To avoid FCPA violations and penalties, it is vitally important that businesses are aware of the corruption risks related to their activities. A first step toward understanding risk is having a working knowledge of the broad extraterritorial reach of the FCPA. As discussed above, many actions taken outside of the United States by non-U.S. persons – actions that the participants may not believe could create FCPA liability – can create liability for them or for others.
Other factors that are relevant to an FCPA risk assessment include:
- Country risk: The Transparency International corruption perceptions index is a recognized barometer of country-level corruption risks. (FCPAméricas discusses other surveys here.)
- Industry risk: Past FCPA enforcement actions provide a useful measure of such risk. (See the Mintz Group “Where The Bribes Are” Map.)
- Third party/business partner risk: For example, business partners with corrupt reputations or links to government officials, or certain compensation arrangements for third parties like sales agents, present significant risk. (FCPAméricas discusses third party risk here and M&A due diligence here).
- Amount of interaction with government offices/government regulation: Entering into agreements with government entities and securing licenses, permits, and approvals from government entities can be high-risk scenarios.
- Size and nature of transaction: High-value contracts are more likely to attract requests for corruption than low-value contracts.
Companies should regularly assess their programs to evaluate effectiveness and identify areas where enhancements might be needed (FCPAméricas discusses general Latin America risks here, here, and here, and specific risks in Brazil here, in Mexico here, and in Colombia here).
The Dodd-Frank Act significantly increases the risk that FCPA violations will be reported. “Whistleblowers” are individuals who report legal violations by a company or its employees. Beginning in 2010, as part of the Dodd-Frank Act, whistleblowers who provide “original information” to enforcement authorities in an investigation resulting in monetary sanctions over $1 million may recover between 10 and 30 percent of funds collected. Given the multi-million dollar nature of many recent FCPA settlements, the whistleblower provisions give employees at all levels an enormous incentive to disclose improper payments. For example, Johnson and Johnson settled with the SEC and DOJ for a total of $70 million for making payments to officials in Europe and Iraq. This settlement would have provided a whistleblower between $7 million and $21 million.
There are several rules that protect whistleblowers from retaliation. Whistleblowers are not required to disclose their identity to enforcement officials; instead, they can remain anonymous and their attorneys can represent their claims before the government until the matter is resolved. More importantly for compliance officers, whistleblowers are not required to report an event to a company’s internal compliance program first.
The whistleblower provisions greatly increase FCPA risks for companies, particularly since they create a motivation to circumvent a company’s efforts to control FCPA risks. As a result, the whistleblower provisions are generating tremendous pressure on companies to implement stricter compliance programs that mitigate risk. FCPAméricas discusses the whistleblower provisions here.
The information in the FCPAméricas blog is intended for public discussion and educational purposes only. It is not intended to provide legal advice to its readers and does not create an attorney-client relationship. It does not seek to describe or convey the quality of legal services. FCPAméricas encourages readers to seek qualified legal counsel regarding anti-corruption laws or any other legal issue. FCPAméricas gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to FCPAméricas LLC.