Total Criminal and Civil Penalties Imposed on Corporations | 2002 - 2010
9 FCPABlog Strategy Session Michael Volkov Partner Mayer Brown LLP (202) 263-3288 email@example.com April 2011
Current Enforcement Picture
Legal Elements of the Offense
UK Bribery Act Effective Date
Designing and Implementing a Compliance Program
Third Party Agents and Due Diligence
12 FCPA Enforcement Trends Corporate mega fines fueled by voluntary disclosure process. DOJ has dedicated additional prosecutors to FCPA cases. FBI has dedicated FCPA squad. Obama administration is continuing focus on FCPA prosecutions. FBI is using aggressive investigative tactics. DOJ is increasing use of industry-wide investigations. Dodd-Frank whistleblower bounty program will increase prosecutions by exponential factor.
FCPA – DOJ Priority 13 “As President Obama has said, ‘The struggle against corruption is one of the great struggles of our time’… Corruption is, simply put, a scourge on civil society. We must vigorously enforce our own laws that prohibit bribery of foreign officials, such as… the Foreign Corrupt Practices Act. And we must work together to support our partners in anti-corruption enforcement.” —Eric Holder, U.S. Attorney General, Nov. 7, 2009
FCPA – DOJ Priority 14 “[T]he Department’s enforcement of the FCPA is aggressive, and it’s on the rise… This year alone, we’ve collected well over $1 billion already… [L]ast year and this year combined, we’ve charged over 50 individuals. Moreover, last year we tried three FCPA cases successfully to verdict… and approximately 35 individuals currently await trial on FCPA charges in the United States. In all, our message to companies and individuals who would bribe foreign officials is clear: foreign bribery is not an acceptable way of doing business, and we won’t tolerate it.” — Lanny Breuer, Assistant Attorney General, Nov. 4, 2010
“The SEC and Justice Department are sending a clear message that those who engage in corrupt activities face a strong and united front around the world.” — Mary L. Schapiro, SEC Chairman, July 9, 2010 "The new [SEC FCPA] unit will give us the resources and the ability to do even more going forward. People on the ground will be focusing exclusively [on FCPA investigations], making them smarter about industry practices [and] problem areas.” — Cheryl Scarboro, SEC FCPA Unit Chief, Feb. 25, 2010 “We’ll explore all parties’ conduct and make a determination of the facts of each case.”It is a trend you will see going forward.” — Cheryl Scarboro, SEC FCPA Unit Chief, Nov. 8 & 10, 2010 15 FCPA Enforcement – SEC Priority
Increase in FCPA Enforcement Actions 16 2010 witnessed an 85% increase in FCPA enforcement actions over 2009, which itself was a record year. 60 48 50 40 DOJ 30 26 26 SEC 20 20 18 20 14 13 8 10 7 7 5 3 2 0 2004 2005 2006 2007 2008 2009 2010
* Eight of the top ten monetary settlements in FCPA history were reached in 2010. $900 Siemens 2008 $800 2009 $700 2010 KBR/Halliburton 2011 $600 $500 BAE Systems ENI/Snamprogetti $800 $400 Technip $579 $300 JGC Corporation Daimler $400 $200 Alcatel-Lucent $218.8 $365 $338 Panalpina Johnson & Johnson Johnson & Johnson $100 $185 $58 $52 $137 $70 $82 $0 Blockbuster FCPA Settlements 17
David Kay,American Rice, Inc. 37 months John Warwick,Ports EngineeringConsultants Corporation 37 months Robert Antoine,Haiti Telco 48 months Juan Diaz,Third party consultantto Haiti Telco 57 months Douglas Murphy,American Rice, Inc. 63 months Albert Jack Stanley,KBR 84 months Charles Paul Edward Jumet,Ports EngineeringConsultants Corporation 87 months 0 10 20 30 40 50 60 70 80 90 100 18 Most Severe Jail Sentences for FCPA Violations
DOJ is employing strategies and tactics typically used for violent gangs, drug trafficking organizations and organized crime Developing intelligence pool based on cooperating witness information gathered across all white collar cases (e.g. antitrust, fraud) Undercover Officers and Confidential Informants Search Warrants Wiretaps Seizure of assets and forfeiture 19 AggressiveLaw Enforcement Tactics
20 Two-Year Undercover Operation: Undercover informant who recorded over 5000 telephone calls and over 100 hours of video recordings. 22 Individuals arrested in Las Vegas and indicted in US District Court in DC. Take down involved over 150 FBI agents. 21 search warrants executed in US and UK. Investigation has expanded to companies and additional individuals. The “Shot Show” Sting
$70 million settlement for improper payments, gifts and travel to doctors at state-owned hospitals in Romania, Greece and Poland. Substantial discount in fine (approximately $17 million):
Cooperation against other medical deviceand pharma companies
Johnson & Johnson has provided information leading to industry-wide FCPA investigation targeting medical device and pharma practices in foreign companies. 21 Johnson & Johnson Settlement
22 Oil and Oil-Services Industry – Panalpina Investigation – Vetco settled FCPA case in 2007 based on illegal bribes made through Panalpina. Following settlement, DOJ issued at least 11 letters to oil and oil services companies, requesting information about their dealings with Panalpina. On Nov. 4, 2010, DOJ and the SEC announced settled FCPA enforcement actions against Panalpina plus six of these oil and oil services firms (most of which were Panalpina customers) totaling $236.5 million in disgorgement, fines, and penalties. Industry-Wide Investigations
Eli Lilly, Merck, Astra Zeneca, Bristol-Myers Squibb, GlaxoSmithKline, SciClone
Military and Law Enforcement Products Industry
SHOT Show Sting targets, Armor Holdings, DynCorp, Smith & Wesson, Allied Defense, Blackwater/Xe
Alcatel-Lucent, Haiti Teleco, ITXC, Latin Node, Magyar Telekom, Siemens entities, UTStarcom, Veraz
SEC recently launched industry-wide investigation against global financial companies focusing on dealings with sovereign wealth funds. Industry-Wide Investigations
24 Dodd-Frank bill created whistleblower bounty program which authorizes whistleblowers to recover between 10 and 30 percent of any settlement that exceeds $1 million. SEC has proposed regulations, selected chief of program and requested funding for 43 new positions. SEC has been inundated with whistleblower complaints and recently disclosed it has received 1-2 credible complaints each day. Businesses have filed comments opposing regulations claiming that program creates incentives for whistleblowers to avoid internal reporting programs. Whistleblower Bounty
Elements of theOffense 25
A payment, offer, authorization, or promise to pay money or anything of value to a foreign government official
Includes a party official or manager of a state-owned company, or public organizations such as World Bank or UN), or to any other person,;
Knowing that the payment or promise will be passed on to a foreign official With a corrupt motive for the purpose of (i) influencing any act or decision of that person, (ii) inducing such person to do or omit any action in violation of his lawful duty, or (iii) securing an improper advantage; Corrupt” payments extend to business advantages such as tax refunds and reductions; government inspection reports and certifications; customs clearance for improperly or illegally imported goods and equipment; expedited government registration certifications; and beneficial changes to laws and regulations 26 Elements of an FCPA Violation
27 Elements of an FCPA Violation Accounting / Recordkeeping Provisions: Under the books and records provisions, issuers must keepaccurate books and records and maintain adequate internal controls.
28 Who is liable under the FCPA? Domestic:
All US “issuers” and private companies (“domestic concerns”)
Any US corporation or national or any foreign bribery-related conduct
US citizens or foreign nationals operating in the US or using instrumentalities
Foreign corporations subject to SEC regulation (e.g., via ADRs) and using instrumentalities
All foreign corporations when in US territory, whether or not they use instrumentalities of interstate commerce
Includes directors, officers, employees,and agents of entities subject to the statute
29 Criminal Penalties For companies, criminal violations can result in:
$2 million fine for an anti-bribery violation; and
$25 million fine for a books and records violation.
Individuals face up to:
5 years in jail with a maximum $250,000 fine for an anti-bribery violation; and
up to 20 years in jail with a maximum $5 million fine for abooks and records violation.
Under a federal alternative fine provision,companies and individuals may be fined up totwice the benefit sought or received.
30 Civil Penalties
In the civil context, the SEC and DOJ can impose a $10,000 fine per violation upon individuals and companies.
The SEC may also impose further civil penalties ranging between $7,500 to $150,000 upon individuals and $75,000 to $725,000 upon companies.
Alternatively, the SEC may impose a civil penalty equal to the gross pecuniary gain to an individual or company and equitable relief, such as disgorgement of profits.
A “foreign official” includes any officer or employee of a non-U.S. government, and any officer or employee of “any department, agency, or instrumentality” of a non-U.S. government. The SEC and DOJ liberally construe the term “instrumentality” to cover employees of private company where foreign government owns controlling interest or exercises control. District court recently upheld DOJ interpretation of statute in Noriega case . Issue pending in two other cases. 31 “Foreign Official”
The SEC and DOJ liberally construe the statutory definition and apply it to interactions with employees of state-owned enterprises.
To determine whether employees of a state-owned enterprise are “foreign officials”, SEC and DOJ consider the percentage of government ownership in the enterprise and the amount of control the non-U.S. government exerts over the entity in question.
Recent FCPA settlements indicate that even a minority government ownership may be sufficient for employees to be “foreign officials.”
Limited to payments that “merely move a particular matter toward an eventual act or decision” – applies only when the government official has no discretion in performing duties.
Payment must be for something to which the payor was already entitled, e.g., the mere receipt of an application, as opposed to approval of the application.
Best practices counsel to prohibit facilitation payments entirely – 80% of U.S. companies have banned them.
34 Affirmative Defense: Reasonable Bona Fide Marketing and Promotion Payments
Reasonable and bona fide expenditures, such as travel and lodging expenses directly related to (A) the promotion, demonstration, or explanation of products or services, or (B) the execution or performance of a contract with a foreign government or performances of a contract with a foreign government or agency thereof.
Travel expenses to United States (FCPA Op. Proc. Rel. 07-01)
Product samples for testing (FCPA Op. Proc. Rel. 09-01)
Journalist stipends (FCPA Op. Proc. Rel. 08-03)
Trips to tourist destinations (US v. Metcalf & Eddy, Inc)
35 UTStarcom Incorporated (2009)
Arranged and paid employees of Chinese state-owned telecommunications companies to travel to popular tourist destinations in the United States, including Hawaii, Las Vegas and New York City, and making improper payments to consultants in China and Mongolia while knowing that they would be used to pay bribes to foreign government officials.
UTSI voluntarily disclosed the violations, and agreed to pay a $1.5 million penalty to the DOJ, plus $1.5 million to the SEC.
36 Liability for Subsidiaries – Nature Sunshine
In 2009, CEO and CFO of Nature’s Sunshine, a manufacturers of nutritional products, were held responsible under books and records provision for bribes made by employees of a wholly-owned subsidiary in Brazil.
SEC alleged that they had overall responsibility for the international operations of the company and that the people who would know about the relevant issues were under their control.
This was the first time the SEC imposed liability on individuals under a theory of "control person" liability in an FCPA case. Under that theory, the SEC may charge an individual who manages a company absent evidence that he or she knew about or participated in a bribery scheme.
37 Expanding Enforcement Theories Travel Act prohibits the use of interstate or foreign commerce or the U.S. mails to further an activity that violates state or federal bribery laws and can be used to criminalize bribes to private parties if they violate state or federal law (Control Components Inc.)
Money laundering charges permit DOJ to prosecute foreign officials—the bribe takers, intermediaries and third-party agents (Haiti Teleco)
Export control laws (Shu Quan-Sheng)
Charging a non-issuer based on theories of aiding and abetting and its role as an agent of a U.S.-issuer (Panalpina)
Control person liability for an executive’s failure to supervise (Nature’s Sunshine)
False certifications and redactions of references to bribery as part of an internal audit (Bobby Benton)
38 Cooperation Credit and Voluntary Disclosure Voluntary reporting, cooperation, and a pre-existing compliance program will result in “meaningful credit” to companies in setting fine amounts.
In Panalpina, DOJ and the SEC declined to prosecute Global Industries for any possible FCPA violations because it had a strong, pre-existing internal compliance program that allowed it to identify and disclose the issues to DOJ.
Noble Corp. received a steeply discounted fine and a non-prosecution agreement (“NPA”) in recognition of its “early voluntary disclosure, thorough self-investigation… , full cooperation with [DOJ,] and extensive remedial measures…”
Pride, Tidewater, and Transocean also received substantial discounts of 55%, 30%, and 20%, respectively, from the low end of the applicable sentencing guidelines range, in part, for disclosing the suspected violations before being contacted by DOJ.
Universal Leaf received credit from DOJ for its pre-existing compliance program, specifically its compliance hotline, that helped identify certain FCPA violations.
39 Cooperation Credit and Voluntary Disclosure At the same time, DOJ officials’ comments suggest that they expect disclosure in nearly every case: “If there is a bribe we want to hear about it, even if it is small.” — Charles Duross, Deputy Chief, DOJ’s Fraud Section and Head of its FCPA Unit, Sept. 16, 2010 “I can assure you that if you do not voluntarily disclose your organization’s conduct, and we discover it on our own,… the result will not be the same.” —Lanny Breuer, Nov. 16, 2010
Asset Forfeiture and Recovery Remains “A Global Imperative”:Continuing its focus on this topic, on July 25, 2010, DOJ announced the creation of the Kleptocracy Asset Recovery Initiative, a team of prosecutors dedicated to combating large-scale foreign official corruption, and recovering and repatriating public funds.
DOJ has already filed civil forfeiture complaints to seize U.S.-based assets of the former president of Taiwan, who was convicted of bribery there.
DOJ now routinely includes a forfeiture count in every FCPA-related charging document.
40 Asset Forfeiture and Self-Monitoring
41 Mergers and Acquisitions:Buying an FCPA Violation Acquiring company can be held liable for FCPA violations which occurred prior to the acquisition unless the acquiring company conducts a “due diligence” review:
Due diligence review will identify the past FCPA violations and the target will need to make a disclosure to the Justice Department.
Companies will have to address past FCPA violations: change in price, structure, additional warranties and indemnifications; deal could terminate or be delayed.
Similar procedure occurs in joint ventures.
42 Mergers and Acquisitions:Buying an FCPA Violation
Failure to identify and remediate can expose acquiring company or joint venture partner to FCPA liability.
Due diligence is not a legal defense but it can minimize risk of successor liability when coupled with acquiring company’s FCPA compliance commitment.
Timing of voluntary disclosures should be carefully considered since DOJ involvement raises stakes.
Due diligence has to be tailored to transaction – whether it is merger, asset acquisition, joint venture or minority stake purchase.
Overall strategy should be flexible as information is learned.
43 International Anti-Corruption Enforcementis on the Rise
UK Anti-Bribery Act
Costa Rica: Alcatel-Lucent paid $10 million to settle local corruption charges, the first time in Costa Rica’s history that it has recovered “social damages” from a foreign corporation for corruption of its own government officials.
Nigeria: Its Economic and Financial Crimes Commission (“EFCC”) reached several settlements with former FCPA defendants, including Siemens ($46.5 million), Halliburton ($35 million), and Snamprogetti ($32.5 million). On Jan. 13, 2011, the EFCC reportedly arrested 12 oil executives from firms including Noble Corp, Tidewater, and Transocean in a series of raids in connection with an alleged $100 million bribery scheme.
44 International Anti-Corruption Enforcementis on the Rise Vietnam: A Vietnamese official convicted of receiving bribes from a Japanese company was sentenced to life imprisonment and ordered to disgorge $262,000 in bribe proceeds. Spain, Netherlands, and the Czech Republic all updated their anti-bribery laws. (Spanish created criminal liability for corporations). China recently enacted new law prohibiting bribery of foreign officials. Russia is considering adopting new legislation. Canada has a robust law but enforcement is lax. OECD recently criticized Canada’s enforcement efforts and Canada is expected to increase enforcement.
UK Bribery Act:Effective this Year 45
46 UK Bribery Act:Basics
Two general offenses for bribing or taking a bribe
A discrete offense of bribing a foreign public official
A new corporate offense for failure to prevent bribery
47 UK Bribery Act:Corporation’s Failure to Prevent Bribery Person associated with a commercial organization bribes another: The term “associated persons” includes any person who “performs services for or on behalf of the relevant commercial organisation” – and may include subsidiaries, employees, agents, JV partners, consortium members. Defense to liability if the commercial organization has “adequate procedures” to prevent such bribery from occurring: A “commercial organization” includes UK entities and those companies and partnerships incorporated or formed overseas that “carry on a business or part of a business in the UK.” The bribery may occur anywhere in the world – a conviction for bribery in the local jurisdiction is not required.
FCPA & Bribery Act Similarities: 48 payment of money or anything of value; Bribery Act: “financial or other advantage” Covered: third parties (agents, consultants and distributors)and have broad extraterritorial reach BroadlyApplied to: FCPA Bribery Act Distinctions: public and private Persons: bribery of foreign official “corrupt intent” Intent: “intention to influence” corporate offense forfailing to prevent bribery; affirmative defense:had “adequate procedures” facilitation exception for “grease payment”, affirmative defenses for reasonable bona fide expenses or legal under written local law. Exceptions and Defenses: FCPA v. Bribery Act Comparison
49 The Risks of FCPA and UK Bribery ActEnforcement Action
DOJ intends to increase “joint” enforcement actions; will coordinate information sharing and enforcement actions.
No company wants to be the “guinea pig” for initial UK Bribery Act enforcement actions.
Companies need to review and revise FCPA compliance programs to address Bribery Act.
Enforcement and interpretation of Bribery Act will be dynamic and require companies to keep up with requirements.
UK Bribery Act effective date is July 1 – Ministry of Justice sought to address business concerns and restrain Serious Fraud Office Guidance addressed four key issues:
Jurisdiction over foreign corporations for failing to prevent bribery fo a foreign official
The definition of “associated persons”
Adequate procedures as a defense to the corporate offense for failure to prevent a bribe
UK Bribery Act Guidance Issued on March 30 50
Extends to non-UK companies that carries on a business or part of a business in the UK Guidance defines to require “demonstrable business presence” UK stock listing is not sufficient by itself to satisfy this requirement, nor is a UK subsidiary if it acts “independently” of the parent Key issue will be harm to UK business interests Jurisdiction Over Non-UK Companies 51
An “associated person” includes a person who performs services for or on behalf of the company, e.g. an agent, subsidiary or employee if the payment is Intended to obtain or retain business, or a business advantage, for the commercial organization (not solely for the associated person or a third party) Employees are presumptively associated persons. Bribes by a subsidiary only create liability if the subsidiary intended the parent to benefit. A supplier performing services probably is an associated person; a seller of goods probably is not Joint ventures and joint venture partners are not automatically “associated” with their members and co-venturers. A member will only have liability for JV payments if the JV performs services for the member, AND a bribe was paid with the intention of benefiting the member. Indirect benefit to the member is not enough. In some JVs, the member’s degree of control over the payor determines if the payor was performing services for the member. So, a bribe paid by a JV partner’s employee or agent will probably implicate the JV partner alone, and not the co-venturers Associated Persons 52
Proportionate procedures: Procedures to prevent bribery by persons associated with the organisation are proportionate to the bribery risks it faces and to the nature, scale and complexity of the organisation’s activities. They are clear, practical, accessible, effectively implemented and enforced. Top level commitment: Top level management should issue statement of commitment to counter bribery in all parts of the organisation’s operation. Risk Assessment: Regular and comprehensive assessment of the nature and extent of the organisation’s risks relating to bribery (more detail on later slide) Due-diligence: Polices and procedures cover all parties to a business relationship, including the organisation’s supply chain, agents and intermediaries, all forms of joint venture and similar relationships Business partners: Reputation for bribery, Linked to public office holders or Politically Exposed Persons (“PEPs”) Communication (including training): Policy and Procedures, training, and support and operational procedures Monitoring and Review Adequate Procedures – 6 Principles 53
Reasonable and proportionate” hospitality is legal Legitimate purposes: Improving your image, Presenting products and services, and Establishing cordial relations Use of limits and pre-approval is recommended MoJ examples of acceptable hospitality (private sector): Wimbledon, Grand Prix, Airport transfers, and Dining and tickets to an event MoJ examples of acceptable hospitality (FPOs): Reasonable travel and accommodation to visit mining operations Flights and hotel in New York, along with fine dining and baseball(“match”) for FPO and partner, as long as there is “genuine mutual convenience” Ordinary travel and lodgings to enable a visit to a hospital But, if hospitality is not clearly connected with business activity, or is excessively lavish, the likely inference is that it is a disguised bribe Corporate Hospitality 54
Designing andImplementing anAnti-corruptionCompliance Program 55
56 Basic Elements of FCPA Compliance Program FCPA Compliance Policy and Tone at the Top. The Company should develop and promulgate a clearly articulated and visible corporate policy against violations of the FCPA and a strong commitment from senior management. Strong policy statement should be adopted by the Board. Board and senior management should be required to make commitment to anti-corruption compliance. Compliance commitment must be demonstrated by actions.
57 Anti-Corruption Policies and Procedures The Company should develop and promulgate compliance standards and procedures which shall include policies governing: gifts; hospitality, entertainment, and expenses; customer travel; political contributions; charitable donations and sponsorships; facilitation payments; and solicitation and extortion.
58 Use of Risk Assessment The Company should develop its compliance standards and procedures using a risk assessment. The risk assessment should be a formal and documented review which examines:
the nature and extent of corruption in each country in which the company does business relying on public and internal sources of information (Transparency International, OECD, etc);
the extent of government interactions and the persons in the company responsible for such interactions; and
the use of third-party agents, consultants in each country.
Corruption Risks in China, Taiwan, and South Korea China SouthKorea Taiwan 59
60 Ongoing Assessment Annual Review. The Company should review its anti-corruption compliance standards and procedures, on no less than an annual basis to ensure they are working. Ongoing Assessment. The Company should conduct ongoing assessments of its FCPA compliance program.
During the year, spot checks and quarterly audits of the compliance program should be conducted.
Dynamic process for modifying the compliance program should be made as new information is learned.
61 Senior Management Oversight and Reporting The Company should assign responsibility to one or more senior corporate executives of the Company for the implementation and oversight of its Company's anti-corruption policies. Company should designate a compliance officer in senior management and provide adequate resources to compliance office.
Compliance officer should be separate from General Counsel and internal auditing functions.
62 Internal Controls The Company should ensure that it has a system of internal controls for the purpose of foreign bribery or concealing bribery. Internal controls are key to identifying and preventing bribery. Internal audits must be supplemented with forensic audits since internal audits hinge on “materiality” and may not catch bribery schemes. Every expenditure of money where bribery may occur should have specific controls and management procedures to prevent bribery (e.g. gifts and hospitality, review form for certain amounts and review by compliance and legal offices).
63 Training FCPA training which shall include: (a) training for all directors and officers, and, where necessary and appropriate, employees, agents, and business partners; and (b) annual certifications, certifying compliance with the training requirements. Training programs should be tailored to different audiences and risks. Offices that have interactions (sales and regulatory) with foreign officials should have different program from senior management. Legal and compliance staff throughout organization should have separate training program.
64 Ongoing Advice and Internal Reporting The Company should establish or maintain an effective system for
Internal Reporting; and
Response to such internal reporting
Internet-based guidance and reporting systems Hot-line reporting system for employees to make anonymous reports Detailed procedure for review and response to internetand hot-line reports
65 Discipline The Company should have appropriate disciplinary procedures to address violations of the anti-corruption laws and the Company's anti-corruption compliance code, policies, and procedures. Specific disciplinary procedure should be adopted for employees who commit corruption offense. No tolerance policy should be adopted and enforced.
66 Foreign Business Foreign Business Representatives.The Company shall:
Perform appropriate due diligence on foreign business representatives;
Inform foreign business partners of its FCPA compliance program;
Seek reciprocal written anti-corruption and anti-bribery commitments from its foreign business partners.
Compliance Terms and Conditions.The Company should include FCPA terms and conditions in its contracts with foreign business partners.
Third Party Agentsand Due Diligence 67
Screen the Initial Terms of Relationship with Third Party:
Review the creation of relationship, or any subsequent changes to responsibilities or countries where agent operates.
Establish procedure for centralized review of contracts to ensure consistent standards.
Depending on size of company, should establish review at highest level within the company.
Develop a Different Screening Procedures for Review of Individual Transactions. Due Diligence Screening of Third Party Agents 68
69 Guidelines for Due Diligence Process Do not over-standardize procedure.
Need to tailor to individual circumstances in each country based on risk.
Need to conduct background check to determine (5-10 year history).
Existence of ties to foreign government officials and employees.
Existence of any pending or prior investigations of bribery or other criminal conduct or civil violations.
Create written package and record of review and approval process to demonstrate compliance.
70 Basic Issues to Cover Existence of relationships with foreign government officials
Licensing or other regulatory authorities
Prior history of bribery and other crimes Nature of services, compensation and payment method Written contract
Representations and warranties on compliance
Right to inspect and audit third-party books
Right to terminate contract if believe violation has or will occur
71 Red Flags Due diligence review of relationship or individual transactions must include red flags which require additional investigation before approval. Red flags are facts and circumstances that raise serious questions of an FCPA violation. Companies which ignore red flags run the risk of FCPA enforcement actions, criminal fines and the need for costly remedial measures. A red flag only means that further scrutiny is warranted.
72 Red Flag Procedure Red flags should be tailored to each country and the relevant risks. Red flags should be categorized based on risk factors (some are significant and require more investigation than others).
Due Diligence Ryan Morgan Anti Corruption Specialist WorldCompliance
A few thoughts - The perfect FCPA program Elements of a program that stands up to the Justice Department: The settlement in late 2010 between RAE Industries and the Justice Department and SEC included a detailed outline of “best practices” for a forward-looking FCPA compliance program. Code of Conduct, Tone at the top, Anti-Corruption Policies and Procedures, Use of Risk Assessment, Annual Review, Oversight and Reporting, Internal Controls, Training, Ongoing Advice and Guidance, Discipline, Use of Agents and Business Partners, Contractual Terms And Conditions, Ongoing Assessment Over 2/3 of all penalties for FCPA noncompliance had a failure in the Due Diligence process
A few thoughts - The perfect FCPA program Elements of a program that stands up to the Justice Department: Bullet point 11: Exercise appropriate due diligence and implement compliance requirements to ensure proper oversight of agents and business partners. These requirements should include: performing risk-based due diligence for “the hiring and appropriate and regular oversight of agents and business partners”; informing agents and business partners of the company’s commitment to follow the laws against foreign bribery and of the standards, procedures and other measures the company has in place to detect and prevent bribery; and seeking a reciprocal commitment from agents and business partners. Bullet point 12: Include standard provisions in agreements and contracts with agents and business partners that are designed to prevent violations of the anti-corruption laws. These provisions might include, depending on the circumstances: anti-corruption representations and undertakings; rights for the company to conduct audits of the books and records of the agent of business partner; rights for the company to terminate its relationship with an agent or business partner as a result of any breach of anticorruption laws. Conduct periodic review and testing of thetionship with an agent or business partner as a result of any breach of anticorruption laws
Question: How do you risk rate your 3rd parties? Geography? Value/Revenue potential? Reputation? History of adverse media? Ties to Foreign Government? Lack of information?
Risk Assessment should cover all relationships: Systematic Due Diligence High Risk TI High Risk Countries/Lack of anti bribery laws Company with history of illicit behavior Strong ties to foreign government Medium Risk TI Medium Risk Countries Company without Companies in industries of high risk (Oil, Defense, etc.) Low Risk TI Low risk countries Companies with adverse media High Risk Medium risk Low Risk
Step1. Who they are Who “they” are – Identity Verification
They – any agent, distributor, M & A
partner, client and vendor (TiPS)
Verification confirms they are “who we thought they were”
Works well in 10 Countries, other places…
“Who they are” is just half the pie
William Kelleher - Reseller in Ireland CarraignabhFear Cork City, Ireland DOB 1/15/1972 78
Step 2. Who they aren’t… Due diligence confirms Who they aren’t - Negative Database
3rd Party is not affiliated with a foreign government, SOE, purchasing decision for a government entity
3rd party is not being investigated for corruption (or fraud, or money laundering, etc.)
William Kelleher Billy Kelleher President, XYZ FO Mstr. of State ,Trade and Commerce CarraignabhFear 1st Street Cork City, Ireland Dublin, Ireland DOB 1/15/1960 DOB 1/20/1968 79
Pillars of Systematic Due Diligence Take out the Garbage - Validate your information, gather critical data such as owners Details Knock down the silos – create a central database that is consistent for all 3rd parties Screen – Prove who they aren’t, investigate Corruption happens every day, so should your due diligence Document, Document, Document 80
GIGO - “Check the Box” is not a sound policy Company: ABC Corporation Location: Hong Kong Owner: 唐老鸭 TLI – Too Little Information You can’t prove “who they aren’t” without the proper information: WorldCompliance has 140 Foreign Officials or their contacts containing “Juan and Ramirez” Without a UI, Unique Identifier, you can waste valuable time and money proving who they are 81
Building Blocks of Systematic Due Diligence Take out the Garbage - Validate your information, gather critical data such as owners Details Knock down the silos – create a central database that is consistent for all 3rd parties Screen – Prove who they aren’t, investigate Corruption happens every day, so should your due diligence Document, Document, Document 82
Decentralized Vetting Process Deconflicting
First Line of defense
Important mechanism of controls
Only part of your program that protects you continuously
Building Blocks of Systematic Due Diligence Take out the Garbage - Validate your information, gather critical data such as owners Details Knock down the silos – create a central database that is consistent for all 3rd parties Screen – Prove who they aren’t, investigate Corruption happens every day, so should your due diligence Document, Document, Document 84
How do you recognize a Red Flag? Definition: a flag that serves as a warning signal “Existence of Relationships with Foreign Government Officials” -Gather the name of the owners/executives of the 3rd Parties -Compare against a reputable database of Foreign Officials – Screening “Prior History of Bribery and other Crimes” -On average Google finds 500 new articles on “corruption investigation” -Company or Person with history of fraud or money laundering may be a precursor to corruption risk 85
Screening: Finding red flags 1 of a million documented foreign officials or their contacts 1 of tens of thousand of persons investigated for corruption 1 of thousands known corrupt foreign officials
Building Blocks of Systematic Due Diligence Take out the Garbage - Validate your information, gather critical data such as owners Details Knock down the silos – create a central database that is consistent for all 3rd parties Screen – Prove who they aren’t, investigate Corruption happens every day, so should your due diligence Document, Document, Document 87
Corruption happens everyday - Due diligence is continuous 88
Due diligence is continuous 89
The convergence of processes 90
The convergence of processes 91
Systematic Due Diligence Your Checklist should used to gather information, not checking boxes Not a one time check, ongoing due diligence is just about who they are “not” There is no DOJ “anti corruption” certificate, yet, screen, screen, screen – and document Training is a component of your program, not the program The Process should cover all types of risk 92
Metawatch License (Initial Due Diligence/Investigations)
Multilingual Web Interface
Multilingual Name Matching
Zyng monitoring application (Ongoing Due Diligence)
Enables continuous screening of all relationships
Advanced Name Matching intelligence
Authenate (Systematic Due Diligence Service)
Wco verifies critical information for client
No IT involvement or data conflicts
Allows company to create a single portal for all 3rd party due diligence
MetaWatch – Real time “instant” level 1 due diligence WorldCompliance Luis Fernando Jamarillo
The Company they keep…. WorldCompliance
Ongoing Due Diligence: periodic scanning of your business contacts World Compliance Global Database Sanctions, Foreign Officials, Illicit Behavior Match Report based on the following:
Dates of Birth
Passport/National ID Number
Zyng Name Matching Tool Your database of current relationships Vendors/Agents Distributors Customers M&A Partners
Monitoring – risk profiles for relationships change over time Vendors/ Agents World Compliance Global Database GSL, GPL, GEL, GAL,GIL Employees Alerts Customers Partners Name Matching Software Name Matching Report
Authenate - A New Solutions
Gather and clean your information on your Tips
Create central registration site for your company
Screen against the largest database of FOS, bad guys
Monitor your TiPS and alert you to new risk
Create an audit trail that tracks all decisions, and documents
Review WorldCompliance With the FCPA, the “long arm” of the US Justice System just got longer….. Due diligence is the cornerstone of your Anti Corruption and Anti Fraud programs WorldCompliance offers the largest database of Foreign Officials, the largest and most comprehensive database of high risk persons = the most protection With Authenate, we can offer a true systematic due diligence process to providing complete protection for your organization
Contact Ryan Morgan Direct: +305.815.0809 RyanM@worldcompliance.com Richard L. Cassin firstname.lastname@example.org Michael Volkov Direct: (202) 263-3288 Cell: (240) 505-1992 email@example.com