When a company subject to the jurisdiction of the U.S. Foreign Corrupt Practices Act (FCPA) merges with or acquires another company that is also covered by the FCPA, should the former company also acquire the latter’s potential FCPA liability? In other words: Suppose Company A acquires Company B, and evidence later comes to light that prior to the acquisition, Company B’s employees paid bribes to foreign government officials, in violation of the FCPA. Can or should Company A be subject to a post-acquisition enforcement action for these earlier FCPA violations? This is known (in the FCPA context and elsewhere) as the question of “successor liability.” In U.S. law, the general rule is that successors inherit the acquired company’s civil and criminal liabilities. The U.S. Department of Justice (DOJ) and Securities and Exchange Commission (SEC), which share responsibility for enforcing the FCPA, have long argued that there is no reason to make an exception to this general rule for FCPA cases. Yet critics have argued that successor liability in the FCPA context “can kill deals.” Numerous transactions have fallen through or decreased in value because of corruption-related concerns, and other transactions became costlier due to such risks.
The DOJ and the SEC’s traditional response to such concerns—as laid out in the first edition of their FCPA Resource Guide, published in 2012—is that companies should conduct pre-acquisition due diligence to identify red flags and potentially undertake various forms of remediation. Furthermore, the agencies have stated that they might decline to pursue enforcement actions against an acquiring firm on a successor liability theory if that firm’s pre-acquisition efforts were adequate. The problem, though, is that pre-acquisition due diligence on possible FCPA violations is often difficult or impossible to conduct properly. In some cases, laws in foreign countries known as blocking statutes may prevent the acquiring firm from getting the information it needs from the target company (see, for example, here and here). More generally, there are numerous practical reasons why pre-acquisition due diligence on possible FCPA violations may not be possible, including time-sensitivity, the difficulty of accessing data stored or located in distant places, and the target company’s reluctance to cooperate with external investigations that could result in the target’s personnel facing criminal exposure. These factors can make pre-acquisition due diligence impractical.
The DOJ and SEC appear to have acknowledged and responded to that concern in the second edition of the FCPA Resource Guide, published this past July. While the second edition’s treatment of successor liability seems mostly the same as in the first edition (save for some wording adjustments and references to more recent cases), the second edition also includes one short but potentially crucial additional paragraph, which reads as follows:
DOJ and SEC also recognize that, in certain instances, robust pre-acquisition due diligence may not be possible. In such instances, DOJ and SEC will look to the timeliness and thoroughness of the acquiring company’s post-acquisition due diligence and compliance integration efforts.
Although subtle, this passage represents a potentially important shift, as it indicates that the DOJ and SEC will consider not only pre-acquisition due diligence, but also post-acquisition measures, when deciding whether to pursue enforcement actions against a company on a successor liability theory.