FCPA Workshop Understanding Key Components of Compliance SCCE Utilities & Energy Compliance & Ethics Conference March 1, 2009 Marjorie W. Doyle,JD,CCEP Marjorie Doyle & Associates, LLC Kenneth Kurtz The Steele Foundation Workshop Agenda What is the FCPA? An Overview. Risk Areas for Corruption Risk-Based Third-Party Compliance Systematic Risk Inventory Implementing Reasonable Due Diligence Global Outlook Total Program Real-World Scenario Group Exercise - 1
What is the FCPA? FCPA is the Foreign Corrupt Practices Act The U.S. law covering anti-corruption and bribery of foreign officials In the early 70 s 450 companies admitted making questionable or illegal payments over $300 million Congress created the FCPA in 1977 in response What is the FCPA? Joint enforcement authority by Department of Justice (anti-bribery provisions) and the Securities and Exchange Commission (record-keeping and accounting provisions) Prohibits giving or offering to give anything of value to a foreign official to obtain or keep business Requires accurate books and records of transactions Amended in 1998 to apply to foreign entities who further prohibited payments while in U.S. 2
WHO is covered by FCPA? all U.S. companies all U.S. citizens all companies headquartered in U.S. or listed on U.S. stock exchange anyone using U.S. mails or wires while in U.S. Any individual, officer, director, employee or agent of a firm, or shareholder acting on behalf of a firm U.S. companies may be liable for actions of foreign subsidiaries, JV partners, or anyone else acting as an agent (Third Parties) Payments Prohibited by the FCPA anything of value directly or indirectly to a foreign official includes public officials regardless of rank or position, candidates, party officials (could be a close family member) purpose to obtain or retain business (including for someone else) corrupt intent given, offered or promised 3
cash gifts Value of Payment benefits of value such as entertainment, education, travel expenses, shopping sprees, operations for family members value is in the eye of the beholder so potential even in small amounts FCPA Costs Criminal and civil fines on both company and individual up to $5 million and 20 years prison for individual; company fines rising constantly (multimillion) with criminal label Return of profits Restricted international travel Potential loss of export privileges Loss of right to bid for government contracts Civil litigation, damage to stock price and reputation Legal fees, independent monitor fees, investigation and audit fees Loss of employee and management time 4
Focusing in Areas of Greatest Liability FCPA COMPLIANCE: THE THIRD-PARTY CORRUPTION RISK ASSESSMENT AND VETTING COMPONENTS Focusing efforts to mitigate opportunities for violations in the areas of greatest potential liability: Conduct a corruption risk assessment on your greatest exposures Create a manageable process for conducting due diligence Focusing in Areas of Greatest Liability Focusing your efforts on greatest potential liability 1. There is no off-the-shelf program or risk matrix that provides a roadmap of where to focus your efforts. 2. A program require financial investment so be strategic with your resources when defining training, due diligence, and audit requirements. 3. Know which areas of your business (Geography, business units, relationship types) present the greatest exposure for your company. You must know your business to know your risk. 4. Step One: Conduct a corruption risk inventory. Based on risk inventory results, then you can tier your risk and focus your resources appropriately. 5
Focusing in Areas of Greatest Liability Know Your Business = Know Your Risk Know How You Conduct Your Business What are you selling? Are the products regulated? Where are they manufactured and by whom? Who are the customers? What sales channels are used? How are your products distributed? Know Where You Do Business Know Your Risk Factors Be consistent: Use a reliable calculator Transactions Compensation levels and modes of payment Corporate traits (industry proclivities, business models) Business relationship (type, category) Internal controls Geographic region/cultural impacts Focusing in Areas of Greatest Liability Risk Inventory Provides Tiered Roadmap to Exposure Risk-Based Approach Cost effective Consistent Provides Visibility How you are doing business. The types of relationships you have. You have clear classifications of your third parties; and A clear and concise picture of your exposure and the complexity requirements for an effective and rigorous program. Most important it illuminates where you need to focus your resources 6
Focusing in Areas of Greatest Liability Create a Manageable Due Diligence Process Intentional -- Consistent -- Systematic Standardize at a Corporate Level - Forms and corporate documents - Apply consistent weighting - Predefine scopes of due diligence - Obtain information legally Ensure transparency through a central tool - Ensure visibility of all documents - Audit trail promotes accountability - Ensure data integrity (No tampering) Systematize your due diligence process - Remove cultural exceptions - Ensure the process is auditable Global Outlook Governments around the world uniting to fight corruption Almost all countries have anti-corruption laws, at least 37 are increasing enforcement OECD (Organisation for Economic Co-operation and Development) works with countries to criminalize bribery has about 40 member countries TI (Transparency International) publishes a Corruption Perceptions Index (CPI) that ranks 150 locations by perceived levels of corruption Other significant treaties: Organization of American States Inter-American Convention Against Corruption 1997: Council of Europe Criminal Law Convention on Corruption 2002; UN Convention Against Corruption 2005 7
Utilities & Energy Sector: Why Are the Authorities So Interested? The DOJ and SEC have been extremely active in investigating corruption within the overall industry sector, which is particularly vulnerable for two reasons: Government licenses are critical to operations Much of business conducted in developing economies that lack infrastructure and controls necessary to combat corruption Tens of millions assessed in settlements over bribery in the form of kickbacks via third-party agents. In some cases executives face jail time and share-holder lawsuits have been brought. These investigations have also had a dragnet effect as enforcement authorities piggyback their information-gathering onto additional companies in the process of uncovering trails of corruption. In each instance, the United States government assessed the overall integrity of the corporate compliance program and the resources devoted to sustaining it. Common Elements of a Robust Compliance Program WHAT DOES A TOTAL APPROACH LOOK LIKE? 8
Compliance Program Efforts Sufficient, clear policies addressing company s high-risk areas for bribery Clear position statement from management re bribery Strong policy against retaliation for reporting violations Required swift investigation of all reported or suspected violations Effective training on bribery policies including web and live training Employee certification that understand the policies that apply to their job An effective reporting system for violations (hotline, who to go to) Education of board and top management of their oversight responsibilities Clear detailed gifts, entertainment, and expenses policies and processes Regular audits of policies and processes for high risk groups in company and high risk locations Strong policies and implementation of due diligence on hiring and management of third parties representing the company Third-Party Risk Assessment and Programmatic Due Diligence Effort Red Flags Missing or incomplete documentation of expenditures Unusual fees or large commissions No written agreement or non-standard agreement Petty cash funds Offshore account payments Excessive, regular and frequent entertainment of same person No due diligence of agents or inadequate due diligence Payments to people not recognized as unqualified to perform the services 9
Risk-Based Compliance: How Your Company Can Be Prepared Companies with a clearly demonstrable commitment to a consistent, intentional third-party due diligence program do best. Vetting is an essential pillar of a robust and reasonable FCPA compliance program. What does a credible third-party due diligence program look like? Which intermediaries need to be vetted and at what levels? Your company needs to evolve a specific and systematic methodology to calculate risk among third-party intermediaries, including vendors, customs agents, consultants, joint venture and teaming partners, distributors, and sub-contractors. A policy without teeth will not protect a company from prosecution, much less prevent misconduct. Scenario 1 A company employee is traveling to a Nigeria. He is told by a fellow employee that he will probably be asked to pay some money to get through customs and immigration when he arrives and leaves. He has a proper passport and visa. a. should the employee do anything before he leaves? b. what should he do if he is not allowed to enter Nigeria? c. what if the employee is threatened if he/she doesn t pay? d. what should the employee do if someone meeting him in Nigeria makes the payment for him? e. may the employee use his own personal money and not the company s? f. if the employee is threatened and makes the payment, what should he/she do then? 10
Scenario 2 Your company is performing work on a project for a major Brazilian oil company. The government has a 20% ownership in the oil company. You just found out that the oil company is getting ready to announce an invitation to bid on another phase of the project. You invite your contact at the oil company and his wife to dinner hoping to pump him for information. The dinner includes expensive wine and will probably be over $300. a. is your contact a government official? b. should you have made the invitation? c. does it matter if spouses are present? d. what if the meal was $25 e. what if there was no bidding announced? f. what if the invitation is for lunch in the company cafeteria? Scenario 3 The manager in Angola is asked by a government representative on the company s project there to make a large contribution to a charity he is sponsoring. The manager wants to establish better relations with the representative. a. may the manager make a charitable contribution? b. what if the representative says that the government would look favorably on the company for making the contribution? 11
Scenario 4 Your company s purchasing department was asked to find a worldwide customs agent and has awarded the contract to a small, but qualified privately owned company. A contract manager in the purchasing department realizes that a manager in the department owns a small interest in the supplier. a. what are the potential issues? b. what should the contract manager do? c. does it matter whether the manager with an interest worked on the selection process? d. what if it was the manager s wife and not the manager who owned the interest? Scenario 5 You are the office administrator for your company s small office in a high-risk country (for bribery). You are responsible for the petty cash fund. You notice that your boss takes out money but never gives you a receipt or detailed explanation. a. what issues could arise? b. what should you do? c. should you report this or investigate on your own? d. what if you report it and there is nothing wrong? 12
Scenario 6 Your company is one of several international oil companies bidding for government-granted oil concessions in one of the Former Soviet Union countries rated below 3 on the CPI. Your VP-Eastern Europe has engaged a "consultant" who operates out of a neighboring country to assist in the bidding process. The consultant has tendered a form of agreement which proposes an hourly rate plus expenses. There is no mention of any success or incentive fee, but the Vice President indicates that he expects the "consultant" to propose one. 1. What red flags currently exist? 2. What legal research should be done immediately? 3. What due diligence should be conducted on the proposed consultant? 4. What provisions should be contained in the consulting agreement? 5. What controls should be in place regarding payments to the consultant? Scenario 7 A major Middle Eastern country announces that it will be taking bids for equipment and services to upgrade its countrywide telecommunications system. Your VP of Sales-EMEA comes to you with an agent agreement and indicates that local law requires you to hire an agent to assist in the bidding process and to represent you. The agent is asking for a commission of 7% of total revenue and his proposed form of agreement is vague on exactly what he will be doing and silent on FCPA provisions. Your VP of Sales indicates that he has heard this is the "best" agent in the country and if you don't sign his agreement by the end of the week, he will represent a competitor. 1.What red flags currently exist? 2.What legal research should be done immediately? 3.What due diligence should be conducted on the proposed agent? 4.What should be done about the form of agreement tendered by the proposed agent? 13
Scenario 8 A country in West Africa announces a major highway upgrade program consisting of 9 separate contracts, each valued at least $2 billion. The government is seeking bids from joint ventures but each joint venture must contain a local partner who has an equal share in the joint venture (50/50). Your VP-International Construction identifies a strong local partner that he says has successfully partnered with you on a prior small U.S. Government-funded embassy project in the country. He also says this local partner is "well connected" with the majority political party and the prime minister and has expressed confidence that they can be "competitive" in securing one of the contracts. The country is rated 4.6 on the CPI, but your CFO considers it to have a high level of corruption. 1. What red flags currently exist? 2. What further due diligence should be conducted on the prospective JV partner? 3. Assuming the prospective JV partner and principals check out favorably, what reasonable controls should be instituted to ensure that the prospective partner does not engage in unlawful conduct? 14