Previous posts (here and here) have discussed FCPA insurance. One of the industry participants offering this new product is Marsh (see here for its FCPA Corporate Response).
In this Q&A, Machua Millett (Senior Vice President and General Partner Liability Product Leader at Marsh) answers questions about FCPA Corporate Response as well as other issues presented by FCPA insurance. Prior to joining Marsh, Millett practiced law at Skadden Arps, Bingham McCutchen and Edwards Angell Palmer & Dodge.
Why is FCPA insurance needed? What was your “ah-ha” moment in developing this product?
FCPA investigation costs insurance is needed because existing insurance products were leaving companies and their employees largely unprotected against one of their major potential liabilities in conducting international business. Our “ah-ha” moment came after one too many clients had come to us seeking an insurance solution, and we had to tell them that no comprehensive FCPA investigation costs insurance product existed. So we collaborated with an A-rated insurance company to create and launch a solution.
Describe in detail the product Marsh is offering.
The product, exclusively available through Marsh, is called FCPA Corporate Response. It is an insurance policy that funds investigation costs resulting from any regulatory investigation by any regulator in the world concerning alleged bribery of a government official.
The four main pillars of the policy are the definitions of Investigation Costs, Claim, Insured, and Wrongful Act.
Investigation Costs includes all fees and expenses of attorneys, experts, consultants, accountants, auditors, and any other professionals a company typically hires in the course of conducting or defending itself against an anti-corruption investigation. This definition is significantly broader than most directors and officers liability (D&O) policies, which generally cover only attorneys’ fees. This is not by accident. In our experience, companies caught up in an FCPA investigation incur significant accounting and consulting fees in addition to legal fees, and we wanted all such investigation costs covered by this policy. It is important to note, however, that this policy only covers investigation costs. It does not cover settlements, judgments, damages, wages/salaries, fees of directors/officers/employees, costs of compliance/remedial measures or fines and penalties, (most of which would de deemed uninsurable by insurers, regardless).
Claim includes any civil, criminal, administrative and/or regulatory investigation or inquiry brought by any U.S. or foreign regulator, with the trigger broadly defined to include any written notice of such investigation or inquiry. In addition to this broad claim trigger, the policy also provides pre-claim inquiry coverage for internal investigations. This means that any investigation costs incurred as part of a company’s internal investigation prior to regulatory involvement is covered on a retroactive basis when a company self-reports or a regulatory investigation or inquiry is otherwise initiated.
Insured includes all entities and individuals that might be implicated as part of an FCPA investigation of a company, including all subsidiaries, affiliates, directors, officers, employees, foreign equivalents, consultants, agents and independent contractors. These last three categories are of particular importance, as nearly 80 percent of FCPA investigations arise from the activities of such third-party agents and independent contractors, who are often not treated as insureds under standard D&O policies.
Wrongful Act means: any actual or alleged violation of the FCPA, including criminal bribery allegations and civil recordkeeping allegations; and any actual or alleged violation of any other law, treaty, regulation or act that, but for geography, would also constitute a violation of the FCPA. The definition of Wrongful Act is quite broad in terms of geography, potentially-implicated conduct, and potentially relevant laws. However, it is important to note that the policy’s coverage does not extend to aspects of foreign corruption laws like the U.K. Bribery Act that are broader than the U.S. FCPA. In the case of the UKBA, the two most relevant examples would be the UKBA’s prohibition of commercial bribery and lack of an exception for facilitation payments. Where an investigation under a foreign statute involves both FCPA-type allegations (bribery of a government official) and non-FCPA-type allegations (say commercial bribery), investigation costs would have to be allocated between covered and uncovered aspects of the investigation.
The policy contains only two exclusions, both of which are directed toward the simple idea that a company cannot buy insurance for a burning building. The first exclusion bars coverage for a prior or pending investigation and the second exclusion bars coverage for any matter that was known at a truly corporate level — by the general counsel of the Named Insured — at the time of application for the policy and later develops into a regulatory investigation or inquiry. It is also relevant in this regard to note that just as a company may not buy insurance for a burning building, it may not purchase a burning building and expect coverage under the policy. Although the policy provides automatic coverage for new subsidiaries, coverage only applies to wrongful acts that occurred after the acquisition. Transactional risk insurance products do exist that can be used to mitigate acquisition risks around FCPA issues.
The FCPA contains both anti-bribery provisions and books and records / internal controls provisions. The latter provisions are generic in scope and don’t require foreign conduct to be implicated. Does the product cover the range of circumstances in which the FCPA books and records and internal controls can be implicated?
As mentioned before, FCPA Corporate Response does provide investigation costs coverage for both anti-bribery and books and records and internal controls. Anything that is a violation of the FCPA, or would be but for geography, will trigger the policy’s definition of wrongful act.
One of the reasons for the increase in FCPA enforcement is the increase in corporate voluntary disclosures, an event which often prolongs FCPA scrutiny for many years and results in lucrative professional fees for those involved in the investigation and disclosure. Will FCPA insurance increase the number of corporate voluntary disclosures on the theory that the downside of corporate voluntary disclosures (longer period of scrutiny which leads to higher professional fees) will be covered?
We have had some people comment that the policy seems to create an incentive to self-report, both generally because the company has the investigation costs insurance, but more specifically to trigger coverage for internal investigation costs. While this may be, I find it somewhat hard to believe that the existence of the policy will prevail over other considerations; after all, the policy does not cover FCPA fines, penalties, or remedial measures. However, the policy certainly doesn’t create any disincentive against self-reporting.
Will FCPA insurance lead to more aggressive business conduct in foreign markets?
I don’t think so. Again, the policy does not cover fines and penalties and other costs that we have seen reach the hundreds of million of dollars. The policy covers investigation costs. FCPA Corporate Response is most certainly not meant to be a replacement for a robust FCPA compliance program at a company, but instead is meant to be a compliment or backstop to such a program based on the realization that no compliance program, no matter how robust, can prevent the rogue activities of one employee or independent agent