Brother Can You Swop a Car? FCPA and Bribery Act Implications in the Barter Economy

While the economy has improved from the depths of the Bush Recession of 2008, things are not back where most businesses and governments would like them to be. One of the more interesting responses to the continuing economic doldrums that I have read about is the age old art of bartering. According to the International Reciprocal Trade Association (IRTA), the ongoing economic slump has encouraged companies to offset shrinking orders and ongoing skimpy credit from financial institutions to put excess products to use by bartering them. A recent article in the Financial Times (FT) by reporter Alicia Clegg, entitled “The art of good bartering”, further piqued my interest.

In her article, Clegg quoted Brian Petro, who has a blog entitled “Barterfanatic.com”, who said that bartering allows him continue operating his business through the exchange of goods. Additionally bartering is a way to overcome liquidity problems or by-pass currency restrictions. The IRTA says that bartering has increased substantially over the past four years or so in some of the following countries: the United States, Britain, the Netherlands, France, Italy, Spain, Portugal and “parts of Asia”.

The bartering system, as envisioned by the IRTA and others, has become quite a sophisticated system. Typically a smaller company will “barter their unsold goods and services through a barter exchange, selling to another exchange member in return for trade credits which can be used to buy something from another exchange member.” Larger businesses typically use a different model where they will barter slow moving stock with a trade barter company, who pays the company back in trade credits which the original entity will then use to purchase goods and services. Clegg reported that the barter exchange “typically charges buyer and seller a cash transaction fee of 5-6 percent.”

While the IRTA does have a Code of Ethics and Conduct for its members, it does not speak to anti-corruption or anti-bribery. While most people think that the biggest issue around bartering is tax,  because both buyers and sellers need to assign market values to what they buy and sell in the process, there is also a Foreign Corrupt Practices Act (FCPA) and UK Bribery Act compliance issue involved, which revolves around these exchanges or other intermediaries who facilitate barter deals by providing the credits for goods or services received.

What might the relationship of these intermediaries be under the FCPA or Bribery Act? Let’s take the Bribery Act since that law clearly bans all bribery and corruption between private entities not just with foreign government officials as set forth in the FCPA. Under the Bribery Act, a company can be liable  if someone who performs services on their behalf, like an employee or agent, pays a bribe specifically to get business, keep business, or gain a business advantage for the entity. It is not limited to agents, distributors, sales representatives and the like. The term in the Ministry of Justice’s Six Principles of Adequate Procedures is “associated persons” and an intermediary, such as a barter exchange or other similar entity, may well qualify as an associated person.

What if a barter exchange is based in a well-known money-laundering location? Think that might move up its risk profile? While the IRTA has on its website, that it is in “strategic partnership with the IRS Partnership Outreach” as a “collaborative effort to work with a major government group to educate business owners on reciprocal trade”, it does not take too much insight to see that other laws and regulations might be involved.

What are some of the questions you need to be asking from the compliance perspective if your business is going to engage in bartering? First, and foremost, is to know who you are doing business with and how you are doing business with them. If you are bartering through an exchange, you should perform due diligence on them as they may well be your agent under the FCPA and most probably an “associated person” under the Bribery Act. What compliance protocols do they have in place? Do you have any agreement with them that has FCPA or Bribery anti-corruption/anti-bribery terms and conditions? What rights do you have to protect your product after it has been exchanged?

Consider this “creatively structured” deal that Clegg wrote about. The automotive maker Kia struck an exchange with the UK bartering company Miroma, where Kia swopped some of its auto fleet with a publisher “in return for poster, cinema and press slots for Kia.” From the description in the FT article, it certainly sounded like Miroma acted as the agent for Kia in the series of transactions.

Just as my colleague Aaron Murphy wrote in his book “Foreign Corrupt Practices Act – a Practical Resource for Managers and Executives” about the FCPA issues that many retailers might face, the issues which companies engaging in bartering are in plain sight as well. However, just as those in retailing may not have looked closely and are now paying a high price to look, those companies which engage in bartering and who fail to look at the FCPA and Bribery Act as potential sources of liability should do so sooner rather than later.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Olympus Redux: Lessons Learned for Investigating a Foreign Business Partner

There are times when facts which arise out of non-compliance matters can make excellent learning points for the compliance practitioner. The Olympus matter has become such a staple of teaching opportunities. It initially appeared that the primary lessons learned were (1) Do not pay one or two person agents and for an amount of work which is questionable; (2) Do not pay one or two person agents a commission which is unusually high amount of money and have them close up shop soon thereafter; and (3) Do not fire your whistle-blowing Chief Executive Officer (CEO) who desires to report such activity to the appropriate regulatory authority. However, yesterday an article in the Wall Street Journal (WSJ), entitled “Olympus Targets Had Scant History”, reporters Daisuke Wakabayashi and Juro Osawa presented facts which provide some additional lessons learned in the still unfolding Olympus matter.

To briefly recap, on October 14, 2011 the now-resigned Olympus Chairman, Tsuyoshi Kikukawa, dismissed the former head of the company, the Briton Michael C. Woodford, citing cultural differences in management styles. Mr. Woodford contended that he had been fired after raising questions about a series of acquisitions made by Olympus at, what he said, were inexplicably high prices or involved disproportionately pricey advisory fees paid to two persons who acted as agents of Olympus for the transactions in question.

Yesterday the WSJ reported that the three companies purchased by Olympus, whose purchases led to the unusually high commissions, had the following characteristics: “two of the acquired companies, medical-waste disposal company Altis Co. and food-container maker News Chef Inc., were founded in the early 1990s under different names, public company records show. The companies conducted no business for years.” The third company was founded “less than a year before Olympus bought a stake”. Olympus eventually acquired control of all three companies.  Within a year of acquiring control of these three companies, “Olympus wrote off three-fourths of its investments in the companies.” Professor Kotaro Inoue, an associate professor at Keio Business School, was quoted in the WSJ article as saying, “Those companies seem to have had no operating history when Olympus first invested in them. As an investment, paying this amount of money for nothing but business plans, is really unthinkable.”

So what are the lessons which can be learned from Olympus Redux for the compliance practitioner? If you are going to engage a foreign business partner, you need to determine if that company has been in business for an appropriate length of time and can deliver the products or services that they claim they can deliver. While the three companies acquired by Olympus were not agents, it appears that they had not been in business long enough to have a verifiable track records. If you are buying a company, you definitely should review and verify, to the extent possible, balance sheets, assets, sales records and other indicia of business transacted.

The same is true of a foreign business partner, in the compliance arena. If that foreign business partner is an agent, reseller, distributor or some other entity in the sales channel; they better have a verifiable track record. You should investigate and review some or all of the following:

• Company formation documents;
• License(s) or registration(s) to do business;
• Physical location of business (tangible office or just a mail or drop box);
• Number of employees;
• Commercial and compliance business references;
• Dollar amount of overall business;
• Financial Statements; and
• Any public filings which identify owners.

However, another issue to investigation is whether the foreign business partner has been in this business for reasonable period of time and can deliver the services that your company might need. So if a company in central Asia, which previously sold medical devices, now claims that they can assist your oilfield service business (or software business or just name the business) then that should raise a Red Flag. This information should be ascertainable through a review of some or all of the above but it may also require some interviews of the principles of the foreign business partner.

The Olympus matter promises to bring new and additional revelations in the future. The lessons learned can be utilized in many areas, including the compliance arena. At this point all I can add is “Watch this space” for we may well have an article entitled, “The Olympus Trifecta.”

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

FIFA, the World Cup Selection and the FCPA

One of the interesting facts of life that I have learned being married to an English woman is that what I thought of as ‘Football’ is really ‘American Football’. The true game of ‘Football’ is played by the rest of the world. (She also decries the term ‘World Series’ but that’s another post). She had also assured me that when the UK won its bid to host the 2018 World Cup we would go to the home of ‘Football’ and watch a match or two, alas it was not meant to be. Who knows maybe we can catch a match in Russia about that time.

FIFA and Bribery Allegations against Executive Committee Members

However, the thought that the Motherland of Football would host a World Cup gave me more than a passing interest in the recent selection process of countries to host the 2018 and 2022 World Cup. I was very interested in the allegations of bribery and corruption leveled at FIFA during the selection process, known, these days, as the “world’s richest and most influential single-sport ruling body”. As has been reported extensively throughout the world, two members of FIFA’s 24 member executive committee were suspended for allegedly offering their votes to determine which countries would host the 2018 and 2022 World Cups. Both men were caught on videotape by the UK Sunday Times asking for specific sums of money, apparently in exchange for their votes. The New York Times, in an October 20, 2010 article, reported that Reynald Temarii, the Tahitian President of FIFA’s Oceanic regional confederation, reportedly said that he wanted “about $2.3 million to finance a sports academy” in New Zealand. Amos Adamu, the Nigerian representative, was alleged to have requested approximately $790,000 to fund the construction of soccer fields in Nigeria. Mr. Adamu reportedly asked for “cash to be paid into his personal account”. FIFA President Seth Blatter was quoted as saying that the two men’s actions had “created a very negative impact on FIFA and on the bidding process”. On November 17, 2010, the FIFA Executive Committee did take action as both men were suspended by FIFA for their actions; subsequently both men have recently had the appeals of their suspensions denied by the FIFA appeal committee. Reuter’s has reported that Adamu will appeal his upheld suspension by FIFA to the Court of Arbitration for Sport in Lausanne.

In yet another interesting development, the UK Telegraph reported that the countries of Spain and Qatar had colluded to trade their votes for their respective 2018 and 2022 bids. These allegations of collusion between the two bids were initially reported in September, 2010 but they were denied by both countries. A subsequent investigation by FIFA’s ethics committee said that there was insufficient evidence to take any action. On Monday, February 7, FIFA President Seth Blatter told the BBC that the two bids had colluded, though he insisted it had made no difference to the final outcome, which saw Russia and Qatar win the 2018 and 2022 tournaments respectively. “I’ll be honest, there was a bundle of votes between Spain and Qatar,” Blatter said. “But it was a nonsense. It was there but it didn’t work, not for one and not for the other side.”

The Wall Street Journal on Qatar’s Bid
I was also interested in the bid awarded to Qatar to host the 2022 World Cup. In a January 13, 2011 article in the Wall Street Journal, entitled “Qatar’s World Cup Spending Spree”, reporter Matthew Futterman detailed the “spending spree” of a reported one year amount of $43.3 million by Qatar, which led to its winning World Cup bid. Futterman’s article focused on information derived from the internal documents of Qatar’s bidding committee. Futterman reported that there was no evidence that Qatar violated the rules and regulations of FIFA to secure its winning bid. Rather he reported on how Qatar “worked within FIFA’s broad guidelines” to secure its winning bid.

From the internal bid documents, obtained by the WSJ, Futterman reported that some of the tactics used by Qatar included:
1. Charitable Donations. Commitments were made to establish, build or continue to fund soccer academies, in the home countries in which FIFA executives who would vote on the 2022 site selection, through a Qatar football training academy, Aspire Academy for Sports Excellence, controlled by the Qatar Royal Family. The WSJ article cited examples in Thailand and Nigeria. In Thailand, Futterman reported that Aspire would “build a football academy” and in Nigeria, it would “expand grass-roots training”. These internal documents also revealed that the Aspire Academy also continued to work with three African countries which were home to FIFA executive committee members, who all had a vote on the 2022 site selection.

2. Use of Marketing Agents. The Qatar bid included the hiring of certain well known celebrities to assist in the effort. In order to “talk up” the Qatar bid to host the 2022 World Cup, the WSJ reported that it hired several international personalities as “Bid Ambassadors” to endorse the Qatar bid. These endorsements were important because they assisted Qatar to “establish its legitimacy within FIFA and connections to executive committee members.” The only Bid Ambassador named in the WSJ article was the former French star Zidane. It was reported that Zidane received $3 million for his endorsements of the Qatar bid.

Review under the FCPA and Bribery Act
FIFA is generally recognized as a, non-US, Non-Governmental Organization (NGO) and therefore the US Foreign Corrupt Practices Act (FCPA) does not apply to it. But we thought that it might be of use to review some of the tactics, as reported in the WSJ, that Qatar used to secure the 2022 World Cup bid, in the context of what might be allowed under the FCPA. It should be noted that, although still waiting to be implemented, the UK Bribery Act would apply to UK companies and citizens involved in the matter because there is no public/private distinction under the Bribery Act and unlike the FCPA, the Bribery Act does not have require that a bribe be offer or paid to a foreign governmental official, only that a bribe or offer to bribe be made.

A. Charitable Donations-the Football Academies
Charitable donations are not banned by the FCPA. However any such donations must be made following the requirements of the Act. The FCPA Blog reported that when asked about the guidelines regarding requests for charitable giving, the FCPA then Deputy Chief of the Criminal Division’s Fraud Section at the DOJ Mark Mendelsohn, said that any such request must be evaluated on its own merits. He advocated a “common sense” approach in identifying and clearing Red Flags. This would include determining if a governmental decision maker held a position of authority at the charity to which the donation would be made; whether the donation was consistent with a company’s overall pattern of charitable giving; who made the request for the donation; and how was it made.

The series of Red Flags raised and cleared by the US Company was the subject of Opinion Release 10-02. After initially listing the 3 levels of due diligence in which the company had engaged prior to finalizing its choice of local entity to receive the donation in question; the DOJ noted that the donation ‘requested’ of the US Company would be subject to the following controls:
• Payments of the donations would be staggered over a period of eight quarters rather than in one lump sum.
• Ongoing monitoring and auditing of the funds use for a period of five years. The donations would be specifically utilized for the building of infrastructure.
• The funds would not be paid to the parent of the organization receiving the grant and there was an absolute prohibition on compensating Board Members.
• The proposed grant agreement under which the funds would be donated had significant anti-corruption provisions which included a requirement that the local organization receiving the funds adopt an anti-corruption policy and that US company making the donation receive full access to the local organization’s books and records.
In addition to the specific factors presented by the requesting US Company in Opinion Release 10-02, the DOJ also listed several of the due diligence and/or controls that it had previously set forth in prior Opinion Releases relating to charitable donations. These included:
• certifications by the recipient that it will comply with the requirements of the FCPA;
• due diligence to confirm that none of the recipient’s officers or directors are affiliated with the foreign government at issue;
• a requirement that the recipient provide audited financial statements;
• a written agreement with the recipient restricting the use of funds to humanitarian or charitable purposes only;
• steps to ensure that the funds were transferred to a valid bank account;
• confirmation that contemplated activities had occurred before funds were disbursed; and
• ongoing auditing and monitoring of the efficacy of the program.

B. Use of Marketing Agents-the Bid Ambassadors
Much has been written on the use of agents under the FCPA. The UK Ministry of Justice Consultative Guidance on the Six Principals for an “adequate procedures” or best practices anti-bribery and anti-corruption program also discuss agents. Recently, Michael Volkov, noted FCPA attorney from the firm of Mayer Brown, spoke on the topic of due diligence on third parties. Volkov believes the key for any compliance based issues is to document the evidence. If you ask questions and get answers, document the process. If you ask questions and do not receive answers, document that process too. But the key is to Document, Document, and Document.
Volkov gave his thoughts on some of the basic pieces of information to cover when a company might begin the due diligence process. This would include:
1. Existence of relationships with foreign governmental officials.
2. Prior history of bribery or other crimes.
3. What is the nature of services provided?
4. What is the compensation and what will be the payment method?
5. Have a written contract in place with appropriate terms and condition’s including:
a) Reps and Warranties on compliance;
b) Right to inspect and audit books and records; and
c) Right to terminate if you believe that a violation has occurred.

Howard Sklar, writing in the Open Air Blog, added the following inquiries should also be made:
1. Are any of the leaders of the company (beneficial owners, or senior management) government officials, or related to government officials?
2. Is this company going to interact with or sell products to government officials on your behalf?
3. Is the third party publicly traded, or subject to regulatory oversight?
4. How did you first become aware of this third party?
5. Is the company what you’d expect—in terms of size, resources, office space, etc.—to allow the third party to provide the services they’re providing to you?
6. How is this company going to get paid? Unusal payment arrangements are a red flag.
7. How much is this company going to get paid? Is it amount in line with what the market value is?
8. Will the company provide business references?
9. Is anyone from senior management, or are the beneficial owners, on the Special Designated Nationals (SDN) or debarred parties list?
10. Has this company been in the news for something negative? Do a Google news search.
11. Has the third party said or done anything that makes your people nervous?
12. Was the procurement/onboarding process run according to normal channels or was it a rush job?

The point of both of these lists of questions is that in order to secure an agent under the FCPA or Bribery Act, a significant investigation, in the form of background due diligence, must be employed. When a company does business with higher-risk third parties, you need to understand not just the parties involved, but the transactions that follow. This means that a company must also proceed with transactional due diligence. The most important thing to know is, will there be money left on the table? You need to know where that money is going. Under the FCPA if the end user is a Government, you need transaction-level diligence if you want to be safe. However, the Bribery Act does not make this governmental/non-governmental distinction.

Remember the former French star Zidane and his $3 million payment? The question is what was he, and the other Bid Ambassadors, paid to do? According to the WSJ, they “helped to establish Qatar its legitimacy within FIFA and connections to executive committee members”. Such a purpose might well require audit rights to determine where the money paid to the agent went and whether it can it be accounted for in a financial review. But there is one further analysis, which was alluded to by Howard Sklar in his list, that being the amount paid to the agent. A commission rate can be a percentage of a successful bid or it can be a flate rate, fixed fee payment. In this situation we do not know what the financial reward to Qatar will be for hosting the 2022 World Cup. Indeed, the reward may not be financial but rather the prestige of hosting the quadrennial championship of the world’s most popular sporting event. So there may be no such measure of the Zidane payment. But if the figures cited in the WSJ article are correct, Zidane received an amount of almost 10% of the Qatar one-year budget. That must have purchased some serious connections. Such a high figure, in an applicable situation, might well lead to significant FCPA and Bribery Act scrutiny.

Happily for the Qatar bid committee, it probably did not fall within the jurisdiction of the FCPA and thus there should be no FCPA implications for the bid committee. Since the Bribery Act is not yet implemented, there are no implications under this un-implemented law.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Agent Liability under the FCPA: Freight Forwarders and Express Delivery Services

I. The Problem

The Foreign Corrupt Practices Act (FCPA) world is littered with cases involving freight forwarders, brokers and agents in the shipping and express delivery arena. Both the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have aggressively pursued third party business relationships where bribery and corruption have been found. This is particularly true where companies are required to deliver goods into a foreign country through the assistance of a freight forwarder or express delivery service. There are several major risk points. These include:

• Location, location, location;
• Customs and other governmental agencies;
• Aviation and postal regulators;
• Business promotion expenditures for governmental officials;
• Agents and sub-agents; and
• Government accounts are a major part of express shipper customers so must analyze this as well.

Under the FCPA a company (or individual) can put itself at risk under three different knowledge standards:
• Knowing – The situation where a company or person authorizes an agent to make an improper payment or making a payment to an agent knowing some or all of the payment will go to a foreign governmental official.
• Knowledge of a high probability – Where the facts and circumstances surrounding a party, transaction or geographic location should put the reasonable person on notice to make further inquiries.
• Conscious indifference – As was the basis of the guilty verdict finding against Frederick Bourke.

The Panalpina enforcement action involved both the actions of the agent (Panalpina) and five of its energy customers. As noted by the FCPA Blog in “Making history today for the most companies to simultaneously settle FCPA-related violations”, this enforcement action levied fines and penalties of approximately $236.5 million. Additionally, all settling defendants agreed to Deferred Prosecution Agreements (DPA’s), with the exception of one which was given a Non-Prosecution Agreement (NPA).

The freight forwarded itself, Panalpina, paid over $80 million in fines and penalties. Panalpina admitted to three main illegal activities, these were: (1) customs clearance for its customers despite non-compliance or circumvention of customs formalities; (2) illegally obtaining a government contract for itself; and (3) obtaining unwarranted favorable tax treatment for its customers.

II. The Response

How can a company respond to protect itself or at least reduce its potential FCPA risk with regarding to a logistics company, freight forwarder or express delivery company? Obviously having a thorough risk assessment program and due diligence program are critical. After determining risk, move to perform due diligence based upon this risk. However, there are some general questions that you should ask, both internally and to your prospective vendor.
1. Relationship. What is your relationship with the third party? Is it purely arms-length? Is it sales agent making a solicitation? Is it a consortium, which may be a lower risk? Is it partnership of JV, if so what is your control? Is it subcontractor or supplier? All of these have different risk levels.
2. Business Formation. What is the character of the third party? Is it a US based company, is it subject to a robust national compliance law? Is it private/public? Who else do they represent? Length of time in business? Who are the principals and are they governmental officials?
3. Compensation. How do you compensate the third party? Is it bonus-based paid at the conclusion of a transaction? Will the representative have an expense account? If so how is it given to them, for instance will you pay on a lump sum v. verified expenditures? How will they be paid, local currency into a bank account, cash or check? What is the level of compensation? Are you over-compensating based upon the market; you are taking a chance that the third party could share it with others.
4. Location. What is the geographic location and is it one of the usual suspects on the TI Corruptions Index?
5. Industry. What is the industry or sector that you are engaged? This can be significant because certain industries/sectors such as infrastructure, medical industry, defense contractors are facing increased DOJ/SEC scrutiny.
6. Process. What is the process by which the business opportunity arose? What is the bidding process? Who invited you? Is it an open bid? Did you respond to an RFP? Did you compromise you own standards to bid? Is there a mandated partner assigned by the foreign government?

After you ask some of these questions, investigate your risks and evaluate them; you should incorporate these findings into a contract with appropriate FPCA compliance terms and conditions. This contract should announce to your to third party freight forwarder/express supplier of your expectations regarding their compliance program. Your contract should also allow for management of the compliance relationship. Your contract should require training and certification by verified provider or by your company. A new best practice has been to require a company funded Business Monitor whose job is to ensure compliance with your company’s compliance program.

III.  RISK MANAGEMENT: The Min Model
James Min, Vice President, Int’l Trade Affairs & Compliance at DHL Express (USA) Inc., developed a risk matrix for the freight forwarders/express delivery industry. In this Min analyzes risks by multiplying factors noted herein and thus scoring. This model shows that location should not be the sole criteria for risk. The factors in the Min Model are the performance of your company’s customers clearance brokers and how far that performance varies from the norm your company normally receives. In the below chart, +1.00 equals average clearance time. >1.0 equals faster than average and <1 means slower than average.

The Min Model

Country	TI CPI	Customs  Clearance Performance	Variance from  Average Performance	Risk Score	Risk Rank
A	55	.93	1.21	61.9	1
B	20	.76	0.89	13.5	3
C	54	.29	1.00	15.6	2
D	88	.12	0.7.	7.39	4

Min presented his model at the ACI FCPA Bootcamp, recently held in Houston, TX. He graciously allowed us to present this risk analysis model. The key in this approach is how often the Customs Broker/Express Delivery Service varies above the average for customs clearance times. If the percentage of customs clearance performance is so great that your vendors variance is above 100% most of the time, this could be a Red Flag that bribery or corruption is involved. This should lead to further investigation, due diligence, or asking of questions of your vendor.

Almost every business transaction engaged in by a freight forwarder, express delivery service or customs broker, outside the US involves a foreign governmental official. Every time your company sends raw materials into, or brings them out of, a country there is an interaction with a foreign governmental official in the form of a Customs Official. Every customs transaction involves a payment to a foreign government and every transaction involves some form of a foreign governmental regulatory process. While the individual payment per transaction can be small, the amount of total transactions can be quite high, if a large volume of goods are being imported into a foreign country.

Conversely interacting with international tax authorities can present problems similar to those with customs officials, but the stakes can often be much higher since tax transactions may be less in frequency but higher in financial risk. These types of risks include the valuation of raw materials for VAT purposes before such materials are incorporated into a final product, or the lack of segregation between goods to be sold on the foreign country’s domestic market as opposed to those which may be shipped through a free trade zone for sale outside that country’s domestic market.

If you utilize the services of a third party for any of the transactions listed above, that company’s actions will go a long way in determining your company’s FCPA liability.  You must have a thoughtful process and document that process.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2011

Alcatel-Lucent-Did the Baby Get Thrown Out With the Bathwater?

Ed. Note-today we host a Guest Blog from our Colleague Mary Shaddock Jones, Assistant General Counsel and Director Of Compliance at Global Industries, Ltd.

The recent Alcatel-Lucent FCPA settlement in the amount of $137 Million has rightfully made headlines. Clearly no one other than the parties intimately involved know all of the facts and circumstances of the investigation. However, there are certainly lessons that can be learned from reading the eighty-three page deferred prosecution agreement (“DPA”). Two of the items which merit highlighting from page 3 of the DPA entitled “Relevant Considerations” are the following:

I. “(d) after limited and inadequate cooperation for a substantial period of time, Alcatel-Lucent substantially improved its cooperation with the Department’s investigation of this matter, as well as the SEC’s investigation”.

Contrast this language with that of the government its publicly filed sentencing memorandum for Siemens in 2008 wherein, the government noted Siemens’ “extraordinary cooperation” and “uncommonly sweeping remedial action.”

In addition, as previously noted in this blog, in the RAE Systems settlement agreement, despite having actual knowledge of an FCPA violation, RAE Systems did not have a criminal prosecution brought against it. It appears that this decision was at least in part based upon the cooperation RAE Systems provided to the government during the investigation. The letter to the Siemens DPA contained the following statement:

“…non-prosecution agreement based, in part, on the following factors: (a) RAE Systems’s timely, voluntary, and complete disclosure of the facts described in Appendix A; (b) RAE Systems’s thorough, real-time cooperation with the Department and the U.S. Securities and Exchange Commission (“SEC”); (c) the extensive remedial efforts already undertaken and to be undertaken by RAE Systems; and (d) RAE Systems’s commitment to submit periodic monitoring reports to the Department.”

There was no indication in terms of actual dollars in the Siemens or RAE Systems settlement agreements how much higher the fine would have been without such “extraordinary cooperation” and/or “thorough, real-time cooperation”. Nor does the Alcatel-Lucent agreement provide the reader with any indication of how much lower the $137 million fine would have been if Alcatel-Lucent would have provided “extraordinary cooperation” , “thorough, real-time cooperation and/or “uncommonly sweeping remedial action” similarly to that noted by the DOJ in the RAE Systems and Siemens settlements. The “Lesson to be Learned” from both of these settlement agreements; however, is a reiteration that the DOJ and SEC clearly consider the cooperation or lack thereof by the company during the internal investigation when calculating the ultimate fine.

II. “(f) on its own initiative and at a substantial financial cost, Alcatel-Lucent determined as a matter of company policy to no longer use third party sales and marketing agents in conducting its worldwide business”.

Does this mean that if one of the subsidiaries of Alcatel-Lucent hires a third party sales and marketing agent anywhere in the world for the term of the DPA (3 years) that the DOJ could determine that the Alcatel-Lucent breached the agreement under Paragraph 16 and continue with criminal prosecution against the company? What is the difference between “sales and marketing agents” described above and “agents and business partners” described in the Corporate Compliance Program Attachment C described below? The more concerning aspect is the DOJ’s announcement focused on Alcatel’s business model- that of pursuing business opportunities in foreign countries using third-party agents and consultant and stated that “this business model was shown to be prone to corruption”. In previous DPA agreements (such as the RAE settlement previously discussed in this blog), the focus has not been on walking away from the use of third party sales and marketing agents (or Agents and Business Partners?), but rather strengthening the due diligence and controls surrounding the use of these third parties. The Corporate Compliance Program agreed to by RAE (and interestingly enough by Alcatel-Lucent) contains the following elements:

11. Use of Agents and Other Business Partners. To the extent that the use of agents and business partners is permitted at all by RAE, it should institute appropriate due diligence and compliance requirements pertaining to the retention and oversight of all agents and business partners, including:

a. Properly documented risk-based due diligence pertaining to the hiring and appropriate and regular oversight of agents and business partners;

b. Informing agents and business partners of RAE’s commitment to abiding by laws on the prohibitions against foreign bribery, and of RAE’s ethics and compliance standards and procedures and other measures for preventing and detecting such bribery; and

c. Seeking a reciprocal commitment from agents and business partners.

12. Contractual Compliance Terms and Conditions. RAE should include standard provisions in agreements, contracts and renewals, thereof, with all agents and business partners that are reasonably calculated to prevent violations of the anticorruption laws, which may, depending upon the circumstances, include: (a) anticorruption representations and undertakings relating to compliance with the anticorruption laws; (b) rights to conduct audits of the books and records of the agent or business partner to ensure compliance with the foregoing; and (c) rights to terminate an agent or business partner as a result of any breach of anti-corruption laws, and regulations or representations and undertakings related to such matters.

At this point, it is unclear from just reading the Alcatel-Lucent DPA what facts were considered by the company in agreeing to completely walk away from the use of third party sales and marketing agents. One would hope that such a drastic step would not become a common tool in settlement agreements with the DOJ/SEC. It appears from Attachment A pages A:11-15 that the issue was not so much the use of third party sales and marketing agents as it was the decentralized business structure and approval process wherein the due diligence performed (if any) was done by local employees who, according to the statement of facts, were “more interested in obtaining business than ensuring that business was won ethically and legally”. In addition to the apparent lack of an adequate due diligence was the apparent lack of attention paid to the invoices and/ or commission rates being charged by the third party sales and marketing agents. There really is no need to “throw the baby out with the bathwater”, it is just better to have a “cleaner baby” in the bathwater!

Mary Shaddock Jones is Assistant General Counsel and Dir. Of Compliance at Global Industries, Ltd. Mary can be reached at maryj@globalind.com. The views and opinions expressed here are her own and not necessarily those of her employer.

What’s in a Name: Agents, Resellers and Distributors under the FCPA

What is in a name? The terms agent, reseller and distributor are sometimes used interchangeably in the business world. However in the legal world they usually have distinct definitions. An agent can be generally defined as is a person who is authorized to act on behalf of another to create a legal relationship with a Third Party. An agent can also be a person who makes introductions and generally facilitates relationships between the seller of goods or services and end-using buyer. Such an agent usually receives some type of percentage of the final sale as his commission. An in-country national agent is often required in most Middle East and Far East countries. A reseller can be generally defined as a company or individual that sells goods to an end-using buyer. A reseller does not take title and thereby own the goods; the reseller is usually a conduit from the seller to the end-using buyer. A reseller usually receives a flat commission for his services, usually between 5-10% of the final purchase price. This format is often used in the software and hardware industries. A distributor can be generally defined as a company or individual which purchases a product from an original equipment manufacturer (OEM) and then independently sells that product to an end user. A distributor takes title, physical possession and owns the products. The distributor then sells the product again to an end-using purchaser. The distributor usually receives the product at some discount from the OEM and then is free to set his price at any amount above what he paid for the product. A distributor is often used by the US manufacturing industry to act as a sales force outside the US. 

The landscape of the Foreign Corrupt Practices Act (FCPA) is littered with cases involving both agents and resellers are they are the most clearly acting as representatives of the companies whose goods or services they sell for in foreign countries. However many US businesses believe that the legal differences between agents/resellers and distributors insulate them from FCPA liability should the conduct of the distributor violate the Act. They believe that as the distributor takes title and physical possession of the product, the legal risk of ownership has shifted to the distributor. If the goods are damaged or destroyed, the loss will be the distributor’s not the US business which manufactured the product. Under this same analysis, many US companies believe that the FCPA risk has also shifted from the US company to the foreign distributor. However such belief is sorely miss-placed. 

As almost everyone knows, the FCPA prohibits payments to foreign officials to obtain or retain business or secure an improper business advantage. But many US companies view distributors as different from other types of sales representatives such as company sales representatives, agents, resellers or even joint venture partners, for the purposes of FCPA liability. However the Department of Justice (DOJ) takes the position that a US company’s FCPA responsibilities extend to the conduct of a wide range of third parties, including the aforementioned company sales representatives, agents, resellers, joint venture partners but also distributors. No U.S. company can ignore signs that its distributors may be violating the FCPA. Company management cannot engage in conscious avoidance to the activities of a distributor that the company has put into a business position favorable to engaging in FCPA violations. Court interpretation of the FCPA has held that it is applicable where conduct violative of the Act is used to “to obtain or retain business or secure an improper business advantage” which can cover almost any kind of advantage, including indirect monetary advantage even as nebulous as reputational advantage. 

This scenario played out in China from 1997 to 2005 through AGA Medical Corporation. The Minnesota-based firm manufactured products used to treat congenital heart defects. To boost is China sales, AGA worked through its Chinese distributor. AGA sold products at a discounted rate to its Chinese distributor. This distributor then took some of the difference between his price from the equipment manufacturer AGA and the price he sold the equipment to Chinese hospitals to and paid corrupt payments to Chinese doctors to have them direct their government-owned hospitals to purchase AGA’s products. Its sales in China for the period were about $13.5 million. The Chinese distributor was found to have paid bribes in China of at least $460,000 to doctors in government-owned hospitals and patent-office officials. In 2008, AGA agreed to pay a $2 million criminal penalty and enter into a deferred prosecution agreement with the Department of Justice to settle Foreign Corrupt Practices Act violations. 

The same game was played by a Volvo subsidiary, Volvo Construction Equipment International (“VCEI”) when it used a Tunisian distributor to facilitate additional sales of its products to Iraq. VCEI reduced its prices to enable the distributor to make the illegal payments based on bogus after-sales service fees. Volvo’s 2008 settlement with the SEC included an agreement permanently enjoining it from future violations of Sections, ordering it to disgorge $7,299,208 in profits plus $1,303,441 in pre-judgment interest, and to pay a civil penalty of $4,000,000. In addition to this fine imposed by the SEC, Volvo also paid a $7,000,000 penalty pursuant to a deferred prosecution agreement with the DOJ. 

So what is in a name? Do we simply look to Shakespeare and his immortal words, “”What’s in a name? That which we call a rose; By any other name would smell as sweet.” Unfortunately I do not think the answer is quite so ethereal. It is more down to earth. If it walks like a duck and quacks like a duck, it probably is a duck. If you have a distributor, it must be subjected to the same FCPA scrutiny and management as an agent, reseller or joint venture partner. 

                                    *                      *                      * 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author can be reached at tfox@tfoxlaw.com. 

© Thomas R. Fox, 2010

Top 3 FCPA Cases OF 2010-Part III HP and (Lots of) Red Flags

This article concludes our series on what we believe to be the Top 3 Foreign Corrupt Practices Act (FCPA) cases in the first half of 2010. We have reviewed the facts surrounding each matter to come up with lessons that the FCPA compliance professional might use to assist putting forward a FCPA compliance ‘best practices’ program based upon the most recent information available. We previously explored the Gun Sting matter and (Ding Dong) Avon Calling and its China operations. Finally, we will review HP and its reported investigation for the alleged payments of bribes to secure a contract to sell computer hardware into Russia.

In April 2010 the Wall Street Journal (WSJ) reported that HP’s Germany subsidiary made payments, through agents, which eventually ended up in the hands of some unknown Russians, in order to obtain the contract to supply computers to the Russian Prosecutor’s Office. There was a complicated financing scheme used to route payments to offshore accounts which were beneficially owned or controlled by unnamed Russian officials. Suspected bribes were funneled through a network of shell companies and accounts in places including Britain, Austria, Switzerland, the British Virgin Islands, Belize, New Zealand, Latvia, Lithuania and the US states of Delaware and Wyoming. The bribes were paid through three German agents, who submitted fake invoices for fictional sales and then paid the money on as bribes to unnamed Russian governmental officials. In return, the suspected middlemen acting as agents, according to court documents allegedly received commissions totaling US$700,000,

German authorities reported the investigation, which started in 2007, when a German tax auditor discovered bank records showing that between 2004 and 2006, a HP subsidiary paid €22 million into the account of a small computer-hardware company in Leipzig. The records indicated the payments were made for services performed in Moscow. It was the size of the payment that caught the tax auditor’s attention and he red-flagged the matter for transfer to a special prosecution team, in Dresden, who handle major corruption cases.

The WSJ reported that at least one witness has said that the above transactions were internally approved by HP through its, then existing, contract approval process. In the April 15, 2010, WSJ article, Mr. Dieter Brunner, a bookkeeper who is a witness in the probe, said in an interview that he was surprised when, as a temporary employee of HP, he first saw an invoice from an agent in 2004. “It didn’t make sense,” because there was no apparent reason for HP to pay such big sums to accounts controlled by small-businesses, Mr. Brunner said. He then proceeded to say he processed the transactions anyway because he was the most junior employee handling the file, “I assumed the deal was OK, because senior officials also signed off on the paperwork”.

Just how many Red Flags are raised by the above?

• Offshore Companies

One of the main tactics utilized to disguise a principal who receives a bribe is to send the money through offshore companies, usually located in ‘exotic’ locations, not related to the situs of the transaction to conceal beneficial ownership and/or to take advantage of weak disclosure requirements. Any monies paid by HP to an agent, which were then sent to an offshore company or banks in a location completely unrelated to the transaction, should have been Red-Flagged for further inquiry.

• Small Sized Agents

As noted, by the temporary HP employee Dieter Brunner, one of the facts that “didn’t make sense” was a large payment to a small-sized business, indeed even a one-man business. One of the Red Flags that arises during due diligence on business partners is the size of the company in relationship to the work or services it performs. If a one-man company is receiving a multi-million dollar (or Euro) payment, it should be Red-Flagged for further inquiry.

• Faked Invoices for Goods/Services

One of the tests of revenue recognition for hardware and software is whether the goods and services relating thereto are actually delivered. If the middlemen did not receive the equipment they allegedly purchased, this should have been picked up by an accounting or financial department employee reviewing end of quarter results for revenue booking, a routine internal company audit or even simple inventory control and Red-Flagged for further inquiry.

In addition to the Red-Flags above, there are several important lessons learned that the Chief Compliance Officer (CCO) can take away from the HP matter and put into immediate practice in a US company’s compliance program.

1. What is the “Tone at the Top”? Even though he was a temporary employee for HP, bookkeeper Dieter Brunner immediately realized that the commission payment of such a large value to small or one-person companies “didn’t make sense”. However he went along because everyone else had approved the transaction. As the CCO you should immediately have your Chief Executive Officer (CEO) put out message that your company is committed to compliance and that if an employee sees something that “does not make sense” to elevate the issue.
2. Escalate the Issue. After the CEO makes the clear message that neither he nor the Board will tolerate anything less than full compliance, follow up to make certain that all employees know the avenues open to them to escalate an issue if something cannot be explained or easily answered. If the answer they receive from local management still does not make sense, an employee (even a temporary employee) can, and should, make use of a company hotline to escalate the issue for review, investigation and resolution. Emphasize that there is no negative consequence associated with making a good faith report through the Company hotline. Above and beyond a hotline, the Compliance Department should be available to answer any compliance questions which arise.
3. Training. After the CEO re-emphasizes your Company’s commitment to compliance and a Company-wide reminder on the hotline has been issued, use this opportunity to train, train and then train some more. All employees, permanent and temporary, who come to work at your Company should receive, at a minimum, computer based training on your compliance program. Take the opportunity to drive home the message that compliance is No. 1A, right behind safety, at your Company.

The HP case presents several opportunities for the CCO to put in place significant compliance assets to prevent and detect compliance issues before they become a payment of a multi-million dollar bribe. In addition to reviewing, auditing and listening to your employees for Red Flags you should use the facts to have your entire management make clear the seriousness of compliance to employees across the globe.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2010

Maintaining a Relationship with a Foreign Business Partner under the FCPA after the Contract is Signed – Monitor, Monitor, and then, Monitor

In previous blogs postings, we have shared our thoughts on other aspect of the Foreign Business Partner (foreign agents, reseller, distributors or any person/entity representing the company overseas) relationship including how to evaluate the Foreign Corrupt Practices Act (FCPA) compliance risk; how to perform due diligence on prospective Foreign Business Partners; how to internally evaluate the information obtained through such due diligence; and what compliance contract terms and conditions you should set for the Foreign Business Partners. In this posting, we will discuss the steps a US company must follow to implement a procedure to monitor the actions of a Foreign Business Partner going forward.

DPA Guidance

In its Deferred Prosecution Agreement (DPA) with the Monsanto Company for their FCPA violations, the Department of Justice (DOJ) provided some guidance on the continuing obligation to monitor Foreign Business Partners. In the Monsanto DPA, the DOJ agreed, after the initial due diligence and appropriate review were completed on Foreign Business Partners, for Monsanto to implement certain post contract procedures. These requirements to Monsanto can be used as guidelines as to what the DOJ will look for from other US companies who have entered into relationships with Foreign Business Partners; especially in the area of monitoring the foreign business partner.

A US company should, on a periodic basis of not less than every three years, conduct rigorous compliance audits of its operations with the foreign business partners. This monitoring would include, but not be limited to, detailed audits of the foreign business partner unit’s books and records, with specific attention to payments and commissions to agents, consultants, contractors, and subcontractors with responsibilities that include interactions with foreign officials and contributions to joint ventures. The compliance audit should include interviews with employees, consultants, agents, contractors, subcontractors and joint venture partners. Lastly, a review of the FCPA compliance training provided to the foreign business partner should be included.

Ongoing Oversight

In addition to the DOJ guidance provided in the Monsanto DPA, it is recommended that there be substantial involvement not only by the business unit most closely involved with the Foreign Business Partner, but also by Legal; Compliance and other departments which would assist in completing the functions as outlined by the Monsanto DPA. The most significant reason for maintaining a post-contract relationship is to ensure the business units remain engaged in the Foreign Business Partner process. This involvement can also include some of the following participation, the senior business Vice President for the region where the Foreign Business Partner operates should annually call upon the Foreign Business Partner, in-person, to review all of the prospective business proposals and concluded business transactions that the Foreign Business Partner has engaged in. This annual VP review must not take the place of a legal or compliance review but should focus on the relationship from the business perspective.

Managing the risk of a relationship with a foreign business partner is one of the most critical aspects of a FCPA compliance program. The documented risk for the potential violation of the FCPA by a foreign business partner to a US company is quite high. To engage a foreign business partner, in a manner that properly assesses and manages the risk to, and for, a US company, requires a committee of time, money and substantial effort. However, with a compliance based risk management procedure in place, the risk can be properly managed and a foreign business relationship can be successful for all parties.

This publication contains general information only and is based on the experiences and research of the Author. The Author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The Author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the Author. The Author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2010

Internal Review of a Proposed Foreign Business Partner

In prior blogs, we explored how to rank Foreign Business Partners so that you can begin an appropriate due diligence process. We also explored what you might wish to investigate during the due diligence process. A Foreign Business Partner Review Committee should be established which is tasked with reviewing all the investigative due diligence and the Business Unit’s case for partnering with the person or entity. The next area of review should of the proposed Foreign Business Partner’s ethics and compliance program. Such a program should have, at a minimum, the following elements of a Foreign Corrupt Practices Act (FCPA)-style compliance program in place.

• Your Foreign Business Partner should…
o have a restriction on facilitation payments, gifts, entertainment and travel;
o require proper accounting and invoicing;
o have policies that flow down to any sub-vendors under the Foreign Business Partner

If the Foreign Business Partner’s program does not meet your Company’s, or the FCPA, standards you should require the implementation of a program that will meet those suggested in the US Sentencing Guidelines so that it will meet Department of Justice (DOJ) approval.

The next area of review by the Foreign Business Partner Review Committee is the proposed contract with the Foreign Business Partner. The contract must have compliance obligations stated in the formation documents, whether it is a simple agency or consulting agreement or a joint venture with several formation documents. All formation agreements should include representations that in all undertakings the Foreign Business Partner will make no payments of money, or anything of value, nor will such be offered, promised or paid, directly or indirectly, to any foreign officials, political parties, party officials, or candidates for public or political party office, to influence the acts of such officials, political parties, party officials, or candidates in their official capacity, to induce them to use their influence with a government to obtain or retain business or gain an improper advantage in connection with any business venture or contract in which the Company is a participant.

In addition to the above affirmative statement regarding conduct, you should have the following contractual clauses in your Foreign Business Partner contract.

• Indemnification: Full indemnification for any FCPA violation, including all costs for the underlying investigation.
• Cooperation: Require full cooperation with any ethics and compliance investigation, specifically including the review of Foreign Business Partner emails and bank accounts relating to your Company’s use of the Foreign Business Partner.
• Material Breach of Contract: Any FCPA violation is made a material breach of contract, with no notice and opportunity to cure. Further such a finding will be the grounds for immediate cessation of all payments.
• No Sub-Vendors (without approval): The Foreign Business Partner must agree that it will not hire an agent, subcontractor or consultant without the Company’s prior written consent (to be based on adequate due diligence).
• Audit Rights: An additional key element of a contract between a US Company and a Foreign Business Partner should include the retention of audit rights. These audit rights must exceed the simple audit rights associated with the financial relationship between the parties and must allow a full review of all FCPA related compliance procedures such as those for meeting with foreign governmental officials and compliance related training.
• Acknowledgment: The Foreign Business Partner should specifically acknowledge the applicability of the FCPA to the business relationship as well as any country or regional anti-corruption or anti-bribery laws which apply to either the Foreign Business Partner or business relationship.
• On-going Training: Require that the top management of the Foreign Business Partner and all persons performing services on your behalf shall receive FCPA compliance training.
• Annual Certification: Require an annual certification stating that the Foreign Business Partner has not engaged in any conduct that violates the FCPA or any applicable laws, nor is it aware of any such conduct.
• Re-qualification: Require the Foreign Business Partner re-qualify as a business partner at a regular interval of no greater than every three years.

Engaging in due diligence of a proposed Foreign Business Partner is but one of the many steps required to approve a person or entity who will represent your Company overseas, thereby creating a FCPA exposure. However, there are additional steps which you should employ internally in the Foreign Business Partner review process, some of which have been discussed above. Strong compliance terms and conditions are critical for the management of the relationship going forward. The Foreign Business Partner Review Committee must certify that the appropriate terms and conditions are in place to protect against a FCPA compliance violation and, should one occur, your Company can extricate itself immediately from doing business with such a a Foreign Business Partner instead of vendor.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2010

RISK-BASED COMPLIANCE

A recent benchmarking survey of Third Party Codes of Conduct was conducted by the Society of Corporate Compliance and Ethics (SCCE) and reported on by Rebecca Walker. The findings indicated that a majority of companies with an otherwise robust compliance program do not extend this to third parties with which they conduct business. The findings revealed the following: 53% of companies do not disseminate their internal codes of conduct to third parties; only 26% require third parties to certify to their own codes; and just 17% of the respondents have any third party codes of conduct.

For those companies which now desire to evaluate their third party business partners for Foreign Corrupt Practices Act (FCPA) compliance, how, and perhaps where, do they begin? The approach that appears to be gaining the most traction both with regulators and learned commentators is to develop a risk based approach to FCPA compliance. There is no specific Department of Justice (DOJ) guidance on any one specific process for a risk based compliance system. However, there is sufficient guidance in other FCPA and analogous compliance areas, such that direction can be provided to US and foreign companies in this area.

Writing in the FCPABlog, Scott Moritz of Daylight Forensic & Advisory suggested that a risk-based approach based upon the regulatory programs in Anti-Money Laundering (AML) governance. In the AML areas, the concept is that certain parties, including vendors, represent a higher compliance risk than others. Geography, nexus to government officials, business type, method of payment and dollar volume – are all risk indicators.

This risk-based approach was commented upon, favorably by the DOJ, in Release Opinion 08-02. In this Release Opinion the DOJ reviewed and approved Halliburton’s proposed acquisition of the UK entity Expro. The DOJ spoke directly to a risk based approach by that Halliburton had agreed to provide the following:

. . . a comprehensive, risk-based FCPA and anti-corruption due diligence work plan which will address, among other things, the use of agents and other third parties; commercial dealings with state-owned customers; any joint venture, teaming or consortium arrangements; customs and immigration matters; tax matters; and any government licenses and permits. Such work plan will organize the due diligence effort into high risk, medium risk, and lowest risk elements.

This risk-based approach has also been accepted by UK’s Financial Services Authority (FSA) in its settlement of the enforcement action against the insurance giant AON earlier this year. As a part of the settlement AON agreed to the following:

AON…designed and implemented a global anti-corruption policy … limiting the use of third parties … whose only service to AON is assisting it in the obtaining and retaining of business solely through client introductions in countries where the risk of corrupt practices is anything other than low. These jurisdictions are defined by reference to an internationally accepted corruption perceptions index. Any use of third parties not prohibited by the policy must be reviewed and approved in accordance with global anti-corruption protocols.

How does a company implement this guidance? Scott Moritz suggests that key to any risk-based approach is “the strategic use of information technology, tracking and sorting the critical elements — including risk-ranking, as well as enhanced due diligence and ongoing monitoring of high-risk parties proportionate to their risk profiles.”

The uses of a risk based compliance system can be myriad. The Release Opinion 08-02 system was in response to an international acquisition. Such systems can also be used to rank and assist in the evaluation of business partners or supply chain vendors. But, however such a system is used, the clear import from the DOJ, FSA and learned commentators is that some type of rational system should be put in place and followed.