Revised FCPA Corporate Enforcement Policy

The case for self-reporting failures has always been a nebulous promise from the government that the enforcement will be more lenient than if not self-reported. There has been limited proof that this has been true. That may be largely because we don’t hear about the self-reported problems because there is little to no government action in those instances.

The Department of Justice is stepping up its treatment of self-reporting bribery violations under the Foreign Corrupt Practices Act. In April, the DOJ had started a new program that it would provide a 50% discount on fines under the FCPA along with generally more leaner prosecution settlement terms.

On Wednesday, the DOJ that it was going further with the program.

Deputy Attorney General Rod J. Rosenstein said in a speech Wednesday that the DOJ is changing the policy again to increase the number of companies voluntarily disclosing their bribery misconduct. That would allow the DOJ to allocate resources to pursue the individuals responsible for the bribery.

First, the updated FCPA Corporate Enforcement Policy states that when a company satisfies the standards of voluntary self-disclosure, including full cooperation and appropriate remediation, there will be a presumption that the DOJ will resolve the corporate case through a declination. Of course, that presumption is swiped away if there are aggravating circumstances related to the nature and seriousness of the offense, or if this is not the offender’s first time.

Second, if a company voluntarily discloses wrongdoing and satisfies all other requirements, but aggravating circumstances compel an enforcement action, the Department will recommend a 50% reduction off the low end of the Sentencing Guidelines fine range. Once again, recidivists may not be eligible. (The DOJ does not like repeat business.)

Third, the updated FCPA Corporate Enforcement provides details about how the Department evaluates an appropriate compliance program, which will vary depending on the size and resources of a business.

That third point will likely set some new standards in the compliance community in defining a good compliance program.

“Implementation of an effective compliance and ethics program, the criteria for which will be periodically updated and which may vary based on the size and resources of the organization, but may include:

  • The company’s culture of compliance, including awareness among employees that any criminal conduct, including the conduct underlying the investigation, will not be tolerated;
  • The resources the company has dedicated to compliance;
  • The quality and experience of the personnel involved in compliance, such that they can understand and identify the transactions and activities that pose a potential risk;
  • The authority and independence of the compliance function and the availability of compliance expertise to the board;
  • The effectiveness of the company’s risk assessment and the manner in which the company’s compliance program has been tailored based on that risk assessment;
  • The compensation and promotion of the personnel involved in compliance, in view of their role, responsibilities, performance, and other appropriate factors;
  • The auditing of the compliance program to assure its effectiveness; and
  • The reporting structure of any compliance personnel employed or contracted by the company. “

This new policy now moves the promises of leniency to something much more tangible. I expect it will also be more effective at causing companies to shake the skeletons out of their closets and disclose FCPA violations.


One Comment