Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 8, Enhancing Your Compliance Program

Over the past 15 months, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear, through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations, and best practices compliance programs. Every compliance professional should study these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities.

The three FCPA enforcement actions are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. Taken together, they point out a clear path for the company that finds itself in an investigation, using extensive remediation to avoid monitoring and providing insight for the compliance professional into what the DOJ expects in an ongoing best practices compliance program.

Over this series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions for compliance professionals who find themselves in an enforcement action. Today, we continue with Number 8, Enhancement of Compliance. The DOJ has clarified that any company undergoing an FCPA enforcement action must significantly enhance its compliance program with a budget, headcount, and expertise in reporting, investigations, and consequence management processes.

Albemarle

The Albemarle NPA cited several remedial actions by the company that helped Albemarle obtain superior results regarding the discounted fine and penalty. These steps were taken during the pendency of the DOJ investigation so that when the parties were ready to resolve the matter, Albemarle had built out an effective compliance program and had tested it. The NPA provided that Albemarle

  • Strengthening its anti-corruption compliance program by investing in compliance resources, expanding its compliance function with experienced and qualified personnel, and taking steps to embed compliance and ethical values at all levels of its business organization;
  • Transformed its business model and risk management process to reduce corruption risk in its operation and to embed compliance in the business, including implementing a go-to-market strategy that resulted in eliminating the use of sales agents throughout the Company, terminating hundreds of other third-party sales representatives, such as distributors and resellers, and shifting to a direct sales business model;
  • Provided extensive training to its sales team, restructuring compensation and incentives so that compensation is no longer tied to sales amounts;
  • Used data analytics to monitor and measure the compliance program’s effectiveness and
  • It engaged in continuous testing, monitoring, and improvement of all aspects of its compliance program, beginning almost immediately after identifying misconduct.

The NPA noted that Albemarle engaged in holdbacks, as they did not pay bonuses to certain employees involved in the conduct or those with oversight. The NPA said, “During its internal investigation, the Company withheld bonuses totaling $763,453 from employees suspected of wrongdoing.” The illegal behavior involved people who “(a) had supervisory authority over the employee(s) or business area engaged in the misconduct; and (b) knew of, or were willfully blind to, the misconduct.” This effort was important because it allowed Albemarle to get an extra fine reduction of a dollar for every dollar they spent on the investigation.

Indeed, Deputy Attorney General Lisa Monaco cited the Albemarle FCPA resolution: “The company received a clawback credit for withholding bonuses for employees who engaged in misconduct. Not only did Albemarle keep the bonuses that would have gone to wrongdoers, but the company also received an offset against its penalty for the same amount. That’s money saved for Albemarle and its shareholders—and a concrete demonstration of the value of clawback programs.”

SAP

SAP did an excellent job in its remedial efforts to build out its compliance program. In addition to the prior discussions of SAP’s remedial efforts, the DOJ also pointed out the company’s Enhancement of Compliance. Here, the company significantly increased the budget, resources, and expertise devoted to compliance, restructuring its Offices of Ethics and Compliance to ensure adequate stature, independence, autonomy, and access to executive leadership; enhancing its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties; and improving its reporting, investigations, and consequence management processes.

Next were the holdback actions SAP engaged in. The DPA noted SAP withheld bonuses totaling $109,141 during its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

ABB

According to the ABB Plea Agreement, ABB “took a lot of corrective actions,” such as hiring experienced compliance staff and, after figuring out what caused the behavior described in the Statement of Facts, spending a lot more money on compliance testing and monitoring across the whole company; putting in place targeted training programs and extra case-study sessions on-site; and continuing to test and monitor to as This final point was expanded on in the SEC Order, which reported that all employees involved in the misconduct were terminated.

Additionally, ABB essentially created its monitoring program to test its compliance program and report to the DOJ. In a section entitled “Written Work Plans, Reviews, and Reports,” ABB agreed to conduct a first review and prepare a first report, followed by at least two follow-up reviews and reports. But more than simply reporting, ABB decided to create and submit for review a work plan for this ongoing testing of its compliance program, as the program was detailed in the DPA. The DPA specified, “No later than one (I) year from the date this Agreement is executed, the Company shall submit to the Offices a written report setting forth:

  • a complete description of its remediation efforts to date;
  • a complete description of the testing conducted to evaluate the effectiveness of the compliance program and the results of that testing; and
  • It proposes to ensure that its compliance program is reasonably designed, implemented, and enforced so that the program is effective in deterring and detecting violations of the FCPA and other applicable anti-corruption laws.”

The bottom line is that all these companies worked very hard to significantly enhance their compliance programs, with a budget, headcount, and expertise in their reporting, investigations, and consequence management processes. None of the actions by these companies were particularly new or even innovative, as with the innovations around data analytics programs. Indeed, these strategies have been available from the DOJ since at least the first edition of the FCPA Resource Guide in 2012. It was, however, the work of each company to understand the deficiencies in their compliance programs and their superior efforts to upgrade them.