​French power and transportation company  Alstom S.A. made a serious error. Over the course of a years-long investigation, it failed to show the U.S. Department of Justice (DOJ) that it had made any effort to mitigate misconduct that led to violations of the Foreign Corrupt Practices Act (FCPA). 

Through various executives and employees, Alstom paid $75 million in bribes to government officials in the Bahamas, Egypt, Indonesia, Saudi Arabia, Taiwan, and other nations. It used that money to secure more than $4 billion in projects related to power and transportation for a profit of approximately $300 million.

To conceal the scheme, Alstom retained consultants who served as conduits for corrupt payments to the government officials, complete with code names, including “Mr. Geneva,” “Mr. Paris,” and “Quiet Man,” according to the DOJ.

These activities were carried out by Alstom and its subsidiaries in Switzerland and the United States. Despite being aware of the misconduct, however, Alstom did not voluntarily disclose it to the DOJ. And when the DOJ became aware of possible FCPA violations, Alstom refused to fully cooperate with its investigation until years later when the DOJ charged several of its executives in connection with the scheme.

Alstom eventually pleaded guilty to two FCPA violations, its Swiss subsidiary pleaded guilty to conspiracy to violate the anti-bribery provisions of the FCPA, and its two U.S.-based subsidiaries also admitted to conspiring to violate the FCPA and entered into deferred prosecution agreements. 

The DOJ also brought criminal charges against five individuals—including four Alstom executives—in connection with the bribery scheme. Four of the five ultimately pleaded guilty.

Altogether, Alstom’s serious error resulted in a $772 million penalty, the largest foreign bribery resolution with the DOJ in history. 

“Given the significant scope of the misconduct in that case—including the involvement of corporate executives—it is fair to say that the factors we look at in these cases weighted in favor of some kind of criminal disposition,” said Assistant Attorney General Leslie Caldwell, head of the DOJ Criminal Division, in a speech about the case. “It would also be fair to point out that what was missing in those factors was any strong argument…for prosecutorial consideration for Alstom’s own efforts to mitigate the misconduct.”

The Alstom case shows a stance that the DOJ Criminal Division has taken under Caldwell’s leadership in 2014 and was adopted across the department in September 2015: if a company wants credit for cooperating with a DOJ investigation, it has to cooperate fully and identify all individuals involved in the wrongdoing.

“We’ve emphasized from the beginning of my tenure, in this position, that if a company wants to get credit for cooperating it needs to tell us about who was involved, and what they did,” Caldwell explains. “And if it’s not prepared to do that, it shouldn’t come in and try to cooperate with us.” ​

A New Approach

For several years, the DOJ was seeing too many corporate fraud cases where company lawyers would come in and make a presentation about what happened. But they would leave out who committed the fraud—whose idea it was, who was responsible for ordering it, and who carried it out, Caldwell says.

And then, the company would feel it was entitled to credit for cooperating with the DOJ, despite not disclosing all the facts at its disposal. So the DOJ decided to change the process and announced a new policy to hold individuals accountable in matters of corporate wrongdoing.

“Crime is crime. And it is our obliga­tion at the Justice Department to ensure that we are holding lawbreakers accountable regardless of whether they commit their crimes on the street corner or in the boardroom,” said Deputy Attorney General Sally Yates in a speech announcing the new policy. “In the white-collar context, that means pursuing not just corporate entities, but also the individuals through which these corporations act.”

Companies will have to identify all individuals involved in wrongdoing, regardless of their positions, and pro­vide all relevant facts about their mis­­conduct, to receive credit for cooperating with a DOJ investigation, Yates explained.

“If a company wants any considera­tion for its cooperation, it must give up the individuals, no matter where they sit within the company,” she said. “And we’re not going to let corporations plead ignorance. If they don’t know who is responsible, they will need to find out.”

While some divisions within the DOJ—like the Criminal Division—were already doing this, Caldwell says the policy change announcement was important.

“The importance was to have consistency across the department,” she says. “And another was to have transparency, so that companies that were considering whether they wanted to cooperate with the DOJ investigation, whether they wanted to self-disclose an issue, they would understand what our expectations were, whether you’re in Florida or California, or Washington, D.C.”

To receive the maximum credit for mitigation in FCPA corruption cases, companies now must do three things: voluntarily self-disclose misconduct, fully cooperate in the DOJ investigation, and remediate in a timely and appropriate manner. 

By laying out these guidelines, the DOJ is attempting to be more transparent about what it expects from companies and what they can expect from the DOJ in return, Caldwell explains. 

“It’s not the natural instinct for companies to want to come in and tell the government about wrongdoing within their ranks,” she adds. “The first reaction is to try to understand how that benefits the company and why the company should do so.”

As evidenced by the Alstom case, full cooperation can have a major impact and can ultimately help the DOJ decide whether it wants to indict the company, or work out an arrangement where the company will plead guilty to charges or enter into a deferred prosecution agreement. Alternately, the DOJ may decide not to prosecute. 

“That’s really the range, and to be eligible for the most favorable parts of that range, we would want a company to come in, not only come in and cooperate but to actually self-report wrongdoing,” Caldwell says. “And then…report all the relevant facts, including the facts about individuals, engage in any appropriate remediation—including disciplinary action—and just be fully forthcoming.”

However, that doesn’t mean pointing the finger at individuals when the evi­dence doesn’t warrant it—or even if it does—Caldwell cautions. 

“We’re looking for companies to identify facts, and then we’ll take it from there,” she says. “We’re not looking for prosecutable cases. We’re just looking for facts. If it turns out that there is no prosecutable case, but the company’s done everything it could and has identified the relevant facts, that’s what we’re asking them to do.”

One concern that companies have raised about the DOJ’s new stance is that they may not get credit for cooperating with an investigation if they identify individuals involved in wrongdoing, but those individuals are beyond the DOJ’s reach.

Caldwell says the company will get credit because it is not whether the DOJ can prosecute the individuals, it’s about whether the company provides it with facts about the wrongdoing.

“It actually happens all the time in FCPA cases,” Caldwell says. “We’re starting to work more, in cases where we can’t get our hands on somebody because of where they are, with local authorities.” For instance, in the Alstom case, the DOJ worked with Indonesia to bring a case against a public official that it could not prosecute itself.

Additionally, as part of the cooperation the DOJ is looking for, companies may need to conduct internal investigations that are tailored to the scope of the problem at hand, without “boiling the ocean,” Caldwell says. 

For instance, a company might discover an FCPA violation in Argentina where someone is paying a customs official to get something into the country faster, but there’s no indication that this is happening elsewhere. The DOJ “would not expect the company to go investigate every customs relationship in every country, which we would consider to be boiling the ocean,” Caldwell says. “We don’t think something like that is necessary.”

However, if the same Argentina customs broker is also the customs broker the company is using in Brazil, then it would want to look at Brazil too because the individual could be operating under the same modus operandi.

“People have to intelligently scope what is the problem at hand; don’t look for problems that don’t appear to exist and [instead] focus on what the issues are,” Caldwell adds.​

Compliance is King

Along with greater cooperation, the DOJ also expects companies to have a well-designed and fully implemented compliance program. The program should have sufficient resources relative to the company’s size to effectively train employees on their legal obligations and to uncover misconduct in its earliest stages, Caldwell explained in a speech late last year.

As part of its efforts to beef up its own understanding of corporate compliance, the DOJ hired Hui Chen, an experienced compliance attorney, to help assess compliance programs for the Fraud Section of the Criminal Division. 

“We’re hoping what she’ll do is make us smarter about compliance,” Caldwell says. “We’re not compliance officers. We’re not in-house counsel. We don’t know these companies’ businesses like they do. And we can only provide so much wisdom when it comes to evaluating whether a compliance program works or doesn’t work.”

Chen has the ability to look at a pro­gram, evaluate it, and tell the Fraud Section whether it’s actually effective or not. She’ll also have the ability to recommend changes, see what changes are appropriate, and what changes might not be necessary, “so we’re helping companies remediate when there’s a problem, and do it in an effective way instead of imposing things that may or may not be the right thing,” Caldwell adds.

The addition of Chen is a real benefit for corporations, says Leslie Benton, vice president for advocacy and stakeholder engagement at the Center for Responsible Enterprise and Trade (CREATe). 

“The DOJ has been looking at compliance programs closely, and I think they will continue to,” she explains. “But I think with this new expert, they’ve got a lens into how companies see compliance.”

Coming from the private sector with experience in a number of different industries, Chen will likely be able to provide the DOJ with a better sense of what companies are actually doing in terms of compliance and the practical problems that companies have in implementing these programs, Benton adds.

And with the new policy on individual liability, executives are looking more closely than ever at their compliance programs, says Joseph Spinelli, senior managing director with Kroll’s Investigations and Disputes practice.

“If I was sitting on a board, I can guar­antee you that I would be very, very aware of what I would be faced with as a board member,” Spinelli explains. “And I would want to make absolutely certain that I would have a clear understanding of what compliance programs are in place…so that I wouldn’t be one of the board members that would be putting myself in jeopardy if, in fact, the DOJ or the Securities and Exchange Commission comes in and does a full review of the compliance program,” he adds.

One area of compliance programs that may fall under DOJ scrutiny is third-party management. It’s also one of the top 10 reasons that anticorruption compliance programs fail, according to a CREATe white paper. 

Third-party management is an area “continually noted in SEC and Department of Justice cases where companies fail to commit to training third-party agents, suppliers, and distributors to a standard commensurate with the cor­porate understanding of the Code of Conduct,” the paper says. “Likewise, employees may not be committed to educating or monitoring their partners in other locations.”

One reason for this is that companies do not have the same level of control over third parties that they do over their own employees. “You can require things of [your employees] that you just can’t necessarily require of third parties,” Benton says. “And how do you ensure that your third parties are responsible business partners, and have the capacity to live up to the requirements that everybody asks of them?”

The best way to do this is by conducting due diligence on corporate third-party agents, vendors, suppliers, and distributors, Spinelli says. Engaging in this process allows companies to prove two crucial things to the federal government.

“One, that they have an effective FCPA program in place, and two that they’ve done their third-party due diligence on all those third parties representing them globally so if they have a rogue third party, they can show they made a good faith effort to try and preclude that,” Spinelli explains.

Another key area that may come under scrutiny—that companies often fail at—is communication and training about the anticorruption program itself. 

While CEOs are now talking about ethics and compliance to higher level executives, internally managers and trainers face “an uphill battle in communication across complex organizations on a topic that some employees may feel uncomfortable talking about outside of gossip circles,” according to the white paper.

Instead, Benton says companies must focus on communicating and training middle management to create a culture where employees can come to them—or other executives—to report a problem or concern. 

And training also needs to be clear to employees as to what is or isn’t a violation. “What’s the likely way that they’re going to face a potential corruption incident?” Benton asks. “If you can understand that, and you can tailor your training to those kinds of real-life situations, you’re going to be better heard because people will say, ‘This person understands me and what I’m going through.’”​

Future Enforcement

Along with adding a new corporate compliance officer, the DOJ is also bolstering other areas of its FCPA enforcement team. It’s adding 10 new prosecutors to the Fraud Section’s FCPA Unit, doubling its size.

It also created the Kleptocracy Unit, an entirely new unit devoted to using civil asset forfeiture to target assets in the United States that are the proceeds of overseas corruption. 

The Kleptocracy Unit has already been put to work in a case involving the current vice president of Equatorial Guinea, who had stolen money from his country in the form of kickbacks and bribes, and invested it in real estate in the United States, Caldwell says.

“We were able to trace the money that was invested in the United States to the actual bribe payments and the corruption, and we were able to obtain a civil forfeiture of $30 million worth of his assets,” she explains. 

The Kleptocracy Unit is designed to handle cases like this where leaders or high level government officials in a country are “essentially looting their countries and investing the money in the United States,” Caldwell says. “We don’t want the United States to be a haven for that kind of money, so the Kleptocracy initiative is designed to handle those types of cases.”

The DOJ will also continue to aggressively investigate allegations of FCPA violations, Dan Karson, chairman of Kroll, predicts, even if there is a change in party power in the next presidential election. 

“It’s very much like when the United States recognized China; no subsequent administration is going to change that,” he says. “I don’t think any future administration is going to cut back on enforcement at this point.”

Spinelli agrees, and says that he thinks financial institutions are going to increasingly be the focus of DOJ and SEC scrutiny for FCPA violations, some of which may not involve cash but other forms of bribery.

For instance, in August 2015, Bank of New York Mellon Corporation paid $14.8 million to settle charges that it violated the FCPA when it gave internships to family members of officials linked to a Middle Eastern sovereign wealth fund. 

Instead of choosing interns through its usual competitive hiring process, the bank hired the son and nephew of an official of the fund as interns to win or keep the fund’s business.

“These types of investigations will increase,” according to Spinelli. “I think you’re going to see the financial services industry really scrutinized and under the microscope, and prospectively, I think that is the next big wave for the FCPA.”