June 2009
Authors:
Matt T. Morley matt.morley@klgates.com
+1.202.778.9850
Suzan Onel suzan.onel@klgates.com
+1.202.778.9134
K&L Gates is a global law firm with lawyers in 33 offices located in North
America, Europe, Asia and the Middle
East, and represents numerous GLOBAL
500, FORTUNE 100, and FTSE 100 corporations, in addition to growth and middle market companies, entrepreneurs, capital market participants and public sector entities.
For more information, visit www.klgates.com.
In recent years, the fastest growing markets for pharmaceutical products and medical devices have been in developing countries and the former Soviet-bloc states. As sales in these nations increase, so too do the odds of encountering situations in which local government officials may welcome or even solicit improper payments in exchange for approvals needed to conduct business. Although increased law enforcement efforts demonstrate that these situations pose significant risks under the
U.S. Foreign Corrupt Practices Act (FCPA) and other anticorruption laws, companies can substantially lessen their chances of running afoul of the law if they implement some relatively simple preventative measures. By identifying their risks in this regard, and developing policies and procedures to mitigate them, companies can reduce both the likelihood of a violation and the potential consequences of any violation that may occur in spite of the company’s best efforts.
Pharmaceutical and medical device companies generally have a relatively large number of contact points with foreign government officials compared to many other industries. Most companies need to seek government approvals in order to open offices, to obtain permits and licenses, or to import goods. While pharmaceutical and medical device companies have these same needs, they also market products that generally require regulatory approvals before they can be sold, sometimes after intensive testing that may be redundant of tests already conducted in other countries.
In many cases, additional approvals are required regarding product pricing and medical insurance reimbursements.
Like most businesses, pharmaceutical and medical device companies are likely to already be sensitive to the legal issues involved in payments made in exchange for favorable outcomes on these types of matters. What is less intuitive – and what has resulted in FCPA violations by a number of pharmaceutical and medical device companies – is that incentives for product sales to hospitals pose these same risks where these institutions are owned or controlled by a local or national government, including by a government owned or controlled company. Under the FCPA, the term “government official” includes not only regulatory, judicial and law enforcement officials, but also officers and employees of government-owned enterprises, even those engaged in ordinary commercial activities. The extent of government ownership of commercial businesses varies around the world, but in most nations it is common for a significant proportion of medical facilities to be government operated.

Foreign Corrupt Practices Act (FCPA)/Food, Drugs,
Medical Devices and Cosmetics Alert
Over the past five years, more than half a dozen pharmaceutical and medical device companies have settled civil charges with the Securities and
Exchange Commission (SEC) or criminal charges with the U.S. Department of Justice (DOJ) in connection with alleged improper payments abroad.
The ways in which payments were alleged to be made differed in each case – including briefcases filled with cash, purported “charitable donations,” and lavish “study trips” to Las Vegas and Miami.
But the context was essentially the same in every case: payments were made to doctors or purchasing officials of state-owned hospitals to induce the hospitals to purchase the company’s products.
Notably, in many of these cases, senior corporate executives appear to have been unaware of the improper payments, which were often made at the direction of lower-level personnel, in remote foreign operations, who may have viewed the payments as customary or otherwise necessary to the performance of their responsibilities. In many instances, the payments were made through foreign subsidiaries, sales agents, or other intermediaries.
The FCPA and federal criminal law principles, however, contain very broad provisions for vicarious liability, holding companies responsible for the actions of such lower-level employees, even if those actions were unauthorized. The FCPA also makes both companies and individuals responsible for actions taken by third parties on the company’s behalf, whether or not authorized, if someone in the company knew of the violation or if the circumstances suggested a high likelihood that a violation would occur.
The targeting of the pharmaceutical and device industries has been well publicized by U.S. law enforcement officials for several years, and is part of a broader FCPA enforcement effort by both the SEC and the DOJ. Indeed, both agencies describe FCPA enforcement as a priority, and recent statistics confirm that this is not idle talk. These agencies brought 38 actions in 2007, and 33 more in 2008.
These efforts were capped in recent months by a settlement with Siemens, A.G., which paid over $1.6 billion in fines, penalties and disgorgement to U.S. and German authorities in December 2008, and another settlement with both KBR, Inc. and
Halliburton Co., which paid a combined total of
$579 million in fines and penalties in February 2009.
Beyond this, companies charged with FCPA violations may also suffer considerable reputational damage, along with restrictions on their ability to export goods or to participate in U.S. government programs. FCPA enforcement appears to remain a priority under the Obama Administration.
Moreover, it is not only the United States taking action against international bribery. Over the past decade, most other developed nations have adopted statutes similar to the FCPA or promulgated even broader antibribery laws. These laws are being more vigorously enforced around the world and in some cases expanded. One recent case, which included alleged payments in connection with the sale of medical equipment, involved not only U.S. authorities but vigorous efforts by German prosecutors, as well. In the United Kingdom, reform of existing bribery laws is underway, and lawmakers are expected to create a new offense for the failure to prevent bribery by a company, which would address a company’s negligence in failing to do enough to stop people working on its behalf from paying or promising or offering a bribe in connection with its business. Under the proposed law, adequate compliance procedures would provide a defense for the company, except in the case of misconduct by senior management.
Although U.S. law does not require companies to have an FCPA compliance program, in practice U.S. law enforcement officials expect every company involved in international commerce will have taken meaningful steps to prevent improper payments, and for those that have done so, the consequences of a violation, if one occurs, are likely to be less severe.
By contrast, the failure to have a program will exacerbate the consequences of any violation that comes to the attention of the authorities.
How then should companies address these risks?
Even though no firm can prevent every unauthorized action by its personnel or by third parties acting on the company’s behalf, a firm can significantly reduce the risk of legal liability through efforts to assure compliance with the law.
There are several steps, which are relatively simple and inexpensive, that every company operating internationally should consider.
June 2009 2

Foreign Corrupt Practices Act (FCPA)/Food, Drugs,
Medical Devices and Cosmetics Alert
•
Identify the points of contact between your company and foreign government officials.
Each company has a unique set of circumstances in which it deals with government officials.
Understanding when and where these interactions occur – and precisely who is a government official – is the starting point for assessing the company’s corruption risks. o In addition to employees of state-owned hospitals, as noted previously, persons involved in the conduct or evaluation of clinical trials and research may pose similar risks.
•
Consider whether your existing policies and procedures are sufficient to mitigate the risks identified. Effective, written compliance programs often include: o A prohibition of improper payments. o Controls over gifts and entertainment. o Due diligence procedures to evaluate the legitimacy and reputation of third parties that may act on the company’s behalf (such as agents, consultants, and other intermediaries) and joint venture partners. o Contractual provisions to require third parties not to make improper payments, and providing for mechanisms to monitor and audit compliance, and terminate the relationship in the event such payments are made. o Due diligence requirements in the merger and acquisition context to ensure that potential anticorruption problems are identified and evaluated prior to consummating any transaction and assuming successor liability for corrupt payment problems.
•
Provide training to relevant company personnel .
A written policy alone is unlikely to be effective unless it is effectively communicated to employees and reinforced with periodic training that assures their understanding.
•
Convey the proper tone from the top . As with any other corporate directive, an FCPA policy will be taken seriously if supervisory personnel show, by words and actions, that the policy is important and must be followed. That message should begin with the chief executive and be conveyed throughout the organization.
•
Monitor and audit compliance with policies and procedures . This often includes mechanisms for reporting certain types of payments and expenditures, such as gifts, entertainment expenses, and payments to consultants; annual certifications of compliance by relevant personnel; and internal auditing of selected accounts, such as employee reimbursements, and promotional and marketing expenses.
•
Follow up on “red flags” and take remedial steps as needed . If potential corrupt payment issues arise, companies must be prepared to take prompt action and make appropriate inquiry into the situation. If a problem is found to exist, companies are expected to take steps both to correct it and to prevent a similar recurrence. Indeed, in many law enforcement actions, the severity of sanctions appears to have been greatly increased by a pattern of failing to respond to repeated indications that improper payments were being made.
With the intensified focus on FCPA issues, and continued targeting of the pharmaceutical and medical device industries, there is an opportunity to stay ahead of the curve by reassessing those programs now in order to assure that corruption risks are being appropriately mitigated and that third parties inquiring about those programs do not find them to be deficient.
This is necessarily an overview; companies must address these risks in the context of their own operations. Please feel free to contact us if you would like to discuss a particular issue in more detail.
June 2009 3

Foreign Corrupt Practices Act (FCPA)/Food, Drugs,
Medical Devices and Cosmetics Alert
Anchorage Austin Beijing Berlin Boston Charlotte Chicago Dallas Dubai Fort Worth Frankfurt Harrisburg Hong Kong London
Los Angeles Miami Newark New York Orange County Palo Alto Paris Pittsburgh Portland Raleigh Research Triangle Park
San Diego San Francisco Seattle Shanghai Singapore Spokane/Coeur d’Alene Taipei Washington, D.C.
K&L Gates is a global law firm with lawyers in 33 offices located in North America, Europe, Asia and the Middle East, and represents numerous
GLOBAL 500, FORTUNE 100, and FTSE 100 corporations, in addition to growth and middle market companies, entrepreneurs, capital market participants and public sector entities. For more information, visit www.klgates.com.
K&L Gates comprises multiple affiliated partnerships: a limited liability partnership with the full name K&L Gates LLP qualified in Delaware and maintaining offices throughout the U.S., in Berlin and Frankfurt, Germany, in Beijing (K&L Gates LLP Beijing Representative Office), in Dubai,
U.A.E., in Shanghai (K&L Gates LLP Shanghai Representative Office), and in Singapore (K&L Gates LLP Singapore Representative Office); a limited liability partnership (also named K&L Gates LLP) incorporated in England and maintaining offices in London and Paris; a Taiwan general partnership (K&L Gates) maintaining an office in Taipei; and a Hong Kong general partnership (K&L Gates, Solicitors) maintaining an office in Hong
Kong. K&L Gates maintains appropriate registrations in the jurisdictions in which its offices are located. A list of the partners in each entity is available for inspection at any K&L Gates office.
This publication is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts or circumstances without first consulting a lawyer.
©2009 K&L Gates LLP. All Rights Reserved.
June 2009 4