Recent Foreign Corrupt Practices Act (FCPA) enforcements—with their declinations, record-setting criminal penalties, disgorgements, and independent compliance monitors—are instructive in helping companies navigate that landscape, if and when the time comes. The three biggest resolutions from 2018 and 2019 are rich with guidance on how to appropriately address the discovery of potential FCPA misconduct.
Earlier this year, when Russia’s largest telecom corporation, Mobile TeleSystems PJSC (MTS), agreed to pay an $850 million penalty to resolve FCPA violations and consented to the imposition of a three-year monitor pursuant to a Deferred Prosecution Agreement (DPA) with the US Department of Justice (DOJ), companies around the world took notice.
The same was true last year, when the US government resolved FCPA allegations with two different global corporations resulting in staggering fines and disgorgements of profits. Société Générale S.A. (Société Générale), a French-based global financial services institution, and one of its subsidiaries were hit with a combined $1.3 billion penalty by American and French authorities for charges related to the bribery of Libyan officials and manipulation of the benchmark interest rate, the London Interbank Offered Rate (LIBOR). Of that, $585 million resolved FCPA violations by Société Générale’s subsidiary, SGA Société Générale Acceptance, N.V.
In a separate case against Petróleo Brasileiro S.A. (Petrobras), the Brazilian state-owned and state-controlled energy company entered into a Non-Prosecution Agreement (NPA) and consented to an $853.2 million fine, which resolved allegations about Petrobras’s role in facilitating payments to Brazilian politicians and political parties. Of that amount, approximately $170 million went to the DOJ and the Securities and Exchange Commission (SEC); the rest went to Brazil. Notably, the $853.2 million criminal penalty was a discount—approximately 25 percent off the low end of the fine range in the US Sentencing Guidelines.
These cases demonstrate the DOJ’s continued robust approach to FCPA enforcement. The government shows no signs of slowing its use of all the tools at its disposal—record-setting fines, disgorgement of profits, compliance monitors, and prosecution of individuals substantially involved in the wrongdoing—to tailor its response to the criminal activity. These cases provide guidance on what steps to take and what pitfalls to avoid in responding to and resolving FCPA violations.
Disclosure and cooperation weigh in favor of declinations
Just this March, then-Deputy Attorney General Rod Rosenstein reiterated the tenets of what companies can do to obtain a favorable FCPA resolution: self-reporting, cooperation with the investigation, and remediation. Those three factors result in a presumption in favor of declination, and the DOJ focuses, instead, on individuals and companies “that fail to take compliance obligations seriously.”
Additionally, Assistant Attorney General Brian Benczkowski touted the DOJ’s aim to be more transparent, noting that “when companies understand what conduct will be credited or penalized, the more likely they are… to implement effective compliance programs.”
Having just updated its FCPA Corporate Enforcement Policy in March 2019, the DOJ affirmatively sets forth how a company that discovers FCPA violations can best position itself. Voluntary self-disclosure, full cooperation, and timely and appropriate remediation weigh in favor of a presumption that the company will receive a declination, absent the presence of aggravating circumstances that would otherwise warrant a criminal resolution. These aggravating factors include involvement by executive management of the company in the misconduct, a significant profit to the company from the misconduct, pervasiveness of the misconduct within the company, and criminal recidivism.
The DOJ’s handling of a matter related to Cognizant Technology Solutions Corporation (Cognizant) is an example of the DOJ’s willingness to issue declinations even though executive management was involved in—and then indicted for—the misconduct. Earlier this year, Cognizant received a declination after it disclosed information about bribes paid to officials in India to secure permits associated with the development of an office park and the related falsification of internal books and records. It disclosed the wrongdoing, which involved senior executives and contractors, within two weeks of the Board learning of the criminal conduct. The DOJ lauded Cognizant’s thorough and comprehensive investigation, full cooperation, existence and effectiveness of its pre-existing compliance program, and full remediation, including termination of the employees and contractors involved in the wrongdoing.
If a corporation does not meet the criteria for a declination, it nonetheless may receive partial credit for self-disclosing, cooperating, and remediating. For example, while Petrobras did not self-disclose the misconduct, and the case involved senior executives and pervasive misconduct, Petrobras received full cooperation credit because it conducted a thorough internal investigation, proactively shared information with the DOJ, and cooperated with the DOJ’s investigation. It also agreed to work with the DOJ in “any ongoing investigations and prosecutions relating to the conduct, including of individuals, to enhance its compliance program, and to report to the Department on the implementation of its enhanced compliance program.”
And then you have MTS. MTS and two other telecom corporations are alleged to have paid bribes totaling $865 million to Gulnara Karimova, the daughter of the former President of Uzbekistan, through Bekhzod Akhmedov, the former CEO of an MTS subsidiary—the largest bribe ever received by an individual FCPA defendant. In exchange, Karimova allegedly exerted her influence over the Uzbek governmental body responsible for regulating the telecom industry. All three companies entered into DPAs with the DOJ. In total, the investigation resulted in more than $2.6 billion in fines and disgorgements, including more than $1.3 billion in criminal payments to the United States.
MTS did not voluntarily and timely self-disclose, so it did not receive disclosure credit pursuant to the FCPA Corporate Enforcement Policy. It also failed to earn additional credit for cooperation, because, as the DOJ described, MTS “significantly delayed production of certain relevant materials, refused to support interviews with current employees during certain periods of the investigation, and did not appropriately remediate, including by failing to take adequate disciplinary measures with respect to executives and other employees involved in the misconduct.”
These cases demonstrate the DOJ’s willingness to grant declinations, or, in the event a declination is not issued, the Department’s willingness to give disclosure and cooperation credit—even when there are aggravating factors or delays. Depending on the breadth, scope, and depth of the FCPA violation, these cases indicate an incentive for companies to consider self-disclosing, cooperating with regulators soon after discovering misconduct, and undertaking efforts to remediate in order to earn a declination.
Companies avoid double penalties under new DOJ policy
The DOJ announced its policy against “piling on” in May 2018. The new policy instructs DOJ components to coordinate with one another and with other enforcement agencies—including foreign regulatory authorities—to avoid imposing multiple penalties on a corporation for the same misconduct.
Since last year, the DOJ has routinely applied this policy. In its NPA with Petrobras, for example, the company agreed to pay an $853.2 million penalty. Petrobras received credit, however, for the $682.5 million it paid to Brazil and for the $85.3 million it paid to the SEC to resolve the same allegations. As a result, the DOJ will collect only $85.3 million.
Similarly, Société Générale agreed to pay a combined penalty of $585 million to resolve its scheme to pay bribes to officials in Libya. The DOJ credited the approximately $293 million that Société Générale was required to pay the French authorities— 50 percent of the criminal penalty for the bribery scheme. DOJ also avoided “piling on” in the MTS settlement, crediting the $100 million penalty imposed by the SEC to the $850 million forfeiture required under the DPA.
Individual accountability still looms large
In 2018, the DOJ seemed to step back its 2015 Yates Memorandum’s requirement that targets “tell all” about individuals involved in the alleged wrongdoing to receive cooperation credit. When the DOJ released the 2015 Yates Memorandum, companies braced themselves for what some worried would be an onslaught of high-level executives answering for FCPA violations. The Yates Memorandum required “all relevant facts relating to the individuals responsible for the misconduct,” in order to qualify for any cooperation credit.
Thus, to earn the maximum cooperation credit, when companies address compliance violations, they should strongly consider disclosing the names of, and parting ways with, individuals substantially involved in FCPA failures to signal to DOJ that it is taking compliance remediation seriously.
Under its updated policy, the DOJ now seeks identification of individuals found to be “substantially involved” in the misconduct. This narrows the corporation’s burden to obtain cooperation credit. It also clarifies what information will be useful to the DOJ, allowing companies to prioritize their resources and to focus on the most culpable persons within the organization. Last year, the United States brought charges against more than 30 individuals and won convictions of 19 individuals in FCPA-related cases, indicating that individual prosecutions remain a priority for DOJ.
Although no individuals were charged in the cases of Société Générale and Petrobras, that was not the case with MTS. After entering into a DPA with MTS, the DOJ indicted Akhmedov and Karimova, both of whom are Uzbek citizens. They were charged with conspiracy to commit money laundering. Akhmedov also was charged with one count of conspiracy to violate the FCPA and two counts of violating the FCPA.
At the time this article went to press, Karimova and Akhmedov remained at large. Karimova has not been seen in public since 2014. She was reportedly sentenced to house arrest after being convicted of embezzlement and money laundering by the Uzbek Prosecutor-General, but is reported to have violated the terms of her house arrest and was allegedly forcibly removed from her apartment and sent to jail earlier this year. The United States does not have an extradition treaty in place with Uzbekistan or Russia.
Indeed, the DOJ noted that MTS did not receive additional credit for cooperation because it did not adequately discipline executives and employees involved in the misconduct. Thus, to earn the maximum cooperation credit, when companies address compliance violations, they should strongly consider disclosing the names of, and parting ways with, individuals substantially involved in FCPA failures to signal to DOJ that it is taking compliance remediation seriously.
Monitorships for deficient compliance remediation
Depending on the case and the company’s response, the DOJ also may impose an independent compliance monitor to ensure a corporation’s implementation of adequate remedial measures. The October 2018 Benczkowski Memorandum provides that a monitor “will likely not be necessary” if the corporation’s compliance program and internal controls are “effective and appropriately resourced at the time of resolution.” Indeed, the Benczkowski Memo stated the DOJ’s position that corporate monitors are unnecessary in many corporate criminal resolutions.
US authorities declined to impose a monitor in the cases of Société Générale and Petrobras, in part because the governments of France and Brazil, respectively, continued to exert a level of oversight on those companies.
But the DOJ has signaled its continued willingness to impose a monitor if it views the corporation’s compliance program as deficient at the time of resolution. MTS and a second telecom company were required to retain compliance monitors. MTS’s monitor is in place for at least three years pursuant to the resolutions with the SEC and the DOJ. The DPA with MTS noted that even though MTS had enhanced its compliance program, it had “not yet fully implemented or tested its compliance program.” As a result, MTS agreed to retain the monitor “to reduce the risk of misconduct.”
Consistent with the Benczkowski Memoradum, the DOJ did not require the third telecom corporation to obtain a monitor because it found that the company’s remediation and the state of its compliance program made the need for a monitor unnecessary.
On April 30, 2019, the DOJ released its updated guidance for how prosecutors should evaluate corporate compliance programs. The revised guidance reiterates the hallmarks of successful corporate compliance programs enumerated in the 2017 guidance and those included in deferred prosecution agreements requiring an independent compliance monitor to certify compliance programs. The updated guidance provides clarification and context that the government—and corporations—should use to evaluate corporate compliance programs. The guidance is now officially tied to the Justice Manual, the FCPA Corporate Enforcement Policy, and the Benczkowski Memorandum, and it reorganizes familiar principles under three primary questions:
- Is the corporation’s compliance program well designed?
- Is the program being applied earnestly and in good faith?
- Does the corporation’s compliance program work?
The guidance’s focus on remediation is key for companies seeking to avoid imposition of a monitor as part of a settlement with the DOJ. Monitors use substantively the same criteria as those in the guidance to determine whether a company’s compliance program is reasonably designed and implemented to prevent and detect future violations. It may be beneficial for corporations to consider the revised guidance in remediating the compliance program ahead of a settlement or in preparation for a monitor.
Monitorships cost millions of dollars. To avoid such costly remediation, a corporation should prioritize enhancing its compliance program and controls upon discovery of a potential violation to ensure their effectiveness before resolution. This may help avoid incurring the millions of dollars in costs associated with a monitor.
Disgorgement of profits still a priority for the DOJ
Finally, the US government continues to include disgorgement of profits in its resolutions of FCPA violations. Stripping a company of ill-gotten gains serves not only to deter bad behavior but also to garner cooperation credit. As the Supreme Court has said, disgorgement of profits in SEC enforcement proceedings, for example, is considered a penalty, and is subject to a five-year statute of limitations. Kokesh v. S.E.C., 137 S. Ct. 1635, 1639 (2017). It is unclear what implications the Kokesh decision may have for investigations involving FCPA violations. But one thing is certain: disgorgement is still a painful reality for companies, regardless of whether the DOJ declines prosecution or enters into a DPA or NPA with the company. The DOJ stripped profits from Cognizant ($19.3 million), Petrobras ($933 million), MTS ($40 million), and from the two companies that, in addition to MTS, paid bribes to Karimova. Disgorgement is clearly a tool the government is using to reinforce the principle that companies that violate the FCPA will have to forfeit profits resulting from those bad acts.
Conclusion
The DOJ continues to prioritize its pursuit of companies and individuals who violate the FCPA. While declinations are certainly preferable to hefty sanctions or fines, they may still include large disgorgements of profits. Companies can best help themselves by preemptively instituting compliance programs that emphasize a strong compliance culture and by instituting an anti-corruption mentality that trickles down to, and resonates with, each and every employee.
If and when those safeguards fail, companies should consider conducting a rigorous internal investigation and implementing comprehensive remedial measures to close the gaps in the compliance program. Companies should also consider the benefits of self-reporting and cooperating with the government. These are likely the best ways to minimize the imposition of significant fines and sanctions and costly monitorships.
