This week marks not only the end of a year, but also a decade.
So let’s take a look back at FCPA enforcement circa 2000.
In 2000, the FCPA was indeed “on the books” (the statute was enacted in 1977), yet there was little in terms of FCPA news or enforcement actions.
A "U.S. newspapers and wires" search for the FCPA in the 2000 picks up 64 “hits” and among the more noteworthy stories from that year were the following:
(1) BellSouth corporation disclosed that the SEC launched a probe into whether one of its Latin American subsidiaries violated the FCPA and the company also disclosed that its outside counsel had already investigated the conduct and found that no violations had occurred; and
(2) BF Goodrich Company announced that it was using a web-enabled training system to educate its employees about work-related legal issues including the FCPA.
One could even attend a few FCPA training sessions in 2000 as the search picked up programs sponsored by both the City of New York Bar and the Washington DC Bar.
There was even one FCPA enforcement action in 2000!
In December 2000, the SEC announced (here) the filing of a settled cease-and-desist proceeding against International Business Machines Corporation (“IBM”).
According to the SEC order (here), IBM violated the books and records provisions of the FCPA based on the conduct of its indirect, wholly-owned subsidiary, IBM-Argentina, S.A. The conduct involved “presumed illicit payments to foreign officials” in connection with a “$250 million systems integration contract” between Banco de la Nacion Argentina (“BNA”) (an apparent “government-owned commercial bank in Argentina) and IBM-Argentina.
The SEC order finds that, in connection with the contract, IBM-Argentina’s Former Senior Management (without the knowledge or approval of any IBM employee in the U.S.) caused IBM-Argentina to enter into a subcontract with an Argentine corporation (“CCR”) and that “money paid to CCR by IBM-Argentina in connection with the subcontract was apparently subsequently paid by CCR to certain BNA officials.”
According to the Order, IBM-Argentina paid CCR approximately $22 million under the subcontract and “at least $4.5 million was transferred to several BNA directors by CCR.”
According to the Order, the former Senior Management “overrode IBM procurement and contracting procedures, and hid the details of the subcontract from the technical and financial review personnel assigned to the Contract.” The Order finds that IBM-Argentina “recorded the payments to CCR in its books and records as third-party subcontractor expenses” and that IBM-Argentina’s financial results were incorporated into IBM’s financial results filed with the Commission.
Based on the above conduct, the SEC concluded that “IBM violated [the FCPA’s books and records provisions] by failing to ensure that IBM-Argentina maintained books and records which accurately reflected IBM-Argentina’s transactions and dispositions of assets with respect to the Subcontract.” IBM consented to a cease and desist order and consented to entry of a judgment ordering it to pay a $300,000 penalty.
A Washington Post article about the IBM action notes that it "is the SEC's first in three years involving overseas bribery."
In 2000, there were no DOJ FCPA prosecutions (against corporations or individuals).
The first DOJ corporate FCPA prosecution of this decade did not occur until 2002.
In that action (here) Syncor Taiwan, Inc. (a wholly-owned, indirect subsidiary of Syncor International Corporation) pleaded guilty to a one-count criminal information charging violations of the FCPA. According to the DOJ release, "[t]he company admitted making improper payments [approximately $344,110] to physicians employed by hospitals owned by the legal authorities in Taiwan for the purpose of obtaining and retaining business from those hospitals and in connection with the purchase and sale of unit dosages of certain radiopharmaceuticals."
The release further notes that the company "made payments [approximately $113,000] to physicians employed by hospitals owned by the legal authorities in Taiwan in exchange for their referrals of patients to medial imaging centers owned and operated by the defendant."
Based on this conduct, the release notes that the company agreed to a $2 million criminal fine - "the maximum criminal fine for a corporation under the FCPA" (as noted in the release). The release also notes that "Syncor International has consented to the entry of a judgment requiring it to pay a $500,000 civil penalty, the largest penalty ever obtained by the SEC in an FCPA case.".
From this retrospective, two issues jump out.
First, as demonstrated by the IBM action, the notion that an issuer may be strictly liable for a subsidiary's (even if indirect) violations of the FCPA books and records is nothing new. (See here for a prior post on this issue).
Second, as demonstrated by the Syncor action, DOJ's interpretation of the "foreign official" element to include non-government employees employed by state-owned or state-controlled entities stretches back to earlier this decade. (See here for prior posts on this issue).
This retrospective also highlights just how significantly FCPA enforcement has changed this decade.
For starters, the same "U.S. newspapers and wires" search for the FCPA (year to date) picks up nearly 700 "hits" (a ten-fold increase from ten years ago). In addition, if one wanted to, one could attend (it seems) an FCPA seminar, training session, bar event, etc. every week in a different state.
Further, I bet my Jack LaLanne Power Juicer received this holiday season that if the IBM enforcement action were to have recently occurred, the SEC would have also charged FCPA internal control violations as well as sought a significant disgorgement penalty given that the alleged improper payments in that matter helped secure a $250 million contract.
Moreover, the $2 million "maximum criminal fine for a corporation under the FCPA" (as noted in the Syncor DOJ release) seems laughable when viewed in the context of the $450 million Siemens criminal fine (Dec. 2008) or the $402 million Kellogg Brown & Root criminal fine (Feb. 2009). Also laughable is the $500,000 "largest penalty ever obtained by the SEC in an FCPA case" (as noted in the Syncor release) when viewed in the context of the $350 million Siemens penalty or the $177 million KBR/Halliburton penalty.
Has the conduct become more egregious during this decade or have enforcement theories and strategies simply changed? I doubt it is the former.
Why have enforcement theories and strategies changed? One of the best, candid explanations I've heard recently is that FCPA enforcement for the government "is lucrative." (See here).
One of the great legal "head-scratchers" of this decade is how DOJ and SEC's enforcement of the FCPA against business entities has taken place almost entirely outside of the normal judicial process due to the fact that corporate FCPA prosecutions are resolved through non-prosecution or deferred prosecution agreements, settled through SEC cease and desist orders, or otherwise resolved informally. The end result is that in many cases, the FCPA means what DOJ and SEC says it means.
My hope for the New Year and decade is that many of the untested and unchallenged legal theories which are now common in FCPA enforcement will actually be subject to judicial scrutiny and interpretation.