Last week in the blog post Legal Translation, Corruption and Compliance- What You Need to Know we provided a brief overview of the Foreign Corrupt Practices Act (FCPA), highlighting its key points and summarizing what attorneys need to know. This week we take a practical approach to the same subject, providing a 'Compliance Checklist' that covers key issues that should be addressed in light of the FCPA. As a FCPA violation can result in lengthy and disruptive SEC and DOJ criminal investigations and stiff criminal penalties for companies and individuals, it is important to be proactive with compliance measures. Although there are many considerations to keep in mind concerning FCPA compliance, here is a 'top ten list' for managing risk and improving compliance:
Determine your FCPA Risk
All risk assessments should focus on corruption and bribery, paying particular attention to such factors as:
The type of business and transactions your company engages in
- The location of these transactions
- The degree of interaction with government officials and agencies
- Your company's regulatory environment
- The extent to which your company uses agents, consultants, brokers, distributors and other intermediaries
- The degree of control your company has over such intermediaries
Identify your company's high risk business locations, subsidiaries and affiliates and personnel and understand that your company is responsible for FCPA violations committed by these parties. In fact, the company doesn't even have to know about or approve their actions or policies to be subject to criminal penalties under the FCPA. A great organizational tip is to create and maintain a database of your intermediaries and review it periodically.
Certified Translations of an FCPA Compliance Policy
Your policy should cover US and non-US personnel and address:
- Gifts and payments to foreign officials, representatives and associates
- Charitable giving
- Travel and entertainment
- Keeping accurate and complete books and records
- Compliance with local legal requirements
More so, your FCPA compliance policy should be embedded in your company's overall compliance program and included in your code of conduct. Obtain professional certified translations of this compliance policy into the foreign languages used in the given country and posted them with other company policies.
Train your Personnel Regularly
Relevant personnel should understand that the FCPA has a very broad scope - it doesn't just prohibit bags full of cash being passed under the table to high-ranking government officials. Donations to political parties, a few dollars to a low-ranking official to move your project along, meals and entertainment and even charitable donations can violate the FCPA. Your personnel should know that violating the FCPA can result in personal criminal liability, including large fines and lengthy prison sentences, and that the company can be fined up to $2 million per violation or face disgorgement of twice the amount gained from the bribe.
Establish an FCPA Compliance Team
The team can facilitate auditing of your compliance policy for operating effectiveness. The FCPA compliance team should have internal and external investigative capabilities and be positioned to investigate red flags quickly and remediate where necessary. Schedule periodic FCPA compliance reviews, including annual compliance certification. Spot-check, or routinely check, annual miscellaneous expenditures by your personnel and agents to determine if the aggregate exceeds limits where individual line items may fall below approval thresholds.
Identify Countries where In-House Counsel are not Covered by Attorney Privilege
Most European countries do not accord the protection of attorney-client privilege to communications between employees and in-house counsel. Therefore cross-border investigations require careful planning and your company should consider differences in approach to the handling of cross-border investigations involving jurisdictions where unfamiliar privilege doctrines apply.
Determine if other Country's Anti-Bribery Laws may Apply
37 countries have enacted anti-bribery laws similar to the FCPA, meaning your company can face investigations on several fronts, leading to the possibility of penalties being levied in multiple jurisdictions.
Consider Using Outside Counsel
Using outside counsel will give your company stronger privilege claims and best preserve your ability to choose whether to report your conduct to the government.
Keep Accurate Books and Maintain a System of Internal Accounting Controls
Under the books and records provisions of the FCPA, even improper payments must be recorded accurately. Establish and implement a clear policy setting out how all transactions should be recorded and consider creating general ledger accounts specifically for gifts to and entertainment of government officials. Attorneys should keep in mind that improper accounting for FCPA-prohibited actions will likely be an independent violation of the FCPA and can result in hefty penalties.
Make FCPA Review Part Due Diligence
While there is no due diligence defense as such under the FCPA, effective diligence can mitigate the risk that regulators will bring an enforcement action for a later-discovered violation, or could reduce the size of any resulting penalties. Effective pre-transaction diligence can help position your company to mitigate the risk of post-transaction violations of the FCPA.
Be Able to Demonstrate Robust and Verified Compliance
Law enforcers expect companies to self-report FCPA violations, but the costs, benefits and risks of self-reporting should be carefully weighed. Any internal investigation needs to be thorough and likely will benefit from the involvement of external counsel to assist with planning, coordination and execution. Experienced outside counsel also can help a company weigh the wisdom of reporting a potential FCPA violation to the government, as well as the relative costs and benefits of doing so and of not doing so.