BEST PRACTICES FOR MITIGATING FCPA RISK

BEST PRACTICES FOR
MITIGATING FCPA RISK
Prepared for Strafford Publications Teleconference
“Foreign Corrupt Practices Act in China”
April 1, 2008
©2007 Kirkpatrick & Lockhart Preston Gates Ellis LLP
All Rights Reserved
Ed Fishman
Kirkpatrick & Lockhart Preston Gates Ellis LLP
1601 K Street, NW
Washington, DC 20006-1600
(202) 778-9456
ed.fishman@klgates.com
Why is Risk Mitigation Important?
 Criminal Penalties
 Up to $2 million per violation for companies
 Up to $250,000 fine and 5 years in prison for individuals
 Alternative fines equal to twice amount of total profit
 Civil Penalties
 Injunctions against future violations
 Civil monetary penalties
 Collateral consequences (e.g., debarment)
 A company cannot indemnify an officer, director, employee or
consultant for fines assessed in violation of the FCPA and
insurance will not cover such fines or penalties.
FCPA Risk Mitigation Essentials
Three Core Elements:
 Internal Compliance Program
 Due Diligence on Third Parties/Transactions
 Prompt Response to Possible Violations
U.S. Government will consider each of these
elements in evaluating whether to bring
enforcement action.
FCPA Compliance Program Essentials
 FCPA Policy Framework







Written and Clearly Defined Corporate Policy
Regularly Updated and Improved
Aim for Clarity and Simplicity
Effectively Disseminated and Communicated
Tailored To Local Risks and Practices
Subset of Corporate Ethics Policies
Addresses Local and Other Applicable Laws
FCPA Compliance Policy (cont.)
 Substantive Content of FCPA Policy





Explain Key Statutory Provisions and Risk Areas
Provide Guidance on Permissible Behavior
Tailor to Specific Operating Risks
Gift Guidelines – No Cash; Nominal Value
Meal and Entertainment – Legitimate Business
Purpose, No Cash and Not Excessive
 Travel – Reasonable and Bona Fide Expenditures in
Connection with Product Demonstration
 Donations and Lobbying – Seek Company Approval
FCPA Compliance Policy (Cont.)
 FCPA Internal Controls






Cash Handling Procedures
Accounting and Financial Controls
Recordkeeping Requirements
Segregation of Duties
Documentation Requirements
Authorization Requirements
FCPA Compliance Program (cont.)
 Training and Education






Live Training Preferred
Local Language If Necessary
Must Be Understandable To Be Effective
Initial Training Upon Hiring/Acquisition
Periodic Refresher Sessions
Supplemental Distributions of Policy/Law Changes
FCPA Compliance Program (Cont.)
 Compliance Monitoring






Training Completion Certification
Annual Compliance Certification
Audit Testing of High-Risk Areas
Internal/External Compliance Audits
Confidential Reporting System
“Tone at the Top”
FCPA Compliance Program (cont.)
 Third Party Agent/Partner Compliance Framework




FCPA Certifications
Contract Reps and Warranties
FCPA Policy Communication and Training
Third Party Due Diligence Steps (discussed further
below)
 Range of Third Party Relationships At Issue
 Challenge is Finding Right Balance
FCPA Third Party Due Diligence
 Determine the Competence, Expertise and Reputation of the
Third Party
 Determine Third Party’s Relations With Government Officials
through Family, Prior Employment or Political Activity
 Caution: Carefully Scrutinize “Success Fees”
 Maintain Records of Due Diligence
 Sources of Inquiry: Law Firms, Audit/Consulting Firms, U.S.
Embassy, Commerce/State Department, Private
Investigators, and Possibly Legal Opinions
FCPA Third Party Due Diligence Red Flags
 A history of corruption in a country
 Any family relationship between participants and
government officials
 Any unusual means of payment
 The size of the commission paid to the agent in
relation to the services performed
 Apparent lack of qualifications on the part of the
agent to perform services
FCPA Third Party Due Diligence Red Flags (cont.)
 Refusal by any participants to sign certifications or
make representations that they will not violate FCPA
 Any misrepresentations in connection with
proposed transaction
 Requests for false or incomplete documentation
 Lack of transparency in financial records
 Lack of internal controls
FCPA Red Flags in Plain English
 “Please Pay Me In Cash”
 “Pay Me Through My Offshore Bank Account”
 “My Close Relative Is A Government Official, and You Don’t
Have A Chance Unless You Deal With Me”
 “I Have No Facilities or Staff, But I’ll Get the Job Done”
 “I Have Never Worked In Your Industry Before, But I Know
The Right People”
 “While My Commission Rate is Twice The Market Rate, I’m
Well Worth It”
FCPA Transactional Due Diligence
 Evaluate the Target Company






Competence and Expertise
Business Model
Relationships with Government Officials
Family and Business Relationships
Corporate Compliance Culture
Management Structure
FCPA Transactional Due Diligence
 Evaluate FCPA Compliance Risk






Audit Books and Records
Audit Internal Controls
Examine FCPA Compliance History
Review Due Diligence Practices
Obtain Legal Opinion on Compliance with Local Laws
Obtain Reps and Warranties
Prompt Response to Potential Violations
 What to do if potential FCPA violation is suspected?






Investigate through internal/external resources
Maintain objectivity, confidentiality and privileges
Conduct prompt and thorough investigation
Comply with applicable employment/other laws
Report findings to appropriate internal channels
Evaluate voluntary disclosure issue
Prompt Response to Potential Violations
 Voluntary Disclosure Considerations





DOJ/SEC Cooperation for Credit
Attorney-Client Privilege Waiver
Prior Violations
Clarity of Evidence
Public or Private Company Considerations
Prompt Response to Potential Violations
 What to do when you encounter Red Flags?





Increase Level of Due Diligence Investigation
Require Investigation by M&A Target
Conduct Joint Investigation
Evaluate Potential Successor Liability
Weigh Business Risks of Transaction
Prompt Response to Potential Violations
 What to do when you discover potential violation as part of
M&A transaction?
 Require Disclosure
 Government
 Public Filings
 Require Resolution As Condition to Closing
 Delay
 Material Changes
 Accept Risk and Close
 Protection through Escrow
 Obligation to Continue Investigation
 Open-ended Liability
QUESTIONS?
 Contact:
Ed Fishman
Kirkpatrick & Lockhart Preston Gates Ellis LLP
1601 K Street N.W.
Washington, D.C. 20006
(202)778-9456 (direct)
ed.fishman@klgates.com