Holding Individuals Accountable
IN DECEMBER 2011, eight former executives and agents of Siemens AG were indicted in an alleged scheme to bribe Argentinian officials to secure a government contract. Initially the only action against the company had been a fine of $449 million a few months earlier, but in announcing this follow-on indictment, Assistant Attorney General Lanny Breuer made it clear that the U.S. government’s actions would now go beyond fines. “This indictment reflects our commitment to holding individuals, as well as companies, accountable for violations of the FCPA [Foreign Corrupt Practices Act].”
“The government has been criticized for not charging individuals,” says Sulaksh R. Shah, a director in the FCPA and anticorruption practice with PricewaterhouseCoopers. The latest action was a response to such criticism. “The government is saying: Let this be a warning, companies will pay and individuals will be made accountable.”
Another notable fact in this case is that none of those charged were U.S. citizens. “The point is that even if you are not living in the United States, the government is going to come after you if you violate the FCPA,” Shah explains.
So long as an employee and the criminal conduct in question have sufficient ties to a U.S. company, that employee can be prosecuted by the United States. For example, Jeffrey Tesler, a former consultant with Houston-based Kellogg, Brown, and Root, was indicted last year on charges of violating the FCPA. Tesler, a life-long U.K. resident with dual British and Israeli citizenship, fought extradition to the United States for a year before a London court ruled that he could be extradited.
Once in the United States, Tesler agreed to forfeit $140 million, the largest individual forfeiture in an FCPA case. He also pled guilty to two counts of bribing Nigerian officials to obtain natural gas contracts. Tesler has yet to be sentenced, but could serve up to 10 years in prison.
As part of this enhanced enforcement effort, the government plans to release official guidance on the FCPA this year. However, companies should expect that this guidance will be more of a restatement of existing policy than a new rule. All that companies need to do is to heed current advice on how to avoid running afoul of the FCPA, says Shah.
The factors that separate a good compliance program from a great one include senior executive involvement, an emphasis on both unethical and illegal behavior, and a focused risk management plan.
“The chief compliance officer or ethics officer should be reporting to the CEO, the president, or even the board,” says compliance consultant Michael Scher.
In his 30-year career as in-house counsel for major corporations, Scher found that, this person often reports instead to the general counsel or marketing. This reporting function is critical because when faced with situations where there is a trade-off between being competitive and being ethical, lower level employees may have a tougher time making the right choice, but if they make the wrong choice, they jeopardize the entire company.
“When the situation is gray, senior managers must make the decision,” says Scher. “And in some companies, these difficult decisions never reach the highest level of management.”
Companies should also focus on unethical conduct, not just illegal conduct. If employees are taught to avoid unethical behavior, they will be meeting a much more stringent level of behavior than the law requires and are far less likely to unintentionally break the law.
According to Scher, bad behavior does not happen overnight and isn’t always the result of a single decision. Sometimes, a series of poor decisions lead to a larger problem. And over the course of a series of decisions, what was acceptable can change. “In many of the government actions, what the company was doing was acceptable 50 years ago. At one time, paying bribes was a tax-deductible business expense,” he notes.
Companies should strive to help management in each country avoid violating the FCPA. They have to get them to understand, for example, that it doesn’t matter if bribes are viewed as the norm in that country.
“Training is key,” says Scher. Again, it comes back to ethics. “We think more clearly if we think of these as ‘ethical problems’ rather than ‘legal problems.’”
Another key component of a good compliance program is a risk plan that is designed to uncover FCPA problems. And companies must learn to view risk differently for FCPA than for other aspects of the business, according to Shah. For example, under Sarbanes-Oxley, companies are required to pay attention to the major parts of their business. This is the concept of “materiality.” Companies are urged to look at all risks but to give special attention to those that are material to the business.
“The FCPA doesn’t care about materiality,” explains Shah. “A high-risk location might only represent a tiny part of your manufacturing business, for example, but it might constitute the majority of your FCPA risk. West Africa might be a tiny part of your business, but if your business sells to the government via third parties in West Africa, that may increase your FCPA risk. The government wants to know if corruption is going on there.”
The next step is to follow through on FCPA compliance. Shah cautions that many companies develop plans but don’t implement them well.
“The problem I see the most is that companies don’t audit their compliance program or they audit it ineffectively,” says Shah. “We’ve been to companies that have compliance programs, but the folks on the ground are not taking it beyond a basic internal audit when it’s really about drilling down and getting specific. Within these high-risk areas, which accounts have been troublesome in the past? Look at those.”
The overall objective is to make sure that all employees around the world understand the need for FCPA compliance. That’s important not only to the bottom line but to the brand’s future. And increasingly, it will be important to executives who could find themselves in court if they fail to take this law seriously.