Last month, the Indian legislature passed sweeping amendments to the Prevention of Corruption Act. If accepted in their present form, those amendments portend a major shift in India’s antiquated legal regime pursuing corporate criminal liability, making it much easier to go after corporations on corruption charges. (The amendments make other changes as well, which I have discussed elsewhere. Here, I only focus on the changes that would pertain to corporate liability for corruption offenses.) The amendments do make some welcome changes, but they do not go far enough to update India’s antiquated legal regime for corporate criminal liability. I’ll touch on three features of this regime and discuss how the new amendments do or do not effect significant changes. Continue reading
In February 2018, the UK secured its first ever contested conviction of a company for “failure to prevent bribery.” Under Section 7 of the UK Bribery Act (UKBA), a company or commercial organization faces liability for failing to prevent bribery if a person “associated with” the entity bribes another person while intending to obtain or retain business or “an advantage in the conduct of business” for that entity. Following an internal investigation, Skansen Interior Limited (SIL)—a 30-person furniture refurbishment contractor operating in southern England—discovered that an employee at its firm had agreed to pay nearly £40,000 in bribes to help the company win contracts worth £6 million. Company management fired two complicit employees and self-reported the matter to the National Crime Agency and the City of London police. The Crown Prosecution Service ultimately charged SIL with failing to prevent bribery under Section 7. Protesting its innocence, SIL argued that the company had “adequate procedures” in place at the time of the conduct to prevent bribery; SIL, in other words, sought to avail itself of the widely-discussed “compliance defense” in Section 7(2) of the UKBA, which allows a company to avoid liability for failing to prevent bribery if the company can show that it “had in place adequate procedures designed to prevent persons associated with [the company] from undertaking” the conduct in question.
The case proceeded to a jury trial. The verdict? Guilty. The sentence? None. In fact, SIL had been out of business since 2014, so the judge had no choice but to hand down an absolute discharge—wiping away the conviction.
The hollow nature of the government’s victory has led some commentators to call the prosecution “arguably unprincipled” or even a “mockery of the UK criminal process.” Indeed, the bribing employee and the bribed individual had already separately pleaded guilty to individual charges under UKBA Sections 1 and 2, respectively, and the remaining shell of a corporation had no assets or operations. Other commentators pointed out that precisely because the company was dormant it would have been unable to enter into a deferred prosecution agreement (DPA), lacking assets to pay financial penalties or compliance programs to improve. Putting aside arguments about the wisdom or fairness of pursuing a prosecution in these circumstances, the SIL case sheds light on Section 7(2)’s “adequate procedures” defense. While the UK government has secured a few DPAs for conduct under Section 7—beginning with Standard Bank Plc in 2015—SIL is the first case in which the Section 7(2) “adequate procedures” defense was tested in front of a jury.
While the government argued that it prosecuted the case primarily to send a message about the importance of anti-bribery compliance programs, the UK government’s actions in the SIL case ultimately sends mixed messages to companies and may have counterproductive effects. Continue reading
Part 1 of this post lists 21 countries plus the Canadian province of Quebec that have taken measures to get corporations to join the fight against corruption. Thanks to a bad case of jet lag, the post’s author ran out of steam before explaining what he meant by a company’s “joining the fight” or how countries got them to join it. Herewith an explanation of both along with my apologies to readers puzzled by part 1.
To begin, a table summarizing the laws to which part 1 referred along with summaries of bills pending in the Irish and Vietnamese legislatures appears here: National Compliance Rules. (Thanks to readers who caught errors in the part 1 list; similar scrutiny of the table solicited.)
As the table shows, the laws referenced require — or provide incentives for — companies under their jurisdiction to prevent their employees from paying bribes or engaging in other forms of corrupt conduct. Some laws prescribe in detail the elements such an anticorruption compliance program should contain; others leave it to regulations or the courts to decide what companies must do. With the October 2016 publication of ISO 37001 setting standards for corporate antibribery programs, most authorities will likely converge around the elements it recommends. The recommendations are sensible and quite consciously track the experience of those countries that required corporate compliance programs, especially the United States, where guidelines on what constitutes an “effective” compliance program, drafted to help courts when deciding the culpability of corporations for the corrupt acts of employees and agents, have been in force since 2004.
Where national corporate compliance laws differ is in how countries “encourage” companies subject to their laws to institute a compliance program. The table reveals several approaches. Continue reading
William Marquardt and David Holley, respectively Director and Managing Director at the Berkeley Research Group, LLC (a private management consulting firm) contribute the following guest post, which is written in their personal capacity and does not necessarily reflect the opinions, position, or policy of the Berkeley Research Group or its other employees and affiliates:
This past April, the International Organization for Standardization (ISO) released its draft standard on anti-bribery management systems (ISO 37001). The standard is tentatively scheduled to be finalized later this year. In substantive content, the draft ISO standard is similar to the FCPA Resource Guide provided by the U.S. Department of Justice and Securities and Exchange Commission, in that it provides a list of elements that an effective anti-bribery/corruption (“ABC”) program should contain. In terms of the specific elements listed, the proposed ISO standard provides a number of sound recommendations – such as a comprehensive, risk-based approach, as well as management commitment to promoting an ethical corporate culture—but with a few exceptions, the draft ISO 37001 standard is not much different from the guidance available from the DOJ/SEC and other sources in multiple jurisdictions.
That’s not to say that there is nothing whatsoever distinctive about ISO 37001. It does differ from the existing guidance in some ways, some good (such as the comprehensive focus on documentation, document retention, and document availability) and some not so good (such as the unrealistic recommendations regarding extension of management’s internal control systems to third-party vendors). The draft ISO standard also puzzlingly omits consideration of certain key issues –such as the labor law and data privacy issues that arise in connection with bribery investigations, questions regarding how to address anti-bribery concerns in connection with M&A or joint venture due diligence, and (most generally) the integration of ABC management systems into the firm’s wider financial, operational, and regulatory functions. But, again, in most respects the ISO 37001 draft standard closely resembles existing ABC guidance.
What makes the ISO 37001 standard distinctive, and the reason its finalization would be potentially such big news, is that ISO 37001 (like other ISO standards dealing with more technical matters) is intended to be subject to independent “certification” by third-party auditors. In other words, if and when the ISO 37001 standard is finalized, companies will be able to hire auditing firms to review their ABC programs and (if the auditor determines the firm meets the ISO 37001 criteria) to provide a formal certification that the company is ISO 37001-compliant. The question whether formal ISO 37001 certification of this sort will be a good thing (for firms, or for the world) has been hotly debated (for previous discussions on this blog, see here and here). Continue reading
The fallout continues from the ongoing investigation of corruption at Petrobras, Brazil’s giant state-owned oil company. (See New York Times coverage here, and helpful timelines of the scandal here and here.) In March of 2014, Brazilian prosecutors alleged that Petrobras leadership colluded with a cartel of construction companies in order to overcharge Petrobras for everything from building pipelines to servicing oil rigs. Senior Petrobras executives who facilitated the price-fixing rewarded themselves, the cartel, and public officials with kickbacks, and concealed the scheme through false financial reporting and money laundering. The scandal has exacted a significant human toll: workers and local economies that relied on Petrobras contracts have watched business collapse: several major construction projects are suspended, and over 200 companies have lost their lines of credit. One economist predicted unemployment may rise 1.5% as a direct result of the scandal.
The enormous scale of the corruption scheme reaches into Brazil’s political and business elite. The CEO of Petrobras has resigned. As of last August, “117 indictments have been issued, five politicians have been arrested, and criminal cases have been brought against 13 companies.” In recent months, the national Congress has initiated impeachment proceedings against President Dilma Rousseff, who was chairwoman of Petrobras for part of the time the price-fixing was allegedly underway. And last month, federal investigators even received approval from the Brazilian Supreme Court to detain former President Luiz Inácio Lula da Silva for questioning. (Lula was President from 2003 to 2010—during the same period of time that Ms. Rousseff was chairwoman of Petrobras.) Meanwhile, the House Speaker leading calls for President Rousseff’s impeachment has himself been charged with accepting up to $40 million in bribes.
As Brazilian prosecutors continue their own investigations, another enforcement process is underway in the United States. Shareholders who hold Petrobras stock are beginning to file “derivative suits,” through which shareholders can sue a company’s directors and officers for breaching their fiduciary duties to that company. Thus far, hundreds of Petrobras investors have filed suits. In one of the most prominent examples, In Re Petrobras Securities Litigation, a group of shareholders allege that Petrobras issued “materially false and misleading” financial statements, as well as “false and misleading statements regarding the integrity of its management and the effectiveness of its financial controls.” (For example, before the scandal broke, Petrobras publicly praised its Code of Ethics and corruption prevention program.) The claimants allege that as a result of the price-fixing and cover-up, the price of Petrobras common stock fell by approximately 80%. In another case, WGI Emerging Markets Fund, LLC et al v. Petroleo, the investment fund managing the Bill & Melinda Gates Foundation has alleged that the failure of Petrobras to adhere to U.S. federal securities law resulted in misleading shareholders and overstating the value of the company by $17 billion. As a result, the plaintiffs claim they “lost tens of millions on their Petrobras investments.”
Thus, in addition to any civil or criminal charges brought by public prosecutors, private derivative suits offer a way for ordinary shareholders to hold company leadership accountable for its misconduct. In these derivative suits, any damages would be paid back to the company as compensation for mismanagement; the main purpose of the suits is not to secure a payout for shareholders, but to protect the company from bad leadership. The Petrobras cases illustrate how derivative suits can offer a valuable mechanism for anticorruption enforcement, but they also face a number of practical challenges.
The uptick in FCPA investigations in recent years is well-known. The two agencies responsible for FCPA enforcement—the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC)—now have special units focused on FCPA cases. Both have been aggressively pursuing cases against corporations and (increasingly) individuals. But there is a third U.S. agency that can and should be more involved in the fight against transnational bribery: the Internal Revenue Service (IRS).
The IRS already has some role in FCPA cases, though the extent of that involvement is not entirely clear. Recently, its joint investigative role has been mentioned in a few high-profile matters. Notably, criminal FCPA charges against Vicente Eduardo Garcia (an SAP regional director who in August pled guilty to an FCPA violation involving bribery for Panamanian government contracts) were investigated cooperatively by the FBI and IRS, a fact that some commentators cautioned signaled a need for companies to increase FCPA compliance efforts through additional channels. IRS Criminal Investigation was also involved in the case against Hewlett-Packard Russia, which last year pled guilty to violating the FCPA, and even the (non-FCPA but bribery-related) investigation of FIFA started with the IRS. Beyond investigation, the IRS can bring separate tax charges related to incidents of bribery or other inappropriate payments. A 2014 settlement included a multi-million-dollar forfeiture to the IRS, apparently the first such forfeiture in an FCPA settlement, though the exact reason for the forfeiture was not revealed.
Several observers have speculated that the last decade’s increase in FCPA actions could lead to an increase in tax-related actions. Up until now it has been relatively rare for FCPA actions to include associated tax charges, but the 2014 settlement might be one indication that the relative scarcity of tax involvement could change. The IRS can further develop its responsibility in FCPA investigations with an expanded formal cooperative role, if indeed it does not have one already, in DOJ or SEC prosecutions. This would be a positive step, since there are two major advantages to FCPA investigations assisted, or tax charges brought, by the IRS:
As many readers are likely aware, the U.S. Department of Justice Fraud Section (now headed by Andrew Weissmann), which has responsibility for enforcing the Foreign Corrupt Practices Act (among other things), recently created a new position called the “Corporate Compliance Counsel,” and appointed to the post Hui Chen, a former corporate compliance officer for a number of major firms (including Microsoft, Pfizer, and Standard Chartered). The avowed purpose of the new position is to assist the DOJ in assessing the quality of a company’s internal compliance program and remediation measures. In the FCPA context (and others), these assessments are relevant to the DOJ’s decisions regarding whether to prosecute, what penalties to seek, and what additional remedial measures to pursue, even though there is not a formal “compliance defense” under the FCPA (or other statutes that the Section enforces). Thus, the thinking behind the creation of the new DOJ position seems to be that having someone in the Section with a lot of background in corporate compliance will enable the DOJ prosecutors to do a better job in evaluating the quality of a company’s compliance program and remedial efforts.
The creation of the Corporate Compliance Counsel position has garnered praise in some quarters, but also attracted some criticism; the critics tend to argue that the creation of the new position is, at best, a public relations move with little real consequence, and at worst an indirect effort to weaken the enforcement of corporate criminal laws.
Last week, the NYU Program on Corporate Compliance and Enforcement (PCCE) hosted a public forum where Mr. Weissmann and Ms. Chen discussed the new position and answered some questions posed by NYU Professor (and PCCE co-director) Jennifer Arlen. Because I thought that this might be of interest to some readers, here’s a link to a video of the discussion.
A few additional thoughts about what I thought were the more interesting exchanges: Continue reading