FCPA Enforcement and Anti-Corruption Year in Review

Mark F. Mendelsohn, Alex Young K. Oh, and David W. Brown are partners at Paul, Weiss, Rifkind, Wharton & Garrison LLP. This post is based on a Paul, Weiss publication by Mr. Mendelsohn, Ms. Oh, Mr. Brown, Justin D. Lerer, Meredith A. Arfa, and Jonathan Silberstein-Loeb.

Despite significant FCPA enforcement activity in 2017, the Trump administration’s approach to enforcement remains elusive and not readily characterized.

Looking at 2017 as a whole, the number of corporate enforcement actions resolved by the DOJ and the SEC was within the range of fluctuations in such numbers in recent years, though down from 2016’s record-breaking total. Looking at the year more closely, we find that eight of the fourteen corporate resolutions by the DOJ and the SEC in 2017 were announced in January during the final weeks of the Obama administration, followed by a six-month quiet period during the beginning of the Trump administration, and culminating in six corporate resolutions in the closing months of the year. The majority of corporate resolutions announced during the Trump administration involved foreign companies, but whether the Trump administration is pursuing an “America First” policy in enforcing the FCPA remains an open question. The new administration does appear to have been more aggressive in pursuing prosecutions against individuals, with 17 of the 20 prosecutions of individuals in 2017 brought by the Trump administration. However, given the duration of FCPA investigations, most, if not all, of the corporate and individual enforcement actions announced during the Trump administration almost certainly originated from investigations that pre-dated the administration, suggesting it is too early to draw definitive conclusions.

While it may be too soon to evaluate trends, the administration has made efforts to signal its priorities to companies clearly. The DOJ announced, and incorporated into the United States Attorney’s Manual, a new corporate enforcement policy that reinforces the policy objectives that drove the FCPA Pilot Program announced during the Obama administration, continuing the emphasis on corporate self-reporting of wrongdoing. The new policy is noteworthy in seeking to incentivize cooperation further by dangling the prospect of a declination for companies that self-report and meet the rigorous criteria.

Crossing borders, cooperation between the U.S. and foreign enforcement authorities remained a key feature of FCPA enforcement in 2017.

Our reflections on the year’s most significant developments in anti-corruption and FCPA enforcement and policy are below.

A Decline in Corporate Resolutions from the Highs in 2016

In 2017, the DOJ and the SEC resolved a combined 14 enforcement actions against business entities resulting in $1.1 billion in fines, penalties, disgorgement and pre-judgment interest, of which $832 million was assessed by the DOJ and $298 million by the SEC. Though significant, the $1.1 billion assessed in 2017 is considerably less than the record-breaking amount of more than $2 billion assessed last year.

Foreign authorities assessed another $1.4 billion in penalties in connection with U.S. enforcement actions, collectively assessing more than the DOJ and the SEC combined for the second year in a row. Four of the settlements in 2017 (Telia, SBM Offshore N.V. (“SBM”), Rolls-Royce and Keppel Offshore & Marine Ltd. (“KOM”)) resulted in global resolutions with total penalties topping the $400 million mark. Telia’s $965 million global settlement was one of the largest FCPA settlements ever.

The DOJ and the SEC each resolved seven corporate enforcement actions in 2017. Although these totals were significantly lower than last year’s, they are comparable with the number of resolutions in earlier years.

Enforcement Across Industries and Regions

The DOJ and the SEC entered into corporate resolutions in 2017 with companies across a variety of industries and throughout the world. U.S. authorities were most active in the healthcare and energy industries, resolving actions against Zimmer Biomet/JERDS, Orthofix and Alere in the healthcare industry and Halliburton, KOM and SBM in the energy industry.

The map below demonstrates the global span of FCPA cases by showing the locations of the corporate headquarters of all companies that resolved FCPA actions in 2017 and the countries in which improper conduct allegedly occurred.

Over the past five years, the number of foreign authorities cooperating with U.S. authorities’ FCPA corporate enforcement efforts appears to have increased, with 2015 an apparent outlier. We caution, though, that limited conclusions can be drawn from this data, as it is difficult to assess the depth of the substantive cooperation provided by a foreign authority.

DOJ Corporate Resolutions

Four of the seven corporate resolutions announced by the DOJ in 2017 (Zimmer Biomet/JERDS, Sociedad Química y Minera Chile (“SQM”), Rolls-Royce and Las Vegas Sands) were announced during the final weeks of the Obama administration. Following an eight-month period during which the DOJ did not announce any corporate resolutions, in the last few months of 2017, the DOJ announced three such resolutions (Telia/Coscom, SBM and KOM). All three resolutions involved foreign companies and their U.S. subsidiaries.

Pursuant to the FCPA Pilot Program, the DOJ also issued two public declination letters in 2017. Both declinations were issued in June to privately-held companies (Linde Group and CDM Smith) and required the companies to disgorge all ill-gotten gains. Since the start of the FCPA Pilot Program, the DOJ has issued seven public declination letters, each of which required the company to disgorge ill-gotten gains to the DOJ or credited the company’s disgorgement of ill-gotten gains to the SEC as part of parallel settlements.

In addition to the two public declinations under the Pilot Program, in 2017, the DOJ also apparently declined to prosecute at least eleven companies that had been under investigation for potential corruption offenses (Cobalt, Core Laboratories, Halliburton, IBM, Innodata, MTS, Net 1 UEPS Technologies, Newmont, Platform, Vantage Drilling and Varian), based on their public announcements. Whether such announcements indicate something more than that the DOJ lacked any basis—jurisdictional or otherwise—to prosecute such companies, remains to be seen.

FCPA Corporate Enforcement Policy

On November 29, 2017, Deputy Attorney General Rod J. Rosenstein announced the FCPA Corporate Enforcement Policy. The policy, which has been incorporated into the U.S. Attorneys’ Manual, is intended to improve upon and make permanent aspects of the FCPA Pilot Program, to enable the DOJ to identify and punish criminal conduct efficiently and to provide greater certainty for companies considering whether to disclose a potential FCPA violation to the DOJ voluntarily. The new Corporate Enforcement Policy applies only to DOJ criminal prosecutions and affects neither declinations in cases in which there is no basis for prosecution nor SEC investigations. Under the policy, when a company voluntarily self-discloses misconduct, fully cooperates and timely and appropriately remediates, there will be a presumption that the company will receive a declination unless there are aggravating circumstances. To qualify for benefits under the policy, a company must also pay all disgorgement, forfeiture and restitution resulting from the misconduct. In an effort to provide greater transparency, the policy addresses in detail these eligibility criteria, as well as the aggravating factors that can prevent a company from receiving the full benefit of the policy.

Even if the DOJ determines that a criminal resolution is warranted because of the presence of an aggravating factor, a company nonetheless may be eligible for a 50-percent reduction off of the low end of the U.S. Sentencing Guidelines fine range unless the company is a repeat offender. A company that does not voluntarily self-disclose, but otherwise meets all of the requirements of the new policy, may receive up to a 25-percent reduction off of the low end of the Guidelines fine range.

The DOJ, like the SEC, has consistently sought to incentivize companies to disclose FCPA violations and provide robust cooperation in subsequent investigations. The Corporate Enforcement Policy appears on its face to represent a step forward from the Pilot Program in encouraging voluntary self-disclosure by dangling the carrot of a declination, or possibly a penalty reduction, but there are substantial questions regarding how the policy will be implemented, including how the DOJ will interpret the eligibility criteria for consideration under the policy, as well as the aggravating factors. In addition, even if a company does not self-report, the policy may motivate it to endeavor to meet the other eligibility criteria in order to maintain eligibility for the 25-percent reduction.

In announcing the Corporate Enforcement Policy, DAG Rosenstein stated that the number of self-reported FCPA matters increased to 30 over the 18 months that the Pilot Program was in effect, compared to 18 reports during the prior 18 months. Given the increased incentives for self-reporting, it is possible that this uptick in self-disclosure will continue, at least in certain types of cases. However, to further incentivize self-reporting, the DOJ could be more transparent about how it treats companies that self-report, by making public—without identifying the companies by name—whether it has declined to prosecute these companies or is continuing to investigate and/or prosecute them. Because the DOJ has issued only seven public declinations under the Pilot Program, the outcomes for the other companies that self-reported are not clear.

The Corporate Enforcement Policy also emphasizes corporate cooperation in holding individuals accountable. The policy builds on the Yates Memo, which requires that companies provide the DOJ with all relevant facts about individuals involved in corporate misconduct to receive cooperation credit. The Corporate Enforcement Policy goes further, requiring that, to receive full cooperation credit, companies must disclose all facts relating to involvement in the criminal activity by the company’s officers, employees or agents, as well as facts relating to potential criminal conduct by third parties and their officers, employees and agents. In announcing the policy, DAG Rosenstein stated that “[e]ffective deterrence of corporate corruption requires prosecuting individuals.” He argued that the new policy will increase corporate voluntary self-disclosure, which will in turn enhance the DOJ’s ability to identify and punish individuals. Consistent with the stated emphasis on prosecuting individuals, the DOJ has prosecuted fourteen individuals for FCPA offenses since President Trump’s inauguration. In explaining why the DOJ was continuing to emphasize the prosecution of individuals over corporations, Rosenstein explained his view that “[i]t makes sense to treat corporations differently because corporate liability is vicarious; it is only derivative of individual liability.” Companies should expect that, to earn the full benefits of cooperation under the Corporate Enforcement Policy, their actions will need to reflect this focus on individual liability through cooperation in investigations of individuals.

SEC Corporate Resolutions

In 2017, the SEC resolved seven corporate enforcement actions and assessed $298 million in penalties and related remedies, which was 16 fewer resolutions and almost $800 million less than in 2016. Setting aside 2016’s record-breaking numbers, the number of corporate enforcement actions and penalties assessed in 2017 was consistent with recent prior years. Only three of the seven corporate resolutions (Halliburton, Telia and Alere) were announced during the Trump administration.

SEC Whistleblower Program

In 2017, with respect to FCPA-related tips, the SEC’s whistleblower program also saw declines from highs in 2016. The SEC issued awards totaling more than $42 million to 13 whistleblowers, which was considerably less than the $80 million total awarded to 15 whistleblowers in 2016. Although the SEC received more whistleblower tips in 2017 than in any previous year, the number of FCPA-related tips declined to 210 in 2017, from 238 in 2016, ending a long trend of increased reporting of potential FCPA violations.

Corporate Compliance

The Trump administration has emphasized the importance of robust corporate compliance programs. It is not yet clear, however, how the administration will use compliance monitors and consultants in corporate resolutions.

In 2017, corporate resolutions required that companies retain a total of two corporate monitors (Zimmer Biomet and SQM) and three independent compliance consultants (Orthofix, Las Vegas Sands and Halliburton). Since the start of the Trump administration, neither the DOJ nor the SEC has required a monitor as a condition of a corporate resolution, and only one resolution (Halliburton) required retention of an independent compliance consultant. The new FCPA Corporate Enforcement Policy provides that when a criminal resolution is warranted, the Fraud Section generally will not require the appointment of a monitor if a company has implemented an effective compliance program at the time of the resolution.

On February 8, 2017, the DOJ issued the “Evaluation of Corporate Compliance Programs,” a guidance document that sets forth a list of common questions that the Fraud Section may ask in evaluating corporate compliance programs during a criminal investigation. The questions emphasize the importance of maintaining a risk-based compliance program that focuses appropriate resources on areas where misconduct is most likely to occur. Although these questions provide helpful insights into the Fraud Section’s views about effective compliance programs, it is worth noting that the guidance was promulgated at the direction of Andrew Weissmann, former Chief of the Fraud Section, and may be subject to revision. It is also worth noting that Hui Chen, former DOJ Compliance Counsel, left that position in June 2017. A replacement has not yet been named, though the position is being filled temporarily by Andrew Gentin of the FCPA unit.

The FCPA Corporate Enforcement Policy also highlights the DOJ’s focus on corporate compliance by requiring that, where appropriate, a company must implement an effective compliance and ethics program to receive full credit for timely and appropriate remediation. Under the Corporate Enforcement Policy, the DOJ’s criteria for evaluating the effectiveness of the company’s compliance and ethics program may vary based on the size and resources of the organization, but may include considerations such as the company’s culture of compliance, resources the company has dedicated to compliance and auditing of the compliance program to ensure its effectiveness. For a company to receive full credit for timely and appropriate remediation, the policy also requires the appropriate retention of business records, including prohibiting employees from using software that does not appropriately retain records or communications, as well as the implementation of measures to reduce the risk of repetition of misconduct, including measures to identify future risks. The criteria outlined in the policy mirror the principles of the “Evaluation of Corporate Compliance Programs” guidance and expand upon considerations in other DOJ guidance documents.

FCPA Actions Against Individuals Were Consistent with Past Years

Based on publicly filed charging instruments, in 2017, the DOJ brought FCPA charges against seventeen individuals and the SEC brought charges against three individuals. The number of prosecutions brought by the DOJ in 2017 was the highest in recent years, but overall both the DOJ and the SEC numbers are in line with fluctuations in individual prosecutions over the past five years.

As in most recent years, in 2017, the DOJ was more active than the SEC in bringing FCPA cases against individuals. As noted in last year’s report, compared with the DOJ, the SEC seemingly has not made FCPA actions against individuals a focus, perhaps because of its other regulatory role with respect to issuers. In 2017, the DOJ affirmed its commitment to prioritizing prosecutions of individuals and announced the FCPA Corporate Enforcement Policy. The SEC has not announced an equivalent policy focusing on enforcement against individuals.

Of the seventeen prosecutions brought by the DOJ against individuals in 2017, fourteen were brought during the Trump administration. Two of the three individuals charged during the final weeks of the Obama administration and eight of the individuals charged during the Trump administration have pleaded guilty. All three of the actions brought by the SEC were brought during the Trump administration, of which only one has been resolved.

Most of these individual enforcement actions were ancillary to corporate resolutions. This is not surprising given the evidentiary requirements and the demands imposed on companies to cooperate with DOJ and SEC investigations, as reflected in both the Yates Memo and the FCPA Corporate Enforcement Policy.

Also in 2017, for the first time since 2011, a jury convicted an individual on FCPA charges. On July 27, following a four-week trial, a jury in the Southern District of New York convicted Ng Lap Seng of, among other charges, conspiracy to violate the FCPA and violating the FCPA, in connection with a multi-year scheme to pay more than $1.3 million in bribes to ambassadors of the United Nations.41 Ng, chairman of the Sun Kian Ip Group, a Macau real estate development company, conspired with and paid bribes to UN officials—including John Ashe, former president of the UN General Assembly—with the principal objective of obtaining the UN’s formal support for a facility that Ng hoped to build in Macau that would serve as a location for various events associated with the UN.

The significant number of DOJ actions brought against individuals in 2017 is consistent with the Trump administration’s statements that it will prioritize individual enforcement. Given the length of FCPA investigations, though, most of these actions likely originated from investigations that pre-dated the administration.

Looking Forward Into 2018

Statements by senior Trump administration officials, policies implemented by the DOJ and recent corporate and individual enforcement trends suggest that, as Attorney General Jeff Sessions has promised, U.S. authorities will continue to “strongly enforce the FCPA and other anti-corruption laws.”

It appears that, going forward, U.S. authorities will continue to focus on themes that were prevalent during the later years of the Obama administration, including individual accountability, providing companies with incentives for self-disclosure and cooperation, transparency, international cooperation and corporate compliance. Attorney General Sessions highlighted these themes in an April speech, declaring that “[c]ompanies should succeed because they provide superior products and services, not because they have paid off the right people.” He also stated that the DOJ “will continue to emphasize the importance of holding individuals accountable for corporate misconduct” and that the DOJ “will work closely with our law enforcement partners, both here and abroad, to bring these persons to justice.” Sessions further stated that, when the DOJ makes charging decisions, it “will continue to take into account whether companies have good compliance programs; whether they cooperate and self-disclose their wrongdoing; and whether they take suitable steps to remediate problems.” SEC Division of Enforcement Co-Director Peikin emphasized similar themes, stating in November that the “FCPA has been and remains an increasingly important tool in the ongoing fight against corruption worldwide,” and noting the SEC’s continued focus on FCPA enforcement.

That said, it is still too early to draw conclusions about how the Trump administration will enforce the FCPA, primarily because FCPA investigations and prosecutions generally take longer than one year to resolve. While the high number of individual prosecutions is consistent with the administration’s stated intent to focus on individual misconduct, it remains to be seen whether this trend continues in 2018.

A test of the administration’s approach to FCPA enforcement likely will occur in the coming year, when settlements of significant investigations—including at least one involving a U.S. company—are expected. The manner in which these investigations are resolved may help illuminate the administration’s approach to corporate enforcement, including whether it will be more lenient toward U.S. companies than U.S. authorities were under the Obama administration.

Notably, the most significant corporate enforcement actions resolved during the Trump administration involved coordination with foreign authorities and large penalties paid to those authorities. Moreover, a large percentage of the penalties obtained in these actions were shared with foreign authorities as part of joint resolutions. Such resolutions portend that in 2018, as in 2017, U.S. authorities will continue to cooperate with their international counterparts and that foreign jurisdictions will continue to implement and enforce anti-corruption laws. Should U.S. authorities’ enforcement of the FCPA wane in 2018, foreign jurisdictions may continue to investigate and prosecute on their own.

We will watch these developments with interest and look forward to providing you with further updates in 2018.

* * *

The complete publication, including footnotes, is available here.

Both comments and trackbacks are currently closed.