Over the past five years, the Foreign Corrupt Practices Act has solidified itself as an industry brimming with expert forums, company departments and substantial news coverage.
Is this statute really the bear in the woods some say it is? Those answering yes may guide expansion away from foreign markets, reduce investments in regions at risk or refrain from opportunities fearing they cannot compete. This is understandable. The FCPA certainly poses a triple whammy: draconian government enforcement, higher internal compliance costs and reduced ability to control practices in unfamiliar cultures.
The reality, however, might be different. It could be that the FCPA is not a particularly formidable risk management task when compared to others faced by companies over the years. And the solution seems to be the same: the exercise of good judgment and the oversight of competent management. Indeed, the FCPA stories that strike fear into business leaders are those borne out of corporate governance issues. The FCPA stories that are akin to bumps in the road, on the other hand, are those where a rogue employee or division is corrected within a reasonable time frame. This makes sense, because the FCPA does not require a company to know what every person around the globe is up to, and it does not require certification that every fee is not a prohibited payment.
The unsurprising conclusion is that if directors and management use good judgment to establish reasonable internal communications and systems, the FCPA woods should be mostly clear. The FCPA and the U.K. Bribery Act make room for the clear woods by reducing or eliminating corporate liability when a company system has:
- Oversight by high-level officials
- Due care when delegating discretionary authority
- Good communication channels up and down
- Reasonable systems in place for monitoring and reporting
- Consistent enforcement for violations, and
- Reasonable steps to detect and prevent problems in the future
These are the questions to ask. These are the systems to probe. Are they really unique? In the 1980s, boards oversaw enhanced antitrust systems and controls, particularly after the ADM case highlighted the global reach of antitrust laws. In the 1990s, boards evaluated reporting systems after health care fraud and False Claims Act cases jump-started the profitable whistleblowing industry. In the 2000s, boards oversaw myriad new responsibilities and procedural changes in the wake of Enron, UBS, Madoff and the crash of 2008.
Maybe then it is the resolution of FCPA violations that is causing the heightened fear? For directors, the statute has not presented surprising liability issues. As with other areas of the law, individual director liability arises when a director was either involved in, or turned a blind eye to, FCPA violations. Directors have not been targeted to date.
Resolutions for companies also depend on the situation. The existence of the FCPA industry (and professionals who are available to conduct internal investigations at a high price) does not mean that this reaction is what is always required. What is required first and foremost is reasonable judgment exercised by directors and professionals who seek both compliance and solutions—without assuming a bear is present at every turn.
Another certainty is that new regulatory arenas will arise. Will the federal government seek to impose U.S. employment standards in emerging countries? Will it seek to impose U.S. environmental standards through private sector compliance programs? Will it find new ways to track and monitor threats to national security through increased reporting and other mandates?
The FCPA is a risk management issue that must be taken seriously, of course. But it is not particularly unique in the scheme of things. In fact, it plays to the strengths and roles of directors. With the bear removed, directors—as they have done for years—are freer to guide their companies through regulatory minefields as they arise.
Pamela J. Marple is a partner at Chadbourne & Parke. She practices in commercial litigation and government investigations. Reach her at email@example.com and 202-974-5657.