The New FCPA Cooperation Plan

On April 5, 2016, the U.S. Department of Justice (DOJ) issued an Enforcement and Guidance Plan (Plan) concerning the Foreign Corrupt Practices Act (FCPA). While the new Plan could be interpreted as a novel departure from past precedent, careful analysis reveals that it does little to alter or clarify how the DOJ will review cases or reward companies for significant cooperation in addressing anti-corruption global issues.

Background on the FCPA and Previous Agency Interpretations

Administered jointly by the DOJ and the U.S. Securities and Exchange Commission (SEC), the FCPA has two primary components: anti-bribery provisions and accounting requirements. The FCPA makes it unlawful for companies and individuals to make payments of any item of value to foreign officials in exchange for influence or business opportunities; it also requires foreign companies with U.S.-listed securities to follow all applicable accounting provisions. However, payments merely facilitating or expediting the performance of a “routine” governmental action represent a crucial but poorly defined exception. Individuals who violate the FCPA are also subject to a fine up to $2 million and up to five years in prison. However, in practice, the DOJ and SEC have brought relatively few FCPA actions against individuals.

In 2012, the DOJ and SEC released a joint Resource Guide intended to provide information on the FCPA. The Resource Guide highlighted the importance of self-reporting possible FCPA violations and the need to enact an appropriate anti-corruption compliance program. It also identified sources from the World Bank, United Nations and others to help companies maximize their mitigation potential. Finally, it emphasized the importance of conducting risk assessments to determine the level of exposure companies faced simply by having properties, subsidiaries, or even distributors abroad. Thus, the Resource Guide did not alter enforcement practices surrounding foreign transactions, but it did offer valuable insights into how companies might reduce risk in the global marketplace.

In 2015, Deputy Attorney General Sally Quillian Yates released a widely publicized “new” policy announcing increased accountability for individuals involved in any violations of the law, including the FCPA. The memo made clear that combatting corporate misconduct required reaching beyond the corporate veil to hold individuals personally accountable. Consequently, the DOJ unilaterality declared that eligibility for cooperation credit (i.e., reduced sentences and fines) would hinge on the disclosure of all relevant facts relating to involved individuals. Specifically, the target company would be required to identify every individual involved in or responsible for the alleged misconduct at issue. This obligation was heightened by inferring that the release of culpable individuals was not possible absent “extraordinary circumstances.”

However, due to the low rate of individual accountability when companies civilly or criminally settle, this obligation raised serious concerns about chilling effect and applicability to existing and future investigations. Thus, the DOJ's shifted focus of the FCPA away from “corporations” and trained it on the individuals, which impact is still unresolved.

Now, to further confuse the existing playing field, DOJ has released the Plan , which sets forth three steps aimed toward enhancing enforcement, cooperation with investigations, and individual accountability. First, the Department vowed to significantly increase the amount of resources devoted toward detecting and prosecuting violations of the FCPA. This, it hoped, would make clear that FCPA violations that might have gone uncovered in the past are more likely to be uncovered.

Second, the Plan pledged to strengthen coordination between the DOJ and its foreign law enforcement counterparts. This, again, was not a real new development, due to the changes since 9/11 in regard to cross-border cooperation related to criminal activity.

Third, it announced a new pilot program aimed toward promoting greater accountability for culprits of corporate crime by incentivizing companies to have detailed compliance programs, test the programs regularly, and report any suspicious activity through a voluntary disclosure. This included an announcement that “mitigation credit” would be available only if a company disclosed “all” (which is not defined or caveated by a “good faith” standard) facts related to involvement in the criminal activity by the corporation's officers, employees, or agents.

The New (or Old) World Order

The new DOJ Plan represents a recycled version of long-standing policy. First, increased investigation and enforcement has been an objective for years. Mark Mendelsohn, Deputy Chief of the DOJ Fraud Section, previously declared in 2009 that roughly 100 companies were the subject of open FCPA investigations. While this trend might continue to grow based on the Plan, it is hardly novel.

Second, the promise to partner with foreign law enforcement counterparts is a well-established practice. In 2008, the Siemens case highlighted the prevalence of cross-border cooperation among governments concerning anti-corruption investigations. Two other examples include the SEC's acknowledgement of extensive assistance from governments spanning four continents during the Halliburton/KBR settlement, and the DOJ's pledge to a mutual legal assistance provisions in the OECD Convention.

Last, incentivizing self-disclosure, cooperation and compliance programs on the part of companies has been a long-standing policy. The 2012 Guide specifically aimed to encourage voluntary disclosure and compliance programs. The Plan really only reiterates this policy. This is especially the case in light of the DOJ Principles of Federal Prosecution of Business Organizations (USAM Principles), which have long touted the value of cooperation on the part of companies and instructed prosecutors to expend extra energy prosecuting individuals. The DOJ even admits in its own Plan that the United States Sentencing Guidelines already provides for reduced fines for voluntarily disclosers, “full” (again, undefined) cooperation, and acceptance of responsibility. Thus, the substance of the DOJ Plan is scarcely innovative.

The new DOJ Plan in reality may actually discourage the very cooperation it purports to promote by demanding at the outset a higher degree of disclosure than either the USAM Principles or the United States Sentencing Guidelines. The USAM Principles stake eligibility for “cooperation credit” on disclosure of the relevant facts. This stands in stark contrast to the new Plan's call for disclosure of “all facts” related to involvement in the subject activity. Likewise, the Sentencing Guidelines permit a defendant to qualify for a downward departure if voluntary disclosure and acceptance of responsibility occurs. The new Plan , then, seems to contradict these existing policies, which infers that the previous policies are no longer applicable. This is unfortunate because the Plan's success depends on voluntary corporate cooperation; yet, it imposes a standard of disclosure of “all,” which is well beyond that of the USAM Principles, the Sentencing Guidelines, or practical reality.

Finally, like the DOJ/SEC Guide that preceded it, the new Plan fails to give specific guidance on what type of information a company should disclose to the DOJ. It simply issues a carte blanche call for all facts and instructs prosecutors to make a subjective assessment of whether this was actually done. Meanwhile, even if a company complies with voluntary self-disclosure, full cooperation, and timely and appropriate remediation, the Plan affords no concrete guarantee of subsequent mitigation credit. It simply issues a cryptic pledge that cooperation “may” result in up to a 50% reduction in fines, or a declination of prosecution in certain circumstances. Thus, the new Plan omits any guarantee of a reduced civil or criminal penalty or the upside of spending the extensive resources and disclosing without a full appreciation of “all” the facts that exist.

Compliance, Due Diligence and Cooperation

The Plan does not require a variation in long-standing guidance. A company's counsel must play a pivotal role in any investigation for a variety of purposes. The attorney-client privilege is still essential to determine whether or not a violation has actually occurred.

However, it is a delicate situation to decide whether or not to have the company's legal department handle the investigation or whether to engage outside counsel. The current trend is to engage outside counsel to handle internal investigations of possible criminal acts. If this trend holds, the appropriate company official or committee should provide written instructions and authority to the outside counsel to conduct the investigation.

The practice of conducting internal investigations will also not change, despite the high bar set of having to disclose “all” facts. Often, it makes sense to have an impartial senior management person or an audit committee be the “client” for purposes of business decisions related to the investigation and ensuring full cooperation (if possible once the personal liability of employees is discussed during the Upjohn warnings). During the internal investigation, it is good for attorneys to work in teams, especially when interviewing employees. It is important that, before asking questions, counsel explain to the employees whom they represent (i.e., the company) and the purpose of the investigation (i.e., to find those responsible). A full review of all records should be conducted. An assessment of the entire program should occur.

As referenced, the compliance program and senior management commitment (and dedication of resources) to the program are key. To determine what a company should do before an incident occurs, it is useful to consider what the DOJ prosecutors examine when they decide to charge a company. An effective compliance program will help a company successfully avoid an FCPA investigation. While the DOJ does not have formal guidelines for evaluating compliance programs, informal elements include: 1) sound corporate policy; 2) training in regard to the policy and the law; 3) adequate staffing to monitor compliance and possibly an independent internal auditor or oversight committee; 4) proper standard clauses in all international agreements; 5) a reporting system for suspected violations and protection of whistleblowers; 6) delineated disciplinary procedures; and 7) a record-keeping system to ensure compliance with the FCPA.

When a potential FCPA violation occurs, the company should immediately investigate and stop the activity if it seems potentially unlawful. This includes the cessation of further payments to overseas agents and even the suspension of the employees involved. Every alleged or potential FCPA compliance violation should have a documented investigation that is reviewed by an internal and external source to determine if a violation has actually occurred. The DOJ specifically examines post-violation conduct to determine whether to charge a company or the individuals involved with an FCPA violation. Therefore, getting it right is crucial.

Remedial action is also crucial. This essentially requires the company to take the actions it possibly should have taken before the alleged violation, such as implementing an effective corporate compliance program, improving an existing compliance program, and disciplining wrongdoers. Willingness to accept responsibility and take mitigation action weighs heavily in a company's favor under the FCPA.

As recognized by the Plan, voluntary disclosures are a growing trend in FCPA investigations. The possible benefit to voluntary disclosure is that the DOJ might be more likely to enter into a deferred prosecution agreement with the company. However, this cooperation may include an attorney-client privilege waiver and its natural repercussions.

Moreover, some studies suggest there are no tangible benefits associated with voluntary disclosure. The only guarantee surrounding voluntary disclosure under the FCPA, then, is the immense degree of discretion retained by the DOJ. As the DOJ is still grappling with the meaning of the Yates memo, individual liability must be discussed with the company officials. But this always should have been a part of the dialogue with the company's management. As such, a company may have legitimate reasons not to self-report and these concerns should be explored.

Conclusion

The new DOJ Plan holds itself out as a ground-breaking means of prosecuting more individual violators of the FCPA by encouraging corporate compliance. However, in reality, it is little more than a repackaged rehearsal of long-standing DOJ policies and practices. The only difference between the old and new policies is the requirement that companies disclose all facts relevant to all individuals involved in the criminal activity at issue. This largely discourages the very corporate cooperation the Plan seeks to incentivize.

What remains clear is that the DOJ will continue to investigate and prosecute FCPA cases. Companies should take this emphasis seriously and ensure that adequate compliance programs are in place, training on the policies takes place, third-party relationships undergo proper due diligence, and a clear plan is set about how to handle FCPA alleged violations, including possibly taking advantage of the Plan.

Brett W. Johnson and Jeffrey A. Scudder are partners in the Phoenix, AZ office of Snell & Wilmer L.L.P. They can be reached at [email protected] and at [email protected], respectively. The authors gratefully acknowledge the assistance of David Wilhelmsen , a summer associate.