Aaron Murphy (Latham & Watkins - here) has published a new book - "The Foreign Corrupt Practices Act: A Practical Resource For Managers and Executives" (here).
In this Q&A exchange, Murphy describes his book and his motivations for writing it. He also answers a few questions about FCPA reform proposals and the U.K. Bribery Act.
Having spent several years at a large law firm with an FCPA practice, I know how busy the practice can be. Where did you find the time to write such an extensive book?
I spend a lot of my life on airplanes and in hotel rooms.
This book is different from the treatises and manuals that are already out there. Why did you write this book, and in particular, this kind of book?
There are some good legal treatises and manuals. But they aren’t aimed at educating the managers and employees who can be on the receiving end of an FCPA investigation. My book is written for managers and others who are on-the-ground in foreign countries. I wanted to write an engaging book that changed the kinds of internal questions that get asked about expenses, agents, state-owned entities, and other issues.
The book grew out of the fact that I was having the same conversation with clients and their managers over and over again. It occurred to me that despite sitting through a couple of PowerPoint slides about the FCPA during a compliance training, the managers did not understand how and where bribery occurs.
I’d be interviewing the manger of a company’s foreign operations in a high risk country and have a stack of documents to go through with him. I’d ask him a series of questions about some fairly run-of-the-mill issues – why certain dinners occurred with some government officials, what the thousand dollars of “miscellaneous” expenses on a hotel bill were for, whether the manager ever saw any of the holiday gifts he approved a large budget for – and it would often become clear to me that the manager had no idea that I was asking him about possible bribes. It had simply never occurred to him that there could be FCPA risks associated with any of these kinds of expenses. And those kinds of blind spots existed with managers who supposedly had received FCPA training.
Numerous times people have told me that they remember the FCPA training they had, but that they never thought the Act applied to the kinds of expenses I’m asking them about.
I tried to keep this book tethered to real-world situations. Theoretical discussions and policy debates are interesting and important – and there is some of that in the book – but it doesn’t really help a manager spot concrete issues. It doesn’t tell a manager what to watch out for. And that was the aim of this book.
I think there is plenty to debate about anticorruption enforcement generally, but whether you agree with the DOJ or the SEC’s position on something doesn’t really matter a whole lot when you’re trying to answer a question on a live issue, in real time. Can we make this payment or not? Should we use this agent, despite these rumors? Can I take this guy from a state-owned company out for a round of golf and dinner? Those are real questions. Hard, fact-specific questions that often need to be answered immediately. My goal was to make sure that managers understand that those are the questions they need to ask. Those are the questions they need to get some help answering. Theoretical debates don’t help a manager who is faced with a situation in the real world.
Do you think business personnel are surprised by the breadth of the FCPA, at least as it is interpreted and enforced by the DOJ and SEC?
Absolutely. Everyone thinks bribery is about suitcases full of money. Even though managers get trained and are told it’s much broader, they either don’t hear it, don’t believe it, or just think “Yeah, but it couldn’t happen in my organization.” They walk out of the training and it’s business as usual. Senior executives back at headquarters think everything is fine because their people have all been shown some slides with FCPA language. But there’s often a fundamental disconnect between the training and life on the ground in a company’s foreign operations.
I kept thinking there had to be a better way to help companies train their people on the front end, so I would quit having those conversations on the back end, after violations have already occurred.
I set out to write a book that was non-technical. A book that was practical. Something that takes managers – and I use that term loosely, meaning anyone who is in charge of other people – through all of the areas where FCPA issues typically come up and show them how they come up. I wanted something that gave managers a guided tour of the kinds of things FCPA practitioners see everyday.
What do you think is behind the inadequacy of much FCPA training?
I think it’s mostly a function of resources. I’m really sympathetic to in-house compliance personnel who are tasked with FCPA training. Usually, FCPA is just one of several areas they’re responsible for, and their organization is spread out over ten, twenty, fifty, or a hundred countries. It just becomes impossible for them to get out there and directly train all of their company’s employees. And, with constant turnover, acquisitions, mergers, it’s a never-ending task. New people are always joining a large organization. And FCPA training is just one of the things they have to do.
So you see the FCPA getting a few slides in a much larger PowerPoint that tries to cover insider trading, antitrust, OFAC and money laundering issues, regulatory issues, and all kinds of other stuff. Employees walk out with a glazed look on their faces and they haven’t really learned anything.
I wanted to help solve that problem. Here is something that companies can make required reading for all finance people and every manager over a certain level. Put it in their new hire package. Make them sign a certification that they’ve read and understood it, and put that in their personnel file. Then companies at least have documentation that the people charged with overseeing their business really were trained in detail. It hopefully gives companies some protection down the road if there is a problem, and, most importantly, it will educate employees about how the FCPA works and how FCPA compliance issues come up in the real world. If it does that, the book isn’t just insurance against future violations, it will actually result in compliance.
Plus, making the book required reading sets expectations and sends a serious message to management that this is an issue the company cares about.
In terms of FCPA compliance, one often hears about "tone at the top." Is this just a buzzword or do you think it has real-world application?
I think it’s extremely important with an issue like bribery. Small shifts in attitudes can have huge consequences. I think just making off-hand jokes along the lines of “we all know how it is in Country X” sends a powerful message that low-level regulatory bribery is okay. Meaning, as long as we’re not talking about suitcases full of cash, it’s no big deal, no one is really going to get upset about it.
But regulatory issues can be huge. Just look at the recent Panalpina settlements.
At the end of the day, my mantra is this: Companies don’t pay bribes. People do. The best thing a company can do is to train its people by showing them how real world situations affect them. That’s what this book is about.
There is a lot of talk these days about FCPA reform. What are your thoughts on this issue?
Well, it makes for good controversy, but I always say that no politician ever got elected by saying it was time to get soft on crime. Certainly not a pro-corruption platform. So I think there’s very little chance of any overhaul that is going to make compliance easier on companies. That said, there may well be some chance for clarifying legislation.
Everyone out there lobbying for reform needs to be very careful what they wish for. Corruption is a topic that makes for good headlines and politicians love good headlines. It’s not hard to imagine a politician who doesn’t care too much about the FCPA trying to do away with facilitating payments, or press for more severe jail time, just to make a name for themselves. So as I see it, there’s a risk that any reform process could get hijacked, and we could end up with a statute that looks more like the UK Bribery Act. Although that might not be a bad thing if US companies could get a very solid and clear adequate procedures defense out of it.
Although, as you know because you were there at the recent Senate hearings, the DOJ’s current position is that it’s not interested in what it views as a compliance amnesty program. I suspect we’re stuck where we are for the time being. Although the forthcoming enforcement of the UK Bribery Act will keep things interesting.
If the DOJ is enforcing, in many cases, a statute in a way that Congress did not intend, why is this a political issue? Can any legislative reform proposal address this structural issue?
These things are always ultimately political. There’s no question that DOJ has an aggressive interpretation of certain FCPA provisions. Whether DOJ is transcending Congressional intent or not is no different from any other problem of interpretation. The difference in the FCPA context, as you have raised in your work, is that there is only limited judicial oversight of those interpretations because so few of these matters ever get litigated. And while that point is well-taken, many courts might well interpret the FCPA the same way DOJ interprets it. So my view is that whether we take issue with DOJ’s interpretation or court interpretations, the solution always becomes a political issue. Congress is aware of the DOJ’s view and can take steps to modify or clarify the statute if it disagrees with that view, the same as it can and often does when it dislikes court interpretations of any other statute.
Now, whether any Congressional solution would result in anything better than what we currently have is anyone’s guess.
Do you think the UK Bribery Act is going to be a real game-changer? A lot of people are talking about the lack of a facilitating payments exception. Do you think the landscape is going to be very different once the Bribery Act comes into force?
I actually think that the biggest effect that it’s going to have is that it’s going to force large British companies that may not have focused on corruption issues before to finally have to focus on them. But for most multinationals – many of whom will be subject to both the FCPA and the Bribery Act – I think the landscape stays largely unchanged. The biggest deal for them is going to be getting an adequate compliance program in place.
The underlying ways in which bribery occurs inside of companies will remain the same. The controls and procedures that can address bribery will also remain the same. At the margins, there are some obvious differences between the FCPA and the Bribery Act, but the conduct they cover is mostly identical.
A lot of people have been talking about the different treatment of facilitating payments. I don’t think that’s nearly as big of a deal as the other main difference, which is the criminalization of private conduct. The UK statute explicitly looks to whether a relevant function of an employee’s job has been performed improperly as a result of a payment or gift. Who defines what the proper performance of an employee’s job is? The employer, of course.
So has the UK Bribery Act essentially transformed employee manuals and company policy manuals into de facto statutes? Improperly perform your job in violation of your company policy and you’ve committed a crime under British law? I see a potentially serious problem there. After all, many companies have policies that prohibit their employees from giving or receiving gifts from people with whom they do business. Do they need to think more carefully about what they put in those policies in light of what the UK Bribery Act does with them?