, while East Germany never officially adopted a “red flag” for its country, on most official buildings, the national flag (black-red-gold with hammer and circle) was flown with a solid red flag flown next to it!  Twenty-two years later the “fall of the Red Flag of East Berlin”, seems like distant memory.  However, for businesses doing business internationally the “red flag” has once again come to represent a warning or a threat in terms of liability under the FCPA

The Lay Person’s guide to the FCPA published by the Department of Justice warns U.S. firms about their choice of overseas partners and agents. A bad choice is someone who is likely to make corrupt payments. That likelihood, the DOJ says, is usually indicated by warning signs called “red flags.” If there are red flags to start with, and if the intermediary does bribe a foreign official to help the business, the company will have trouble arguing it shouldn’t be responsible for an FCPA violation based on an indirect corrupt payment.

Red flags, as the name suggests are easy to spot, and include such things as: (1) unusual payment patterns or financial arrangements;  (2) a history of corruption in the country;  (3) a refusal by the foreign joint venture partner or representative to certify that it will not take any action that would cause the U.S. firm to be in violation of the FCPA; (4) unusually high commissions; (5) Lack of transparency in expenses and accounting records; (6) An apparent lack of qualifications or resources on the part of the joint venture partner or  representative to perform the services offered; and, (7) a recommendation from the local government of the intermediary to hire this particular third party.

Although red flags are often relatively easy to discover, the failure to look may result in a company being subject to severe penalties.  As a result,  prior to dealing with any third party, companies should conduct Due Diligence in an  attempt to discover whether the third party is involved in any prohibited corrupt practices or has some connection to a foreign government official that you may not be aware of.  Due diligence is thus an essential tool, as it allows one to acquire knowledge of any existing or potential “red flags”, thus enabling entities to make informed decisions on whether or not to interact with or transact business with certain persons and entities.

The practical pointer for today’s blog is this- The undeniable truth is that Companies must know who they are doing business with and, as importantly, why they are choosing to do business with this particular entity.  This requires the accumulation of information! In order to collect adequate information concerning prospective third-party Agents or Business Partners, many companies are now using a consistent set of tools, for example: (1) questionnaires requiring the person within the company who is recommending the retention of a third party to provide basic information such as the reasons for engagement, the specific services required, how prospective third-party individuals or companies were selected for possible service, relevant experience and capabilities of the prospective third party, whether the prospective third-party would need to interact with government officials, how much and in what manner the third party should be compensated, etc.; (2) a questionnaire submitted to the prospective third party requesting significant information regarding the ownership, physical location, management, experience, relationship to foreign government officials, references of the third party and an assurance by the third party that it understands and is willing to comply with anti-corruption laws and regulations; (3) some method of vetting the reputation and background of the prospective third-party representative or business partner. Ultimately,  the level of due diligence required will generally be commensurate with the level of perceived risk.

When conducting due diligence of high-risk third parties, one should typically employ the services of  third party professionals.  These professionals can help insure that the high risk third party does not pose potential FCPA liability through the use of various means such as: checks of corporate filings and business records, legal proceedings, Internet searches, and adverse media checks.  Furthermore,  many emerging markets and developing countries pose such a great risk of FCPA liability, that additional due diligence procedures including “in-country” (a/k/a “boots on the ground”) searches may be required such as: conducting searches of localized public records, phone interviews, site visits, and reference checks.

Consider the following policy language:

Under the U.S. FCPA,  the Company and its Personnel could be liable for indirect offers, promises of payments, or payments to any Government Official (or to private entity if the UK Bribery Act is involved) if such offers, promises, or payments are made through an Agent or Partner with the knowledge that a Government Official will be the ultimate recipient. As a result, it is important that the Company, through the Company Compliance Officer, consider the necessity of conducting anti-corruption due diligence on a prospective Agent or Partner. If after performing a risk assessment the Company concludes that a due diligence investigation should be conducted, then the extent of the investigation must be determined.  The degree of due diligence the Company will perform depends upon a lot of factors, including the dollar value of the arrangement, the expected contact with government officials, and the country at risk.  In making the determination, the Company will consider whether the transaction raises “red flags”.

Examples of common “red flags” with third parties are as follows:

  • The prospective acquisition target, Agent, or Partner insists that its identity remain confidential or refuses to divulge the identity of its owners, directors, or officers.
  • Family, business or other ‘special’ ties with government or political officials.
  • Reputation for violation of local law or company policy, such as prohibitions on commissions, or currency or tax law violations. Also negative press, rumors, allegations, investigations or sanctions.
  • The transaction or the prospective acquisition target, Agent, or Partner is or operates in a country where there is widespread corruption or a history of bribes and kickbacks
  • Requests from government officials or agencies to engage or hire specific third parties.
  • Inadequate credentials for the nature of the engagement or lack of an office or an established place of business.
  • Missing or inadequate documentation to support services and invoices. Unsupported charges or expenses, requests for payment of non-contracted amounts.
  • Convoluted or complex payment requests, such as payment to a third party or to accounts in other countries, requests for payments in cash or requests for upfront payment for expenses or other fees.
  • Requests for political, charitable contributions or other favors as a way of influencing official action.
  • Third party has a reputation for getting ‘things done’ regardless of circumstances or suggests that for a certain amount of money, he can fix the problem or “make it go away”.

All due diligence investigations conducted by the Company will include an analysis of potential “red flag” issues.  Investigations of potential “red flag” issues should be carefully documented and relevant documents, such as due diligence, questionnaires, reports, and compliance certificates, should be maintained by the Company Compliance Officer or his or her designee.

On Monday, we will examine contractual language to consider when contracting with approved Agents and Partners.  Stay tuned.

 Mary Shaddock Jones has practiced law for 25 years in Texas and Louisiana primarily in the international marine and oil service industries.  She was of the first individuals in the United States to earn TRACE Anti-bribery Specialist Accreditation (TASA).  She can be reached at msjones@msjllc.com or 337-513-0335. Her associate, Miller M. Flynt, assisted in the preparation of this series.  He can be reached at mmflynt@msjllc.com.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor.

 

June 5, 2012

How to Influence FPCA Compliance as a Minority JV Partner

How does a company work towards achieving compliance with the Foreign Corrupt Practices Act (FCPA) in a Joint Venture (JV) or other business relationship where it holds less that 50% of the control? That question is often faced by US companies when they enter into a JV in many countries which require a majority of local ownership or even a 50-50 split in ownership. Some tactics that the compliance practitioner might employ were discussed in an article in the June issue of the Harvard Business Review, entitled, “The Perils of Partnering in Developing Markets”, in which Johns Hopkins (Hopkins) Medicine International Chief Executive Officer (CEO) Steven J. Thompson wrote about his company’s experience in partnering with a charity in Turkey to build and operate a “state-of-the-art medical facility.”

While not directly discussed in the article it is certainly worth noting that in partnering to create hospitals overseas, Hopkins is always dealing with the FCPA as health care services generally and hospitals particularly are run by the foreign government in which the hospital is located. However, the problems Hopkins encountered and some of the solutions provide excellent insight into compliance challenges that a company might well face when it moves into a developing market. Thompson began by noting that as a non-profit Hopkins always takes a minority interest or none at all. This requires Hopkins to operate not as typical JV or other type of partner but “more like consultants with a broad range of responsibility and high level of authority.” The other thing that I found quite interesting was that as a non-profit, the most important thing to Hopkins is its good name; in other words it is far more concerned about reputational damage than financial loss. Some of the key lessons learned were as follows.

Filling the Local Talent Gap

Even if the country’s laws do not require that local persons be the entity’s managers, most local partners insist upon it. Thompson has learned that fighting this “rarely pays out.” Instead Hopkins seeks to team its advisors with the local executives, so that the advisors will have the ability to influence both “process and culture.” Overtime, Hopkins has found that the top local managers cannot push as hard or as strongly for innovation and culture change so that the Hopkins team can begin to take over the top management functions.

A key component for long term success is training. This includes local training in all aspects of hospital management and financial operations. Additionally, Hopkins establishes a strong recruiting pipeline for bringing back to Baltimore, the home of Hopkins, so that they can be trained at and see how the facilities are run in the US.

When Best Practices Collide with Culture

In most medical treatment outside the US, the culture is such that a Doctors judgment is never questioned. This is quite different from the Hopkins experience in the US, where other providers of health care are empowered to challenge the decisions of senior physicians where a patient’s health may be at risk. The Hopkins approach when “confronted with a culture clash is to determine whether we really need to challenge the culture.” With this approach, Hopkins found that it could accomplish its goals, “within the cultural constraints” in which it operated. When it could not do so, it “seeded the staff with professionals who could lead by example” so that in the case of the culture of deference to Doctors whose authority was not challenged, senior nurses were brought in from countries where such a tradition did not exist. Once others saw that patient outcomes were steadily improved, “they began to come around and the culture of deference receded.”

Mitigating Risk

In many ways, I found the Hopkins experience in mitigating risk to be the most interesting. Here Thompson said that the pre-agreement due diligence process, which he termed “choosing the right partner and learning to read the signs from up-front negotiations are critical”, were two of the most critical factors. He identified factors such as foreign institutions which only desired short-term profit or were trying to capitalize on the Hopkins name as “anathema to success.” He wrote that these factors can be ascertained through long conversations with potential partners about goals such as sustainable quality and commitment rather than on financial returns alone. Mimicking the requirements under the US Department of Justice’s (DOJ’s) minimum best practices compliance program, Hopkins requires strong contract language regarding the commitments made by any foreign partner. Lastly, if a relationship begins to sour or otherwise have problems, Hopkins is not afraid to rethink its position or even end the relationship after appropriate consideration. To help facilitate this from the legal perspective, Hopkins requires a “termination for convenience clause” in its contracts.

Project Checklist

Another interesting aspect of the Hopkins approach was in the implicit use of risk assessment. Thompson included the below chart to illustrate “How Johns Hopkins Sizes Up International Risk”. I found that these concepts speak to an on-going approach to risk assessment so that the process is continuous and therefore allows for continuous improvement.

Evaluating the Opportunity

Getting up to Speed

Operating Over Time

Assess the potential partner’s willingness to commit resources. Engage experts to hire key personnel and to design processes. Stabilize processes and create feedback loops.
Assess regional constraints. Establish training and mentoring programs for local managers and professionals. Transfer more responsibilities to local managers.
Work with your local partner on a project plan and a business plan. Set up clinical, operations and financial performance metrics. Establish local education and recruitment pipelines.
Ensure that your local partner has a clear understanding of, and realistic expectations for the project. Establish quality, safety and efficiency processes. Establish regional marketing programs.
Set up a time for accreditation. Consider new initiatives and expansion.

If Trouble Arises

Thompson concluded is article with a list of action items that you can perform if there are signs of trouble. So, following McNulty’s Maxim No. 3 of “What did you do to remedy it?”, I list the following actions steps your company can take at three different stages of a JV relationship.

1. In the Evaluation Phase

  • If your concerns are modest, propose a smaller, several months-long pilot consulting project.
  • If your concerns are serious, you would walk away from the deal.

2. In the Start-Up Phase

  • Engage experts to hire the Key JV personnel and to design the appropriate processes.
  • Increase the number of ex-pat professionals involved in the JV.
  • Expand your support to local managers.
  • If warranted, revise strategic plans and consider replacing the onsite management.
  • If severe problems arise, consider scaling back or terminating the JV

3. As the Relationship Matures

  • Strengthen your training and mentorship.
  • Bring in subject matter experts (SMEs) to help solve defined problems.
  • Retool processes that may be falling short.
  • If required, reinstate key managers from your corporate headquarters or home office.
  • Freeze or reduce the scope of the JV’s activities until problems are solved.
  • Set up problems solving forums with partners in other countries.

Many US companies have struggled with how influence partners to comply with the FCPA in JV relationships. The Hopkins experience has some excellent steps that your company can take in the pre-formation stage, during contract negotiation, in post-execution contract management and then as the relationship matures. The process that Hopkins follows is one that clearly allows you to use influence, rather than the brute force of the majority right of control. It is a very good road map for you to consider and one that management should take a close look at when managing any overseas relationship.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

January 19, 2010

EFFECTIVE COMPLIANCE TRAINING

Effective Compliance Training

“Conducting effective training programs” is listed in the 2005 Federal Sentencing Guidelines as one of the factors the Department of Justice will take into account when a company, accused of an FCPA violation, is being evaluated for a sentence reduction. The Sentencing Guidelines mandate states “(4) (A) The organization shall take reasonable steps to communicate periodically and in a practical manner its standards and procedures, and other aspects of the compliance and ethics program, to the individuals referred to in subdivision (B) by conducting effective training programs and otherwise disseminating information appropriate to such individuals’ respective roles and responsibilities.”

But what is an “effective training program”? Andrea Wrage has written in her blog Wragblog and Ethisphere Magazine that she believes there are two general approaches to ethics and compliance training. The first approach focuses on knowledge of the rules “as clear and sharp as barbed wire” so that the cowboys in the company will not run wild. This is the approach most US in-house lawyers feel is required for their company’s operations teams and is generally designed to help avoid criminal liability.

The second is to train on ethical values and is more prevalent in Europe where ethics and compliance are more designed to communicate a company’s underlying corporate values in its operations. This approach anticipates that most employees are decent and law-abiding and will not knowingly engage in bribery and corruption. Additionally, you can never create enough rules to govern every situation and train each employee on every rule so a company must hire trustworthy people and give them sufficient information to make the correct ethical and compliant decision. Ms. Wrage characterizes the two different approaches as “ethics” vs. “values”.

Both approaches have merit but both can catastrophically fail without the other components of an effective compliance program. Although it was not brought down by an FCPA violation, the Enron Code of Ethics was viewed (at least at one time) as one of the strongest in the energy industry. And not to focus on US companies only, Siemens had one of the most robust Codes of Ethics for a European company before its multi-billion dollar (or euro-take your pick) fine and profit disgorgement. So the training on both of these company’s “Gold Standard” codes of ethics did not turn out to be too helpful.

So what should a company’s training focus on to be “effective” under the Sentencing Guidelines? It appears that effective ethics and compliance training should emphasize both approaches. Americans are long taught what the rules are in whatever life they choose. They expect to be told what the rules will be so that they know where the line is drawn that they should not step over. Probably the single comment I have heard the most when putting on ethics and compliance training in the US is “Just tell me what I can and can’t do”. However, really effective training requires that employees be able to apply the rules to the incredibly wide and ever-changing situations which confront them in the real world. This is where communicating a company’s values are important. In other words, how would your conduct look if it was plastered on You Tube the next week?

This is the first of a two-part series on ethics and compliance training.

——————–
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication.

© Thomas R. Fox, 2010

January 11, 2010

Robert Kennedy, the Travel Act and the FCPA

Robert Kennedy, the Travel Act and the FCPA

What does Robert Kennedy have to do with the Foreign Corrupt Practices and how has a nearly 50 year old statute aimed at US based organized crime now impacted the FCPA? It turns out quite a bit and perhaps it will be quite a bit more in significantly widening the scope of the FCPA.

Robert Kennedy’s contribution is that while Attorney General, he urged Congress to enact the Travel Act in 1961 which was passed as part of the same series of bills as the Wire Act and was a part of his program to combat organized crime and racketeering. The Travel Act is aimed at prohibiting interstate travel or use of an interstate facility in aid of a racketeering or an unlawful business enterprise. It prohibits the use of communications and travel facilities to commit state or federal crimes, but until now was mostly known for its use in prosecutions for domestic crimes. Its impact to the FCPA is that the Travel Act applies to foreign as well as interstate commerce; it can be also used to prosecute those US companies and individuals which engage in bribery and corruption of foreign officials AND commercial bribery and corruption of private foreign citizens.

The Travel Act elements are: (1) use of a facility of foreign or interstate commerce (such as email, telephone, courier, personal travel); (2) with intent to promote, manage, establish, carry on, or distribute the proceeds of: (3) an activity that is a violation of state or federal bribery, extortion or arson laws, or a violation of the federal gambling, narcotics, money-laundering or RICO statutes. This means that, if in promoting or negotiating a private business deal in a foreign country, a sales agent in the United States or abroad offers and pays some substantial amount to his private foreign counterpart to influence his acceptance of the transaction, and such activity may a violation of the state law where the agent is doing business, the Justice Department may conclude that a violation of the Travel Act has occurred. For instance, in the state of Texas there is no minimum limit under its Commercial Bribery statute (Section 32.43, TX. Penal Code), which bans simply the agreement to confer a benefit which would influence the conduct of the individual in question to make a decision in favor of the party conferring the benefit. As noted below, the state of California bans payment of more than $1,000 between private parties for the purposes of influencing a business decision.

The Travel Act was most recently used when four executives of Control Components, Inc. (“CCI”) were indicted on April 8, 2009 for alleged violations of the FCPA’s anti-bribery provision and the Travel Act. According to the indictment, the defendants conspired to make hundreds of corrupt payments with the purpose of influencing the recipients to award contracts to CCI or skew technical specifications of competitive tenders in CCI’s favor. The Travel Act came into play as the DOJ alleged the CCI employees violated or conspired to violate California’s anti-bribery law (California Penal Code section 641.3), which bans corrupt payments anywhere of more than $1,000 between any two persons, including private commercial parties. In the indictments, the Travel Act charges relied on alleged violations of California’s anti-corruption law.

On July 31, 2009, CCI itself pleaded guilty to substantive FCPA anti-bribery charges and to conspiring to violate both the FCPA and the Travel Act. CCI admitted that, between 2003 and 2007, its employees made more than 150 corrupt payments, totaling approximately $4.9 million, to officials of state-owned enterprises in China, Korea, Malaysia, and the United Arab Emirates, and paid $1.95 million in bribes to officers and employees of foreign and domestic private companies in violation of the Travel Act. CCI agreed to pay a criminal fine of $18.2 million and to retain an independent compliance monitor for three years.

In July 31, 2009 Press Release announcing CCI’s guilty plea, the DOJ referenced the Company’s private overseas bribery. It said:

According to the information and plea agreement, from 1998 through 2007, CCI violated the FCPA and the Travel Act by making corrupt payments to numerous officers and employees of state-owned and privately-owned customers around the world, including in China, Korea, Malaysia and the United Arab Emirates, for the purpose of obtaining or retaining business for CCI. Specifically, from 2003 through 2007, CCI paid approximately $4.9 million in bribes, in violation of the FCPA, to officials of various foreign state-owned companies and approximately $1.95 million in bribes, in violation of the Travel Act, to officers and employees of foreign and domestic privately-owned companies. [DOJ Press Release: http://www.justice.gov/criminal/pr/press_releases/2009/07/07-31-09control-guilty.pdf

The CCI matter was not the first case to use the Travel Act in conjunction with the FCPA. As reported in the FCPABlog, is the mater of U.S. v. David H. Mead and Frerik Pluimers, (Cr. 98-240-01) D.N.J., Trenton Div. 1998. In this case defendant Mead was convicted following a jury trial of conspiracy to violate the FCPA and the Travel Act (incorporating New Jersey’s commercial bribery statute) and two counts each of substantive violations of the FCPA and the Travel Act. In its 2008 article entitled, “The Foreign Corrupt Practices Act: Walking the Fine Line of Compliance in China” the law firm of Jones, Day reported the case of United States v. Young & Rubicam, Inc., 741 F.Supp. 334 (D.Conn. 1990), where a Company and individual defendants pled guilty to FCPA and Travel Act violations and paid a $500,000 fine. In addition to the Mead and Young and Rubicam cases, the DOJ’s website on “A Lay Person’s Guide to the FCPA, specifically states that “other statutes such as the mail and wire fraud statutes, 18 U.S.C. § 1341, 1343, and the Travel Act, 18 U.S.C. § 1952, which provides for federal prosecution of violations of state commercial bribery statutes, may also apply…” to US companies doing business overseas. See: http://www.justice.gov/criminal/fraud/docs/dojdocb.html

What does this mean for US companies doing business overseas? The FCPA Professor and others have written extensively on the broadening of the definitions of who is a ‘foreign official’ and what is a ‘state owned entity’ under the FCPA. However with the incorporation of the Travel Act into FCPA prosecutions, these broad definitions may be completely blurred away if all foreign private citizens can be brought in under the FCPA by application of the Travel Act. US companies doing business overseas, which have a distinction in their FCPA compliance policies between gifts for and travel and entertainment of employees of private companies, and employees of state owned entities or foreign officials should immediately rethink this distinction in approach. The new decade is upon us the Kennedy-era statute of the Travel Act may become as relevant in overseas law enforcement in the 20-teens as it was in the domestic arena for the past 50 years.

——————–
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication.

© Thomas R. Fox, 2010

January 4, 2010

UTStarcom and Gifts and Entertainment Under the FCPA

To close out the FCPA year, on December 31 the telecom equipment maker UTStarcom Inc. agreed to pay the Justice Department $1.5 million in criminal fines and pay the SEC an additional $1.5 in penalties to resolve Foreign Corrupt Practices Act violations in China and Thailand. Other FCPA penalties were agreed to by the company.

As reported in the FCPABlog and the FCPA Professor last week, UTStarcom is alleged to have engaged in conduct which violated the FCPA which included:

1. Arranging and paying for travel to popular tourist destinations in the United States, including Hawaii, Las Vegas and New York City, when such trips were recorded as training expenses at UTStarcom facilities. However UTStarcom had no facilities in these areas. These trips included a cash allowance of between $800 and $3,000 per person.

2. Spending nearly $7 million lavish gifts and all-expenses paid executive training programs in the U.S. for existing and potential foreign government customers in China and Thailand.

3. Presenting expensive gifts to and engaging in entertainment with government agents such as nearly $10,000 on French wine, as a gift to agents of a government customer and spending $13,000 on entertainment expenses for the same customer in an attempt to secure business.

4. Providing foreign government customers or their family members with work visas and purportedly hiring them to work for UTStarcom in the U.S., when in reality they did no work for UTStarcom.

5. UTStarcom was also alleged to have made payments to sham consultants in China and Mongolia while knowing that they would pay bribes to foreign government officials.

Guidelines for Gifts and Entertainment under the FCPA

The UTStarcom matter provides an opportunity to review the application of the FCPA to gifts and business entertainment expenditures to foreign officials. While gift and business entertainment is an area open to vagueness under the FCPA as there are no clear guidelines in the FCPA itself or the legislative history, the conduct of UTStarcom goes far beyond anything that has been previously approved or discussed in any DOJ Release Opinions. While prohibiting payment of any money or thing of value to foreign officials to obtain or retain business, the FCPA arguably permits incurring certain expenses on behalf of these same officials. Under the FCPA, the following affirmative defense regarding the payment of expenses exists:

[it] shall be an affirmative defense [that] the payment, gift, offer or promise of anything of value that was made, was a reasonable and bona fide expenditure, such as travel and lodging expenses, incurred by or on behalf of a foreign official, party, party official, or candidate and was directly related to…the promotion, demonstration, or explanation of products or services; or…the execution or performance of a contract with a foreign government or agency thereof. 15 U.S.C. § 78dd-1(c)(2)(A)-(B).

There is no de minimis provision. The presentation of a gift or business entertainment expense can constitute a violation of the FCPA if this is coupled with the corrupt intent to obtain or retain business. With the above in mind and DOJ Release Opinions, the following are suggested guidelines for gifts and business entertainment.

A. Gifts to Governmental Officials

Based upon the FCPA language and relevant Release Opinions (Opinions 81-01, 81-02 and 82-01), a Company can provide gifts up to an amount of value of $250. Below are the guidelines which the Release Opinions would suggest that a Compliance Policy incorporate regarding gifts:

• The gift should be provided as a token of esteem, courtesy or in return for hospitality.
• The gift should be of nominal value but in no case greater than $250.
• No gifts in cash.
• The gift shall be permitted under both local law and the guidelines of the employer/governmental agency.
• The gift should be a value which is customary for country involved and appropriate for the occasion.
• The gift should be for official use rather than personal use.
• The gift should showcase the company’s products or contain the company logo.
• The gift should be presented openly with complete transparency.
• The expense for the gift should be correctly recorded on the company’s books and records.

B. Business Entertainment of Governmental Officials

Based upon the FCPA language (there are no Release Opinions on this point), there appears to be a threshold that a Company can establish a value for business entertainment of up to the amount of $250. However this must be tempered with clear guidelines incorporated into the business expenditure component of a Compliance Policy, which should include the following:

• A reasonable balance must exist for bona fide business entertainment during an official business trip.
• All business entertainment expenses must be reasonable.
• The business entertainment expenses must be permitted under (1) local law and (2) customer guidelines.
• The business entertainment expense must be commensurate with local custom and practice.
• The business entertainment expense must avoid the appearance of impropriety.
• The business entertainment expense must be supported by appropriate documentation and properly recorded on the company’s book and records.

C. Travel and Lodging for Governmental Officials

A Company should be able to bring foreign officials into the United States for legitimate business purposes. Once again, a key component is guidelines clearly articulated in a Compliance Policy. Based upon Releases Opinions 07-01 and 07-02, the following should be incorporated into a Compliance Policy regarding travel and lodging:

• Any reimburse for air fare will be for economy class.
• Do not select the particular officials who will travel. That decision will be made solely by the foreign government.
• Only host the designated officials and not their spouses or family members.
• Pay all costs directly to the service providers; in the event that an expense requires reimbursement, you may do so, up to a modest daily minimum (e.g., $35), upon presentation of a written receipt.
• Any souvenirs you provide the visiting officials should reflect its business and/or logo and would be of nominal value, e.g., shirts or tote bags.
• Apart from the expenses identified above, do not compensate the foreign government or the officials for their visit, do not fund, organize, or host any other entertainment, side trips, or leisure activities for the officials, or provide the officials with any stipend or spending money.
• The training costs and expenses will be only those necessary and reasonable to educate the visiting officials about the operation of your company.

The incorporation of these concepts into a Company’s Compliance Policy is a good first step towards preventing any FCPA violations from arising, but it must be emphasized that they are only a first step. These guidelines must be coupled with active training of all personnel, not only on a Company’s Compliance Policy, but also on the corporate and individual consequences that may arise if the FCPA is violated regarding gifts and entertainment. Lastly, it is imperative that all such gifts and entertainment by properly recorded, as required by the books and records component of the FCPA. One of the FCPA violations alleged against UTStarcom was that it falsely recorded these trips as ‘training’ expenses, while the true purpose for providing these trips was to obtain and retain lucrative telecommunications contracts. All business gifts, entertainment and expenses must be properly recorded.

——————–
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication.

© Thomas R. Fox, 2010

December 31, 2009

2009-The Year of the Trial

2009 FCPA-The Year of the Trial

At the end of this year, many commentators have weighed in on the changes in enforcement under the Foreign Corrupt Practices Act (FCPA) over the past decade or the catastrophic increase in fines and disgorgement of profits over the past year. I believe that in the FCPA world 2009 will be remembered as the Year of the Trial. Here is a summary of the three FCPA enforcement actions which went to a full jury verdict this year and their outcomes.

A. Frederick Bourke

The first of the convictions was delivered on July 10, 2009, when Frederic Bourke was convicted of conspiring to violate the Foreign Corrupt Practices Act; the Travel Act and lying to FBI agents. The jury found that he invested in Czech-born promoter Viktor Kozeny’s unsuccessful attempt in 1998 to gain control of Azerbaijan’s state oil company, State Oil Company of the Azerbaijan Republic (SOCAR), despite knowing Kozeny planned to bribe Azeri leaders.

In its Press Release, the Department of Justice (DOJ) stated that evidence was presented at trial established that Bourke was a knowing participant in a scheme to bribe senior government officials in Azerbaijan with several hundred million dollars in shares of stock, cash, and other gifts. These bribes were meant to ensure that those officials would privatize SOCAR in a rigged auction that only Bourke, fugitive Czech investor Viktor Kozeny and members of their investment consortium could win, to their massive profit. [DOJ Press Release can be found at http://www.justice.gov/opa/pr/2009/July/09-crm-677.html%5D

On November 12, Bourke was sentenced by the trial judge, Shira Scheindin to a sentence of ‘a year and a day’, followed by three years of probation and a $1,000,000 fine. The government had sought a sentence of 10 years as” a deterrence to others”. At the Sentencing Hearing Judge Scheindin is reported to have said: “After years of supervising this case, it’s still not entirely clear to me whether Mr. Bourke is a victim or a crook or a little bit of both.”

B. William Jefferson

On August 5, former nine-term congressman William Jefferson was convicted on 11 of 16 corruption charges. As reported in the FCPABlog, Jefferson was acquitted on Count 11 of the indictment — the only substantive FCPA charge he faced. But the jury convicted him on Count 1; which alleged three separate illegal conspiracies — to solicit bribes, deprive citizens of honest services and violate the FCPA. The jury’s verdict form did not require it to specify which of the three illegal conspiracies the panel believed he engaged in so Jefferson’s conviction on Count 1 may or may not have included a finding that he conspired to violate the FCPA. [DOJ Press release can be found at http://washingtondc.fbi.gov/dojpressrel/pressrel09/wfo111309b.htm ]

Jefferson was sentenced on November 14 to 13 years in prison by Judge T.S. Ellis. It is not clear if Judge Ellis used the FCPA-related conspiracy element to calculate Jefferson’s sentence as the jury acquitted Jefferson on the substantive FCPA charge but was convicted then on conspiracy to violate the FCPA. It may never be known. Jefferson is currently on bail pending his appeal. The DOJ had asked the trial judge for a sentence ranging from 27 to 33 years in prison.

C. Gerald and Patricia Green

The third FCPA related verdict was handed down on September 14, when Gerald Green and his wife Patricia were convicted of FCPA violations. According to the DOJ Press Release, during the period from 2002 through 2007, the Greens conspired with others to bribe the former governor of the Tourism Authority of Thailand (to the tune of $1.8MM) in order to acquire lucrative film festival contracts as well as other deals for the development of a Thai Privilege Card, a website, book, video, calendars and public relations services.

As reported in the FCPABlog on December 18, 2009, the Greens used different business entities, some with dummy addresses and telephone numbers, to hide how much they were receiving under the contracts. The jury found that Greens disguised the bribes as “sales commissions” and made the payments through foreign bank accounts of intermediaries in Singapore, the United Kingdom and Jersey, some in the name of the former governor’s daughter and a friend. [DOJ Press Release can be found at http://www.usdoj.gov/opa/pr/2009/September/09-crm-952.html.%5D

Sentencing was originally scheduled for December 17; however it has been rescheduled to January 21, 2010. The Pre-Sentencing Report was filed on December 14, 2009 and now the Justice Department now wants Gerald Green, aged 76, sentenced to life in prison. In a December 14 court filing, prosecutors said although the Pre-Sentence Report recommended a downward departure under the federal sentencing guidelines and a sentence of about 20 to 25 years, Green’s sentence should instead be enhanced. The DOJ alleged that Green was “the ring leader of the bribery plot” and said he “repeatedly and blatantly perjured himself” at his trial.

FCPA cases rarely go to trial. And even when they do, such trials rarely result in acquittals. There has not been an outright acquittal in an FCPA case since 1991. After this year, it may be that no individuals are willing to take their chances by putting their fate in front of a judge or jury for an FCPA charge. Why is it so difficult to win an FCPA case for an individual? I believe it comes down to two reasons.

The first reason relates to judges and the law. Trial judges and Courts of Appeal have not been friendly to technical legal arguments over the language of the FCPA. “What is a business nexus”; “who is a foreign official”; “what is obtaining or retaining business”, or the invocation of a “local law defense” have not received favorable rulings from courts. The second reason relates to juries and the facts. Juries do not take well to the payment of bribes. No matter how these payments are described, such as payments of over $1 million to intermediaries by the Greens, $90,000 in cash stuffed in a freezer in the Jefferson case, or, as in the Bourke case as related by the Jury Foreman, “we thought he knew” that bribery and corruption were involved in the business deal in which he was a participant, to the tune of an $8 million investment, but equally importantly “he definitely should have known”.

One of the first things one learns in law school is that “if the facts are against you argue the law” and “if the law is against you argue the facts”. However, in FCPA cases, it appears that individual defendants cannot seem to argue either way as there has been no favorable law (legal) ruling which may form the basis of legal defenses AND all FCPA cases involve large amounts of cash or money, so that the facts always look bad. So the lesson from 2009 is that a defendant should be very careful in weighing the benefits vs. the risk of an FCPA criminal trial.

December 23, 2009

Elements Of An Effective Compliance Program

Elements Of An Effective Compliance Program

In his excellent FCPA Blog, Richard Cassin has written about an effective compliance program. He notes that the purpose of an “effective compliance program” is to prevent and detect criminal conduct. In his listing his suggestions for what constitutes an “effective compliance program” Mr. Cassin based his guidance on the United States Federal Sentencing Guidelines. He suggested the following:

1. A Written Program. A company must have standards and procedures in place to prevent and detect criminal conduct.
2. Board Oversight. A public company’s Board of Directors must be knowledgeable about the content and operation of the compliance program and must exercise reasonable oversight of its implementation and effectiveness.
3. Responsible Persons. One or more individuals among a company’s high-level personnel must be assigned overall responsibility for the compliance program.
4. Operating and Reporting. One or more individuals must be delegated day-to-day operational responsibility for the compliance program. They must report periodically to high-level personnel on the effectiveness of the compliance program. The individuals must have adequate resources, appropriate authority, and direct access to the Board or Audit Committee.
5. Management’s Record of Compliance. A company must use reasonable efforts not to hire or retain personnel who have substantial authority and whom a company knows or should know through the exercise of due diligence have engaged in illegal activities or other conduct inconsistent with an effective compliance program.
6. Communicating and Training. A company must take reasonable steps to communicate periodically and in a practical manner its standards and procedures, and other aspects of the compliance program, to directors, officers, executives, managers, employees and agents — by conducting effective training programs and otherwise disseminating information appropriate to the individuals’ respective roles and responsibilities.
7. Monitoring and Evaluating; Anonymous Reporting. A company must take reasonable steps (a) to ensure that its compliance program is followed, including monitoring and auditing to detect criminal conduct, (b) to evaluate periodically the effectiveness of the compliance program and (c) to have and publicize a system, which may include mechanisms that allow for anonymity or confidentiality, whereby a company’s employees and agents may report or seek guidance regarding potential or actual criminal conduct without fear of retaliation.
8. Consistent Enforcement — Incentives and Discipline. A company’s compliance program must be promoted and enforced consistently throughout a company through appropriate (a) incentives to perform in accordance with the compliance program and (b) disciplinary measures for engaging in criminal conduct and for failing to take reasonable steps to prevent or detect criminal conduct.
9. The Right Response. After criminal conduct has been detected, a company must take reasonable steps to respond appropriately and to prevent further similar criminal conduct, including making any necessary modifications to a company’s compliance program.
10. Assessing the Risk. A company must periodically assess the risk of criminal conduct and take appropriate steps to design, implement, or modify its compliance program to reduce the risk of criminal conduct identified through this process.

In the coming weeks, we will review each of these suggested guidelines and provide nuts and bolts recommendations for you to use in crafting your own effective compliance program.

December 21, 2009

DOJ Goes for KO with Gerald Green Sentencing

In September, 2009 Gerald Green and his wife Patricia were convicted of Foreign Corrupt Practices Act (FCPA) violations. According to the DOJ Press Release, from 2002 through 2007, the Greens conspired with others to bribe the former governor of the Tourism Authority of Thailand (to the tune of $1.8MM) in order to land lucrative film festival contracts as well as other deals for the development of a Thai Privilege Card, and for a website, book, video, calendars, and public relations services. As reported in the FCPABlog on December 18, 2009, the Greens used different business entities, some with dummy addresses and telephone numbers, to hide how much they were receiving under the contracts. The jury found that Greens disguised the bribes as “sales commissions” and made the payments through foreign bank accounts of intermediaries in Singapore, the United Kingdom and Jersey, some in the name of the former governor’s daughter and a friend.

The Pre-Sentencing Report was filed on December 14, 2009 and now the Justice Department now wants Gerald Green, aged 76, sentenced to life in prison. In a December 14 court filing, prosecutors said although the pre-sentence report recommends a downward departure under the federal sentencing guidelines and a sentence of about 20 to 25 years, Green’s sentence should instead be enhanced. The DOJ alleged that Green was the ring leader of the bribery plot, the DOJ said, and he “repeatedly and blatantly perjured himself” at his trial.

Both the convictions of Gerald Green and his wife Patricia, coupled with the Government’s aggressive stance in sentencing make clear that ‘business as usual’ in overseas film work will no longer be tolerated. It should be noted that both convictions were not for “conscious avoidance” as with Frederick Bourke or conspiracy with no underlying action as with William Jefferson. The evidence in the Greens case was actual, old fashioned bribery.

The entertainment industry needs to understand that it can longer use agents/intermediaries to procure business. Further, formerly typical excessive gifts or lavish entertainment cannot be used to procure business. As many films are financed through overseas corporations for tax purposes, the potential of FCPA violations are substantially increased. In addition to the anti-bribery component of the FCPA, the Act also includes a books and records provision which requires that all payments must be properly accounted for and correctly classified. It can only be hoped that the entertainment industry sits up and takes notice that times indeed must change.

December 18, 2009

END OF GREASE PAYMENTS COMING

As recently reported in WragBlog, the OECD announced a new recommendation at the OECD’s celebration of “International Anti-Corruption Day” and the Tenth Anniversary of the “Entry into Force of the OECD Anti-Bribery Convention”. This change relates to facilitation payments (aka “grease payments”) which are legal under the Foreign Corrupt Practices Act (FCPA).

OECD Secretary-General Angel Gurría described these low-level payments, designed to expedite performance of a “routine government action” such as obtaining mail delivery, phone or power service, as “corrosive . . . particularly on sustainable economic development and the rule of law”.

Facilitation payments, also known as “expediting payments” or “grease payments,” are bribes paid to induce foreign officials to perform routine functions they are otherwise obligated to perform. Examples of such routine functions include issuing licenses or permits and installing telephone lines and other basic services. The only countries that permit facilitation payments are the United States, Canada, Australia, New Zealand and South Korea. Facilitation payments, however, are illegal in every country in which they are paid. They have come under increasing fire under the FCPA as inconsistent with the totality of US policy on anticorruption.

This change by the OECD brings the considerable problems associated with facilitation in the international business arena into keener focus. Just like large commercial bribes, grease payments abuse the public trust and corrode corporate governance. Treating them as anything other than outright bribery muddies the compliance waters and adds confusion where there should be clarity. This new stance by the OECD, coupled with the increased enforcement under the FCPA, may well bode the end of facilitation payments.

I. TRACE Facilitation Payments Benchmark Survey

In October, 2009, TRACE International published the results of its “Facilitation Payments Benchmark Survey”. TRACE conducted a global survey with the following objectives: (1) to understand how facilitation payments are perceived in the international business community, including the level of risk they are deemed to pose and the compliance challenges they present; and (2) to map corporate policies on facilitation payments, including whether they are permitted and, if so, the types of safeguards corporations impose on their payment.

The results of the TRACE survey reveal a definitive move by corporations to ban facilitation payments, coupled with an awareness of the added risk and complexity presented by facilitation payments:

• 76% of survey respondents believe it is possible to do business successfully without making facilitation payments given sufficient management support and careful planning.
• Over 70% believe that employees of their company either never, or only rarely, make facilitation payments, even if their corporate policy permits facilitation payments.
• Over 93% revealed that their job would be easier, or at least no different, if facilitation payments were prohibited in every country.
• Nearly 44% reported that their corporations prohibit facilitation payments or simply do not address them because facilitation payments are prohibited together with other forms of bribery.
• Almost 60% of respondents reported that facilitation payments pose a medium to high risk of books and records violations or violations of other internal controls.
• Over 50% believe a company is moderately to highly likely to face a government investigation or prosecution related to facilitation payments in the country in which the company is headquartered.

II. Facilitation Payments under the FCPA

The original version of the FCPA, enacted in 1977, contained an exception for payments made to non-US officials who performed duties that were “essentially ministerial or clerical”. In 1988 Congress responded by amending the FCPA under the Omnibus Trade and Competitiveness Act to clarify the scope of the FCPA’s prohibitions on bribery, including the scope of permitted facilitation payments. An expanded definition of “routine governmental action” was included in the final version of the bill, reflecting the intent of Congress that the exceptions apply only to the performance of duties listed in the subcategories of the statute and actions of a similar nature. Congress also meant to make clear that “ordinarily and commonly performed actions”, with respect to permits or licenses, would not include those governmental approvals involving an exercise of discretion by a government official where the actions are the functional equivalent of “obtaining or retaining business for, or with, or directing business to, any person”.

The FCPA now contains an explicit exception to the bribery prohibition for any “facilitation or expediting payment to a foreign official, political party, or party official for the purpose of which is to expedite or to secure the performance of a routine governmental action by a foreign official, political party, or party official”. “Routine government action” does not include any decision by a public official to award new business or continue existing business with a particular party. The statute lists examples of what is considered a “routine governmental action” including:
• obtaining permits, licenses, or other official documents to qualify a person to do business in a country;
• processing government papers, such as visas or work orders;
• providing police protection, mail pick-up and delivery, or scheduling inspections associated with contract performance or transit of goods across country;
• providing phone service, power and water supply, loading and unloading cargo, or protecting perishable products from deterioration; and
• actions of a similar nature.

There is no monetary threshold for determining when a payment crosses the line between a facilitation payment and a bribe. The accounting provisions of the FCPA require that facilitation payments must be accurately reflected in an issuer’s books and records, even if the payment itself is permissible under the anti-bribery provisions of the law

III. Risks associated with relying on the “facilitation payments” exception

Facilitation payments carry legal risks even if they are permitted under the anti-bribery laws of a particular country. In the US enforcement agencies have taken a narrow view of the exception and have successfully prosecuted FCPA violations stemming from payments that could arguably be considered permissible facilitation payments. Violations of the accounting and recordkeeping provisions of the FCPA are also more likely when a company makes facilitation payments. Abroad, countries are increasingly enforcing domestic bribery laws that prohibit such payments. Companies that allow facilitation payments face a slippery slope to educate their employees on the nuances of permissible payments in order to avoid prosecution for prohibited bribes.

A. US enforcement authorities construe the exception narrowly

Other than as discussed above, there is no definitive guidance on circumstances in which the facilitation payments exception applies. There may be less risk of enforcement by US authorities in cases involving bona fide facilitation payments that are made specifically for one of the purposes enumerated in the FCPA. However, companies still face the risk of at least facing a governmental inquiry to explain the circumstances surrounding the payments, possibly resulting in penalties based on an unanticipated restrictive interpretation of the exception.

B. Potential non-compliance with the FCPA’s accounting and recordkeeping provisions

While the anti-bribery provisions of the FCPA permit facilitation payments, the accounting and recordkeeping provisions of the law nevertheless require companies making such payments to accurately record them in their books and records. Companies or individuals may be reluctant to properly record such payments, as it shows some semblance of impropriety and effectively creates a permanent record of a violation of local law. However, failure to properly record such expenditures may result in prosecution by the Securities and Exchange Commission (SEC) even if the underlying payments themselves are permissible. One example of prosecution resulting from the misreporting of seemingly permissible facilitation payments involves Triton Energy Corporation, which settled an investigation by the SEC involving multiple alleged FCPA violations, including the miss-recording of facilitation payments. An Indonesian subsidiary of the company had been making monthly payments, of approximately $1,000, to low-level employees of a state-owned oil company in order to assure the timely processing of monthly crude oil revenues. The SEC did not charge that these payments violated the anti-bribery provisions of the FCPA; however, these payments were miss-recorded in corporate books and therefore violated the FCPA’s accounting and recordkeeping provisions. Triton Energy consented to an injunction against future violations of the FCPA and was fined $300,000.

C. Increased enforcement of non-US laws that do not recognize an exception for facilitation payments

While the FCPA and certain other national anti-bribery laws contain exceptions for facilitation payments, such payments typically are considered illegal in the country in which they are made; there is not any country in which facilitation payments to public officials of that country are permitted under the written law of the recipient’s country. Accordingly, even if a particular facilitation payment qualifies for an exception of the FCPA, it, nevertheless, is likely to constitute a violation of local law – as well as under anti-bribery laws of other countries that also might apply simultaneously – and thus exposes the payer, his employer and/or related parties to prosecution in one or more jurisdictions. While enforcement to date in this area has been limited increased global attention to corruption makes future action more likely. Countries that are eager to be seen as combating corruption are prosecuting the payment of small bribes with greater frequency.

D. Corporate approaches to facilitation payments may exceed the legitimate scope and applicability of the exception

As demonstrated in the TRACE Benchmark Survey, businesses struggle with how to address the “facilitation payments” exception in their compliance policy and procedures, if the subject is covered at all. Businesses should be wary of allowing employees to decide on their own whether a particular payment is permissible. Unless such payments are barred completely or each payment is subject to pre-approval (which in many cases would be unrealistic (e.g., passport control)), there is always the risk that an employee, agent or other person whose actions may be attributed to the company will make a payment in reliance on the exception when in fact the exception does not apply. In addition, the temptation to improperly record otherwise permissible facilitation payments has been discussed above.

IV. End of facilitation payments?

The global business environment has changed even as the FCPA has remained static. In the absence of any legislative action to roll back the facilitation payment exception, the Department of Justice (DOJ) and the SEC plainly have set out to repeal it on a case-by-case basis. US companies should recognize the weakening of the argument supporting a facilitation payment exception and should develop compliance policies that do not permit any kind of grease payments. A policy that prohibits all payments (unless there is high level of legal and compliance approval) will relieve businesses of the compliance burden of differentiating between lawful and unlawful payments. From the point of view of the modern global corporation, a compliance regime that attempts to differentiate between “good” corrupt payments and “bad” corrupt payments will do more harm than good.

November 24, 2009

RISK-BASED DUE DILIGENCE FOR SUPPLY CHAIN VENDORS UNDER THE FCPA

Quick, as the Compliance Professional within your organization, which department or group of your company spends the most money annually? Did Supply Chain immediately come to mind? Probably not. Now just as quickly, how much of your compliance efforts are focused on the Supply Chain within your organization? Other than perhaps financial due diligence, such as through Dun & Bradstreet or quality control through your QHSE group, the Supply Chain probably does not command your Compliance Department attention as do other types of third party business partners such as agents, distributors and joint venture partners. This may be coming to an end as most Compliance Professionals recognize that third parties which supply goods or services to a company should be scrutinized similarly to other third party business partners.
There are several methods that could be used to assess risk in the area of supply chain and vendors. The approach suggested by the UK’s Financial Services Authority (FSA) in its settlement of the enforcement action against the insurance giant AON would refer “to an internationally accepted corruption perceptions index” such as is available through Transparency International or other recognized authority. The approach suggested by the Department of Justice, in Release Opinion 08-02 would provide categories of “High Risk, Medium Risk and Low Risk”. Finally, writing in the FCPABlog, Scott Moritz of Daylight Forensic & Advisory LLC has suggested an approach that incorporates a variety of risk-assessment tools, including, “the strategic use of information technology, tracking and sorting the critical elements”.
This commentary proposes an approach which would incorporate all three of the above cited analogous compliance areas into one risk-based assessment program for supply chain vendors. Based upon the assessed risk, an appropriate level of due diligence would then be required. The categories suggested are as follows:
1. High Risk Suppliers;
2. Low Risk Suppliers;
3. Nominal Risk Suppliers; and
4. Suppliers of General Goods and Products.
A. High-Risk Suppliers
A High-Risk Supplier is defined as a supplier which presents a higher level of compliance risk because of the presence of one or more of the following factors:
1. It is based in or supplies goods/services from a high risk country;
2. It has a reputation in the business community for questionable business practices or ethics; or
3. It has been convicted of, or is alleged to have been involved in, illegal conduct and has failed to undertake effective remedial actions.
B. Low-Risk Suppliers
A Low-Risk Supplier is defined as an individual or private entity located in a Low-Risk Country which:
1. Supplies goods or services in a Low-Risk Country;
2. Is based in a low risk country where the goods or services are delivered, it has no involvement with any foreign government, government entity, or Government Official; or
3. Is subject to the US FCPA and/or Sarbanes-Oxley compliance.
C. Minimal-Risk Suppliers
A Minimal-Risk Supplier is an individual or entity which provides goods or services that are non-specific to a particular job or assignment and the value of each transaction is USD $10,000 or less. These types of vendors include office and industrial suppliers, equipment leasing companies and such entities which supply such routinely used services.
D. Suppliers of General Goods and Products
A Supplier of General Goods and Products is an individual or entity which provides goods or services that are widely available to the general public and do not fall under the definition of Minimal-Risk Supplier. These types of vendors include transportation, food services and educational services providers.

Blog at WordPress.com.