Tag: FCPA

Categories
Corruption, Crime and Compliance

A Deep Dive into the Oracle FCPA SEC Settlement

Oracle Corporation settled its second FCPA case in ten years. It agreed to pay the SEC $23 million to resolve allegations that its subsidiaries in Turkey, India and the United Arab Emirates maintained slush funds to bribe foreign officials. Ten years ago in 2012, Oracle paid the SEC $2 million for creating millions of dollars in off-the-books accounts at its India subsidiary. Join Michael Volkov as he takes a deep dive in the Oracle case and provides valuable lessons for managing third-party corruption risks.

  • In the SEC’s mind, Oracle is a recidivist, having its second enforcement action case in 10 years.
  • The settlement for $23 million underscored the power of the FCPA provisions, which mandate effective internal controls and accurate books and records, and can be applied to a wide range of conduct beyond foreign bribery, Michael remarks. 
  • The controls that Oracle put in place to prevent improper use of discounts and marketing reimbursements were not effective because there was a lack of compliance culture within the business.
  • The Oracle case is one that should be studied by compliance professionals, Michael believes. It reminds you to look at your own controls that surround discounting and ensure that the necessary documentation is carried out. “No matter what controls you have in place, they still have to be adhered to with a true culture of compliance underneath it as a foundation,” he adds.

 

Resources

SEC Oracle Case

Email Michael: mvolkov@volkovlaw.com

Categories
Blog

ABB FCPA Resolution: Part 1 – Introduction

Late last week, the Department of Justice (DOJ) announced a highly anticipated resolution of Foreign Corruption Practices Act (FCPA) violation involving the Swiss construction giant, ABB Ltd. The most obvious significance is from the fact that ABB is now the first three-time convicted violator of the FCPA, having prior FCPA resolutions in 2004 and 2010. The moniker of a three-time FCPA violator is certainly not one that any corporation wants to claim. The total fine and penalty for the violation was $315 million, with credited amounts going to South Africa, Switzerland and Germany for ABB’s violations of those country’s anti-corruption laws. There was also a $75 million fine credited to the Securities and Exchange Commission (SEC). Over the next several blog posts, we will explore this FCPA enforcement action, and, most particularly, three key questions: (1) How did ABB obtain such a superior resolution? (2) As a three-time FCPA violator, how did the company avoid a monitor? (3) Why was there no requirement for Chief Compliance Officer (CCO) certification?

At this point, not all of the resolution documents are publicly available. The only two documents are the DOJ Press Release and Plea Agreement. Conspicuously missing at this point are resolution documents from the SEC and those from South Africa, Switzerland and Germany. As noted, the overall FCPA fine and penalty is $315 million with credit of $75 million to the SEC and according to the Press Release, “ABB’s total criminal penalty is $315 million. The department has agreed to credit up to one-half of the criminal penalty against amounts the company pays to authorities in South Africa in related proceedings, along with other credits for amounts ABB pays to resolve investigations conducted by the SEC and authorities in Switzerland and Germany, so long as payments underlying an anticipated resolution with German authorities are made within 12 months of today’s date.”

According to Assistant Attorney General Kenneth A. Polite, Jr. of the DOJ’s Criminal Division, “This is the department’s first coordinated resolution with authorities in South Africa, where much of ABB’s criminal scheme was carried out, reflecting our commitment to relationship-building and our ever-deepening partnerships in the global fight against corruption. ABB bribed a high-ranking official at South Africa’s state-owned energy company in order to corruptly obtain confidential information and win lucrative contracts. In addition, our partners in South Africa have brought corruption charges against that official. This resolution demonstrates the Criminal Division’s thoughtful approach to appropriately balancing ABB’s extensive remediation, timely and full cooperation, and demonstrated intent to bring the misconduct to the department’s attention promptly upon discovering it, while also accounting for ABB’s historical misconduct.” The DOJ also noted, “the assistance provided by law enforcement authorities in South Africa, Switzerland, and Germany.”

Certainly, the cooperation and partnering with South Africa is a welcoming sign, given the corrupt nature of the South African government under the prior regime of President Zuma. The allegations of state capture involving Zuma, his family and the Gupta brothers rocked the country for many years. Although this enforcement action involving ABB does not appear to have been a part of the state capture allegations, it may portend a reckoning of companies who have conducted business in the corrupt state over the past decade. It may be that ABB is only the opening salvo on corruption cases from South Africa which could rival Lava Jato from Brazil.

As for the actual resolution, the Press Release noted, “ABB entered into a three-year deferred prosecution agreement (DPA) with the department in connection with the filing of a criminal information in the Eastern District of Virginia charging the company with conspiracy to violate the FCPA’s anti-bribery provisions, conspiracy to violate the FCPA’s books and records provisions, and substantive violations of the FCPA. In addition, ABB subsidiaries ABB Management Services Ltd. (Switzerland) and ABB South Africa (Pty) Ltd. (South Africa) each pleaded guilty to one count of conspiracy to violate the anti-bribery provisions of the FCPA.” Once again there is a parent receiving a DPA with subsidiaries agreeing to make criminal pleas.

The bribery schemes themselves involved a series of actions between 2014 and 2017, where ABB subsidiaries paid bribes to a South African government official at the state-owned and controlled energy company, Eskom Holdings Limited (Eskom), to obtain business advantages in connection with the award of multiple contracts. Moreover, “ABB engaged multiple subcontractors associated with the South African government official and made payments to those subcontractors that were intended as bribes. ABB worked with these subcontractors despite their poor qualifications and lack of experience. In return, ABB received improper advantages in its efforts to obtain work with Eskom, including, among other benefits, confidential and internal Eskom information. As part of the scheme, ABB conducted sham negotiations to obtain contracts at inflated prices that ABB had pre-arranged with the South African government official, all on the condition that ABB employ a particular subcontractor associated with that official. ABB also falsely recorded payments to the subcontractors as legitimate business expenses when, in fact, a portion of the payments were intended as bribes for the South African government official.”

But as bad as ABB’s conduct was during this period, perhaps even more impressive was its conduct after it uncovered the bribery and corruption. Although ABB did not self-disclose the conduct before it was made public, the company “demonstrated intent to disclose the misconduct promptly to the department.” Thereafter, the company engaged in “extraordinary cooperation with the department’s investigation” as well as extensive remediation. The DOJ specifically called out the company “carrying out a root-cause analysis of the misconduct and making significant investments in compliance personnel, compliance testing, and monitoring through the organization.” There were also statements in the DPA which made inapplicable the DOJ’s prior statements on monitors and certifications, including “ABB’s commitment to further enhance its compliance program and internal controls, including enhanced reporting provisions that require ABB, during the pendency of the DPA, to meet with the department at least quarterly and to submit yearly reports regarding the status of its remediation efforts, the results of its testing of its compliance program, and its proposals to ensure that its compliance program is reasonably designed, implemented, and enforced, so that it is effective in deterring and detecting violations of the FCPA and other applicable anti-corruption laws.”

In short, there is much to unpack in this matter. Join us tomorrow where we look at the bribery schemes.

Categories
Daily Compliance News

December 2, 2022 the Huge Management Failure Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you four compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Stories we are following in today’s edition of Daily Compliance News:

  • More FCPA cases are on the horizon. (WSJ)
  • SBF says it was a ‘huge management failure.’ (NYT)
  • Does anyone perform due diligence anymore? (FT)
  • SA President urged to step down due to corruption allegations. (Aljazeera)
Categories
All Things Investigations

All Things Investigations: Episode 15 – The Power of Pre-acquisition Due Diligence with Mike Huneke

 

Welcome to the Hughes Hubbard Anti-Corruption and Internal Investigations Practice Group’s Podcast, All Things Investigations. In this podcast, host Tom Fox and returning guest Mike Huneke of the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group highlights some of the key legal issues in white-collar investigations, locally and internationally.

 

 

Mike Huneke is a partner in the firm’s Washington office. Among other things, Mike advises clients on navigating and resolving multi-jurisdictional criminal or Multilateral Development Bank (MDB) anti-corruption investigations. He assists companies subject to post-resolution monitorships or other commitments and designs and executes risk-based strategies for due diligence on third parties.

Key areas we discuss in this podcast:

  • The commentary on mergers in the FCPA space is largely around post-acquisition.
  • The reason for pre-acquisition due diligence.
  • Questions a potential acquirer should ask before buying a business.
  • Even if they don’t have a program for some voluntary due diligence, sellers with nothing to hide shouldn’t be scared of buyers asking questions.
  • In advance of a sale, ensure you have clear records of tax considerations and that they are ready to be shared.
  • The basic mandates from the DOJ around post-closing.

 

Resources

Hughes Hubbard & Reed website 

Mike Huneke

Anti-Corruption Due Diligence Can Help Buyers, Sellers, and Their Advisers to Facilitate Acquisitions

 

Categories
Daily Compliance News

November 7, 2022 the Sheriff is Guilty Edition

In today’s edition of Daily Compliance News:

  • Santa Clara ex-sheriff found guilty. (San Jose Spotlight)
  • Arthur J. Gallagher received a DOJ subpoena on an FCPA matter. (WSJ)
  • Musk blames everyone but himself for the drop in Twitter value. (Reuters)
  • James Giffen dies. (NYT)
Categories
FCPA Compliance Report

James Koukios on MoFo’s April 2022 Top 10 International Anti-Corruption Developments

In this episode, I visit with fan-fav James Koukios, partner at Morrison & Foerster on the firm’s always great monthly Top 10 International Developments newsletter for April 2022.

Key areas we discuss on this podcast are:

·      The Stericycle FCPA enforcement action.

·      The Roger Ng conviction.

·      Limits of prosecution on FCPA accounting provisions?

·      A World Bank debarment.

 Resources

James Koukios on MoFo.com

MoFo Top 10 International Anti-Corruption Developments for April 2022

Categories
Greetings and Felicitations

Great Structures Week I: Vitruvius, the Brooklyn Bridge and Compliance

Welcome to the Greetings and Felicitations, a podcast where I explore topics that might not seem directly related to compliance but influence our profession. In this special series, I consider many structural engineering concepts are apt descriptors for an anti-corruption compliance program. In this episode 1, I consider the Roman architect Vitruvius and what makes a structure great. Highlights include:

·      The Vitruvius Triad.

·      Compliance Program formulations.

·      What are form, function, and structure

·      Continuous risk and continuous risk management.

·      Risks assessments after Covid 19.

Resources

Understanding the World’s Greatest Structures: Science and Innovation from Antiquity to Modernity,” taught by Professor Stephen Ressler from The Teaching Company.

Categories
GalloCast

Gallocast – Episode 4 – October 2022

Welcome to the GalloCast. You have heard of the Manningcast in football. Now we have the GalloCast in compliance. The two top brothers in compliance, Nick and Gio Gallo, come together for a free-form exploration of compliance topics. It is a great insight on compliance brought to you by the co-CEOs of ComplianceLine. Fun, witty, and insightful with a dash of the two brothers throughout. It’s like listening to the Brothers Gallo talk compliance at the dinner table. Hosted by Tom Fox, the Voice of Compliance. Topics in this episode include:

  • ComplianceLine rebranded to Ethico. How does this reflect the overall products and services of the organization in 2022 and beyond.
  • The Oracle FCPA Enforcement Action. What are some key lessons for compliance?
  • The Monaco Memo. Focus on employee incentives and clawbacks.
  • Employees having two jobs post pandemic. When is it a conflict of interest?
  • Quiet quitting and the opportunity for employee engagement.

Resources

Nick Gallo on LinkedIn

Gio Gallo on LinkedIn

Ethico

Categories
Blog

Ongoing Compliance Assessments: FCPA, UK Bribery Act and OCED Best Practices

One of the requirements consistent throughout the Principles of Federal Prosecution of Business Organization (US Sentencing Guidelines) and its section on corporate compliance programs; the Organization for Economic Co-operation and Development (OECD) Good Practice Guidance on Internal Controls, Ethics, and Compliance, and the UK Bribery Act’s Consultative Guidance is the need for continued assessment of an anti-corruption and anti-bribery compliance program. This posting will review the specifics of each of these documents and will provide to the compliance and ethics practitioner some ideas on how to implement what each of these protocols stress is key component of any best practices compliance program.

US Sentencing Guidelines

The US Sentencing Guidelines state that there should be periodic reviews of a company’s compliance program, utilizing internal resources, such as a company’s Internal Audit function, and outside professional consultants. The OECD Good Practice states that a compliance program should be periodically re-assessed and re-evaluated to take into account any new developments. The UK Bribery Act Consultative Guidance, recently released by the UK Ministry of Justice, requires ongoing monitoring and review by noting that a compliance program and procedures should be reviewed regularly and a company should consider whether an “external verification [of the compliance program] would help.”

Speaking at the Compliance Week 2010 Annual Conference, Assistant Attorney General for the Criminal Division of the US Department of Justice, Lanny Breuer, indicated that such an external verification or assurance of the effectiveness of a compliance program is a key component to assist a company in maintaining a ‘best practices’ FCPA compliance program. He noted that it is through a mechanism such as an ongoing assessment that a company could continue to evaluate its own compliance program with reference to compliance standards which are evolving on a world wide basis.

OECD

In this same speech, Breuer cited as a benchmark for a best practices compliance and ethics program the protocols set forth in the OECD Good Practice Guidance on Internal Controls, Ethics, and Compliance. In this protocol the OECD suggested that “periodic reviews of the ethics and compliance programs or measures, designed to evaluate and improve their effectiveness in preventing and detecting foreign bribery, taking into account relevant developments in the field, and evolving international and industry standards.” Writing in the Society of Corporate Compliance and Ethics Magazine (SCCE) (Vol. 7 / No. 3), Russ Berland explained that this guidance meant that companies should regularly reassess their anti-bribery and anti-corruption compliance program to evaluate and improve its overall effectiveness. Although he did not give a time frame for this regular assessment, Berland noted that any such assessment “should take into account new developments in the area and evolving standards.

UK Bribery Act 

Principle Six of the UK Bribery Act’s Consultation Guidance discusses the need for ongoing monitoring and review. The Principle states “The commercial organization institutes monitoring and review mechanisms to ensure compliance with relevant policies and procedures and identifies any issues as they arise. The organization implements improvements where appropriate.” The reasons for this continued monitoring was to ensure that if, external events like government changes, corruption convictions, or negative press reports occur, an appropriate compliance response is triggered. The Guidance noted that it would be prudent for companies to consult the publications of relevant trade bodies or regulators that could highlight examples of good or bad practice. Organizations should also ensure that their procedures take account of external methods of issue identification and reporting as a result of the statutory requirements applying to their supporting institutions, for example money laundering regulations reporting by accountants and solicitors.

The Consultative Guidance provided advice for companies which covered several specific suggestions. The senior management of higher risk and larger organizations may wish to consider whether to commission external verification or assurance of the effectiveness of anti-bribery and anti-corruption policies. An independent review can provide to a company, which is undergoing structural change or entering new markets, with an insight into the strengths and weaknesses of its anti-bribery policies and procedures and in identifying areas for improvement. Such independent assessment would also enhance a company’s credibility with business partners or to restore market confidence following the discovery of a bribery incident, to help meet the requirements of both voluntary or industry initiatives and any future pre-qualification requirements.

Ongoing Assessment as ‘Best Practices’ 

All three cornerstones of guidance available to the Foreign Corrupt Practices Act (FCPA) compliance practitioner include ongoing assessments as a key component of any best practices program. The text of each document and the remarks by commentators make clear the reasons for such an ongoing assessment. Not only do best practices evolve but companies and business evolve. An assessment is key to measuring where your program currently stands to allow you to know where it needs to be updated.

Attention should be paid to who and how the assessment is conducted. The entity, be it a law firm; professional consultant or other, which designed the FCPA compliance program for your company should not be the assessor. Such assessment would obviously be a conflict of interest. Additionally a drafter usually has blind spots when assessing one’s own work. An outside FCPA compliance professional should be engaged to assess your compliance policy, at no less than every two years, to review and make recommendations to keep your program at the best practices standard.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

 

© Thomas R. Fox, 2010

Categories
FCPA Compliance Report

Oracle FCPA Enforcement Action

In this episode, I take on a solo pod to discuss and consider the Oracle FCPA enforcement action brought by the Securities and Exchange Commission.

Key areas we discuss on this podcast are:

  • Background facts.
  • Same facts in same country?
  • Failure of a paper program.
  • The need for data analytics.
  • Where is the DOJ?
  • What are the lesson learned going forward?

 Resources

For a White Paper on the Oracle FCPE enforcement action, email tfox@tfoxlaw.com