How a compliance plan can limit your exposure to the Foreign Corrupt Practices Act and other federal laws Featured

8:00pm EDT March 26, 2010

Violations of the Foreign Corrupt Practices Act (FCPA) can expose corporations and individuals to criminal penalties and fines. And while the perception is that only large companies are at risk, smaller companies doing business abroad are also at risk for prosecution, says Edmund W. “Ned” Searby, chair of the White Collar Crime, Antitrust and Securities Litigation Practice at McDonald Hopkins LLC.

“Middle-market and smaller companies have generally given the FCPA far less consideration,” Searby says. “In part, this is because marketing about the act has primarily targeted large corporations that have the discretionary cash to pay for large teams of lawyers and accountants. There is also a false sense of security that the targets of the FCPA are big, publicly traded corporations. In addition, there is the misperception that middle-market companies cannot afford to implement a meaningful compliance program.”

Smart Business spoke with Searby about how a compliance plan can limit the risks of prosecution when doing business abroad.

What is the Foreign Corrupt Practices Act?

The FCPA prohibits the corrupt offer, promise or payment of anything of value to foreign government officials, political parties, party officials or candidates in order to obtain or retain business. The FCPA makes no distinction as to the size of the offender. There is no materiality standard, and the payment of anything of value, no matter how small, can violate the statute. Payments to third parties are unlawful when made with knowledge that all or part of the payments will be passed on to a government official or other covered person.

There are also provisions that apply to publicly traded companies that require maintenance of reasonably detailed and accurate books and records. The act includes criminal liability for knowingly falsifying books and records or for knowingly failing to implement an internal control system. But even if the company is not publicly traded, it should have accurate books and records. An effective compliance program should ensure effective controls for the timely, complete and accurate recording of financial transactions.

In addition to the FCPA, are there other federal laws and regulations that should concern those doing business abroad?

Yes, in addition to the FCPA, companies doing business abroad should ensure compliance with United States’ export controls and embargoes on trade with specified foreign nations. Of course, companies should also be wary that their conduct does not violate the laws of the host country.

How can a compliance program limit risk for a company doing business abroad?

A compliance program can not only help a company prevent costly violations, it can also reduce the risk of an indictment should a violation occur. The Department of Justice guidelines for charging corporations lists a pre-existing compliance program as a factor to consider as to whether a criminal charge is warranted.

How can a company create an effective compliance program?

Companies should have clearly articulated policies prohibiting unethical conduct in general and violations of the FCPA in particular. But the mere existence of a policy on paper will hold little weight if it is not earnestly implemented.

The policy should include awareness training, focusing on employees who do business overseas and who are most likely to encounter unlawful situations. Training should also teach managers and employees how to spot potential problems, such as indications of a government official soliciting a bribe and the common means by which a bribe is hidden on the books.

What other steps can a company take to stay out of trouble with the FCPA?

One of the most effective means is to ensure that you know who your business partners are and know of any questionable relationships they may have with government officials. Companies looking to move into the global market will often buy in with locals to form a joint venture or will retain local representatives or agents.

Before doing so, however, companies must vet prospective partners and customers. Payments to third parties can result in criminal liability if those payments end up in whole or in part with government officials or other covered people.

In addition to investigating potential business partners, companies should also periodically investigate themselves. This should include interviews of people with significant involvement in business overseas to make sure that they are complying with the policy and reporting any questionable conduct. This periodic due diligence should also include the review of books and records for questionable transactions such as large, rounded, one-time payments to unknown entities and other red flags.

A company must show a true commitment to conducting business in accordance with a written ethics and anti-corruption policy, and that means imposing real sanctions on those who violate it. The absence of consequences for violations demonstrates a lack of commitment. Accordingly, an effective compliance policy should designate those responsible for reviewing potential violations and for real penalties for noncompliance.

Who should be involved in a company’s compliance program?

An effective compliance program should be run by designated senior officials with ownership responsibility for running the program. The program should also include clearly identified processes for reporting potential violations or concerns to senior officials with responsibility.

Edmund W. “Ned” Searby is chair of the White Collar Crime, Antitrust and Securities Litigation Practice at McDonald Hopkins LLC. He is a former federal prosecutor with the Department of Justice. Reach him at (216) 348-5769 or esearby@mcdonaldhopkins.com.