FCPA: What the DOJ and SEC’s Long-Awaited Guidance Means for Business
On November 14, 2012, one day prior to the annual National Conference on the Foreign Corrupt Practices Act (FCPA), the Department of Justice (DOJ), in conjunction with the Securities and Exchange Commission (SEC), released its long awaited FCPA guidance. Designed to provide guidance to businesses of all sizes, A Resource Guide to the U.S. Foreign Corrupt Practices Act (the Guide) outlines the Act and examines both agencies' enforcement approaches. While not legally binding, and less detailed than many pro-business groups would have hoped, the Guide does offer at least some clarification on several ambiguous FCPA-related issues and provides several illustrative hypotheticals. More importantly, the Guide provides valuable insight into the DOJ's enforcement considerations and stresses, among other things, the importance of meaningful corporate compliance programs and self-reporting. Additionally, in response to repeated requests from the business community and the U.S. Chamber of Commerce, the Guide includes anonymized details of a few recent declination decisions.
The Guide offers limited clarity on issues that have flummoxed businesses in their attempts to determine whether certain actions are in compliance with the FCPA. Importantly, the Guide provides meaningful examples of what conduct may be considered a violation and what conduct may not.
For example, one source of confusion in recent years has been the location of the line between “gifts” and “bribes.” While the Guide does not make the issue black and white, it does proactively note that the FCPA only prohibits “the payment of bribes, including those disguised as gifts,” not gifts themselves. The Guide emphasizes that the key element in determining whether an exchange constitutes a “gift” (legal) or a “bribe” (prohibited) is the accompanying intent—if the item is given with “corrupt” intent, it is a bribe. For example, the Guide notes that “it is difficult to envision any scenario in which the provision of cups of coffee, taxi fare, or company promotional items of nominal value would ever evidence corrupt intent.” However, “the larger or more extravagant the gift . . . the more likely it was given with an improper purpose.” Indeed, gifts of “sports cars, fur coats, and other luxury items” have triggered DOJ enforcement actions.
At the same time, the Guide often falls far short of its promise to shed new light on previously ambiguous FCPA elements or answer specific comonly asked FCPA questions. For example, the definition of “foreign official” for FCPA purposes has been an item of hot debate between the DOJ and FCPA critics for years. While companies have often attempted to argue that employees of state-owned enterprises do not qualify as “foreign officials” under the FCPA, the DOJ has taken the contrary position in court.
As expected given the DOJ's past position, the Guide adopts a broad interpretation of who constitutes a foreign official. Generally, government employees and employees of companies in which a government owns a majority stake will be considered government officials. However, by all accounts, the 11th Circuit may have the final word in this debate, as it is currently contemplating the term. See United States v. Esquenazi, No. 11-15-331-C (11th Cir.).
Parent/Subsidiary and Successor Liability
The Guide notes that parent corporations may be held responsible for the actions of their subsidiaries, foreign and domestic, should their subsidiaries violate the FCPA. Aside from parent corporations who “participate sufficiently” in the violative activity, the Guide emphasizes that parent corporations with a traditional agency relationship with their subsidiary will be liable for the subsidiary's actions. Citing respondeat superior, the principle under which a company is liable for the acts of its agents, the Guide states that DOJ and SEC will independently evaluate such situations and make a determination regarding parent liability based on their analysis of the parent's control and knowledge.
Similarly, DOJ and SEC follow a traditional legal model when evaluating successor liability, generally finding that an acquiring company is liable for the predecessor company's liabilities. Importantly, a company subject to the FCPA is not liable for the predecessor's anti-corruption violations if the predecessor was not subject to the FCPA. However, the acquiring company can be liable if it fails to stop problematic activity from continuing after the acquisition. Thus, it is critical to perform comprehensive pre-acquisition due diligence and ensure the acquiring company implements well-constructed remedial measures to avoid post-acquisition FCPA liability.
Among the Guide's most helpful components are hypotheticals and examples of how companies can, and have, avoided prosecution.
When discussing what factors the government will consider when deciding whether to bring enforcement action against a company it feels has violated the FCPA, the Guide directs readers to the DOJ's Principles of Federal Prosecution of Business Organizations. While all nine factors are included in the Guide, the DOJ emphasizes that it will often consider a corporation's pre-indictment conduct “including voluntary disclosure, cooperation, and remediation” when assessing whether to seek an indictment. While already well known within the FCPA community, the Guide reinforces that the DOJ places a “high premium on self-reporting.” The Guide also includes an entire section dedicated to the role corporate compliance programs may play in the DOJ's decision to bring or not bring charges against a company.
Specifically, the Guide emphasizes the role a corporate compliance program can play in DOJ enforcement decisions. Notwithstanding “check the box” compliance programs, which are discouraged, corporate compliance programs and other internal controls may heavily influence a DOJ decision not to prosecute. The Guide notes that a corporate compliance program that is “well-constructed, thoughtfully implemented, and consistently enforced” may influence the DOJ when determining whether a violation occurred, whether to take action or whether charges should be resolved through a deferred prosecution agreement or non-prosecution agreement, as well as the length of any deferred- or non-prosecution agreement or corporate probation.
The DOJ does not have any formulaic requirements for valuing a compliance program. Instead, it employs a “pragmatic approach” to evaluating programs, assessing them on three levels:
- Is the company's compliance program well designed?
- Is it being applied in good faith?
- Does it work?
The Guide also identifies several “hallmarks” of effective compliance programs, including: “a culture of compliance” established by senior management; clear, concise and accessible codes of conduct; effective oversight and disciplinary measures; appropriate risk assessment; training; and third-party due diligence, among others. However, the DOJ also emphasizes that compliance programs are not “one size fits all,” and corporations of different sizes and risk profiles may have different standards.
Companies indicted or convicted of FCPA violations face additional difficulties, including loss of export privileges and debarment. The International Traffic in Arms Regulations (ITAR) mandates that companies convicted of criminal FCPA violations be debarred for a period of three years following conviction.  The ITAR additionally grants the Department of State, Directorate of Defense Trade Controls (DDTC) broad authority to deny applications for export licenses, or revoke, suspend or amend, without prior notice, any approved export license or export authority, should the applicant, or any party to the transaction, be indicted or suspected of an FCPA violation. 
Companies and individuals convicted of, or indicted for, FCPA violations may also face suspension or debarment from participating in federal contracts. The Federal Acquisition Regulations (FAR) provide for the potential suspension or debarment of companies that contract with the government upon conviction of, or civil judgment for, FCPA violations. The decision to debar is discretionary and is subject to the policies of individual agencies, such as the Department of Defense. Importantly, debarment by one federal agency typically applies to the entire executive branch of the federal government. Contractors can reduce the likelihood of debarment by instituting effective internal control systems, self-reporting the misconduct in a timely manner and taking remedial measures to ensure past violations do not recur.
In sum, while the Guide fails to provide an earth-shattering new interpretation of the FCPA, it far surpasses its previously issued “Lay Person's Guide” to the FCPA in terms of depth. For example, it successfully utilizes hypotheticals to illustrate compliance and non-compliance in certain debated areas. From an avoidance perspective, it attempts to provide businesses with a better understanding of enforcement practices. Importantly, it reinforces what companies should do to avoid or minimize risks associated with FCPA breaches—have suitable internal controls to prevent breaches and promptly report and cooperate with the government after discovering a breach.