Archive for the ‘Individual Enforcement Action’ Category

Little New Information Of Significance In SEC Director Ceresney’s FCPA Speech

Thursday, November 19th, 2015

CeresneyYesterday’s post highlighted Assistant Attorney General Leslie Caldwell’s recent speech before a Foreign Corrupt Practices Act audience.

Today’s post provides equal time to Andrew Ceresney’s (Director of the SEC’s Enforcement Division) FCPA speech to the same audience.

To those well-versed on prior SEC FCPA policy speeches, there was little new information of significance in Ceresney’s speech (and you can assess this for yourself by visiting this subject matter tag which highlights every SEC FCPA policy speech in the public domain over the last several years). Indeed, significant portions of Ceresney’s speech were near carbon copies of prior speeches he delivered at the same event one year ago and two years ago (see here and here for prior posts).

[From a LinkedIn comment: "I agree with your assessment of Director Ceresney's speech. In fact the majority of the attendees who were present during the luncheon speech felt the same way. And judging from his presentation, he was hardly enthused about the speech. Basically, it was just read off paper word for word not even looking up. But you also have to put his speech in the proper context. It was something designed to take up the slack time between the main meal and waiting for the dessert to come out."]

The only new item in Ceresney’s speech was the following statement: “the Enforcement Division has determined that going forward, a company must self-report misconduct in order to be eligible for the Division to recommend a DPA or NPA to the Commission in an FCPA case.”

As a practical matter, this statement is not very significant as the SEC has only used NPAs or DPAs three time since the SEC authorized their use in 2010. Moreover, the SEC has handled voluntary disclosure in the FCPA context in several different ways.  In certain instances, civil complaints are filed in connection with voluntary disclosures; in other instances, administrative cease and desist orders are used in connection with voluntary disclosures; and in other instances  - as noted by Ceresney – NPAs and DPAs are used in connection with voluntary disclosures.

Prior to excerpting Ceresney’s speech, a few observations about the individual prosecution and BHP Billiton portions of the speech.

Individual Proseuctions

Ceresney stated:

“Outside the FCPA context in particular, over the last five years, 80% of the SEC’s enforcement actions (excluding follow-on administrative proceedings and delinquent filings) have involved charges against individuals.  This focus on individuals also applies to FCPA cases.”

Ceresney did not provide statistics for individual prosecutions in connection with corporate SEC enforcement actions so I will. As noted in prior posts here and here, since 2008 83% of SEC corporate FCPA enforcement actions have not resulted in any SEC charges against company employees.

No doubt in recognition of these FCPA specific statistics, Ceresney attempted to articulate why FCPA enforcement actions against individuals “present formidable challenges.” However, most of the factors listed are also present in corporate FCPA enforcement actions. There is however a key difference.  In the FCPA’s history, it is not believed that the SEC has ever had to prove a case against an issuer whereas individuals are more likely to, and have, put the SEC’s to burden of proof and the SEC has never satisfied its ultimate burden of proof against an individual when this happens.

BNY Mellon / Anything of Value

Similar to his speech last year at the same event, Ceresney devoted a material portion of his remarks to an FCPA element that is seldom the focus of much discussion:  anything of value.   In the words of Ceresney “enforcing the FCPA to its fullest extent.”

Ceresney provided a list of questions regarding less tangible things of value that will be of value to compliance practitioners.

In connection with this portion of his speech, Ceresney defended the SEC’s enforcement action against BNY Mellon which focused on the company’s internship practices. He called criticism of the enforcement action “unfounded.”

However, Ceresney failed to address many of the other criticisms of the enforcement action not necessarily connected to the anything of value element such as corrupt intent, obtain or retain business, and other statutory issues. (See here).

The remainder of this post excerpts Ceresney’s speech.

“Pursuing violations of the FCPA remains a critical part of the SEC’s enforcement efforts.  The SEC has taken a lead role in combatting corruption worldwide, enforcing the FCPA vigorously against issuers and individuals within its jurisdiction and working with foreign partners to enhance their anticorruption efforts.

The Division of Enforcement – including its specialized FCPA Unit, as well as other members of the staff – continues to be very active holding wrongdoers accountable for FCPA violations.  The Commission’s enforcement efforts over the last ten years, along with those of our partners at the DOJ and FBI, have resulted in a sea change in enhancing the focus on FCPA compliance issues.


I thought I would spend some time this afternoon discussing a few issues that are important to the SEC’s FCPA program: self-reporting and cooperation; holding individuals accountable for FCPA violations; cooperation with foreign regulators; and ongoing efforts to ensure that the FCPA is enforced to its fullest extent.

The Importance of Self-Reporting and Cooperation

I want to start with the importance of self-reporting and cooperation in FCPA cases.  The Commission launched its formal cooperation program a little more than five years ago, and as I have explained in other contexts, it has been a great success overall.  Even before that formal cooperation program was implemented, the SEC was rewarding cooperation in FCPA matters, and it has continued to do so under the more formal program.  In the last fiscal year alone, the Commission gave significant credit for cooperation in more than half a dozen cases.  These included the settlement with Layne Christensen, which included a significantly reduced penalty of 10% of the disgorgement amount; a settlement with PBSJ, where we entered into a deferred prosecution agreement and the penalty was a small fraction of disgorgement; and a settlement with Goodyear, which was the first case where the Commission agreed not seek any penalty in recognition of the company’s significant cooperation.  These cases should send the message loud and clear that the SEC will reward self-reporting and cooperation with significant benefits.  Companies should understand that the benefits of cooperating with the SEC are significant and tangible.

Let me spend a moment on self-reporting because that is an issue that has attracted lots of attention in recent years.  Self-reporting is critical to the success of SEC’s cooperation program.  Self-reporting allows the Enforcement staff to discover misconduct more quickly and reliably than otherwise would be possible.  In certain cases, particularly when misconduct occurs overseas, companies may be in a better position to quickly investigate misconduct and the information provided by companies as part of their self-reporting often gives a significant head start on our investigations.

Self-reporting also is a valuable tool for parties who want to maximize the benefits available for cooperation.  As the cases I just mentioned make clear, there are significant benefits available to companies who self-report violations and cooperate fully with our investigations.  Benefits range from reduced charges and penalties, to deferred prosecution or non-prosecution agreements – known as DPAs or NPAs – in instances of outstanding cooperation, or in certain instances when the violations are minimal, no charges.

However, beyond these benefits, which are the carrot, there is also a stick that should further incentivize self-reporting.  Companies that make a decision not to self-report misconduct take the chance that the Enforcement Division will learn of this misconduct through other means.  The SEC’s whistleblower program has created real incentives for people to report wrongdoing to us.  If the Enforcement Division finds the violations through its own investigation or from a whistleblower, the consequences to the company will likely be worse and the opportunity to earn additional cooperation credit may well be lost.  As I’ve said before, when discussing our cooperation program in general and specifically in the FCPA context, companies are gambling if they fail to self-report FCPA misconduct to us.

Given the importance of self-reporting to our FCPA investigations, the Enforcement Division continues to looks for ways to encourage self-reporting of violations through our cooperation program.  Towards that end, the Enforcement Division has determined that going forward, a company must self-report misconduct in order to be eligible for the Division to recommend a DPA or NPA to the Commission in an FCPA case.  I am hopeful that this condition on the decision to recommend a DPA or NPA will further incentivize firms to promptly report FCPA misconduct to the SEC and further emphasize the benefits that come with self-reporting and cooperation.

It is important to note here that while the Division will require a company to self-report in order to be eligible for a DPA or NPA, self-reporting alone is not enough.  Determinations of how much credit to give an entity for cooperation, including whether to take the extraordinary step of entering into a DPA or NPA, are made by evaluating the broad factors set out by the Commission in the Seaboard report. In addition to self-reporting, these factors include a corporation’s self-policing, remediation, and cooperation. While DPAs and NPAs are valuable tools, they reflect a significant level of cooperation and have been a relatively limited part of Commission enforcement practice.  I think this is appropriate and should continue to be the case.  But the Division will not even consider this step if a company fails to self-report.

Requiring a company to self-report potential FCPA violations in order to be eligible for a DPA or NPA is consistent with the SEC’s practice since the introduction of our formal cooperation program in 2010.  In each FCPA case where the SEC entered into a DPA or NPA, the company involved self-reported the violations, and then provided significant cooperation throughout the investigation.

The most recent example is the DPA the Commission entered into with PBSJ Corporation earlier this year.  In that case, the Commission charged a former officer of the Florida engineering and construction firm with violating the FCPA by offering and authorizing bribes and employment to foreign officials to secure Qatari government contracts. The Commission determined that a DPA with the company was appropriate.  PBSJ self-reported the violations to the SEC, took immediate steps to end the misconduct, and fully cooperated with the investigation, including voluntarily making foreign witnesses available for interviews and providing factual chronologies, timelines, internal summaries, and full forensic images to the SEC.  Under the DPA, PBSJ agreed to pay more than $3 million in disgorgement and prejudgment interest and a penalty of $375,000 – approximately 10% of the disgorgement level – and to comply with certain undertakings.

Similarly, in 2013 the Commission entered into its first ever FCPA NPA with Ralph Lauren Corporation in connection with bribes paid by a subsidiary to government officials in Argentina.  In determining to enter a NPA with the company, the Commission recognized the company’s prompt self-reporting of the violation – within two weeks of discovering the illegal payments – and its extraordinary cooperation with the SEC’s investigation, which included voluntarily and expeditiously producing relevant documents, providing translations of foreign-language documents, providing witness interview summaries from its internal investigation, making overseas witnesses available, and bringing witnesses to the U.S.  The Commission also took into account significant remedial measures undertaken by Ralph Lauren.  Under the NPA, the company paid more than $700,000 in disgorgement and pre-judgment interest.

Finally, self-reporting was a key consideration leading to the DPA with Tenaris, S.A., in 2011, which was the SEC’s first DPA since the introduction of the cooperation program.  The agreement with Tenaris involved allegations that the global manufacturer of steel pipe products made almost $5 million on contracts obtained through bribes of Uzbekistan government officials during a bidding process to supply pipelines for transporting oil and natural gas. The Commission determined that a DPA with Tenaris was appropriate.  The company immediately reported the violations to the SEC, conducted a thorough internal investigation, fully cooperated with the investigation, and implemented significant remediation efforts.  Under the DPA, Tenaris paid $5.4 million in disgorgement and prejudgment interest and agreed to enhance its compliance practices.  Tenaris paid no penalty.

I hope that by highlighting the benefits of cooperation and detailing the efforts companies took to self-report and cooperate, the Enforcement Division can help provide a blueprint for companies regarding what kind of cooperation and remediation efforts are required to maximize the benefits of the SEC’s cooperation program.

Focus on Individual Liability

The next area I want to talk about today is our focus on individual liability.  Holding individuals accountable for their wrongdoing is critical to effective deterrence and, therefore, the Division considers individual liability in every case.  Outside the FCPA context in particular, over the last five years, 80% of the SEC’s enforcement actions (excluding follow-on administrative proceedings and delinquent filings) have involved charges against individuals.  This focus on individuals also applies to FCPA cases.  When we are able to recommend a case against individuals for FCPA violations, we do so.

However, it is also true that FCPA cases often present formidable challenges to establishing individual liability.  In most FCPA cases, the individuals most directly involved in the wrongdoing are foreign nationals who live outside the United States.  As a result, it is often difficult to establish personal jurisdiction over potential wrongdoers, particularly if they are employees of the foreign subsidiary rather than the parent issuer.  In addition, most of the witnesses and documents are located overseas, which presents evidentiary challenges.  The cases are very time-consuming and resource-intensive to litigate, and if the wrongdoer is a foreign national with no assets or ties to the U.S., recoveries may be limited.  Finally, given the evidentiary challenges and complexity of FCPA investigations, the statute of limitations also complicates these cases.  The statute of limitations applicable to Commission actions is not tolled when foreign evidence requests are outstanding.

However, where the Division’s investigations find sufficient evidence to bring charges and establish personal jurisdiction, the Commission brings those cases.  Over twenty percent of the SEC’s FCPA cases this past year were brought against individuals, sometimes in conjunction with a case against the issuer, and sometimes before or after the issuer case was brought.  In the PBSJ case I discussed earlier, while the Commission entered into a DPA with the company, it charged the former PBSJ officer who orchestrated the scheme with violating the anti-bribery provisions of the FCPA.  As set out in the SEC’s order, the officer offered to funnel funds to a local company owned and controlled by a foreign official in order to secure two multi-million Qatari government contracts for PBSJ and also offered employment to a second foreign official in return for assistance as the bribery scheme began to unravel. The officer agreed to settle the charges and pay a significant penalty.

In August, the Commission brought charges against a former executive at a worldwide software manufacturer for violating the FCPA by bribing Panamanian government officials through an intermediary to procure software license sales.  As set out in the SEC’s order, the executive orchestrated a scheme to pay bribes to one government official and promised to pay two others in order to obtain four contracts to sell software to the Panamanian government.  The executive, who lives in Miami, agreed to settle the charges and disgorge all of his ill-gotten gains.

And earlier this fiscal year, the SEC charged two former employees in the Dubai office of a U.S.-based defense contractor with violating the FCPA by providing government officials in Saudi Arabia with improper benefits to help secure business for the company.  The individual employees settled the charges and each agreed to pay a significant penalty.

The Commission is committed to holding individuals accountable and I expect you will continue to see more FCPA cases against individuals.

Effective Coordination with International Regulators and Law Enforcement

One of the reasons we’ve been able to achieve such success in our FCPA cases over the past few years – both against companies and individuals – is the Division’s effective coordination with international regulators and law enforcement.  In today’s globalized marketplace, the SEC’s ability to protect investors and maintain fair and efficient markets is often dependent on Enforcement’s ability to investigate misconduct that takes place, at least in part, abroad.  This is especially true with FCPA investigations, which routinely rely on evidence obtained from foreign jurisdictions, and often are conducted in parallel with foreign governments.

Over the past five years, the Enforcement Division has experienced a transformation in the ability to get meaningful and timely assistance from international partners.  Enforcement has greatly expanded its efforts to obtain evidence of potential wrongdoing from around the globe with the assistance of the SEC’s Office of International Affairs and continues to strengthen our partnerships with other countries.  There has also been an important trend of significant growth in focus and legislation on corruption issues worldwide over the last few years.  The result has been a tremendous increase in cooperation from other governments and better access to evidence in foreign countries.

This increased coordination helps the SEC successfully conclude significant enforcement actions.  For example, assistance from foreign authorities was critical to the Commission’s recent case against Hitachi.  The investigation was greatly assisted by the African Development Bank and the South African Financial Services Board.  And the resulting case charged Hitachi with violating the FCPA by inaccurately recording improper payments to a front company for the African National Congress – the ruling party in South Africa – in connection with contracts to build two power plants.  The company agreed to settle the charges and pay a $19 million penalty for its FCPA violations.

In April of this year, the SEC also charged FLIR Systems, Inc. for violating the FCPA by financing what an employee termed a “world tour” of personal travel for government officials in the Middle East who played key roles in decisions to purchase products from FLIR. The Commission’s order found that FLIR earned more than $7 million in profits from sales influenced by the improper travel and gifts.  We received valuable assistance in our investigation from the United Arab Emirates Securities and Commodities Authority.  To settle the matter, FLIR agreed to pay more than $9.5 million in disgorgement and penalties and report its FCPA compliance efforts to the agency for the next two years.  In the BHP Billiton matter I mentioned earlier, the Division received assistance from the Australian Federal Police.

These are just three recent examples of the Division’s success in working with the international community to receive documents and other types of foreign assistance.  I fully expect the pace and extent of foreign agencies’ cooperation in the FCPA space to grow over the coming years as the Division continues to forge new relationships abroad and strengthen those we already have.

Enforcing the FCPA Statute to its Fullest Extent

Finally, I thought I would say a few words about the Commission’s efforts to enforce the FCPA to the fullest extent of the statute.  As this audience surely knows, the statute precludes the payment or provision of “anything of value” to a foreign official in order to induce that official to take official action or obtain an improper advantage for the purpose of obtaining or retaining business.

And of course “anything” of value is, on its face, a broad term.  Obviously, cash payments count.  Similarly, tangible gifts to foreign officials undoubtedly qualify as things of value.  But the Commission has also successfully brought FCPA cases where other, less traditional, items of value have been given in order to influence foreign officials.  For example, last year, I discussed a series of cases in which the Commission brought bribery charges against companies that made contributions to charities that were affiliated with foreign government officials, provided no-show jobs to the spouse of a foreign official, or paid for the honeymoon of a foreign official’s daughter, all to induce those officials to direct business to the companies.  Each of these benefits qualifies as something of value under the FCPA statute.

The SEC’s recent case against BNY Mellon, its first FCPA case against a financial institution, also illustrates this approach.  The Commission’s case charged that the firm violated the FCPA by providing valuable student internships to family members of foreign government officials affiliated with a Middle Eastern sovereign wealth fund.

Some have expressed concern about these cases, arguing that it is difficult to draw a clear line between what constitutes a violation and what does not, in cases involving less traditional items of value.  In my view, these concerns are unfounded.  The line between what is acceptable and what constitutes a violation of the law is in the same place it always has been:  when something of value – which can include a gift, donation, favor, or hiring decision – is given or taken with intent to influence the foreign official in his or her official actions or obtain an improper advantage.  While this analysis is dependent on the facts and circumstances of each particular case, it is the same analysis companies routinely conduct when considering how their employees interact with government officials in the course of business. The relevant questions include:

  • Was the gift, donation, favor, or hiring asked for by the foreign official?
  • Did the company official believe that the gift, donation, favor, or hiring would advance their business interests and help them obtain particular business, or at least obtain an improper advantage with the foreign official?
  • Was the gift, donation, favor, or hiring consistent with company policy and practice?
  • Were the company’s normal procedures followed in connection with the gift, donation, favor, or hiring?
  • Would the gift, donation, favor, or hiring have been made if there were no potential business benefit?

In the BNY Mellon case for example, the Commission’s order described the following facts.  The sovereign wealth fund officials explicitly and repeatedly requested the internships and the BNY Mellon employees viewed providing the internships as important to keeping the sovereign wealth fund’s business and potentially obtaining new business.  Indeed, one BNY Mellon employee stated that failure to provide the internships would “potentially jeopardize our mandate” with the sovereign fund and another stated that providing the internship was “the only way” to increase BNY Mellon’s share of business from the sovereign funds’ European office. In addition, the bank did not evaluate or hire the officials’ relatives through its internship program, which had stringent standards, including a minimum grade point average, relevant prior work experience, and multiple rounds of interviews.  In fact, the family members hired did not meet the basic entrance standards for any established BNY Mellon internship program, did not have the requisite academic or professional credentials, and were not even required to interview before being offered the positions.

Under these circumstances, I would suggest that there was ample basis for viewing the internships as something of value to the foreign officials who requested them for their relatives, and for concluding that they were given in an attempt to influence the foreign officials in connection with the performance of their official duties or to obtain an improper advantage from the foreign officials.

As I’ve said before, bribes come in many shapes and sizes.  And in my view, the FCPA is properly read to cover providing valuable favors to a foreign official, as well as providing cash, tangible gifts, travel or entertainment.


To sum up, the Enforcement Division is committed to aggressively pursuing violations of the FCPA by entities and individuals.  We will continue to use our cooperation program and to coordinate with international regulators and law enforcement to do so more effectively.  It is my hope that we can continue to build on the solid foundation we have created for FCPA compliance in the coming years.”

Enforcement Officials Speak On Compliance And Individual Accountability

Thursday, November 5th, 2015

SoapboxThis post summarizes two recent speeches by DOJ/SEC enforcement officials that touched upon topics relevant to Foreign Corrupt Practices Act enforcement.

In the first speech, Assistant Attorney General Leslie Caldwell, speaking at a financial industry event, focused her comments on compliance and the DOJ’s new compliance attorney position.

In the second speech, SEC Chair Mary Jo White talked about SEC enforcement strategies.

Caldwell’s Speech

As indicated above, Caldwell focused her comments on compliance and the DOJ’s new compliance attorney position.  For prior posts on these topics, see here and here including why the DOJ should be in favor of a compliance defense.  See also “Revisiting a Foreign Corrupt Practices Act Compliance Defense.”

Caldwell stated in pertinent part:

Internal Compliance Officers Perform a Critical Function

[Compliance officers] are often the first line of defense against [legal violations]  Prosecutors cannot be everywhere, and by the time the Criminal Division gets involved, it’s usually too late to stop criminal activity.  Well before a grand jury subpoena is served or a witness is interviewed, compliance officers like you can and do step in and stop issues from becoming problems down the road.

As much as full-throated compliance programs are essential to preventing fraud and corruption, the quality and effectiveness of a compliance program is also an important factor that prosecutors consider in determining whether to bring charges against a business entity that has engaged in some form of criminal conduct.

In this after the fact review, the department looks closely at whether compliance programs are simply “paper programs,” or whether the institution and its culture actually support compliance.  We look at pre-existing programs, as well as what remedial measures a company took after discovering misconduct – including efforts to implement or improve a compliance program.

Criminal Division’s Compliance Counsel

Over the past twenty years or so, the very notion of “compliance” has been evolving rapidly.  Most companies, and maybe especially in the financial sector, have placed more and more emphasis on building strong compliance structures.  Programs have become more sophisticated and more industry and company-specific.

Companies increasingly have tailored compliance programs that make sense not just for their industries but also for their business lines, their risk factors, their geographic regions and the nature of their work force, to name a few.

Unfortunately, a surprising number of companies still lack rigorous compliance programs.  And even more companies have what appear to be good structures on paper, but fail in practice to devote adequate resources and management attention to compliance.

Still other companies fail to consider obvious risks, even in important parts of their businesses.  [...]

To be sure, it’s important for institutions to be mindful of regulatory priorities and guidance in devising and carrying out a tailored, risk-based compliance program.  But a narrow, cramped view of compliance – that it requires only adherence to specific regulations – ultimately will inure to the company’s detriment.  [...]

I believe that the Criminal Division has gotten much better at evaluating compliance programs over the years.  We understand that there is no “one size fits all” compliance program.  We understand that there are vast differences in the quality and effectiveness of programs, even among similar companies.   We have gotten better at suggesting tailored reforms to compliance programs when we resolve a corporate matter.

But we are prosecutors, not compliance professionals.  So, as you may be aware from press coverage, the Criminal Division has hired a compliance counsel to work in the Fraud Section.  While it’s too early to talk about specifics – her first day in the office is tomorrow – I can tell you generally what we’re thinking about.

We want to get the benefit of the expertise of someone with significant high-level compliance experience across a variety of industries, which this person has.  Our goal is to have someone who can provide what I’ll call a “reality check.”

First, the compliance counsel will help us assess a company’s program, as well as test the validity of its claims about its program, such as whether the compliance program truly is thoughtfully designed and sufficiently resourced to address the company’s compliance risks, or essentially window dressing.

Second, she will help guide Fraud Section prosecutors when they are seeking remedial compliance measures as part of a resolution with a company, whether by prosecution or otherwise.  We don’t want to impose unrealistic, unnecessary or unduly burdensome requirements on companies.  At the same time, we want to make sure that appropriate compliance enhancements are included when they are needed.

We understand that no compliance program is foolproof.  We also appreciate that the challenges of implementing an effective compliance program are compounded by the ever-increasing cross-border nature of business and of criminal activity.

Many [companies] operate all over the world.  They are creating products and delivering services not only here in the United States but overseas and are operating across many different legal regimes and cultures.

For this reason, we have chosen a compliance counsel who has the experience and expertise to examine a compliance program on a more global and a more granular level.

I want to correct one impression that has been expressed elsewhere.  Some have suggested that our retention of a compliance counsel is an indication that the department is moving toward recognizing or instituting a “compliance defense.”  That is not the case.

Rather, the Criminal Division will continue to review companies’ compliance programs as one of the many factors to be considered when deciding whether to criminally charge a company or how to resolve criminal charges.  Our hiring of a compliance counsel should be an indication to companies about just how seriously we take compliance.

Hallmarks of an Effective Compliance Program

You’re likely wondering what metrics this compliance counsel will use to assess a particular program.  And I’ll talk about that in a moment, but first I want to put your mind at ease about something.

The vast majority of compliance violations do not result in criminal prosecution.  Rather, the Criminal Division pursues charges when the offending conduct is intentional and particularly egregious or pervasive.

We’re not interested in prosecuting mistakes or accidents, or bad business judgments.  And we are not looking to prosecute compliance professionals.  To the contrary, we view you as the good guys and as our allies.  And we want to make sure that when we review a pre-existing compliance program, or suggest remedial measures, that we get it right.

So, what will the compliance counsel do?  She will help us evaluate each compliance program on a case-by-case basis – just as the department always has – but with a more expert eye, and she will work with our prosecutors to assess:

  • Does the institution ensure that its directors and senior managers provide strong, explicit and visible support for its corporate compliance policies?
  • Do the people who are responsible for compliance have stature within the company?  Do compliance teams get adequate funding and access to necessary resources?  Of course, we won’t expect that a smaller company has the same compliance resources as a Fortune-50 company.
  • Are the institution’s compliance policies clear and in writing?  Are they easily understood by employees?  Are the policies translated into languages spoken by the company’s employees?
  • Does the institution ensure that its compliance policies are effectively communicated to all employees?  Are its written policies easy for employees to find?  Do employees have repeated training, which should include direction regarding what to do or with whom to consult when issues arise?
  • Does the institution review its policies and practices to keep them up to date with evolving risks and circumstances?  This is especially important if a U.S.-based entity acquires or merges with another business, especially a foreign one.
  • Are there mechanisms to enforce compliance policies?  Those include both incentivizing good compliance and disciplining violations.  Is discipline even handed?  The department does not look favorably on situations in which low-level employees who may have engaged in misconduct are terminated, but the more senior people who either directed or deliberately turned a blind eye to the conduct suffer no consequences.  Such action sends the wrong message – to other employees, to the market and to the government – about the institution’s commitment to compliance.
  • Does the institution sensitize third parties like vendors, agents or consultants to the company’s expectation that its partners are also serious about compliance?  This means more than including boilerplate language in a contract.  It means taking action – including termination of a business relationship – if a partner demonstrates a lack of respect for laws and policies.  And that attitude toward partner compliance must exist regardless of geographic location.


These are just some of the elements of a strong compliance program.  When the Criminal Division evaluates a company’s compliance policy during an investigation, we look not only at how the policy reads on paper, but also at the messages conveyed to employees, including through in-person meetings, emails, telephone calls and compensation.  We look at whether, as a whole, a company tolerated compliance failures year after year because the alternative would have meant a reduction in revenues or profits.”

White’s Speech

Regarding individual prosecutions, White stated:

“Any discussion of strong enforcement tools must include a discussion of our priority of pursuing individuals.  Personal accountability, of course, is a basic tenet of law enforcement.  And individual accountability, particularly at the most senior levels, is a core part of our enforcement program because firms can only act through their people and it is people to whom we are trying to send our strong message of deterrence.  While some cases, because of the available evidence or charges, are appropriate to bring only against companies, we must always look to identify and charge those people who are responsible for their company’s wrongdoing.  In Fiscal Year 2015, about two-thirds of our substantive actions included charges against individuals.

Redress for wrongdoing can never be seen merely as a cost of doing business made good by cutting a corporate check.  When people fear for their own reputations, careers, or pocketbooks, they are more likely to stay in line.  So when investigating misconduct, our staff first looks at the individual conduct and works out to the entity, rather than starting with the entity as a whole and working in.

And when we do bring charges against individuals, we consider, in addition to tough charges and penalties, our remedies to prevent future wrongs as well.  One of our most potent tools is an order imposing a bar on an individual – a bar from, for example, working in the securities industry or serving on the board of a public company.  Such an order can reduce the likelihood that the defendant can defraud and victimize the public again.”

As detailed in this post, approximately 80% of corporate SEC FCPA enforcement actions since 2008 have not resulted in any related enforcement action against a company employee.

FCPA Risks On Campus

Monday, November 2nd, 2015

University of Maryland College Park CampusIt’s hard not to read this recent Wall Street Journal article titled “American Colleges Pay Agents to Woo Foreigners Despite Fraud Risk” without thinking about the Foreign Corrupt Practices Act.

According to the article:

“Like many U.S. colleges, Wichita State University wants more foreign students but isn’t a brand name abroad. So the school, whose mascot is a muscle-bound wheat bundle, in late 2013 started paying agents to recruit in places like China and India. The independent agents assemble candidates’ documents and urge them to apply to the Kansas school, which pays the agents $1,000 to $1,600 per enrolled student. Overseas applications “shot up precipitously,” says Vince Altum, Wichita State’s executive director for international education. But there is a down side: Wichita State rejected several Chinese applications this year from an agency it suspected of falsifying transcripts, Mr. Altum says, adding that it terminates ties with agencies found to violate its code of conduct by faking documents. Paying agents a per-student commission is illegal under U.S. law when recruiting students eligible for federal aid—that is, most domestic applicants. But paying commissioned agents isn’t illegal when recruiting foreigners who can’t get federal aid. So more schools like Wichita State are relying on such agents, saying the intermediaries are the most practical way to woo overseas youths without the cost of sending staff around the world. No one officially counts how many U.S. campuses pay such agents, most of whom operate abroad, but experts estimate at least a quarter do so.”

The above use of agents is not the only FCPA risk that colleges and universities face.

In recent years, several schools have opened foreign campuses (either directly or through affiliates) in places such as China, India, and the Middle East. In short, the government approvals, licenses, permits, and certifications in doing so are no different than a company needing government approvals to establish a manufacturing presence in a foreign country.

No doubt in recognition of the above risks, I’ve noticed in recent years more and more schools adopting FCPA policies.  See here and here for examples.

That educational institutions (or those that purport to be as highlighted by the below enforcement action) can face FCPA risk is not merely an academic hypothetical.

The remainder of this post summarizes an unusual 2006 FCPA enforcement against Richard Novak.

Novak and others owned and operated several internet businesses using the names “Saint Regis University,” “Robertstown University” and “James Monroe University.” According to the superseding information “they were diploma mills in that these ‘universities’ had no legitimate faculty members; offered no legitimate academic curriculum or services; required no course work or class work; and were not recognized by the United States Department of Education.”

According to the superseding information, Novak made a bribe payment to the “Consult and First Secretary at the Liberian Embassy in Washington D.C. in order to assist Saint Regis University and its owners in fraudulently selling diplomas through their internet businesses.”

Elsewhere, the superseding information states that “various foreign government officials who received the bribes held various positions at the Liberian Embassy in Washington, D.C., the Liberian Embassy in Accra, Ghana, and at the Ministry of Education for the Republic of Liberia in Monrovia, Liberia” and that these individuals, among other things, “were in a position to: issue certificates of accreditation and recognition; issue notarial certificates; issue letters claiming that Saint Regis University was fully accredited and recognized by the Ministry of Education in the Republic of Liberia; and cause staff at the Liberian Embassy in Washington D.C. to answer the telephone calls in a positive way when inquiries regarding the legitimacy [of the Universities] were made.”

Although not specifically mentioned in the superseding information, a component of the original indictment (here) against Novak and several others was that U.S. Secret Service agents posed as high school dropouts seeking degrees.

Novak was charged with conspiracy to violate the FCPA and FCPA violations.  He pleaded guilty (see here) and was sentenced to three years probation.

2 Enforcement Theories, 17 DOJ Corporate Enforcement Actions, 0 Individual Prosecutions

Thursday, September 24th, 2015

zeroThe subject matter of this post is certainly nothing new.

For over five years, I have been highlighting the low percentage of DOJ corporate Foreign Corrupt Practices Act enforcement actions that result in related individual prosecutions.

In 2010, I was asked to testify at the Senate FCPA hearing – specifically about the above issue – and offered the following explanation in my testimony.

“[A] reason no individuals have been charged in [many FCPA] enforcement actions may have more to do with the quality of the corporate enforcement action than any other factor. As previously described, given the prevalence of NPAs and DPAs in the FCPA context and the ease in which DOJ offers these alternative resolution vehicles to companies subject to an FCPA inquiry, companies agree to enter into such resolution vehicles regardless of the DOJ’s legal theories or the existence of valid and legitimate defenses.”

Yesterday’s post awarded an FCPA Professor apple award to Matthew Fishbein (Debevoise & Plimpton - who previously served in the U.S. Attorney’s Office for the Southern District of New York as Chief Assistant U.S. Attorney and Chief of the Criminal Division, among other DOJ positions) for his recent excellent article which touches upon the same subject. In pertinent part, Fishbein observed:

“[T]he lack of individual prosecutions [in most DOJ corporate enforcement actions] is the inevitable consequence of making a potential criminal case out of every news story where something bad occurs. While the needs and interests of companies often lead them to enter into settlements even where there is little evidence that a crime actually was committed, individuals are more likely to test the government’s case – especially if that case rests on questionable footing.”

In light of yesterday’s post, and more broadly the general discussion of individual accountability in the aftermath of the recent “Yates Memo,” it is useful to analyze some specific examples in the hopes of making the abstract more concrete.

The remainder of this post highlights 2 DOJ FCPA enforcement theories that have resulted in 17 DOJ corporate FCPA enforcement actions yielding approximately $350 million in settlements but have resulted in 0 individual prosecutions.

The first enforcement theory that has resulted in 7 DOJ FCPA enforcement actions (Panalpina, Noble, Shell, Pride International, Tidewater Marine, Transocean, and Parker Drilling) was based on the core theory that payments allegedly made to notoriously corrupt Nigerian Customs Services (“NCS”) employees in connection with securing or renewing temporary importation permits (“TIPS”) so that oil rigs could remain in Nigerian waters, as well as other allegations that payments were made to NCS officials to expedite the delivery of goods and equipment into Nigeria, consisted FCPA violations.

The enforcement theory was aggressive because the FCPA’s anti-bribery provisions specifically exempt so-called facilitation payments.  Perhaps in a sign of how obvious the facilitating payments exception was to the conduct at issue, the DOJ twice stated in resolution documents that “the payments [at issue] … would not constitute facilitation payments for routine governmental actions within the meaning of the FCPA.”

All of the so-called CustomsGate enforcement actions involved either an NPA or a DPA in which the DOJ extracted approximately $175 million in corporate settlements. However, none of the CustomsGate enforcement actions involved any related criminal prosecution of individuals associated with the companies resolving the enforcement actions.

With is perhaps most notable about the CustomsGate enforcement actions is that the SEC (which also brought 8 FCPA enforcement actions against business organizations based on the same core theory and extracted approximately $85 million in corporate settlements) brought only one related prosecution of individuals associated with the companies resolving the enforcement action.  However, Mark Jackson and James Ruehlen (both associated with Noble Corp.) put the SEC to its burden of proof as to whether the payments violated the FCPA. In an ironic twist, two years after the enforcement agencies collected approximately $260 million in the corporate CustomsGate enforcement actions, a federal trial court judge ruled that the SEC has the burden of proof to negate the facilitating payments exception. Despite the SEC merely have a civil burden of proof of preponderance of the evidence (as opposed to the DOJ’s higher burden of proof in criminal actions of beyond a reasonable doubt), the SEC was unable to carry its burden and on the eve of trial the SEC offered to settle the Jackson & Ruehlen matter on terms very favorable to the defendants.

The second enforcement theory that has yielded 10 DOJ FCPA enforcement actions (Syncor Taiwan, DPC (Tianjin Co), Micrus, AGA Medical, Johnson & Johnson, Pfizer, Orthofix International, Biomet, Smith & Nephew, and Bio-Rad ) was based on the core theory that various employees of alleged foreign health care systems such as physicians, nurses, mid-wives and lab personnel are “foreign officials” under the FCPA. This enforcement theory was first used by the DOJ in 2002 (before NPAs and DPAs became the dominate way for the DOJ to resolve FCPA enforcement actions against business organizations) and since 2005 has yielded 8 DOJ enforcement actions.

The enforcement theory was aggressive because the FCPA’s legislative history is clear that the main reason motivating Congress to enact the FCPA was the foreign policy implications of discovered corporate payments to foreign government officials such as the Prime Minister of Japan, the President of Korea, the President of Gabon, and Italian political parties. In other words, in passing the FCPA Congress was concerned with corporate payments to bona fide foreign government officials.

All of the “healthcare workers as foreign officials” enforcement actions since 2005 were resolved through an NPA or DPA in which the DOJ extracted approximately $90 million in corporate settlements. However, none of the enforcement actions against business organizations involved any related criminal prosecution of individuals associated with the companies resolving the enforcement actions.

In short, 2 DOJ FCPA enforcement theories that have yielded 17 corporate DOJ enforcement actions in which the DOJ extracted approximately $350 million in corporate settlements have not resulted in any related criminal prosecution of individuals.

Zero. Zilch. Nada.

And The Apple Goes To …

Wednesday, September 23rd, 2015

applepicFall.  The colors are changing and the apples are crisp.

Fitting of the season, the FCPA Professor apple award goes to Matthew Fishbein (Debevoise & Plimpton).

Since the release of the Yates Memo, I’ve commented more than once that those who think the Yates Memo represented something new are misinformed.

Fishbein (who previously served in the U.S. Attorney’s Office for the Southern District of New York as Chief Assistant U.S. Attorney and Chief of the Criminal Division, among other DOJ positions) surely is not among this category.

Indeed, three weeks prior to release of the Yates Memo, Fishbein wrote this article and picks an orchard.

“[T]he lack of individual prosecutions [in most DOJ corporate enforcement actions] is the inevitable consequence of making a potential criminal case out of every news story where something bad occurs. While the needs and interests of companies often lead them to enter into settlements even where there is little evidence that a crime actually was committed, individuals are more likely to test the government’s case – especially if that case rests on questionable footing. This article discusses the context in which corporations cooperate with the government and suggests that the DOJ’s increased emphasis on cooperation against individuals may undermine corporate defense counsel’s ability to obtain or recommend their client’s cooperation in the many marginal cases where evidence of criminal conduct is lacking.

A number of recent statements by top DOJ officials suggest that their explanation for the lack of individual prosecutions is that companies are largely to blame. The DOJ has suggested that by dragging their feet instead of actively cooperating – for example, by hiding behind over-expansive interpretations of foreign data privacy laws or allowing culpable employees to leave the country – companies effectively have put up roadblocks to the prosecution of individuals.

While there may be some examples of companies holding back in their cooperation, a corporation’s conduct during the course of a government investigation is rarely the reason that individuals are not prosecuted. Rather, individuals are not prosecuted for the conduct companies admit because, in many marginal cases, there is insufficient evidence that a crime actually occurred. Why would a company enter into a criminal settlement where the underlying conduct does not give rise to a crime? The answer is simple: companies frequently determine that a “bad” settlement may be a better resolution than a drawn out, litigated victory. And as prosecutors have grown to appreciate the great leverage they hold over corporate entities, they have exercised this leverage in the pursuit of increasingly marginal cases. They do so, in part, because the risk is minimal (the prosecutor’s case is unlikely to be challenged in court) and the reward is great (the corporations pay enormous penalties).

Prosecutors have considerably less leverage over individuals, who, facing the possibility of incarceration and financial devastation in the event of a criminal conviction, are more likely to test the government’s case and put the government at risk of a high-profile loss. Given the extreme public pressure to bring charges against individuals in connection with the financial crisis, it stands to reason that if prosecutors could prove cases against corporate executives, they would bring those cases in a heartbeat. Indeed, Attorney General Holder recently acknowledged that the lack of individual prosecutions in the wake of the financial crisis was “not for lack of trying.”

Faced with a largely unsuccessful record in the pursuit of individual prosecutions after the financial crisis, it appears that, going forward, the DOJ is going to try even harder. According to a senior DOJ official, “[t]he prosecution of individuals – including corporate executives – for white-collar crimes is at the very top of the Criminal Division’s priority list.” Consistent with this goal, a number of DOJ officials have explained that “true cooperation” with a government investigation requires that the corporation identify culpable individuals and provide the government with evidence that implicates them. Without such evidence of individual culpability, corporations will not receive full cooperation credit, even if they do all of the things that traditionally have been viewed as the hallmarks of robust cooperation such as volunteering information not otherwise known to the government, providing documents and witnesses outside the government’s subpoena power, and making productions and disclosures in a timely manner.


The DOJ’s corporate cooperation policy is in some ways a double-edged sword. In cases where there is clear-cut evidence of wrongdoing, the DOJ’s policy on cooperation makes good sense and should be relatively straightforward in its application: in order to obtain full cooperation credit, it makes sense that companies should have to identify and disclose the information relevant to individual misconduct. This requirement is consistent with the government’s policy on providing cooperation credit for individuals who substantially assist in the prosecution of others. However, the policy presents a real dilemma for companies responding to the marginal, gray-area cases described above, where the company may for business reasons want to reach a settlement even where it has strong defenses, but the absence of evidence of individual culpability may preclude it from receiving the benefits of “full cooperation.”

In these kinds of cases, defense counsel is left facing a host of difficult questions. If a company should make “securing evidence of individual culpability the focus of [its] investigative efforts,” what is it to do when that evidence does not exist? If a company targets its internal investigation toward developing cases against individuals, should individuals be provided with counsel at the outset? If true cooperation “requires identifying the individuals actually responsible for the misconduct,” can a company “truly cooperate” when there are no such responsible individuals? If, in order to receive “full cooperation credit,” a company should emphasize its efforts to obtain evidence of individual culpability, can it still receive “full credit” when those efforts are fruitless? And if securing evidence of individual culpability is a “primary focus” when the government weighs the Filip Factors, will a company be subject to harsher charging decisions or settlement terms simply because no such evidence exists?

Taken together, these questions suggest that a policy designed to incentivize cooperation may have the perverse effect of deterring it: if a company knows that it cannot receive full cooperation credit, it may decide that it is not worth the effort to try; and if individuals know that companies are incentivized to obtain evidence against them, they may be far less willing to cooperate during internal investigations.

Moreover, under the DOJ’s cooperation policy, companies seeking to resolve criminal investigations in marginal cases may actually be penalized when their individual employees did not engage in criminal conduct. In such cases, defense counsel may consider challenging prosecutors to identify what aspect of their investigation was lacking or what evidence of individual culpability should have been uncovered. DOJ officials have said that the government will conduct its own investigations to “pressure test” a company’s internal investigation. If the government’s test reveals no flaws in the company’s investigation, will the government still not provide full cooperation credit?

The DOJ’s policy on cooperation is unlikely to solve the problem that it was likely designed to address, i.e., the lack of individual prosecutions. Although there may be an increase in individual prosecutions in cases of clear wrongdoing, the DOJ’s policy is unlikely to have an impact on the marginal cases, where companies often settle in spite of the evidence – not because of it.

While the needs and interests of companies in reaching settlements have allowed the government to obtain larger and larger settlements in cases where the facts and law likely would not permit them to succeed with a jury, the government must live with the fact that no amount of company cooperation will turn facts that do not provide a basis for individual prosecutions into facts that do. The government either has to accept this – and continue along the path of corporate settlements without individual prosecutions – or stop pursuing investigations and accepting settlements where there are no individuals who have actually committed crimes.”

[The FCPA Apple Award recognizes informed, candid, and fresh thought-leadership on the Foreign Corrupt Practices Act or related topics. There is no prize, medal or plaque awarded to the FCPA Professor Apple Award recipient. Just recognition by a leading FCPA website visited by a diverse group of readers around the world. There is no nomination procedure for the Apple Award. If you are writing something informed, candid and fresh about the FCPA or related topics, chances are high that I will find your work during my daily searches for FCPA content.]