How Anticorruption Enforcement Can Undermine Antitrust Amnesty Programs, and What To Do About It

One of the most important law enforcement techniques that has emerged in the last few decades to combat cartels (anticompetitive collusion between competitors) is the use of programs that promise automatic amnesty to the first member of a cartel to self-report the illegal enterprise. These amnesty programs enable law enforcement authorities to gather the evidence they need to build strong cases against other members of the scheme, and, perhaps more importantly, these amnesty programs destabilize cartels—and might even deter their formation—by taking advantage of the incentive that individual cartel members have to cheat on each other. Since the 1990s, after the success of the amnesty program pioneered by the Antitrust Division of the U.S. Department of Justice (DOJ), antitrust amnesty programs have been replicated in many jurisdictions, leading some to declare a “leniency revolution” in competition law.

But the existing amnesty programs have a weakness They usually only offer protection for violations of antitrust laws, leaving even the firm that self-reports the antitrust violations potentially liable for other unlawful conduct that the cartel members engaged in as part of their anticompetitive scheme. And many of these anticompetitive schemes turn out to involve corruption, especially in the public procurement context. Cartels often bribe the official in charge of the procurement process, because a corrupt official can monitor and punish defections from the cartel, facilitate the exclusion of non-aligned competitors, and ensure an equal distribution of cartel profits. A firm that hopes to take advantage of an antitrust amnesty program might have to report all of this to qualify for amnesty, as often the programs require, as a condition for amnesty, reporting on the involvement not only of other cartel members, but of any public officials who may have facilitated the collusive conduct. But the fact that a self-reporting cartel member is not guaranteed amnesty from prosecution for corruption or other associated wrongdoing (such as money laundering) complicates the operation of antitrust amnesty programs, because this lack of guaranteed amnesty weakens the incentive of cartel members to self-report in cases where the cartel has engaged in bribery. The problem is especially pronounced when the penalties for bribery are much more severe than those typically imposed in cartel cases.

This is less of a problem in jurisdictions where anticorruption and antitrust authorities are departments of a single agency, as with the US Department of Justice (DOJ). But in many other jurisdictions, such as the EU, Brazil, and Mexico, competition law enforcement—and administration of the antitrust amnesty programs—are handled by enforcement agencies that do not have authority to prosecute corruption cases. From a potential self-disclosing company’s perspective, this poses a challenge: Disclosing participation in a bribe-paying cartel to the competition authority may also trigger an enforcement action by the separate agency responsible for prosecuting corruption, meaning the company will have to negotiate with both agencies, with the anticorruption agency not bound by the antitrust amnesty program. Indeed, in many countries anticorruption agencies may not have the same authority as antitrust agencies to grant leniency to self-reporting companies. In Brazil, for instance, though an antitrust amnesty program has been in place since 2000, settling corruption cases only became possible in 2014. In Mexico, the antitrust amnesty program was created in 2006, but a program for self-reporting bribery cases only entered into force in 2016. In both countries, although there is an established process for settling corruption investigations, there is no immunity provision for self-reporting; a discount in the applicable fines is often the best a firm can hope for. And even when both the antitrust agency and the anticorruption agency have authority to settle and grant leniency, the mere fact that a company knows it will need to enter into two or more separate negotiations increases the uncertainty and costs associated with self-disclosure, undermining the effectiveness of the amnesty program.

How should this problem be addressed in those countries where merging authority over antitrust and anticorruption enforcement in a single agency is not feasible or desirable? There are several possibilities:

Continue reading

Are Corporate Anticorruption Compliance Programs Effective?

Requiring business corporations to institute an anticorruption compliance program should be a part of any national strategy to fight corruption.  The argument is simple.  Corporate employees or their agents are always on the paying side of a bribery offense and often a facilitator of conflict of interest and other forms of corruption.  Making it against company policy for employees or agents to participate in any corrupt act with stringent sanctions up to and including termination for a violation will help shut down the supply side of the corruption equation.

Even where a company’s compliance program is a sham, established simply to comply with the law, it can still help in combating corruption.  A sham program would be a violation of law, and were the company investigated, the existence of a sham program would be easy for investigators to spot, easing their task of determining wrongdoing.  So there seems to be no reason why lawmakers shouldn’t insist that firms subject to their law, whether state-owned or privately-held, establish a program.  And between the many guides published by international organizations (examples here and here), NGOs (here and here), academics, the burgeoning compliance industry, and the issuance of an international standard for such programs, there is no dearth of information on how to create and operate an effective one.

I have argued the case for a compliance requirement in several posts (examples here and here), as have many other GAB contributors (examples here and here).  My most recent plea for mandating private sector compliance programs came in this one noting such a requirement in Vietnam’s new anticorruption law.  But one thing I have not done is address two obvious questions about compliance programs that Matthew posed in a comment to the Vietnam post: How are compliance requirement laws enforced? How effective are they in practice?

It turns out these obvious, innocent sounding questions (the kind law professors always seem to ask) aren’t all that easy to answer.  What I have found so far follows.  Readers with more information earnestly requested to supplement it. Continue reading

The UK Parliament Should Broaden and Sharpen the Legal Advice Privilege in Order to Encourage More Internal Investigations into Corruption

On September 5, 2018, the compliance departments and outside counsel of large corporations operating in the UK breathed a collective sigh of relief. In a much anticipated ruling, the Court of Appeal of England and Wales overturned a trial judge’s order that would have compelled a London-based international mining company, Eurasian Natural Resources Corporation Limited (ENRC), to hand over documents to UK prosecutors investigating the enterprise for bribery in Kazakhstan and Africa. Those documents were the product of an investigation that ENRC’s outside legal counsel had conducted following an internal whistleblower report that surfaced in late 2010. In conducting that internal investigation, lawyers from the law firm interviewed witnesses, reviewed financial records, and advised ENRC’s management on the company’s possible criminal exposure. Though the company tried to keep everything quiet, the UK’s Serious Fraud Office (SFO) came knocking in mid-2011. The SFO agreed to let ENRC and its lawyers continue to investigate on their own, periodically updating the SFO on their progress. In 2013, ENRC’s legal counsel submitted its findings to the SFO in a report arguing that, on the basis of the facts presented, the company should not be charged. The SFO disagreed and launched a formal criminal investigation. But the SFO then also demanded that ENRC turn over all of the files and documents underpinning its report—including presentations given by the lawyers to ENRC’s management and the lawyers’ notes from their interviews with 184 potential witnesses.

ENRC refused to comply, claiming that these documents were covered by two legal privileges under UK law: the “litigation privilege,” which guarantees the confidentiality of documents created by lawyers for the “dominant purpose” of adversarial litigation (including prosecution) that is “in reasonable contemplation,” and the “legal advice privilege,” which protects communications between lawyers and clients exchanged for legal advice. The trial court rejected ENRC’s privilege claims, a decision that sent shockwaves through the English defense bar and spurred much criticism on legal and policy grounds. But the Court of Appeal reversed, holding that ENRC’s lawyers didn’t have to share the documents. The Court’s ruling relied on the litigation privilege, holding, first, that documents created to help avoid criminal prosecution counted as those created for the “dominant purpose” of litigation, and, second, that criminal legal proceedings were in “reasonable contemplation” for ENRC once the SFO contacted the company in 2011.

Many commentators have hailed the Appeal Court’s decision (which the SFO declined to appeal) as a “landmark ruling” and a “decisive victory” for defense lawyers. The reality is a bit more nuanced. The Court of Appeal’s fact-specific ruling was very conservative in its legal conclusions, and it’s unlikely that its holding regarding the litigation privilege is sufficient to create the right incentives for companies and their lawyers. It’s also unlikely that further judicial tinkering with the scope of the litigation privilege will resolve the problem promptly or satisfactorily. The better solution would involve a different institutional actor and a different privilege: Parliament should step in and expand the scope of the legal advice privilege to cover all communications between a company’s lawyers and the company’s current and former employees. Continue reading

Complying with Antibribery Laws: Mike Koehler’s Strategies for Minimizing Risk Under the FCPA and Related Laws

Professor Mike Koehler is perhaps the leading critic of the Foreign Corrupt Practices Act – or at least of how the U.S. Justice Department and Securities and Exchange Commission currently enforce it.  On his FCPA Professor Blog, he regularly bemoans the way the enforcement agencies have stretched a law its authors wrote to outlaw hard core bribery to make donations to foreign charities, internships for relatives of business associates, birthday gifts to business partners, and other seemingly innocuous  conduct a serious felony under American law. Such broad interpretations of the law’s antibribery stricture could never withstand judicial review he argues, but because the costs, reputational and otherwise, of challenging an FCPA enforcement action are so great, companies facing FCPA charges quickly settle rather than contest the agencies’ interpretation in court.  The result is the agencies not only enforce the law but their interpretations in effect make it as well.

So what advice does Professor Koehler proffer businesses wanting to avoid running afoul of the FCPA or the similar laws of other nations in his new book Strategies for Minimizing Risk Under the Foreign Corrupt Practices Act and Related Laws?  Does he urge a corporation threatened with an enforcement action based on an overly broad reading of a law to fight back?  Has he produced a polemical guide to compliance?  One written for the risk-taking corporate maverick?  Is this how he separates his book from the many other compliance guides flooding the market?

Not at all. To the contrary, what distinguishes Professor Koehler’s book from many of its competitors is its straightforward, easy to read exposition of what any firm should do to minimize the chances that, thanks to the wayward act of an employee or consultant, it will face allegations it has bribed a government official. In eight tightly-written chapters, he brings his encyclopedic knowledge of FCPA cases, pre-trial settlements of enforcement actions, and the commentary on antibribery law to bear to explain how to develop and implement a sound, reasonable, cost-effective antibribery compliance program. Along the way he chucks the jargon that has grown up around antibribery compliance programs, opting instead for clearly written prose that demystifies rather obscures the process all firms should follow to develop and implement preventive measures.

Take his account in chapter six on how to conduct a risk assessment. Continue reading

Corporate Liability for Corruption in India: Some Notes on Reform

Last month, the Indian legislature passed sweeping amendments to the Prevention of Corruption Act. If accepted in their present form, those amendments portend a major shift in India’s antiquated legal regime pursuing corporate criminal liability, making it much easier to go after corporations on corruption charges. (The amendments make other changes as well, which I have discussed elsewhere. Here, I only focus on the changes that would pertain to corporate liability for corruption offenses.) The amendments do make some welcome changes, but they do not go far enough to update India’s antiquated legal regime for corporate criminal liability. I’ll touch on three features of this regime and discuss how the new amendments do or do not effect significant changes. Continue reading

Mixed Messages from the UK’s First Contested Prosecution for Failure to Prevent Bribery

In February 2018, the UK secured its first ever contested conviction of a company for “failure to prevent bribery.” Under Section 7 of the UK Bribery Act (UKBA), a company or commercial organization faces liability for failing to prevent bribery if a person “associated with” the entity bribes another person while intending to obtain or retain business or “an advantage in the conduct of business” for that entity. Following an internal investigation, Skansen Interior Limited (SIL)—a 30-person furniture refurbishment contractor operating in southern England—discovered that an employee at its firm had agreed to pay nearly £40,000 in bribes to help the company win contracts worth £6 million. Company management fired two complicit employees and self-reported the matter to the National Crime Agency and the City of London police. The Crown Prosecution Service ultimately charged SIL with failing to prevent bribery under Section 7. Protesting its innocence, SIL argued that the company had “adequate procedures” in place at the time of the conduct to prevent bribery; SIL, in other words, sought to avail itself of the widely-discussed “compliance defense” in Section 7(2) of the UKBA, which allows a company to avoid liability for failing to prevent bribery if the company can show that it “had in place adequate procedures designed to prevent persons associated with [the company] from undertaking” the conduct in question.

The case proceeded to a jury trial. The verdict? Guilty. The sentence? None. In fact, SIL had been out of business since 2014, so the judge had no choice but to hand down an absolute discharge—wiping away the conviction.

The hollow nature of the government’s victory has led some commentators to call the prosecution “arguably unprincipled” or even a “mockery of the UK criminal process.” Indeed, the bribing employee and the bribed individual had already separately pleaded guilty to individual charges under UKBA Sections 1 and 2, respectively, and the remaining shell of a corporation had no assets or operations. Other commentators pointed out that precisely because the company was dormant it would have been unable to enter into a deferred prosecution agreement (DPA), lacking assets to pay financial penalties or compliance programs to improve. Putting aside arguments about the wisdom or fairness of pursuing a prosecution in these circumstances, the SIL case sheds light on Section 7(2)’s “adequate procedures” defense. While the UK government has secured a few DPAs for conduct under Section 7—beginning with Standard Bank Plc in 2015—SIL is the first case in which the Section 7(2) “adequate procedures” defense was tested in front of a jury.

While the government argued that it prosecuted the case primarily to send a message about the importance of anti-bribery compliance programs, the UK government’s actions in the SIL case ultimately sends mixed messages to companies and may have counterproductive effects. Continue reading

Enlisting the Private Sector in the Fight Against Corruption — Part 2

Part 1 of this post lists 21 countries plus the Canadian province of Quebec that have taken measures to get corporations to join the fight against corruption.  Thanks to a bad case of jet lag, the post’s author ran out of steam before explaining what he meant by a company’s “joining the fight” or how countries got them to join it.  Herewith an explanation of both along with my apologies to readers puzzled by part 1.

To begin, a table summarizing the laws to which part 1 referred along with summaries of bills pending in the Irish and Vietnamese legislatures appears here: National Compliance Rules.  (Thanks to readers who caught errors in the part 1 list; similar scrutiny of the table solicited.)

As the table shows, the laws referenced require — or provide incentives for — companies under their jurisdiction to prevent their employees from paying bribes or engaging in other forms of corrupt conduct.  Some laws prescribe in detail the elements such an anticorruption compliance program should contain; others leave it to regulations or the courts to decide what companies must do.  With the October 2016 publication of ISO 37001 setting standards for corporate antibribery programs, most authorities will likely converge around the elements it recommends.   The recommendations are sensible and quite consciously track the experience of those countries that required corporate compliance programs, especially the United States, where guidelines on what constitutes an “effective” compliance program, drafted to help courts when deciding the culpability of corporations for the corrupt acts of employees and agents, have been in force since 2004.

Where national corporate compliance laws differ is in how countries “encourage” companies subject to their laws to institute a compliance program. The table reveals several approaches. Continue reading

Guest Post: The Draft ISO 37001 Anti-Bribery Standard’s Promise and Limitations

William Marquardt and David Holley, respectively Director and Managing Director at the Berkeley Research Group, LLC (a private management consulting firm) contribute the following guest post, which is written in their personal capacity and does not necessarily reflect the opinions, position, or policy of the Berkeley Research Group or its other employees and affiliates:

This past April, the International Organization for Standardization (ISO) released its draft standard on anti-bribery management systems (ISO 37001). The standard is tentatively scheduled to be finalized later this year. In substantive content, the draft ISO standard is similar to the FCPA Resource Guide provided by the U.S. Department of Justice and Securities and Exchange Commission, in that it provides a list of elements that an effective anti-bribery/corruption (“ABC”) program should contain. In terms of the specific elements listed, the proposed ISO standard provides a number of sound recommendations – such as a comprehensive, risk-based approach, as well as management commitment to promoting an ethical corporate culture—but with a few exceptions, the draft ISO 37001 standard is not much different from the guidance available from the DOJ/SEC and other sources in multiple jurisdictions.

That’s not to say that there is nothing whatsoever distinctive about ISO 37001. It does differ from the existing guidance in some ways, some good (such as the comprehensive focus on documentation, document retention, and document availability) and some not so good (such as the unrealistic recommendations regarding extension of management’s internal control systems to third-party vendors). The draft ISO standard also puzzlingly omits consideration of certain key issues –such as the labor law and data privacy issues that arise in connection with bribery investigations, questions regarding how to address anti-bribery concerns in connection with M&A or joint venture due diligence, and (most generally) the integration of ABC management systems into the firm’s wider financial, operational, and regulatory functions. But, again, in most respects the ISO 37001 draft standard closely resembles existing ABC guidance.

What makes the ISO 37001 standard distinctive, and the reason its finalization would be potentially such big news, is that ISO 37001 (like other ISO standards dealing with more technical matters) is intended to be subject to independent “certification” by third-party auditors. In other words, if and when the ISO 37001 standard is finalized, companies will be able to hire auditing firms to review their ABC programs and (if the auditor determines the firm meets the ISO 37001 criteria) to provide a formal certification that the company is ISO 37001-compliant. The question whether formal ISO 37001 certification of this sort will be a good thing (for firms, or for the world) has been hotly debated (for previous discussions on this blog, see here and here). Continue reading

Claims Against Petrobras Highlight Prospects for Shareholder Enforcement in US Courts

The fallout continues from the ongoing investigation of corruption at Petrobras, Brazil’s giant state-owned oil company. (See New York Times coverage here, and helpful timelines of the scandal here and here.) In March of 2014, Brazilian prosecutors alleged that Petrobras leadership colluded with a cartel of construction companies in order to overcharge Petrobras for everything from building pipelines to servicing oil rigs. Senior Petrobras executives who facilitated the price-fixing rewarded themselves, the cartel, and public officials with kickbacks, and concealed the scheme through false financial reporting and money laundering. The scandal has exacted a significant human toll: workers and local economies that relied on Petrobras contracts have watched business collapse: several major construction projects are suspended, and over 200 companies have lost their lines of credit. One economist predicted unemployment may rise 1.5% as a direct result of the scandal.

The enormous scale of the corruption scheme reaches into Brazil’s political and business elite. The CEO of Petrobras has resigned. As of last August, “117 indictments have been issued, five politicians have been arrested, and criminal cases have been brought against 13 companies.” In recent months, the national Congress has initiated impeachment proceedings against President Dilma Rousseff, who was chairwoman of Petrobras for part of the time the price-fixing was allegedly underway. And last month, federal investigators even received approval from the Brazilian Supreme Court to detain former President Luiz Inácio Lula da Silva for questioning. (Lula was President from 2003 to 2010—during the same period of time that Ms. Rousseff was chairwoman of Petrobras.) Meanwhile, the House Speaker leading calls for President Rousseff’s impeachment has himself been charged with accepting up to $40 million in bribes.

As Brazilian prosecutors continue their own investigations, another enforcement process is underway in the United States. Shareholders who hold Petrobras stock are beginning to file “derivative suits,” through which shareholders can sue a company’s directors and officers for breaching their fiduciary duties to that company. Thus far, hundreds of Petrobras investors have filed suits. In one of the most prominent examples, In Re Petrobras Securities Litigation, a group of shareholders allege that Petrobras issued “materially false and misleading” financial statements, as well as “false and misleading statements regarding the integrity of its management and the effectiveness of its financial controls.” (For example, before the scandal broke, Petrobras publicly praised its Code of Ethics and corruption prevention program.) The claimants allege that as a result of the price-fixing and cover-up, the price of Petrobras common stock fell by approximately 80%. In another case, WGI Emerging Markets Fund, LLC et al v. Petroleo, the investment fund managing the Bill & Melinda Gates Foundation has alleged that the failure of Petrobras to adhere to U.S. federal securities law resulted in misleading shareholders and overstating the value of the company by $17 billion. As a result, the plaintiffs claim they “lost tens of millions on their Petrobras investments.”

Thus, in addition to any civil or criminal charges brought by public prosecutors, private derivative suits offer a way for ordinary shareholders to hold company leadership accountable for its misconduct. In these derivative suits, any damages would be paid back to the company as compensation for mismanagement; the main purpose of the suits is not to secure a payout for shareholders, but to protect the company from bad leadership. The Petrobras cases illustrate how derivative suits can offer a valuable mechanism for anticorruption enforcement, but they also face a number of practical challenges.

Continue reading

The Internal Revenue Service’s (Potential) Role in Combating Foreign Bribery

The uptick in FCPA investigations in recent years is well-known. The two agencies responsible for FCPA enforcement—the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC)—now have special units focused on FCPA cases. Both have been aggressively pursuing cases against corporations and (increasingly) individuals. But there is a third U.S. agency that can and should be more involved in the fight against transnational bribery: the Internal Revenue Service (IRS).

The IRS already has some role in FCPA cases, though the extent of that involvement is not entirely clear. Recently, its joint investigative role has been mentioned in a few high-profile matters. Notably, criminal FCPA charges against Vicente Eduardo Garcia (an SAP regional director who in August pled guilty to an FCPA violation involving bribery for Panamanian government contracts) were investigated cooperatively by the FBI and IRS, a fact that some commentators cautioned signaled a need for companies to increase FCPA compliance efforts through additional channels. IRS Criminal Investigation was also involved in the case against Hewlett-Packard Russia, which last year pled guilty to violating the FCPA, and even the (non-FCPA but bribery-related) investigation of FIFA started with the IRS. Beyond investigation, the IRS can bring separate tax charges related to incidents of bribery or other inappropriate payments. A 2014 settlement included a multi-million-dollar forfeiture to the IRS, apparently the first such forfeiture in an FCPA settlement, though the exact reason for the forfeiture was not revealed.

Several observers have speculated that the last decade’s increase in FCPA actions could lead to an increase in tax-related actions. Up until now it has been relatively rare for FCPA actions to include associated tax charges, but the 2014 settlement might be one indication that the relative scarcity of tax involvement could change. The IRS can further develop its responsibility in FCPA investigations with an expanded formal cooperative role, if indeed it does not have one already, in DOJ or SEC prosecutions. This would be a positive step, since there are two major advantages to FCPA investigations assisted, or tax charges brought, by the IRS:

Continue reading