United States: Foreign Corrupt Practices Act: High Risks For Medical Device Industry

In a recent public announcement, Johnson & Johnson disclosed that it may have violated the Foreign Corrupt Practices Act ("FCPA") and had reported potential violations to the Department of Justice and the Securities and Exchange Commission ("SEC"). Johnson & Johnson’s disclosure highlights the risks of FCPA violations for the medical device industry. It also reflects a broader trend of increased FCPA enforcement, as do recent cases involving multi-million dollar fines.

Medical device companies are particularly at risk with respect to FCPA violations. In many parts of the world, hospitals and clinics are government-owned. Accordingly, the medical staff and other employees are government officials within the meaning of the FCPA. In this context, sales activities that would ordinarily be considered routine can create FCPA liability. More directly, practices that are common in the industry clearly violate both the letter and the spirit of the Act. These risks are compounded for companies operating in high-growth overseas markets where corruption is commonplace, such as China and India.

The anti-bribery provisions of the FCPA prohibit offering or giving money or anything of value to a foreign official for the purpose of obtaining or retaining business, or obtaining favorable or preferential treatment from the government. The Act also prohibits offering money or anything of value to a third party while knowing that some or all of the payment will be passed on to a foreign official for an improper purpose. It also bars authorizing or approving any of these types of payments.

By its terms, the FCPA applies to U.S. companies, citizens, nationals and residents, as well as anyone located in the U.S., even temporarily, and foreign-based "issuers" under U.S. securities law.

Government enforcement practices have further extended the FCPA’s to reach foreign entities whenever a nexus between the United States and the bribery can be established, as the recently unsealed indictment in the ABB Vetco case shows. In that case, the freight forwarding agent for a group related entities allegedly paid bribes to Nigerian officials to avoid paying Customs duties. The foreign entities were included in and pled guilty to a conspiracy count based on participation in the prohibited conduct.

With respect to the recipients of bribes, the Act covers officers and employees of the government and any subordinate department, agency, or instrumentality, as well as persons acting in an official capacity on behalf of a governmental entity. "Foreign official" also includes employees of government- owned hospitals and other entities, as well as officials of international organizations, such as the World Health Organization.

Companies often ignore or tolerate possible FCPA violations based on a mistaken understanding of the law. Among the most common misperceptions:

The FCPA prohibits persons located in the US from approving or authorizing payments to government officials. Thus, even if the party making the payment (such as a foreign sales agent) is not directly covered by the Act, the U.S. company can be liable if its officers or employees approve the payments. In practice, ignoring reports or suspicions of improper payments can be considered tacit authorization of such payments and lead to liability. Under the Act, actual knowledge of the actions of a company’s agent or partner is not necessarily required. While the Act does not, in the words of the legislative history, punish negligence or "mere foolishness", purposeful ignorance will not shield an individual or a company from prosecution under the FCPA. Thus, management and employees may not turn a "blind eye" to activity that appears to violate the FCPA.

"Everybody does it" is not a defense against an FCPA charge. To the contrary, knowledge that the company is operating in a corrupt environment can serve as the basis for establishing knowledge of improper payments. The "tacit authorization" theory can be used to establish liability where management is aware that bribery is common and fails to take steps to prevent it. While the FCPA permits payments that are "lawful under the written laws and regulations" of the official’s country, the fact that bribery may be widespread in a particular country or industry does not make it permissible under either local law or the FCPA. Nor does the fact that a foreign official solicits or demands a bribe excuse such payments. Finally, the mere absence of written laws prohibiting a specific activity (such as hiring a government official’s spouse as a "referral agent") does not meet the requirement that the activity be lawful under the country’s written laws.

Although an exception for facilitating payments (usually called "grease" payments) exists under the FCPA, this should not be confused with an exception for small bribes. The grease payments exception applies only to payments made to facilitate routine government action, such as mail pickup, power and water supply, and processing official papers. Routine governmental action will never include any decision to award new business or purchase a particular product.

Moreover, companies inclined to ignore small bribes often overlook the cumulative impact of such payments. Here again, the recent ABB Vetco case is instructive. Most of the individual payments were relatively small. Few exceeded $5,000 and some were under $100. However, the total payments over a two and half year period exceeded $2 million. It was that amount the government focused on in the indictment. Thus, companies should not assume that the Act excludes, or that the government will overlook, extensive low-level bribery.

Companies with significant overseas sales should have in place an effective FCPA compliance program. This is especially true for public companies, as the books and records provisions of the FCPA require public companies to accurately report financial information and to maintain a system of internal controls to prevent violations. An effective compliance program will be tailored to how the company does business, and will include the following elements:

• Management involvement, including a senior officer with direct responsibility for compliance

• Established procedures for assessing business information from a compliance perspective

• Documented vetting of sales personnel, as well as agents, distributors and other business partners

• Communication of company policy and procedures, including training for management and employees involved in international sales

• Record retention policies and procedures that allow the company to retrieve and review documents related to specific transactions

• Consistent enforcement of company standards and policies

• An internal review process that includes regular compliance audits

• Mechanisms for internal reporting of possible violations (including anonymous reporting) and effectively responding to such reports.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.