Managing Third-Party Risk: Recent FCPA Action Reflects Government’s Continued Focus on Intermediaries
According to the three-year deferred prosecution agreement (DPA) entered into by the Company, and a separate SEC Consent Order, the Company engaged in a scheme to obtain a contract from the Brazilian state-owned oil company Petroleo Brasileiro S.A. (Petrobras), known as the UFN-IV project. Specifically, from approximately 2011-2014, the Company allegedly conspired with third parties and others, including an Italian sales agent affiliated with a Monaco-based intermediary company, to pay bribes to decision-makers at Petrobras in order to win an approximately $190 million contract to design a gas-to-chemicals complex in Brazil.
This action, in which the Company allegedly paid bribes through third-party agents, including one agent who failed a due diligence check but continued their engagement with the Company through an interim agency agreement, reflects the DOJ’s heightened focus on third-party relationships. The DOJ’s June 2020 updated guidance titled “Evaluation of Corporate Compliance Programs” explains that a “well-designed compliance program should apply risk-based due diligence to its third-party relationships.” In addition, the DOJ’s and SEC’s July 2020 “A Resource Guide to the U.S. Foreign Corrupt Practices Act” (the FCPA Guide) notes that the “DOJ’s and SEC’s FCPA enforcement actions demonstrate that third parties, including agents, consultants, and distributors, are commonly used to conceal the payment of bribes to foreign officials in international business transactions.” The FCPA guide stresses the importance of risk-based due diligence of third parties, having a clear business rationale for engaging third parties, and ongoing monitoring of third-party relationships.
Consistent with recent deferred prosecution agreements relating to FCPA violations, the DPA in this matter requires the Company to institute controls relating to its third-party relationships, including properly documenting due diligence, recording the business rationale of the use of a third party, and specifying services to be performed and confirming that compensation is commensurate with those services.
Pursuant to the DPA, the Company has agreed to adopt internal accounting controls, policies, and procedures to ensure the making and keeping of fair and accurate books, records, and accounts. Based on remediation efforts taken by Wood, which apply to all of its subsidiaries and include controls relating to the retention and management of commercial agents, the DOJ found that an independent compliance monitor is unnecessary, but it has required annual reports from Wood and the Company on the status of remediation and implementation of further compliance measures.
The enforcement action against the Company evidences the high cost of third-party misconduct. Companies seeking to expand their use of third parties should consider whether their existing compliance programs include sufficient controls to properly assess third-party relationships. These controls should include appropriate due diligence procedures, processes to ensure that due diligence conclusions are followed, and ongoing analysis of third-party services to ensure that compensation is paid for services actually rendered.
 The Company is liable to the SEC for disgorgement of $17,656,302 and prejudgment interest of $5,107,985, for a total of $22,764,287, and has agreed to pay $18,375,000 to settle criminal charges brought by the DOJ. The DOJ and SEC credited $22 million that the Company will pay to resolve related enforcement actions by the UK Serious Fraud Office and enforcement agencies in Brazil.
- Related Practices