United States: FCPA Year-In-Review: Developments Of 2012 And Predictions For 2013
The year 2012 witnessed several notable developments in the enforcement of the Foreign Corrupt Practices Act (FCPA). This alert discusses these developments, which collectively illuminate the priorities of the U.S. Department of Justice (DOJ) and the U.S. Securities and Exchange Commission (SEC), provide insight into likely future trends in settlements and judicial decisions, and serves as a road map for the government’s expectations regarding compliance programs and their implementation. Finally, we look ahead to possible developments in 2013.
1. Enforcement Trends
2012 saw a decline in the number of new cases publicly initiated by DOJ and the SEC; they together brought only 27 total cases in 2012.1 Enforcement, however, remains a stated priority: DOJ announced in 2012 that it had more than 150 open FCPA investigations and both DOJ and the SEC have signaled they will continue their aggressive prosecution of FCPA cases. It appears that the decline in new cases in 2012 can be attributed to factors such as the government’s focus on resolving previously initiated investigations and continuing high-profile investigations, such as inquiries into Wal-Mart Stores, Inc.’s foreign subsidiary’s business practices in Mexico and elsewhere,2 Alcoa Inc.’s dealings with a majority state-owned company in Bahrain,3 efforts related to the dismissal of the so-called “Africa Sting Case” 4 and other unsuccessful prosecutions of 2012,5 and Avon Products, Inc.’s compliance with the FCPA and foreign laws in China and elsewhere.6 Moreover, government representatives have noted that some DOJ/SEC resources were also diverted away from cases and instead focused on the production of the long-awaited FCPA “guidance,” discussed below.7
2. DOJ/SEC Guidance
On November 14, 2012, the DOJ Criminal Division and SEC Enforcement Division published A Resource Guide to the Foreign Corrupt Practices Act (the Guide).8 The Guide is organized into 10 chapters and offers a plain-language explanation of the FCPA and its relevance to international business and corporate compliance programs. While the non-binding, 120-page Guide is not an FCPA watershed that announces revamped enforcement priorities or alters the government’s previously stated positions on controversial issues related to the statute, it offers unprecedented insight into DOJ’s and the SEC’s joint FCPA enforcement approach and priorities. For a more detailed analysis of the Guide, see WilmerHale Foreign Corrupt Practices Act Alert, DOJ and SEC Issue Much Anticipated FCPA Guidance, Nov. 19, 2012.
3. Morgan Stanley and Compliance
In April 2012, DOJ announced that Garth Peterson, a former managing director for Morgan Stanley’s Real Estate Group in Shanghai, China, had pleaded guilty to a one-count criminal information charging him with conspiracy to circumvent internal controls in a scheme he orchestrated to provide a $2.88 million benefit to a Chinese government official.9 In announcing the settlement with Peterson, DOJ went to great lengths to detail the comprehensiveness of Morgan Stanley’s compliance program and internal controls and Morgan Stanley’s due diligence processes, including:
- Between 2002 and 2008, Morgan Stanley employed over 500 “dedicated compliance officers”;
- Morgan Stanley’s compliance department had “direct lines” to Morgan Stanley’s Board of Directors and “regularly” reported through the Chief Legal Officer to the Chief Executive Officer;
- Morgan Stanley employed “dedicated anti-corruption specialists” who drafted and maintained policies and procedures;
- Morgan Stanley provided its employees with a toll-free compliance hotline;
- Morgan Stanley’s Code of Conduct specifically addressed corruption risks and conduct that would violate the FCPA;
- Between 2002 and 2008, Morgan Stanley held at least 54 trainings on anti-corruption for groups of Asia-based employees;
- Between 2002 and 2008, Morgan Stanley trained Peterson on the FCPA at least seven times and provided Peterson at least 35 FCPA compliance reminders; and
- Morgan Stanley required Peterson to certify his compliance with the FCPA on multiple occasions.10
In determining that “Morgan Stanley continually evaluated and improved its compliance program and internal controls,”11 DOJ seemingly reviewed Morgan Stanley’s conduct regarding the business dealings exploited by Peterson and found that Morgan Stanley acted appropriately. Indeed, the DOJ charged Peterson with circumventing internal controls, which itself is a concession that Morgan Stanley maintained an appropriate compliance program. The DOJ press release announcing Peterson’s guilty plea explained that, after examining all of the facts and circumstances, DOJ “declined to bring any enforcement action against Morgan Stanley.”12 The DOJ’s determination to decline to prosecute Morgan Stanley was no doubt influenced by its conclusion that Peterson “actively sought to evade Morgan Stanley’s internal controls” and “used a web of deceit to thwart Morgan Stanley’s efforts.”13 Another reading of the case is that, rather than declining to prosecute a viable case as a reward for Morgan Stanley’s robust internal controls, the government did not prosecute Morgan Stanley because it had engaged in no illegal conduct and was itself a victim of Peterson’s misconduct.14 The SEC, which also entered into a settlement with Peterson, similarly acknowledged Morgan Stanley’s internal controls regime and declined to charge Morgan Stanley.15 In any event, the Morgan Stanley case provides useful insight into what kind of compliance measures will be considered robust by DOJ and the SEC, particularly in the financial services industry.
4. Pfizer Settlement and Alternative Jurisdiction
The largest settlement announced in 2012 was Pfizer Inc.’s settlement of a trio of FCPA cases with DOJ and the SEC for $60 million, including a $15 million criminal fine and $45 million in disgorgement.16 The charges against Pfizer stemmed from approximately $2 million in bribes allegedly paid in high-risk countries (including Russia, Kazakhstan, and China) to healthcare practitioners at government-owned hospitals responsible for prescribing medications and to officials of government healthcare committees responsible for drug-related approvals.
Notably, the Pfizer settlement marks the first time DOJ explicitly relied on the FCPA’s alternative jurisdiction provision to charge a U.S. company. The alternative jurisdiction provision, 15 U.S.C. § 78dd- 2(i), provides: “It shall be unlawful for any United States person to corruptly do any act outside the United States in furtherance of a [bribe to a foreign official].” While the provision was invoked against an individual in United States v. Salam, No. 06-CR-157 (D.D.C. June 7, 2006), it had not previously been used to charge a U.S. company with an FCPA violation where there was no territorial nexus to the United States. Previously, DOJ cited the alternative jurisdiction provision when charging Willbros Group Inc. and its subsidiary with violating the FCPA, but then proceeded to allege that Willbros committed the violative acts in the United States.17 In the Pfizer case, none of the corrupt conduct was alleged to have occurred in the United States or to have involved the use of the mails or any means or instrumentality of interstate commerce.18 As a result, the Pfizer settlement illustrates the FCPA’s potential breadth for a U.S. company, which may be subject to the FCPA even if improper conduct occurs wholly outside the United States.
5. Eli Lilly Settlement and the Importance of Due Diligence
In December 2012, the SEC announced that it had charged Indianapolis-based pharmaceutical company Eli Lilly with FCPA violations for improper payments its subsidiaries allegedly made to foreign government officials to win millions of dollars of business in Russia, Brazil, China, and Poland. Without admitting or denying the SEC’s allegations, Eli Lilly agreed to pay more than $29 million in disgorgement, prejudgment interest, and civil penalties, and to comply with certain undertakings, including the retention of an independent consultant to review and make recommendations about the company’s anti-corruption policies and procedures.
In announcing the settlement, the SEC cautioned that the case demonstrates why company officials may not avert their eyes “from what they do not wish to see” and should eschew a “check the box” approach to compliance, and in particular to third-party due diligence.19 While the settlement papers did not specifically note the link, among the improper payments made by Eli Lilly were charitable contributions made from 2000 to 2003 to the same Polish charity headed by the Polish government official that led to Schering-Plough’s FCPA settlement in 2004.20 That aspect of the Eli Lilly settlement is a salient reminder that companies should be alert to industry developments, and to potential repercussions of settlements and prosecutions that relate to countries where they do business, customers to whom they sell, and third parties with whom they work.
6. Mergers & Acquisitions Lead to Significant Settlements and at Least One Non-Public Declination
In the mergers and acquisitions context, two public settlements and at least one non-public declination from 2012 reflect situations in which acquirers were charged with bribes paid by newly acquired entities. These settlements underscore the importance of conducting thorough FCPA due diligence to the extent feasible before closing a deal and, equally, of rolling out with alacrity a strong compliance program once a deal has closed.
- Pfizer: The Pfizer settlement discussed above reflects the inheritance by Pfizer of liability for both pre- and post-closing improper payments by Pharmacia Corporation, acquired by Pfizer in 2003. Although Pfizer’s Croatian subsidiary ended the majority of the improper payments upon acquisition in 2003, Pfizer HCP Croatia permitted the problematic program to continue for one Pharmacia product until 2005.21 The charging papers indicate that DOJ and the SEC found fault with the nature and depth of Pfizer’s FCPA due diligence for the Pharmacia acquisition, and that DOJ and the SEC concluded that Pfizer may not have implemented an effective anti-corruption compliance program at the newly acquired Pharmacia entities quickly enough. By contrast, substantial post-closing due diligence and compliance program integration by Pfizer following its acquisition of Wyeth (maintained as a wholly owned subsidiary) in 2009 appears to have largely insulated Pfizer from liability for improper payments by Wyeth.
- Orthofix: Orthofix International N.V., a Texas-based orthopedic products-maker, agreed to pay $7.4 million to resolve DOJ and SEC FCPA enforcement actions. Orthofix settled books and records and internal controls violations charges with the SEC and paid $5.2 million in disgorgement and prejudgment interest. Orthofix also entered into a three-year deferred prosecution agreement with DOJ and agreed to pay a $2.2 million criminal fine. The settlement related to improper payments made by Orthofix’s wholly owned Mexican subsidiary, Promeca S.A. de C.V. The DOJ alleged that “Orthofix N.V., which grew its direct distribution footprint in part by purchasing existing companies, often in high-risk markets, failed to engage in any serious form of corruption-related diligence before it purchased Promeca.”22 When the improper payments were made, “Promeca was subject to Orthofix’s control, including the implementation of internal controls at Promeca.”23
- Non-Public Declination: A U.S.-based issuer acquired a non-issuer U.S. company with a large international footprint. During the course of substantial pre-closing due diligence into the acquired company, the acquiring issuer uncovered several instances where potentially improper payments and travel and entertainment had been provided to government officials by the acquired company. Immediately upon closing, the acquiring issuer made a voluntary disclosure to DOJ and the SEC, conducted additional post-closing investigative work, fully remediated the potentially improper payment issues at the acquired company, and integrated the acquired company into the acquiring issuer’s robust compliance and training program. Neither the SEC nor DOJ brought charges and the latter issued a formal declination letter to the acquiring issuer.24
7. Allianz and Issuer Status
In December 2012, the SEC announced that it had charged German-based insurance and asset management company Allianz SE with violating the books and records and internal controls provisions of the FCPA in connection with improper payments by an Allianz Indonesian subsidiary to government officials in Indonesia from 2001 to 2008.25 Without admitting or denying the SEC’s findings, Allianz agreed to pay more than $12.3 million in disgorgement, prejudgment interest, and civil penalties.
This settlement is noteworthy because Allianz voluntarily delisted its stock from U.S. securities exchanges (and therefore had ceased to be an issuer) some six months before the SEC initiated its investigation and some three years before the settlement with the SEC. The SEC premised jurisdiction on the allegation that the misrecordings in Allianz’s books and records and the internal controls deficiencies arose when Allianz was an issuer. It is worth noting that, according to the SEC’s Cease-and-Desist Order, allegations of improper conduct had been raised with the company in 2005, but the company did not fully remediate the problems.26 This alleged failure, while the company was an issuer, may have been relevant to the SEC’s decision to pursue the matter after Allianz had delisted. The settlement underscores that, as has been seen in other FCPA matters, the SEC will not flinch from exercising jurisdiction to enforce the FCPA whenever the SEC may have some jurisdictional ground to stand upon.
8. Noble Executives – Ruling on Motion to Dismiss
On December 11, 2012, U.S. District Court Judge Keith Ellison ruled on motions to dismiss filed by two former Noble Corp. executives, Mark Jackson and James Ruehlen.27 He granted the motion to dismiss the SEC’s claims seeking monetary damages on statute-of-limitations grounds while denying the motion to dismiss the agency’s claims seeking injunctive relief. The monetary damages dismissal was without prejudice, giving the SEC an opportunity to file an amended complaint, which the agency filed on January 25, 2013.28 Like the original complaint filed in February 2012, the SEC’s amended complaint against Jackson and Ruehlen alleges that they violated the FCPA by “participating in a bribery scheme to obtain illicit permits for oil rigs in Nigeria in order to retain business under lucrative drilling contracts.”29 The claim was principally based on the same core set of facts as the November 2010 DOJ/SEC enforcement action against their former employer, Noble Corp. Of particular interest:
- Statute of Limitations: Judge Ellison rejected the SEC’s argument that the statute of limitations should be tolled because of tolling agreements between the parties, the fraudulent concealment doctrine, and the continuing violations doctrine. The court granted the SEC leave to amend its complaint to cure pleading failures regarding the statute of limitations.
- Facilitating Payments: After concluding that the legislative history of the FCPA “strongly supports” the conclusion that the SEC bears the burden of negating the facilitation payments exception, Judge Ellison granted leave to the SEC to amend its complaint in order to adequately plead that the behavior sought in exchange for the payments at issue were “discretionary functions” that would render them outside the facilitation payments exception.
- Which Foreign Official?: Judge Ellison’s decision concluded that the identity of the foreign official receiving alleged bribes, or his day-to-day duties, need not be pleaded with specificity. In so concluding, Judge Ellison acknowledged his disagreement with U.S. District Court Judge Lynn Hughes, who came to the opposite conclusion in DOJ’s unsuccessful prosecution of John O’Shea, a former general manager and vice president of a unit of ABB Ltd., in Texas.30
9. SEC Policy Developments
Neither Admit Nor Deny: 2012 marked the end of the SEC’s use of the “neither admit nor deny” approach to settlements “where a defendant has admitted violations of the criminal law.”31 A neither admit nor deny settlement allowed a defendant to settle SEC charges while neither admitting nor denying civil liability. This change affects SEC settlements that involve parallel DOJ criminal convictions or settlement agreements that include admissions or acknowledgments of criminal conduct.32
Whistleblower Provisions: 2012 was the first full year of the whistleblower provisions of the Dodd-Frank Act,33 and the impact of the SEC’s whistleblower program on FCPA enforcement thus far remains unclear. The SEC’s 2012 whistleblower program report, released in November 2012, announced that from October 1, 2011, through September 30, 2012, the SEC had received 3,001 whistleblower tips, including 115 that were FCPA-related.34 To date, it remains unclear whether any of the FCPA complaints may qualify for an award. It is nevertheless evident that the existence of the program has generated interest among attorneys who specialize in representing whistleblowers and has created new considerations for companies evaluating whether and when to make proactive voluntary disclosures of potential FCPA issues to enforcement authorities.
10. Trend Away from Imposition of Compliance Monitors
Starting at the end of 2009, both DOJ and the SEC appeared to begin moving away from their regular imposition of external compliance monitors, and that trend continued through 2012. Indeed, there were no FCPA settlements in 2011 and only four settlements in 2012 (two of which involved medical device companies, discussed below) in which either a compliance consultant or a compliance monitor was imposed as a term of settlement.35
The waning use of compliance monitors in the past few years suggests that both agencies are moving in certain cases toward alternatives in FCPA settlements, including allowing companies to “self-report” to the government on their implementation of enhanced FCPA controls. The decline in the use of monitors may, at least in part, be the result of judicial and other criticisms leveled against DOJ regarding the selection of some monitors, which resulted in DOJ adopting guidelines in 2008 for selecting monitors.36 The government has also noted that, over time, the quality of compliance programs overall has improved, suggesting that there may be fewer cases in which monitors are needed.37
It appears that DOJ and the SEC were willing to allow companies to self-report on their compliance and remediation efforts largely in cases in which the companies had voluntarily disclosed the conduct at issue, had cooperated with the government’s investigation, and had made significant improvements to their FCPA compliance regimes prior to and during the course of the investigation. In a number of these cases, the voluntary disclosure was described as “timely” and “complete,”38 the cooperation provided to the government as extraordinary, and remedial measures undertaken as “extensive.”39 The extensive remediation and improvements to the compliance systems and internal controls were explicitly cited in a 2012 settlement as one of the reasons why the company was not required to retain a compliance monitor.40 The company that did not voluntarily disclose the conduct under investigation was nonetheless not required to retain a compliance monitor as part of its settlement in 2012; DOJ praised the company for initiating an internal investigation and providing real-time reports following the receipt of subpoenas in connection with the government’s investigation, as well as its “extraordinary” cooperation, “extensive, thorough, and swift internal investigation,” and “extensive remediation.”41
The Guide reaffirmed that when determining whether to impose a compliance monitor or compliance consultant requirement, DOJ and the SEC take into account the quality of the company’s compliance program at the time of the misconduct and subsequent remediation efforts.42 According to the Guide, other relevant factors include the seriousness of the offense, the duration of the misconduct, the pervasiveness of the misconduct, including whether the conduct cuts across geographic and/or product lines, and the nature and size of the company.43 “[C]ompanies are sometimes allowed to engage in selfmonitoring, typically in cases when the company has made a voluntary disclosure, has been fully cooperative, and has demonstrated a genuine commitment to reform.”44
11. Medical Device Industry Settlements
The medical device industry has been among the industries targeted by FCPA enforcement officials since 2007 when a number of companies settled domestic bribery cases. Joint DOJ and SEC investigations of the industry yielded FCPA settlements with three medical device companies in the past year.