Guest Post: Corporate or Individual Liability? Converging Approaches to Fighting Corruption

GAB is delighted to welcome back Gönenç Gürkaynak (Managing Partner at ELIG Attorneys-at-Law in Istanbul and 2015 Co-Chair of the B20 Anti-Corruption Task Force), who, along with his colleagues Ç. Olgu Kama (ELIG partner and B20 Anti-Corruption Task Force Deputy Co-Chair) and Burcu Ergün (ELIG associate), contributes the following guest post:

Combating international corruption has come a long way in the last decade. More and more jurisdictions are adapting and updating their legal systems in an effort to eradicate impunity for corruption crimes. Yet an important question persists: Who should be held primarily liable for corruption crimes, the individual or the company? The US and European countries have traditionally provided diverging answers to this question, but there now seems to be some evidence of an emerging convergence, though a consensus is yet to be reached.

In the United States—the pioneering legal system in terms of fighting international corruption—although individuals can be charged with violations of the Foreign Corrupt Practices Act (FCPA), it is the companies that are primarily held liable for FCPA violations. The US embraces a broad notion of corporate criminal liability, based on the principle of respondeat superior (the employer is responsible for the acts or omissions of its employees) and the US Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have employed this theory as the basis for FCPA settlements with scores of corporations, raking in hundreds of millions of dollars in fines. However, there have been relatively few FCPA cases brought against individuals. This may be due in part to the fact that it is often difficult to attribute a corrupt act to any one specific individual, though it may also be due to the DOJ’s and the SEC’s traditional focus on going after the “deep pockets” of the corporations that come under their scrutiny.

In contrast to the US, the focus of criminal law in continental European systems has typically been on the culpability of individuals; thus, the introduction of the concept of “corporate criminal liability” is a relatively new development. Traditionally, the continental European systems have taken the view that criminal punishment can only be imposed on grounds of personal culpability, and that organizations cannot be held liable under criminal law (societas delinquere non potest). To that end, some European jurisdictions have preferred imposing administrative liability on corporations for actions that are considered to be administrative (rather than criminal) offenses.

In terms of deterring corrupt acts, a broad notion of corporate criminal liability goes a long way. The willingness of US authorities to impose significant fines on corporations provides powerful incentives for corporations to self-police. Furthermore, the threat of criminal FCPA sanctions—and the associated “moral sanctioning” of criminal liability—may have a more powerful effect on corporations than would similar fines imposed as administrative sanctions. On the other hand, the threat of corporate criminal liability is likely not sufficient, on its own, to foster a compliance culture within an organization. In a legal environment in which individuals face a credible threat of prosecution for their personal roles in organizational corruption, corporations could maintain a stronger culture of compliance as the employees themselves would be legally responsible for their misconduct and therefore less likely to engage in (or turn a blind eye to) corrupt practices.

Even though significant differences remain among jurisdictions, it is an encouraging development that there now seems to be gradually converging views regarding corporate criminal liability among these different legal systems. Continue reading

Should FCPA Enforcers Focus on Bribe-Paying Employees or Their Corporate Employers?

These days most (though not all) resolutions in Foreign Corrupt Practices Act cases involve corporate defendants paying fines or other penalties to the government. Usually (again, not always) the government does not bother prosecuting the employees who paid the bribes. (While the government has recently made individual liability in corporate criminal cases more of a point of emphasis — as exemplified by the DOJ’s Yates Memo, which Danielle discussed in yesterday’s post — the targets in those cases are typically senior executives who orchestrated bribe-paying schemes, not the lower-level executives or employees who actually paid the bribes.) The government also uses various legal tools to encourage lower-level employees blow the whistle on their employers.

Do we have this backwards? Right now, the government focuses its enforcement efforts on the corporate employers, rather than the lower-level employees who pay the bribes. Should the government instead emphasize enforcement actions against the employees? Right now, the government tries to give employees incentives to uncover and disclose evidence of FCPA violations committed by their employers. Should the government instead focus on encouraging the employers to uncover and disclose FCPA violations committed by their employees?

This past summer, I was fortunate enough to attend the Third Annual Conference on Evidence-Based Anti-Corruption Policies in Bangkok, and the keynote speaker at that event, New York University Law Professor Jennifer Arlen, made a case along those lines. (Professor Arlen’s address was actually a much more wide-ranging discussion of corporate criminal liability; I’ve extracted, and possibly oversimplified or distorted, one thread of her argument. But it’s an interesting enough argument that I think it’s worth engaging, and I’ll focus on the simple version, even though her position is more nuanced.) The argument goes something like this: The DOJ should adopt a policy that any corporation that discovers FCPA violations by its employees, and then promptly (a) discloses the violation to the government, (b) provides the government with information, and (c) assists the government in prosecuting the employee, should be exempt from corporate criminal liability for the violation; the DOJ should instead vigorously prosecute the individual employees in this situation (using the evidence that the corporate employer has itself provided). If the corporation fails to promptly disclose such a violation, however, and the government subsequently finds out about it, the corporation should be held criminally liable for the FCPA violation, and penalized accordingly.

I think this proposal is interesting enough to take seriously, though in the end I remain unconvinced that this shift in emphasis would be a good idea. Let me first lay out the argument in favor of this change, and then explain why I ultimately disagree. Continue reading

Individual FCPA Liability: A Risky Proposition for FCPA Enforcement Proponents?

Both supporters and skeptics of aggressive enforcement of the Foreign Corrupt Practices Act have criticized the fact that the act is enforced much more often against corporations than against individuals. Some critics of FCPA enforcement often assert that it is unfair for the government to insist on corporations acknowledging criminal liability when the government is unwilling or unable to prosecute the individuals who committed the actual crimes. At the same time, supporters of aggressive FCPA enforcement argue that the failure to hold individuals personally liable, and to impose criminal penalties (including prison time) on those culpable actors undermines the FCPA’s deterrent effect. And they have a point: many doubt that fines and other monetary sanctions on corporations—at least at the levels that can be imposed under the FCPA—are sufficient to deter bribery, and there is evidence to support this claim.

Of course, individual FCPA liability is hardly novel; a number of past FCPA cases have included criminal convictions of individual company employees. But many have called for dramatically ramping up focus on individuals, and there are some signs that the U.S. Department of Justice may be heeding those calls. For someone like me, who tends to think that FCPA enforcement needs to be even more robust, this would seem like welcome news. And for the most part it is… but I do have a nagging worry, which may be entirely groundless, but that I want to try to flesh out in this post. The worry goes something like this: Continue reading