Corporate in-house counsel are challenged to do more with less in this highly regulated post-Enron, post-9/11 period. They have put in place legal compliance procedures and processes that satisfy the requirements of Sarbanes-Oxley,1 the New York Stock Exchange,2 the NASDAQ,3 the compliance program requirements of the U.S. Department of Justice Guidelines for Criminal Prosecution of Corporations,4 Caremark5 and its progeny, as well as the U.S. Sentencing Guidelines for Organizations,6 to the extent that these rules and standards apply to their companies. They have sought to understand if their companies are covered by the compliance program requirements of the USA PATRIOT Act7 and Bank Secrecy Act8 antimoney laundering rules and regulations. Some have had to develop procedures for complying with the complex antiterrorism/antimoney laundering regulatory schemes promulgated and administered by the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN),9 as well as Treasury’s Office of Foreign Assets Control (OFAC).10 Many companies, however, have still not focused adequate compliance attention on the U.S. Foreign Corrupt Practices Act of 1977 (FCPA, the Act), as amended,11 and its antibribery provisions,12 as well as the FCPA’s record keeping and internal control provisions.13

Yet, the two basic provisions of the FCPA are fairly familiar to companies with long-standing overseas operations. First, the FCPA antibribery provision makes it a federal criminal offense to directly or indirectly promise, offer, or authorize bribes to foreign officials in order to obtain or retain business or secure any improper advantage.14 Second, the FCPA’s record keeping and accounting provisions require companies whose stock is traded on U.S. exchanges to keep accurate books and records, and maintain an adequate system of internal financial controls.15

The apparent lack of FCPA compliance attention and employee awareness can be exceptionally costly to companies with respect to officer, director, and employee time and resources, financial and accounting personnel time and resources, and negative press. More importantly, companies that have serious FCPA issues will likely expend substantial resources for legal counsel and representation in connection with FCPA enforcement actions brought by the U.S. Department of Justice (DOJ) and the U.S. Securities and Exchange Commission (SEC), and face substantial fines and penalties (with individuals also facing imprisonment) for violations. Other multilateral antibribery initiatives also have increased enforcement risks under local law for companies operating overseas, and their subsidiaries.16

This article provides some practical guidance on the importance of certain initial steps that can lead to an effective FCPA compliance program. Because the complete set of steps leading to an effective FCPA compliance program is too lengthy to discuss in this space, this article focuses on a few key components for "getting started": training, risk assessment, appropriate due diligence, and updated written procedures. We begin with a brief summary of the Act.

FCPA Antibribery and Record Keeping/Internal Control Provisions

Persons Covered Under the FCPA Antibribery Provisions

The FCPA antibribery provisions apply to "issuers," "domestic concerns," and "any person," as described below.

  1. Issuers. The FCPA antibribery provisions apply to issuers of certain securities regulated by the Securities and Exchange Commission (SEC).17

  2. Domestic concerns. The FCPA antibribery provisions apply to "domestic concerns," such as any U.S. citizen, resident, or national, or U.S.-incorporated company, wherever located, or any company located within the United States.18

  3. Any person. The FCPA antibribery provisions also apply to "any person" who commits an act in furtherance of a bribe or prohibited act while in the United States or its territories. 19 "Any person" also includes non-U.S. persons and corporations when they perform an act in furtherance of a bribe while in a U.S. territory.

Basic Elements of the Offense

The FCPA generally prohibits companies and individuals from knowingly making, promising, offering, or authorizing a payment or something of value, either directly or indirectly, to a foreign official with the corrupt intent to influence an official act or decision by the foreign official for a business purpose. The specific elements of an FCPA antibribery offense are set out below:

a. A covered person (e.g., an issuer, or domestic concern)

b. pays, offers, promises to pay, or authorizes payment

c. of money or anything of value

d. to

  1. a foreign official,

  2. a foreign political party or party official,

  3. a candidate for foreign political office, or

  4. "any person" while knowing20 that the payment or thing of value will be passed on to those described in items (i)–(iii) above

e. with corrupt intent

f. to influence an official act or decision of that official

g. in order to obtain or retain business, or secure an improper advantage.21

Under the antibribery provisions of the FCPA, a "foreign official" includes any person holding any level of legislative, administrative, or judicial office of a foreign government or any of its departments or agencies or divisions; any person acting on behalf of a foreign government, including a state agency, enterprise, or organization; any official or agent of a foreign public administration or publicly funded organization; any official of a foreign political party; any officer or agent of a public international organization (e.g.,World Bank, International Monetary Fund, World Health Organization, United Nations,World Trade Organization); or any relatives or close family/household members of any of those listed above.22

The promise or offer to pay money or "anything of value" includes not only cash, but real estate, cars, jewelry, extravagant vacations, home improvements, stock, and any other thing that provides a benefit to the foreign official, foreign political party, or foreign party official, etc.23

Permissible Payments Under the FCPA

"Facilitating Payment" Exception.

The FCPA permits so-called facilitating or expediting payments to low-level employees to expedite or secure the performance of a routine governmental action.24

However, a facilitating payment should be a relatively small or nominal payment to a government employee to perform a routine service to which the payee is lawfully entitled. Facilitating payments may be made for services such as mail delivery, water service, trash collection or phone service. Companies should have clear procedures and policies relating to facilitating payments and their documentation in the company’s books and records.25

Payment Permissible Under Local Law. The FCPA provides an affirmative defense where a payment made to a foreign government official is lawful under the written laws of the foreign official’s country.26

Certain Reasonable and Bona Fide Expenses. The FCPA also provides an affirmative defense for payments made by companies or individuals to foreign officials where the payments are

  • reasonable and bona fide
  • directly related to promotion or demonstration of a company’s products or services
  • directly related to the performance of a particular contract between a company and the foreign government27

The payments also should be accurately and properly recorded in the company’s books and records. The company should avoid cash payments to foreign officials, and never reimburse the expenses for the foreign official’s family members and friends. Extravagant entertainment and gifts during business trips should not be provided. The payments of expenses covered must be reasonable and bona fide.28

Record Keeping and Internal Controls

The record keeping provisions of the FCPA require companies to make and keep accurate books, records, and accounts, and to accurately and fairly reflect issuer transactions and asset dispositions in reasonable detail.29 Issuers are required to devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that

  1. transactions are executed in accordance with management’s general or specific authorization;

  2. transactions are recorded as necessary (I) to permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements, and (II) to maintain accountability for assets;

  3. access to assets is permitted only in accordance with management’s general or specific authorization; and

  4. the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken regarding differences . . . .30

Of particular interest in today’s world of joint ventures, partial ownership, and collaborative arrangements, under the FCPA issuers (U.S. or non-U.S.) with less than 50 percent ownership or voting power must still make good-faith efforts to influence the other (controlling) entity to have a system of internal controls that is consistent with the requirements of the FCPA for controlling issuers.

Specifically, the FCPA requires the issuer with less than 50 percent ownership or voting power to

proceed in good faith to use its influence, to the extent reasonable under the issuer’s circumstances, to cause such domestic or foreign firm to devise and maintain a system of internal accounting controls consistent with [the requirements mentioned above for controlling issuers]. Such circumstances include the relative degree of the issuer’s ownership of the domestic or foreign firm and the laws and practices governing the business operations of the country in which such firm is located. An issuer which demonstrates good faith efforts to use such influence shall be conclusively presumed to have complied with the [books and records and internal controls requirements] of the FCPA.31

An effective system of internal controls is one that detects and corrects mistakes and circumventions.32

FCPA Enforcement Agencies

The Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) enforce the FCPA.33 DOJ has traditionally had primary responsibility for enforcing the antibribery provisions of the FCPA. The SEC also has begun enforcing the antibribery provisions, while bringing even greater scrutiny on internal controls and record keeping violations, as discussed later in this article.

Raising FCPA Awareness

To detect and prevent violations of the FCPA, companies must be more vigilant and persistent in their compliance program efforts and activities. Some companies, however, do not have a compliance program; others have allowed their FCPA compliance activities and procedures to stall. In another scenario, it has been my experience that newer public companies that expand overseas, as well as companies without in-house counsel, are especially vulnerable to FCPA antibribery and internal controls violations involving their overseas business units.

For larger companies with vast resources for developing compliance programs and detailed written policies and procedures, preparation of written FCPA policies and procedures (by outside counsel) for company personnel, directors, and intermediaries will timely precede other FCPA compliance program activities. However, for smaller companies with more limited compliance budgets, conducting timely training and education can quickly increase a company’s FCPA company awareness and help prevent otherwise imminent misconduct while the preparation of detailed, written company compliance procedures goes forward. This training should include information about the company’s ethical values, the various types of offending FCPA conduct, and the serious corporate and individual liabilities related to such misconduct.

My view on this is influenced by the practical reality that effective FCPA policy and compliance program development (or program assessment and revision/updates) can take a company from three months to one year (or more) from inception to completion of a full updated program with new procedure implementation. Yet, a company can begin (or resume) FCPA education and awareness training quickly (within one month). This training period usually also presents a vehicle for in-house counsel to more accurately identify (from employee questions and disclosures during the training) the true operational FCPA risk areas that should be a priority for written compliance procedure development.

When planning for the company’s training on FCPA fundamentals, in-house counsel also should plan to conduct a risk assessment of the high-risk areas or operations within the business units that can expose the company to serious FCPA liability and enforcement action. This risk assessment can occur separately, with a small cadre of managers, during the period that counsel is on location conducting training. After completing the scheduled FCPA training for affected employees in a particular location, it would be cost-efficient for counsel also to arrange to meet with area managers and the marketing manager, as well as accounting and auditing personnel, to discuss the business unit’s operations, activities, or dealings that might give rise to FCPA risks. The resulting information from those meetings will help provide a more accurate determination of the most effective policies and procedures needed to address the particular risks uncovered. Conducting reasonable risk assessment with key business and staff personnel (after raising FCPA awareness) also will likely generate questions and business unit input that will help "invest" the business unit and its personnel in fully cooperating with the antibribery policies and procedures once they are developed and implemented.

Prior to conducting these smaller risk assessment sessions with key personnel, counsel should have prepared a risk assessment template with major categories of inquiry (based on the nature and type of business) that conform across business units so that data or information received by counsel can later be interpreted and evaluated in a systemic and consistent manner. As a result of this practice, counsel will likely find that the line managers and financial managers who participate in the FCPA risk assessment will appreciate a focused discussion of risk areas versus a veritable attorney "fishing expedition."

Raising Key U.S. and Non-U.S. Employee FCPA Awareness

The proposed initial training should cover, at a minimum, those employees with international responsibility, officers, and directors, as well as existing (and prospective) overseas agents and consultants. The training also should cover employees before they travel from the United States on overseas business, or before employees are posted to an overseas assignment. It should include those managers and executives who supervise them, and the team that supports those managers and executives. For training purposes, in certain industries (e.g., telecom, energy, technology, engineering) and most developing countries, it should be presumed that the company employee or officer will be dealing with foreign government officials while overseas, even if the company employee or officer is not specifically aware that the overseas party involved is a government official. This comprehensive approach regarding dealings with non-U.S. parties overseas will help prevent a company employee from incorrectly believing that it is acceptable to bribe or pay a kickback to another foreign company executive because that foreign company executive is not believed to be a foreign government official (when in fact the foreign company executive is a type of foreign government official under the FCPA). Affected employees, officers, and directors also should receive training on the FCPA’s record keeping and internal controls provisions for reasons discussed in more detail later in this article.

Due to the sensitivity of antibribery and corruption discussions, this training is most effective if conducted in person (on location) by the in-house counsel or their outside counsel. (If it is necessary to reduce costs, video conference training will be more effective than interactive intranet training.) Counsel should anticipate that thorny legal questions will be raised during the training and competent guidance will need to be offered. (However, more detailed follow-up can be done after the training or offline with a concerned employee, as appropriate.) Counsel should not be surprised that some employees in overseas locations who have a reputation for corruption, or payment of kickbacks and improper fees to officials,34 may volunteer information that raises issues under the FCPA. Counsel should apprise all training attendees that counsel is available to review a specific troubling situation or activity with that employee after the training. However, because the company is in the process of developing its antibribery procedures and controls, the content of this initial training should focus on antibribery and record keeping prohibitions and internal controls requirements, as well as examples (customized scenarios are good) regarding the prohibited conduct. The initial training sessions should always identify a contact within the legal department for reports or questions regarding suspected FCPA misconduct.

The need to educate and train both U.S. and non-U.S. employees on FCPA prohibitions can be seen in recent enforcement actions that were brought against both domestic concerns and issuers for misconduct that occurred overseas, or by non-U.S. employees in a foreign subsidiary or affiliate. It will be important for in-house counsel to demonstrate the relevance of the FCPA to the non-U.S. subsidiaries and affiliates, and to those employees working at those subsidiaries and affiliates who believe that their actions in this area have no enforcement effect on the U.S. parent or the non-U.S. issuer, as applicable. Thus, many counsel may wish to discuss the following cases during the training to illustrate the scope of the FCPA’s application.

For example, in 1997, in SEC v. Triton Energy Corp., et al., an action involving Triton Energy Corporation,35 the SEC alleged that former officers of Triton’s Indonesian subsidiary, Triton Indonesia, made payments to Indonesian tax authorities, through an intermediary, in order to obtain favorable treatment of a royalty agreement. The SEC alleged that the payments were falsely recorded on the subsidiary’s books and records and that the parent company failed to take adequate steps to prevent the unlawful payments when management became aware of certain warning signs. Triton was fined $300,000 and enjoined from violating the record keeping and internal controls provisions of the FCPA, while individual employees also faced fines and penal penalties. 36

Similarly, in December 2000, in In re IBM, Inc.,37 IBM entered a settlement agreement with the SEC related to alleged payments of approximately $4.5 million to Banco de la Nacion Argentina officials by IBM-Argentina (an IBM wholly owned subsidiary). The $22 million subcontract amount was inaccurately recorded in IBM’s books and records as legitimate contract expenses. The case was under investigation by both the SEC and DOJ, as well as local authorities (and received a fair amount of media attention at the time). The SEC ordered IBM to pay a $300,000 penalty for violating the FCPA’s books and records provisions.38

Raising Officer, Director, and Audit Committee FCPA Awareness

While the FCPA training should include all employees (U.S. and non-U.S.) who have any involvement with international operations, including those located in the United States and in overseas business units, I observe that directors and financial officers are increasingly in situations where they are confronted by FCPA issues. Specifically, financial officers, CEOs, and audit committee members have internal controls and financial accounting oversight responsibilities under Sarbanes-Oxley39 that make it very important for them to have a detailed understanding of the implications of an antibribery or FCPA record keeping and internal controls violation. Financial officers, CEOs, and audit committees, respectively, will have a duty to investigate, take remedial action, and address or consider disclosure of FCPA violations to government enforcement and regulatory agencies.

Currently, audit committee members may not realize the extent to which they should be familiar with FCPA requirements. However, a more detailed understanding of the FCPA will enable audit committees to better fulfill their responsibility to investigate FCPA violations, evaluate whether to approve an acquisition that has potential successor FCPA liability, and assess the impact of internal controls inadequacies on the company’s financial statements. Audit committees will need to be able to investigate and act on the above matters to the same extent that they are currently investigating accounting and financial misconduct that may impact the integrity of a company’s financial statements,40 or reflect material inadequacies of senior management from an internal controls perspective. Moreover, recent public and nonpublic enforcement actions reveal the growing need for directors and senior officers to become aware of their responsibilities under the FCPA in mergers and acquisitions.

For example, in In re GE InVision (formerly known as InVision Technologies, Inc.) during General Electric Company (GE) negotiations to acquire InVision Technologies, Inc., a bomb equipment detection maker, GE reportedly learned from InVision that there were allegations that improper payments to government officials were made by InVision’s distributors, sales agents, and employees in China, Philippines, and Thailand. In an apparent bid to avoid successor liability for the proposed acquisition of InVision, GE delayed the acquisition and sought DOJ and SEC clearance before proceeding with the acquisition of InVision in light of the issues relating to improper payments. GE ultimately obtained the necessary enforcement agency clearances. In December 2004, InVision, however, entered into an agreement with DOJ requiring it to pay in excess of $800,000 for violating the FCPA antibribery provisions. 41 On February 14, 2005, the SEC and InVision settled SEC claims, with InVision paying a fine of $500,000, and turning over $590,000 in illicit profits.42

Raising Agent, Intermediary, and Consultant FCPA Awareness

Companies that use agents, consultants, and third-party intermediaries in their overseas business should strongly consider including these parties in the FCPA awareness training. It is well known that in many developing countries, third-party intermediaries often help companies obtain business in certain countries by passing through improper fees, commissions, and other payments to corrupt foreign officials. Such payments would be prohibited by the FCPA if made on behalf of a domestic concern, or issuer, as well as the subsidiary of such entities. These indirect corrupt payments also would likely violate local antibribery or anticorruption laws. Thus, the criminal enforcement risks associated with the actions of overseas agents, third-party intermediaries, and consultants are great and the focus of numerous public cases.43 For these reasons, I strongly recommend that companies include agents, third-party intermediaries, and consultants in the initial employee training on the FCPA.

I am aware of at least one local company in Nigeria that has contractually mandated that its local vendors, consultants, and agents attend training on the company’s ethics, antibribery, and gifts and kickback policies, among other areas. While recognizing that proposing or mandating such training might offend some parties, the risks in certain countries with a well-known reputation for public corruption may outweigh the concern for causing such an offense. Cultural protocols and practices also may influence a company’s decision on whether to include (or require) agent/intermediary participation in the FCPA training sessions. However, in countries that are at high risk for corruption, I recommend such training, to the extent practicable.

Conducting Appropriate FCPA Due Diligence

Business operations are ongoing and dynamic, and companies will not stop doing deals or transactions just because their FCPA procedures and policies are not yet finalized. A company that is about to enter a new market, or form a joint venture with an overseas partner, or acquire an overseas company should conduct appropriate and reasonable FCPA due diligence on the company’s partners, agents, and third-party intermediaries, as relevant, even though the company’s compliance program is not completed or fully implemented. Failure to conduct appropriate due diligence on these parties could result in serious FCPA exposure for the company once the transaction is completed.

The degree of due diligence conducted on the overseas party or agent can depend on several factors, including but not limited to (1) the reputation of the party or agent for corruption in the industry; (2) the affected local country’s reported reputation for public corruption; (3) whether the party is currently the subject of local enforcement actions or media scandal, or on any international terrorist lists; (4) whether your company has contacts in the industry who have had dealings with the party or who have sensitive information about the party’s reputation and activities that can be shared with you; (5) whether the party is obviously and apparently competent or qualified for the function that your company wishes him or her to perform; (6) whether the party was recommended or referred by a foreign government official; (7) the compliance posture/reputation of the interested domestic concern or issuer with U.S. FCPA enforcement officials; (8) the availability of information about the party in public databases, websites, and business reporting services; (9) whether that party is a foreign government official within the meaning of the FCPA, and whether the party’s employees, directors, or shareholders include foreign government officials; and (10) whether the party or agent is a relative or close associate of a government official, among other factors.

Depending on your initial findings with respect to the above issues, your due diligence should include, at a minimum, database searches, industry references, Department of Commerce business liaison and State Department desk officer inquiries, as well as public record reviews. It also may have to include a more comprehensive in-country due diligence review. This type of review would involve an in-country investigation of the partner, agent, or intermediary, including in-person interviews of associates and colleagues (as necessary), document and account reviews, and reviews of detailed written reports of the in-country findings. However, the topic of FCPA due diligence is worthy of a separate article and cannot be properly expanded on here.44 The point is that FCPA due diligence should be a part of the process that your company utilizes at all times, and also incorporates into the written FCPA procedures and compliance program under development.45

Effective Written Policies and Procedures46

While the FCPA training is being undertaken and the company’s due diligence activities go forward, counsel must ensure that the written policies and procedures are being carefully crafted to address the risks associated with the company’s business or business unit operations. Specifically, the written FCPA policies and procedures should be reasonably capable of reducing the prospect of criminal activity in the primary areas of risk for the company, demonstrate the company’s compliance commitment, and have the necessary components of an adequate compliance program. The procedures should specifically address the requirements and prohibitions of the antibribery provisions of the FCPA, as well as the record keeping and internal controls provisions.

Once developed, the FCPA compliance program should include senior management level oversight and involvement. The procedures should ensure that the company exercises due care in delegating substantial authority; managers who pose demonstrated risks for antibribery misconduct should not be allowed to remain in positions of authority. Once established, the FCPA policies and procedures should be properly communicated to all levels of employees and include translations for overseas employees, as warranted. Detailed training on the company’s FCPA policies and procedures should be provided to all key employees, officers, directors, and third-party intermediaries, over time, as practicable. High-risk locations should receive such policy and procedure training on a priority basis. The procedures should include viable systems to achieve compliance, including systems for the monitoring, auditing, and reporting of suspected FCPA misconduct without fear of reprisal. (Some companies create a confidential hotline; others have an online reporting system and mailbox.) Compliance procedures also should require enforcement of FCPA compliance standards at all levels, with appropriate disciplinary and remedial measures required to be undertaken to prevent future FCPA misconduct.

Other areas for coverage in the written FCPA procedures and compliance program include a requirement for the company to have a process for determinations on voluntary disclosure, as well as a documented requirement for adequate FCPA compliance resources and funding. FCPA compliance programs that require periodic testing of the FCPA compliance systems and controls are useful for revealing deficiencies or new areas of vulnerability. However, because this article is focused on those companies that have no FCPA compliance program, or those counsel who are new to FCPA compliance, the above information will serve as a preliminary guide to commence (or modify an outdated) FCPA compliance program for a company.

Experienced Outside FCPA Compliance Assistance

Given the recent severe penalties and fines imposed on companies for FCPA violations, 47 as well as the complexity of the issues in this practice, in-house counsel should begin the work on the company’s FCPA compliance program and procedures in collaboration with experienced outside counsel. Many FCPA issues are not publicly reported, and successful resolutions (resulting in no enforcement actions, fines, penalties, or consent orders) are not always publicly known. The FCPA in-house novice may not be aware of these nonpublic developments. Companies that undertake to develop their own program can do it cost-effectively by collaborating with outside counsel. In some instances it might be appropriate for certain companies to engage outside counsel at the outset to help with training, risk assessment, and policy/procedure development. However, it is more important for prevention and compliance purposes to get started with the steps outlined in this article than to try to begin such a compliance program project as though it can be accomplished completely and perfectly during the program development process.

The above initial steps (training, risk assessment, due diligence, and writtenpolicy development) should set counsel and the companies they represent on a positive path toward effective FCPA compliance. There is more to cover than is discussed here, but the path to effective FCPA compliance will become even clearer if these steps are undertaken, even if the company’s culture may require a change in the order of steps or activities. The proliferation of enforcement actions involving the antibribery provision and the record keeping/internal controls provisions make compliance with this nearly thirty-year-old FCPA law a renewed priority.48

Footnotes

1. Sarbanes-Oxley Act of 2002, Pub. L. No. 107-204, 116 Stat. 745 (codified as amended in scattered sections of 15 U.S.C.).

2. See, e.g., NYSE Corporate Governance Rule 303A.

3. See, e.g., NASD Rule 3011.

4. Principles of Federal Prosecution of Business Organizations, Memorandum from Larry D. Thompson, Deputy Attorney General, U.S. Department of Justice, to Heads of Department Components and United States Attorneys, at 9–10 (Jan. 20, 2003).

5. In re Caremark Int’l Inc. Derivative Litigation, 798 A.2d 959 (Del. Cl. 1996); McCall v. Scott, 250 F.2d 997 (6th Cir. 2001).

6. The U.S. Sentencing Guidelines for Organizations establishes criteria for an effective corporate compliance program. See U.S. SENTENCING GUIDELINES MANUAL § 8 (2004).

7. The USA PATRIOT Act refers to "The Uniting and Strengthening of America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001." Pub. L. No. 107-56, 115 Stat. 272 (2001).

8. The Bank Secrecy Act is formally known as "The Currency and Foreign Transaction Reporting Act," 31 U.S.C. §§ 5311–5330 and 12 U.S.C. §§ 1818(a), 1829(b), and 1951–1959. Its implementing regulations are at 31 C.F.R. § 103.

9. FinCen’s website address is http://www.fincen.gov/wn_main.html.

10. OFAC’s website address is http://www.treas.gov/offices/enforcement/ofac.

11. 15 U.S.C. §§ 78m, 78dd-1, et seq.

12. Id. §§ 78dd-1(a), 78dd-2(a), et seq.

13. Id. §§ 78m(b)(2) et seq.

14. Id. §§ 78dd-1 et seq.

15. Id. §§ 78m(b)(2) et seq.

16. Examples of multilateral initiatives that have resulted in increased anticorruption cooperation with the United States, as well as global anticorruption enforcement scrutiny, include the OECD Convention on Combating Bribery of Foreign Public Officials, the United Nations Declaration Against Corruption and Bribery in International Commercial Transactions, and the Inter-American Convention Against Corruption. See OECD Convention on Combating Bribery of Foreign Public Officials, Nov. 21, 1997, 36 I.L.M. 1016; United Nations Declaration Against Corruption and Bribery in International Commercial Transactions, Dec. 16, 1996, 36 I.L.M. 1044; Inter-American Convention Against Corruption, Mar. 26, 1996, 35 I.L.M. 727.

17. See 15 U.S.C. § 78dd-1(a). The accounting and record keeping provisions only apply to issuers (U.S. and foreign issuers) with a class of securities registered pursuant to the Exchange Act.

18. Id. § 78dd-2(a).

19. Id. § 78dd-3.

20. The 1988 amendments to the FCPA clarified that "knowing" meant that the person was aware that he or she was engaging in misconduct, or that the person has a "firm belief" that an unlawful result is "substantially certain to occur." 15 U.S.C. § 78dd-1(f)(2)(A)–(B). Moreover, Congress intended that the 1988 amendments make a person’s "conscious disregard" or "willful blindness" of unlawful conduct constitute "knowledge" for purposes of the FCPA. H.R. CONF. REP. NO. 100-576, at 920 (1988). So, it is no longer possible to escape liability by "putting one’s head in the sand" after receiving information indicating that FCPA misconduct is substantially certain to occur or you have a firm belief that it may have occurred.

21. 15 U.S.C. §§ 78dd-1(a), 78dd-2(a), 78dd-3(a).

22. Id. § 78dd-1(f)(1).

23. See, e.g., U.S. v. Metcalf & Eddy, Civil Action No. 99-12566 (D. Mass. 1999); SEC v. Schering Plough, Exchange Act Release 49838 (June 9, 2004).

24. 15 U.S.C. §§ 78dd-1(b), 78dd-2(b), 78dd-3(b).

25. Companies also will want to ensure that the "facilitating payment" that may be permissible under the FCPA does not violate the local laws of the country in which the payment was made.

26. 15 U.S.C. §§ 78dd-1(c)(1), 78dd-2(c)(1), 78dd-3(c)(1).

27. Id. §§ 78dd-1(c)(2)(B), 78dd-2(c)(2)(B), 78dd-3(c)(2)(B).

28. Id. §§ 78dd-1(c)(2), 78dd-2(c)(2), 78dd-3(c)(2).

29. Id. §§ 78c(37), 78m(b)(2)(A). "Reasonable detail" under the FCPA means "such level of . . . detail as would satisfy reasonably prudent officials in the conduct of their own affairs." Id. § 78m(b)(7). The SEC also prohibits persons from directly or indirectly falsifying or causing to be falsified any books, records or accounts subject to the FCPA’s books and records provisions. 17C.F.R. § 240, 1362-1.

30. See 15 U.S.C. § 78m(b)(2)(B)(i)–(iv).

31. Id. § 78m(b)(6).

32. SEC Release No. 34-17,500, 1981 WL 36385, *7–8 (Jan. 29, 1981).

33. For more information on recent cases or enforcement actions brought by the Department of Justice or the Securities and Exchange Commission, visit Foley & Lardner’s FCPA Enforcement website, available at http://www.FCPAEnforcement.com.

34. See Transparency International Corruption Perceptions Index, available at http://www.transparency.org/policy_research/surveys_indices/cpi/2005.

35. See SEC v. Triton Energy Corp., et al., Civil Action No. 1:97CV 00401 (RMU) (D.D.C. Feb. 29, 1997).

36. Id.

37. SEC v. International Business Machines Corp., Litigation Release 16839 (Dec. 21, 2000).

38. Id.

39. Sarbanes-Oxley Act of 2002, Pub. L. No. 107-204, 116 Stat. 745, section 302 (codified as amended in 15 U.S.C. § 78m).

40. Sarbanes-Oxley requires audit committees to conduct independent investigations of financial and accounting misconduct, or internal controls inadequacies. Id., at section 301 (codified as amended in 15 U.S.C. § 78m).

41. See Press Release, U.S. Department of Justice (Dec. 6, 2004), available at http://www.usdoj.gov/opa/pr/2004/December/04_crm_ 780.htm.

42. See In the Matter of GE InVision, Inc. (formerly known as InVision Technologies, Inc.), Exchange Act Release No. 51,199 (Feb. 14, 2005).

43. Agents, intermediaries, and consultants transferred payments to government officials in these FCPA cases, among several others: see U.S. v. Lockheed Corp., Suleiman A. Nassar and Allen R. Love, Cr. No. 1:94-Cr-22-016 (N.D. Ga. June 1994); U.S. v. Pitchford, Cr. No. 1:02-CR-00365-RCL-1 (S.D.N.Y. Sept. 2002); SEC v. The Titan Corp., Litigation Release No. 19107 (Mar. 1, 2005); SEC v. Katy Indus., Inc., Litigation Release No. 8519 (Aug. 30, 1978); In the Matter of Monsanto Co., Exchange Act Release No. 50978 (Jan. 6, 2005); U.S. v. Syncor Taiwan, Inc., Cr. No. 02-1244 (C.D. Cal. Dec. 2002).

44. See generally In the Matter of Oil States Int’l Inc., Exchange Act Release No. 53732 (Apr. 27, 2006); U.S. v. ABB Vetco Gray Inc. and ABB Vetco Gray U.K. Ltd., Case No. CR H-04-279 (S.D. Tex. June 22, 2004); In the Matter of BellSouth Corp., Exchange Act Release No. 45279 (Jan. 15, 2002); U.S. v. Kay, Cr. No. 4-01-914 (S.D. Tex. Dec. 12, 2001); U.S. v. Saybolt N. Am. and Saybolt Inc., Cr. No. 98CR102 66WGY (D. Mass. Aug. 18, 1998).

45. It will also be important to obtain FCPA agent/partner/intermediary certifications, partner contract representations and warranties, FCPA audit rights, and certain termination rights as part of the transaction FCPA documentation. The details on the content of those certifications, contract terms, and representations and warranties will depend, in part, on the nature of the transaction and the FCPA risks posed by the proposed business activity, and warrant thoughtful, detailed consideration with outside counsel.

46. Most companies follow the compliance program standards in the U.S. Sentencing Guidelines for Organizations, Caremark, supra, and Sarbanes-Oxley, as well as the compliance program criteria in the Department of Justice’s Guidelines for Prosecution of Corporations, as well as the compliance program guidelines issued by the New York Stock Exchange, among others, as applicable.

47. See, e.g., U.S. v. ABB Vetco Gray Inc. and ABB Vetco Gray U.K. Ltd., Case No. CRH-04-279 (S.D. Tex. June 22, 2004); SEC v. The Titan Corp., Litigation Release No. 19107 (Mar. 1, 2005).

48. For more information on FCPA enforcement actions, please visit http://www.FCPAEnforcement.com.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.