FCPAméricas Blog
Why Tyco Got Off Easy
10.03.2012
We do not know for sure why Tyco received only a non-prosecution agreement (NPA) instead of a deferred prosecution agreement (DPA), or how it avoided a monitor. But the treatment is notable.
Even the FCPA Professor, often critical of the approach of FCPA enforcement, appears to have found the results commendable. He calls the action an FCPA practitioner’s “new best friend,” explaining that, “against this backdrop of an injunction being violated and widespread misconduct in approximately 25 countries, Tyco was offered a non-prosecution agreement by the DOJ and the government did not require an imposition of a corporate monitor.”
Tyco’s activity certainly seems egregious. Significant bribery kept occurring in its operations well after the 2006 settlement with the SEC for FCPA violations and other misconduct. The company’s German subsidiary paid or promised to pay third parties to secure contracts or avoid penalties or fines in eight countries related to projects that continued until 2009, for a benefit of almost $5 million. Its French subsidiary made improper payments to intermediaries in Mauritania, the Congo, Niger, and Madagascar, including a security officer of a government-owned mining company, and benefited with more than one million dollars.
Indeed, recidivism is not normally a good thing in the eyes of enforcement. Tom Fox notes: “It is not clear why it took Tyco so long to uncover these ongoing acts of bribery and corruption or why Tyco employees continued to engage in conduct violative of the FCPA while under a DPA.”
So why did Tyco get off easy? The answer might have something to do with the clear progress the company was making on its compliance program from 2006 onwards, despite continued violations. The settlement results might suggest that enforcement officials understand the realities of compliance on the ground. Rolling out programs takes considerable time. Adjusting a company’s operations never happens overnight. Especially when the company, like Tyco, operates in over 60 countries with more than 100,000 employees. As Michael Volkov tells us, “your compliance program will take a year to two years until it is fully implemented.” In Tyco, it looks like the DOJ and SEC might very well have given the company credit for progress.
The SEC Complaint describes the extensive efforts that Tyco undertook to review its FCPA compliance, investigate possible additional FCPA violations, and remediate weaknesses:
[T]he initial FCPA review of every Tyco legal operating entity – ultimately including 454 entities in 50 separate countries; active monitoring and evaluation of all of Tyco’s agents and other relevant third-party relationships; quarterly ethics and compliance training by over 4,000 middle-managers; FCPA-focused on-site reviews of higher risk entities; creation of a corporate Ombudsman’s office and numerous segment-specific compliance counsel positions; exit from several business operations in high-risk areas; and the termination of over 90 employees, including supervisors, because of FCPA-compliance concerns.
An article in Compliance Week also gives insight into the efforts Tyco made to improve third-party due diligence.
In my experience, the roll out process takes even longer when the company is based in a developing country. I have worked on compliance with various Latin American multinationals that are subject to the FCPA. Almost every case required months simply to introduce the FCPA in the first place. One must teach Boards and executives about the rules, the expectations of compliance, and the consequences of non-compliance. After this phase of introduction, policies must be designed and procedures initially implemented. After that, the company’s operations personnel must experience first-hand how things like third party due diligence or internal reporting play out in practice. The company must do a review to ensure the program is actually working. Then the process starts again. A second round of training, ironing out kinks in third party certifications, making sure the gifts policy is responsive to local norms and standards, etc.
Each cycle brings more buy-in from company personnel and gets the enterprise closer to a fully functioning program. Is there a chance that a violation might be occurring during this roll out process? Certainly, especially when the non-U.S. company is based in a country known for high risk. Are there ways to measure concrete progress in implementing the program to prevent such activity? Of course. The number of employees trained, the controls put in place, the restructuring of the organization to give more prominence to the compliance officer, etc.
Should enforcement have given Tyco even more credit, especially with respect to the monetary fine? The company agreed to pay $26 million in civil and criminal penalties, which appears to have not included any mitigation.
Maybe so. Consider the businessperson who understands the risks but knows that it will take several years to implement a fully functioning program. His or her incentive might be to forgo compliance, continue operations as such, and run the continuing FCPA risk. Maybe he or she does not even plan to work for the company by the end of the three years it will take to establish a complete program. But if he or she knows that progress will be recognized by enforcement, there might be more incentive to move the company in the direction of compliance.
The FCPAméricas blog is not intended to provide legal advice to its readers. The blog entries and posts include only the thoughts, ideas, and impressions of its authors and contributors, and should be considered general information only about the Americas, anti-corruption laws including the U.S. Foreign Corrupt Practices Act, issues related to anti-corruption compliance, and any other matters addressed. Nothing in this publication should be interpreted to constitute legal advice or services of any kind. Furthermore, information found on this blog should not be used as the basis for decisions or actions that may affect your business; instead, companies and businesspeople should seek legal counsel from qualified lawyers regarding anti-corruption laws or any other legal issue. The Editor and the contributors to this blog shall not be responsible for any losses incurred by a reader or a company as a result of information provided in this publication. For more information, please contact Info@MattesonEllisLaw.com.
The author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author.
© 2013 Matteson Ellis Law, PLLC
Post authored by Matteson Ellis, FCPAméricas Founder & Editor
Comments