On Friday, July 3, 2020, the U.S. Department of Justice (“DOJ”) Criminal Division and U.S. Securities Exchange Commission (“SEC”) published the Second Edition of A Resource Guide to the U.S. Foreign Corrupt Practices Act (the “FCPA Resource Guide,”), a consolidated manual setting forth the authorities’ guidance regarding the Foreign Corrupt Practices Act (“FCPA”) that has served as an essential resource for practitioners in understanding the government enforcers’ views on the statute and approaches to enforcing it.
The FCPA Resource Guide had not been substantively updated in the nearly eight years since it was originally published in November 2012 (an update containing mainly non-substantive changes was issued in August 2015). The Second Edition largely retains the core structure and content of the original FCPA Resource Guide, while including updates to reflect several important developments in governmental guidance, relevant case law, and enforcement activity since the original publication. In so doing, the Second Edition re-establishes the FCPA Resource Guide as an invaluable “one-stop shop” for companies and practitioners to understand the perspectives of both enforcers regarding a variety of FCPA-related topics.
The Second Edition reflects significant updates regarding a variety of legal issues under the FCPA. These include the definition of “foreign official,” the scope of the SEC’s disgorgement power, the scope of the term “agent” for assessing corporate liability, the statute of limitations applicable to violations of the accounting provisions, and the requirements for criminal violations of the books and records and internal controls provisions. The Second Edition likewise incorporates recent governmental guidance regarding the key components of an effective compliance program, the application of the FCPA in the context of M&A transactions, the selection of corporate monitors, and, notably, the FCPA Corporate Enforcement Policy.
Notable updates reflected in the Second Edition include the following:
- Updated Guidance Regarding FCPA Internal Controls Provision: The Second Edition attempts to add texture to the sometimes ambiguous FCPA internal accounting controls provision, which requires companies to establish processes that provide “reasonable assurances” regarding the reliability of financial reporting and preparation of financial statements. Recognizing that the FCPA does not specify a particular set of controls, and that such mechanisms are not synonymous with a company’s FCPA compliance program, the Second Edition notes that “an effective compliance program contains a number of components that may overlap with a critical component of an issuer’s internal accounting controls.” The guidance adds that a company’s internal controls must take into account the “operational realities and risks attendant to the company’s business” such as the types of products and services offered, supply chain, work force, degree of regulation, extent of government interaction, and operations in high-risk jurisdictions. Although this is a welcome recognition that internal accounting controls and compliance regimes are not entirely coextensive, this language also seeks to ground some of the SEC’s enforcement actions by suggesting that operational risk is part of the internal accounting controls of a company when those words are absent from the statute. It therefore is unlikely that the SEC will alter its sometimes aggressive interpretation of the FCPA’s internal controls provision in bringing enforcement actions where companies have fallen short, in the SEC’s judgment, in building, for example, effective controls around third parties.
- Additional Focus on Successor Liability in Mergers and Acquisitions: The Second Edition provides increased clarity into corporate successor liability under the FCPA, with a particular focus on the M&A context. The update recognizes that while pre-acquisition due diligence is encouraged, robust due diligence prior to a merger or acquisition may not always be feasible. In such circumstances, the Second Edition instructs that the timeliness and thoroughness of compliance integration efforts, appropriate due diligence, and voluntary disclosure of uncovered wrongdoing post-acquisition will be primary considerations for DOJ and SEC in considering whether to take action against a successor for violations identified at a predecessor company. Further, under the FCPA Corporate Enforcement Policy, incorporated into the Second Edition, an acquiring company that voluntarily discloses post-acquisition conduct by the acquired company and takes appropriate remediation steps may be eligible for a presumption of declination, even where aggravating circumstances exist as to the acquired party. The Second Edition further points out that enforcement actions against acquiring parties in such instances have been rare, and generally they have involved either egregious and sustained violations, or culpability on the part of a successor following an acquisition. The Second Edition notes that where a successor company identifies and remediates issues in a timely fashion, any enforcement action is more likely to target the predecessor company, particularly where the government’s investigation pre-dated the acquisition. Though the Second Edition provides additional interpretive guidance regarding the authorities’ approach to successor liability in M&A transactions, it retains the original FCPA Resource Guide’s direction regarding sound practices in this context in relation to pre-acquisition due diligence, the prompt application of anti-corruption policies and procedures to new acquisitions, the training of relevant stakeholders regarding the parent’s anti-corruption obligations and applicable policies, prompt anti-corruption audits of newly acquired businesses or entities, and the prompt and thorough disclosure of any corrupt payments identified through these due diligence and audit processes.
- Expanded Guidance Regarding the Evaluation of Corporate Compliance Programs: The Second Edition builds on the prior edition’s guidance to companies regarding the hallmarks of effective anti-corruption compliance programs, conforming it to the updated regulatory expectations set forth in DOJ’s most recent update to its guidance regarding the “Evaluation of Corporate Compliance Programs,” issued in June 2020 (detailed in our recent client alert). The Second Edition more strongly signals the extent to which DOJ and the SEC will consider the effectiveness of corporate compliance and ethics programs both at the time of the misconduct and at the time of the resolution, which will impact the form of a resolution, its monetary value, and any required compliance undertakings. Among the more notable changes in this section is a sharpened focus on a company’s remediation efforts to apply “lessons learned” from compliance lapses, which the Second Edition characterizes as “the truest measure of an effective compliance program.”
- Incorporation of Other Recent Guidance: As practitioners are well aware, U.S. enforcers (particularly DOJ) have issued a litany of new memoranda in the last several years on a variety of topics in an effort to provide greater clarity and transparency to companies regarding the enforcement authorities’ approaches to investigating and prosecuting corporate misconduct, including in the FCPA space. The Second Edition references these new guidance documents, including DOJ’s guidance for selecting monitors in Criminal Division matters (covered in our 2018 Year-End FCPA Update), “anti-piling on” policy regarding the coordinated resolution of enforcement actions involving multiple enforcement authorities (discussed in our 2018 Mid-Year FCPA Update), and the corporate compliance program guidance noted above. The FCPA Resource Guide now includes a section regarding DOJ’s FCPA Corporate Enforcement Policy, which was most recently updated in November 2019 (as discussed in our 2019 Year-End FCPA Update). The policy, which was established as a pilot program in April 2016 and codified in November 2017, and the principles of which have since been applied in Criminal Division matters outside of the FCPA setting, provides incentives to companies—up to a presumption of declination—that voluntarily self-report, fully cooperate with DOJ, and engage in prompt and thorough remediation. The Second Edition includes a series of examples in which companies received declinations under the Corporate Enforcement Policy.
- Updated Case Studies and Hypotheticals: The Second Edition includes a number of updates to case studies and hypotheticals, which illuminate how DOJ and the SEC are likely to view particular fact patterns. In some instances, the Second Edition replaces older case studies with more recent examples; the Second Edition also includes new case studies to illustrate the types of gifts that might lead to enforcement action, such as a 2017 enforcement action involving a company allegedly paying for foreign officials to travel to sporting events and providing them with significant “spending money,” paying tuition for foreign officials’ children, and providing foreign officials with luxury vehicles. Other topics benefitting from new and/or updated case studies and hypotheticals include gifts or payments to third parties; payments to employees of agencies and instrumentalities of foreign governments; liability for the misconduct of third-party agents or intermediaries; the applicability of the “local law defense”; parent-company and post-acquisition liability; ineffective internal controls and compliance programs; and the assessment of FCPA penalties, among other subjects.
- Refinements to Scope of Liability for Foreign “Agents” Following Hoskins: The Second Edition reflects the government’s view of the scope of FCPA liability for foreign individuals not directly covered by the FCPA’s anti-bribery provisions following the Second Circuit’s decision in United States v. Hoskins (discussed most recently in our 2019 Year-End FCPA Update). In that case, the Second Circuit held that foreign nationals are subject to the FCPA anti-bribery provisions if they are agents, employees, officers, directors, or shareholders of a U.S. issuer or domestic concern, or if they act in furtherance of a bribery scheme while in the territory of the United States. Though the Second Edition acknowledges Hoskins, it takes the position that this decision has not been applied outside the Second Circuit, characterizes this legal question as “unsettled,” and cites to a contradictory district court opinion which held, relying on a Seventh Circuit precedent, that defendants can be liable for conspiracy to violate, or for aiding and abetting in violations of, the FCPA even where they do not “belong to the class of individuals capable of committing a substantive FCPA violation.” Such a reluctance to accept the limits of Hoskins speaks volumes regarding the DOJ’s desire to expand the FCPA further than permitted by the Second Circuit. Notably, the updated guidance does not mention the subsequent history of the Hoskins case, in which the district court granted the defendant’s post-trial motion for a judgment of acquittal on seven FCPA-related counts based on DOJ’s inability to establish the defendant’s agency relationship with his employer’s U.S. subsidiary. Also absent from the Second Edition is language echoing the December 2019 comments from the former Assistant Attorney General for the Criminal Division, Brian Benczkowski, in which he suggested that, following the Second Circuit decision in Hoskins, DOJ “is not looking to stretch the bounds of agency principles beyond recognition, or even push the FCPA statute toward its outer edges,” but would use its discretion to apply theories of agency liability following a thorough evaluation of each case, based on “provable facts that align with agency principles.” The Second Edition likewise maintains the position that foreign companies and their agents can be liable in civil or administrative proceedings for aiding and abetting FCPA anti-bribery violations, and emphasizes that Hoskins is limited to the anti-bribery provisions, whereas the accounting provisions apply to “any person.” The Second Edition, therefore, suggests that the government will continue to construe Hoskins narrowly, in terms of both the breadth of its holding and its precedential effect outside of the Second Circuit.
- Incorporation of Recent Case Law Regarding SEC Disgorgement Power: The Second Edition reflects two recent Supreme Court decisions narrowing the scope of the SEC’s ability to seek disgorgement as an equitable remedy, including in FCPA enforcement actions. The Second Edition includes references to the Court’s 2017 decision in Kokesh v. SEC, which held that disgorgement was a “penalty” subject to the five-year statute of limitations set forth in 28 U.S.C. § 2462. The Second Edition also briefly references the Court’s recent decision in Liu v. SEC, which (as detailed in our recent client alert) upheld the SEC’s authority to seek disgorgement as an equitable remedy, but on the conditions that the disgorgement not exceed the defendant’s net profits and that it be awarded for the benefit of victims.
- Updated Guidance Regarding the Definition of “Instrumentality”: The Second Edition incorporates the Eleventh Circuit’s seminal 2014 decision in United States v. Esquenazi, which analyzed the definition of “instrumentality” under the FCPA. The Second Edition approvingly cites the Esquenazi court’s definition of an instrumentality as “an entity controlled by the government of a foreign country that performs a function the controlling government treats as its own,” and incorporates the factors identified in Esquenazi for assessing the “government control” and “government function” prongs of this definition. These factors offer refinements, but not major changes, to the guidance provided in prior versions of the FCPA Resource Guide.
- Clarifications Regarding Application of FCPA Accounting Provisions: The Second Edition includes two key clarifications regarding the application of the books-and-records and internal controls provisions of the FCPA, which have grown in prominence in recent years, particularly in SEC matters, as a powerful tool to bring enforcement actions absent direct allegations of bribery. First, the Second Edition states the government’s view that in the absence of a statute of limitations in the FCPA itself, substantive violations of the anti-bribery provisions are subject to a five-year statute of limitations under 18 U.S.C. § 3282, whereas criminal violations of the FCPA accounting provisions are considered “securities fraud offenses” subject to the six-year statute of limitations provided for in 18 U.S.C. § 3301. Second, the Second Edition clarifies that criminal penalties for violations of the FCPA accounting provisions are imposed only where the defendant knowingly and willfully failed to maintain accurate books and records or implement an adequate system of internal accounting controls.
Although the Second Edition generally does not break new ground, this update helpfully incorporates key takeaways from recent governmental guidance, case law, and enforcement actions, keeping the FCPA Resource Guide current as a valuable resource for companies and practitioners alike. As with the original FCPA Resource Guide, the Second Edition includes the caveat that it is “non-binding, informal, and summary in nature,” and many of the concepts described in the document are nuanced and open to a range of interpretations. Companies navigating complex FCPA matters should therefore continue to rely on experienced counsel to understand how U.S. enforcement authorities interpret and enforce the FCPA in practice.
The following Gibson Dunn lawyers assisted in preparing this client update: F. Joseph Warin, Richard Grime, Patrick Stokes, Michael Diamant, Oleh Vretsona, Chris Sullivan, Alexander Moss, Brian Williamson, Will Cobb, and Ciara Davis.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. We have more than 110 attorneys with FCPA experience, including a number of former federal prosecutors and SEC officials, spread throughout the firm’s domestic and international offices. Please contact the Gibson Dunn attorney with whom you work, or any of the following:
Washington, D.C. F. Joseph Warin (+1 202-887-3609, firstname.lastname@example.org) Richard W. Grime (+1 202-955-8219, email@example.com) Patrick F. Stokes (+1 202-955-8504, firstname.lastname@example.org) Judith A. Lee (+1 202-887-3591, email@example.com) David Debold (+1 202-955-8551, firstname.lastname@example.org) Michael S. Diamant (+1 202-887-3604, email@example.com) John W.F. Chesley (+1 202-887-3788, firstname.lastname@example.org) Daniel P. Chung (+1 202-887-3729, email@example.com) Stephanie Brooker (+1 202-887-3502, firstname.lastname@example.org) M. Kendall Day (+1 202-955-8220, email@example.com) Stuart F. Delery (+1 202-887-3650, firstname.lastname@example.org) Adam M. Smith (+1 202-887-3547, email@example.com) Christopher W.H. Sullivan (+1 202-887-3625, firstname.lastname@example.org) Oleh Vretsona (+1 202-887-3779, email@example.com) Courtney M. Brown (+1 202-955-8685, firstname.lastname@example.org) Jason H. Smith (+1 202-887-3576, email@example.com) Ella Alves Capone (+1 202-887-3511, firstname.lastname@example.org) Pedro G. Soto (+1 202-955-8661, email@example.com)
New York Zainab N. Ahmad (+1 212-351-2609, firstname.lastname@example.org) Matthew L. Biben (+1 212-351-6300, email@example.com) Reed Brodsky (+1 212-351-5334, firstname.lastname@example.org) Joel M. Cohen (+1 212-351-2664, email@example.com) Lee G. Dunst (+1 212-351-3824, firstname.lastname@example.org) Mark A. Kirsch (+1 212-351-2662, email@example.com) Alexander H. Southwell (+1 212-351-3981, firstname.lastname@example.org) Lawrence J. Zweifach (+1 212-351-2625, email@example.com) Daniel P. Harris (+1 212-351-2632, firstname.lastname@example.org)
Denver Robert C. Blume (+1 303-298-5758, email@example.com) John D.W. Partridge (+1 303-298-5931, firstname.lastname@example.org) Ryan T. Bergsieker (+1 303-298-5774, email@example.com) Laura M. Sturges (+1 303-298-5929, firstname.lastname@example.org)
Los Angeles Debra Wong Yang (+1 213-229-7472, email@example.com) Marcellus McRae (+1 213-229-7675, firstname.lastname@example.org) Michael M. Farhang (+1 213-229-7005, email@example.com) Douglas Fuchs (+1 213-229-7605, firstname.lastname@example.org)
San Francisco Winston Y. Chan (+1 415-393-8362, email@example.com) Thad A. Davis (+1 415-393-8251, firstname.lastname@example.org) Charles J. Stevens (+1 415-393-8391, email@example.com) Michael Li-Ming Wong (+1 415-393-8333, firstname.lastname@example.org)
London Patrick Doris (+44 20 7071 4276, email@example.com) Charlie Falconer (+44 20 7071 4270, firstname.lastname@example.org) Sacha Harber-Kelly (+44 20 7071 4205, email@example.com) Michelle Kirschner (+44 (0)20 7071 4212, firstname.lastname@example.org) Philip Rocher (+44 20 7071 4202, email@example.com) Steve Melrose (+44 (0)20 7071 4219, firstname.lastname@example.org)