FCPA Inc.: How the Foreign Corrupt Practices Act Became an Industry Unto Itself
Categories: Commentary, Public Sector, Supplier Management, Supplier Risk and Compliance Management | Tags: Incendiary Tidbits
This is the first in a two-part series on the Foreign Corrupt Practices Act.
Does the following sound like you?
You have clients or prospects in the public sector overseas. You do business in foreign countries that involves interacting with and getting bureaucratic approvals from government officials? Those bureaucracies can be difficult to get through at times. But you still get the job done!
If so, then the FCPA - the Foreign Corrupt Practices Act – had better be a familiar acronym for you. But, what is the legal exposure, and what are the main concerns? Well, read on and you will find out more!
Since this is a field full of legal caveats, we have turned to external expertise. I recently had the pleasure of speaking with Mike Koehler, the "FCPA Professor" about what really is going on in the field. Mike started out as an attorney focusing on the FCPA and practiced for approximately 10 years before switching to academia about five years ago. Yes, Mike is a bona fide law professor, currently at Southern Illinois University School of Law. He also maintains an expert and consulting practice on the FCPA – more about that on his informative site, a treasure chest of info on FCPA.
Mike opened up our conversation by emphatically stating that FCPA violations “don’t just happen to ‘bad’ companies. This concerns all firms.” He added that it is primarily because under general legal principles “it only takes a few employees out of thousands or tens of thousands of employees” to get a company in trouble. It is as bad on the third-party side. With most firms having from 1,000 to 100,000 active supplier relationships, and all it takes is one bad apple to get in trouble, this really involves all companies.
The FCPA was signed into law by President Carter but goes back further than that – the two competing schools of thought were “sunshine” and “punishment” and the latter won. Meaning, that instead of just having to disclose when payments were made abroad, and presumably be shamed into compliance, you have to be compliant with specific prohibitions or face fines and other punishments.
Since the 1998 revision of the FCPA, after which the law truly turned extraterritorial (e.g. there does not need to be a U.S. connection to an improper payment scheme for a U.S. company or U.S. citizen to run afoul of the law) the enforcement actions have ramped up markedly. Consider also that non-US firms that have no presence in the US, but rely on for example a US-based email service for their communications, can be caught by FCPA.
In case you wondered, enforcement has aggressively expanded, particularly over the past five to seven years, i.e. under the current administration. This gets us to the term “FCPA Inc.” as Professor Koehler calls it, which comprises the following:
- Law firms
- Accounting firms
- Analyst firms
- Audit firms
- Consulting firms
- Media – made you read this article, didn’t we?
This is now a multi-billion dollar “industry” unto itself. Here is a quote from a Forbes article:
“This is good business for law firms,” says Joseph Covington, who headed the Justice Department’s FCPA efforts in the 1980s and is now codirector of white-collar defense at Jenner & Block. “This is good business for accounting firms, it’s good business for consulting firms, the media – and Justice Department lawyers who create the marketplace and then get yourself a job.”
While I continued to talk with Professor Koehler, it struck me that this field is a lot fuzzier than many other compliance and policy areas. In comparison, addressing Dodd-Frank and conflict minerals reporting needs is easy. Why is the FCPA so ambiguous? One large driver is that so few of the enforcement actions go to trial and just about everyone settles out of court. There is virtually no case law here! Professor Koehler could count on one hand the number of substantive legal decisions of precedent in the 37 years. In all of FCPA enforcement history, only two companies have gone to trial, and both ultimately prevailed. As for the individuals who have decided to go to court, the majority of them have won.
So what happens in the typical FCPA case? Summarily put, when the DOJ or SEC comes knocking on the door, you reach for the checkbook. This is a lucrative business for the enforcement agencies; take a look at the enforcement statistics and you’ll see that since 2010 approximately $3 billion has been collected in FCPA enforcement actions.
Other countries have FCPA-like laws as well – but the unique legal situation in the US is that the government has a third tool to apply that doesn’t exist elsewhere in similar forms: Deferred Prosecution Agreement and Non-Prosecution Agreement, aka DPAs and NPAs. To my layman ears this sounds like the plea bargain approach that prosecutors use to get a quick win, even when they are on soft legal ground. In the case of the DOJ and SEC, it appears to be a quite profitable approach. To be blunt, DPAs and NPAs have become “speed trap” cash cows – the ones police departments across the country use to fill their coffers regardless of whether the behavior in question caused any real damage. Professor Koehler takes a far more diplomatic tack and points out that the DOJ and SEC appear far more focused on quantity (the $$$ numbers) than the quality or legitimacy of the case.