Preventing Corruption: The Implications of the FCPA on D&Os
Although the Foreign Corrupt Practices Act ("FCPA") 1977 has been around for more then 30 years, the US regulatory authorities have intensified their focus on the enforcement of its prohibitions against the payment of bribes to foreign government officials. Anticorruption compliance has become one of the most important areas of risk management for business entities that transact business both in the US and globally. FCPA-related activity has significant implications for the structure and content of companies' D&O insurance programs and a company should be advised of FCPA-related risks prior to purchasing D&O insurance.
What is the FCPA?
The FCPA prohibits US citizens, permanent residents, both public and private US companies and certain non-US individuals and entities from bribing foreign government officials in order to obtain a business advantage. The FCPA has two main elements: 1) The antibribery provisions, which are enforced by both the US Department of Justice ("DOJ") and the Securities and Exchange Commission ("SEC"). These prohibit corruptly giving or offering money or "anything of value" to a foreign government official in order to obtain or retain business or an unfair advantage. 2) The accounting provisions, which only apply to companies (foreign or domestic) whose securities or debt are publicly traded in the US, are primarily enforced by the SEC and require a company to maintain adequate books, records and internal controls over financial transactions. And, because under the FCPA, employees of state-owned enterprises are considered foreign government officials, the reach of this statute is much broader than many companies and their employees realize.
When will the FCPA apply to non-US companies?
The FCPA applies to non-US business entities that either register securities on US exchanges or file reports with the SEC as a result of capital raising activities in the US. This includes any non-US company that trades American Depository Receipts on a US stock exchange. They also apply to any person who engages in a single act while in US territory, e.g., makes use of US communications or banking networks, in connection with a violation of the FCPA (such as taking part in a meeting or making a telephone call to discuss the conduct whilst in the US).
What are the consequences of a breach?
Under the anti-bribery provisions, companies can be subject to fines of up to $2 million per violation, and individuals are subject to fines of up to $100,000 and/or 5 years imprisonment per violation. The Sarbanes-Oxley Act has recently enlarged the penalties for the accounting provisions, such that companies may be subject to fines of up to $25 million per violation and individuals to fines of up to $5 million and 20 years imprisonment per violation for wilful breach of the accounting provisions.
Recent trends in enforcement
The global reach of anti-corruption enforcement was dramatically underscored in December 2008, when Siemens agreed to pay German and US enforcement authorities $1.6 billion in combined fines and penalties - by far the largest fine ever imposed in either country for foreign bribery allegations. But what has led to this increased activity?
The increased fines available under Sarbanes-Oxley Act have given management the incentive to self-report books and records (and what company ever accurately records bribes in its books?) and DOJ has shown a willingness to forgo prosecution (but not the fines) for voluntarily disclosed violations. However, the authorities are not dependent on self-reporting alone. Recently, the DOJ and SEC have increased their staffing, and it has also been reported that several agents of the Federal Bureau of Investigation ("FBI") are dedicated to FCPA investigations.
The regulators also target specific industries and practices where foreign government and state-owned entities are significantly involved; e.g., medical devices sold to public hospitals. Furthermore, the financial service industry and companies involved in mergers & acquisition activity have become increasingly attuned to anti-corruption due diligence to minimize risk of purchasing significant liability. For example, when Halliburton spun-off its Kellogg Brown & Root subsidiary, it indemnified the new company, KBR Inc., for any claim arising from allegations of bribery of Nigerian government officials, a liability it has estimated as $559 million exclusive of its investigation and defence costs.
Finally, there has been an increased willingness to cooperate with foreign governments in joint investigations, which was evident in the Siemens investigation.
Although there is no private right of action under the FCPA, shareholders and other litigants have pursued claims based on FCPA violations in the form of follow-on civil litigation, usually either securities class actions or shareholders' derivative lawsuits. These actions can also prove enormously expensive for companies, such as Titan Corporation's agreement to pay $61.5 million to settle a class action relating to FCPA violations.
How can companies avoid these mistakes?
Companies need to show that they are committed to an FCPA compliance program from the top leadership down to the most junior of employees. Reporting and protocols should be established with regular audits by senior management. Thorough due diligence is imperative for companies that are considering business relationships with a company that has cross-border operations. Finally, if a potential FCPA violation crops up, the company should conduct a prompt and thorough investigation, involving legal counsel and the authorities if necessary.
How would a D&O policy respond?
Increasingly, the indemnity limit is being exhausted with the staggering defence costs that are incurred up front in dealing with the investigations thereby leaving the D&Os own exposure for an indemnity as uninsured. Typically, the fines and penalties arising directly from an FCPA enforcement proceeding will fall outside the scope of a D&O policy, as will most internal investigations conducted by the company Board. Some policies have extended cover for "securities claims" in respect of the entity which may provide an indemnity in respect of any follow on securities class actions. There are also tensions between whose costs are met first- increasingly underwriters are being requested to draft an order of payments clause to address this tension upfront. Particular attention should also be paid to the policy's conduct exclusions (an adjudication or admission of guilt in one jurisdiction may not be regarded as such in another jurisdiction). Finally, is the company being investigated or are the D&Os - that will have a knock on effect on what costs can rightfully be claimed for the provision of documents and information to the investigators if there is no entity cover under the policy.
In conclusion, companies need to be mindful of the increased focus on anti-corruption enforcement as well as the size of the penalties. The FCPA provides important implications for a company's D&O insurance program, and it is imperative that skilled insurance professionals (brokers, underwriters and attorneys working together at the outset) advise the company and its D&Os about the potential risks involved.
For more information, please contact the professional(s) listed below, or your regular Crowell & Moring contact.