What You Should Know About the Second Edition of the DOJ’s and SEC’s FCPA Resource Guide

The Criminal Division of the US Department of Justice (DOJ) and Enforcement Division of the US Securities and Exchange Commission (SEC) recently published its second edition of A Resource Guide to the US Foreign Corrupt Practices Act (the “Updated Guide”), which was originally released in November 2012.

Read the second edition of A Resource Guide to the US Foreign Corrupt Practices Act.

Though the FCPA itself has not changed in the past eight years, there have been several notable enforcement actions, governmental policies, and judicial decisions. The Updated Guide attempts to capture those updates, as well as more recent statistical data.

The Updated Guide is, as described by the DOJ and SEC in the introduction, “meant not only to summarize the product of the dedicated and hardworking individuals who combat foreign bribery as part of their work for the US government, but also to help companies, practitioners, and the public— many of whom find themselves on the front lines of this fight—prevent corruption in the first instance.” So while the publication is “non-binding, informal, and . . . does not constitute rules or regulations,” and the edits to the first edition are unlikely to come as much of a surprise to compliance professionals who assiduously follow FCPA developments, the Updated Guide, like its predecessor, is a useful resource that organizes important information about the FCPA in one convenient place.

In particular, the Updated Guide sheds some further light on the enforcement authorities’ perspectives regarding such thorny questions as:

Who is a “foreign official”?
When can non-US companies and individuals be criminally prosecuted for conspiracy to violate the FCPA’s anti-bribery provisions?
When can the SEC seek disgorgement?
What makes for a strong corporate anti-corruption compliance program?
What is the DOJ’s FCPA Corporate Enforcement Policy?
When will a compliance monitor or independent consultant be imposed?
How can companies avoid successor liability in the M&A context?

Who Is a “Foreign Official”?

The FCPA defines “foreign official” to include “any officer or employee of a foreign government or any department, agency, or instrumentality thereof." What exactly is an “instrumentality” of a foreign government has been subject to much debate. The Updated Guide reflects the Eleventh Circuit Court of Appeal’s decision on this issue in Unites States v. Esquenazi. In that case, the court held that an “instrumentality” is “an entity controlled by the government of a foreign country that performs a function the controlling government treats as its own.” The Updated Guide references the Esquenazi court’s non-exhaustive list of factors to determine whether the foreign government “controls” an entity, which were largely set forth in the first edition of the Guide, albeit without the imprimatur of an appellate court decision.

When Can Non-US Companies and Individuals Be Criminally Prosecuted for Conspiracy to Violate the FCPA’s Anti-Bribery Provisions?

The first edition of the Guide expressed law enforcement’s view that “[a] foreign company or individual may be held liable for aiding and abetting an FCPA violation or for conspiring to violate the FCPA, even if the foreign company or individual did not take any act in furtherance of the corrupt payment while in the territory of the United States.” The Updated Guide discusses the Second Circuit Court of Appeals’ 2018 decision in United States v. Hoskins, which rejected the government’s expansive view that foreign nationals who could not be held directly liable under the FCPA’s anti-bribery provisions, could nonetheless be prosecuted based on secondary liability theories. Instead, the Second Circuit held in Hoskins that defendants can only be prosecuted for violations of the FCPA’s anti-bribery provisions if they have a specific nexus to the US, because they are either (a) US “issuers” that engaged in interstate commerce in furtherance of the crime, (b) “domestic concerns,” or (c) were physically present in the US when they took action in furtherance of the crime.

While noting the Hoskins decision, the Updated Guide goes on to caution that “[a]t least one district court from another circuit has rejected the reasoning” of the Second Circuit, referring to the Northern District of Illinois's decision in United States v. Firtash. This legal question remains unsettled, and we expect to see further judicial interpretations in the years to come, as the DOJ will most certainly continue to invoke the more expansive view when prosecuting anti-bribery violations outside the Second Circuit. (Note that this is not an issue when it comes to prosecuting violations of the FCPA’s accounting provisions since, as noted in the Updated Guide, by their terms, the accounting provisions apply to “any person.”)

When Can the SEC Seek Disgorgement?

The Updated Guide adds a new section addressing forfeiture and disgorgement, which according to the DOJ and SEC, are designed “primarily to return the perpetrator to the same position as before the crime, ensuring that the perpetrator does not profit from the misconduct[,]” unlike criminal and civil penalties, which the DOJ and SEC describe as “designed to punish and deter misconduct.” The Updated Guide notes, however, that in 2017, the Supreme Court ruled in Kokesh v. SEC that the SEC’s civil disgorgement remedy for securities law violations is actually a “penalty” and is thus subject to a five-year statute of limitations. The Updated Guide also addresses the Supreme Court’s June 2020 decision in SEC v. Liu, holding that, “disgorgement is permissible equitable relief when it does not exceed a wrongdoer’s net profits and is awarded for victims.”

What Makes for a Strong Corporate Anti-Corruption Compliance Program?

The first edition of the Guide describes ten “Hallmarks of an Effective Compliance Program.” The Updated Guide adds an eleventh factor—the “Investigation, Analysis and Remediation of Misconduct.” The new section discussing this factor includes a notable admonition that “[t]he truest measure of an effective compliance program is how it responds to misconduct. Accordingly, for a compliance program to be truly effective, it should have a well-functioning and appropriately funded mechanism for the timely and thorough investigations of any allegations or suspicions of misconduct by the company, its employees, or agents.”

The Updated Guide also incorporates a new section on the expectations embodied in the DOJ’s Evaluation of Corporate Compliance Programs, which was initially released in February 2017 and updated in June 2020 (see our client alert on that update here).

What Is the DOJ’s FCPA Corporate Enforcement Policy?

The Updated Guide incorporates the DOJ’s FCPA Corporate Enforcement Policy (“CEP”), which began as a pilot program in 2016, was formally introduced in November 2017, and was updated in November 2019. The CEP attempts to incentivize companies to voluntarily self-disclose FCPA violations, cooperate with law enforcement, and timely and appropriately remediate, by offering presumptive declinations of prosecution, “absent aggravating circumstances” (meaning DOJ believes it could legally and factually bring charges, but elects not to). The Updated Guide provides three anonymized examples where DOJ declined to prosecute companies under the policy, which are all public and available on the DOJ’s website. Part of a larger effort by DOJ to provide more certainty around the likely outcome of self-reporting, the CEP still leaves the DOJ plenty of prosecutorial discretion, such that the decision of whether to self-report remains one of the toughest calls for any company to make.

When Will a Compliance Monitor or Independent Consultant Be Imposed?

The first edition of the Guide includes a section entitled When is a Compliance Monitor or Independent Consultant Appropriate? The Updated Guide adds to that section a few nuggets of note. First, it states that “a monitor should never be imposed for punitive purposes.” Second, it reflects DOJ’s internal guidance, issued in October 2018, that, “in determining whether to impose a monitor as part of a corporate resolution, prosecutors should assess (1) the potential benefits that employing a monitor may have for the corporation and the public, and (2) the cost of a monitor and its impact on the operations of a corporation.” It then goes on to provide a non-exhaustive list of factors prosecutors will consider when evaluating the potential benefits of a monitor, including:

whether the underlying misconduct involved the manipulation of corporate books and records or the exploitation of an inadequate compliance program or internal control systems;
whether the misconduct at issue was pervasive across the business organization or approved or facilitated by senior management;
whether the corporation has made significant investments in, and improvements to, its corporate compliance program and internal control systems; and
whether remedial improvements to the compliance program and internal controls have been tested to demonstrate that they would prevent or detect similar misconduct in the future.

This section also notes that independent compliance consultants/monitors can be imposed in civil cases, and that when both DOJ and SEC so require, “the two agencies have been able to coordinate their requirements so that the company can retain one monitor to fulfill both sets of requirements.”

How Can Companies Avoid Successor Liability in the M&A Context?

The first edition of the Guide included a discussion of successor liability under the FCPA in the context of mergers and acquisitions. The Updated Guide expands on this topic. It includes an important recognition that while DOJ and SEC strongly encourage pre-acquisition anti-corruption due diligence, that is not always feasible, in which case, the enforcement authorities “will look to the timeliness and thoroughness of the acquiring company’s post-acquisition due diligence and compliance integration efforts.” In addition, the Updated Guide notes that under the DOJ’s FCPA Corporate Enforcement Policy (discussed above), an acquiring company that voluntarily discloses misconduct by a predecessor “may be eligible for a declination, even if aggravating circumstances existed as to the acquired entity.”

While the Updated Guide is hardly groundbreaking, with its easy-to-read style, real world hypotheticals, and 443 footnotes chock-full of citations and hyperlinks to key policies, publications, case law, and other anti-corruption resources, the document is one to be bookmarked by compliance professionals whose companies conduct business abroad, or are thinking of doing so.