Stephen Clayton     July 13, 2011                                                                                                                                                                            

Commentary on the Written Testimony of Shana-Tara Regon re: Foreign Corrupt Practices Act before the House Committee on the Judiciary, Subcommittee on Crime, Terrorism, and Homeland Security, June 14, 2011.  Text here:  judiciary.house.gov/hearings/pdf/Regon05142011.pdf
 
The Written Testimony of Shana-Tara Regon could have been refreshing in that it presents the views of a lawyer who is an outsider and not a member of  "FCPA, Inc."  Unfortunately because she has no background working with the FCPA or in international business, her testimony is based on unsubstantiated opinions rather than facts.

Regon gets started right after her introductory paragraph asserting, "there is vast disagreement and uncertainty about the meaning of many of the key provisions of the FCPA."  She expresses annoyance that enforcement is focused on corporations - even though the genesis of the FCPA was corruption by corporations in international business.  She then laments that corporations are unable to aggressively defend themselves when they are accused of bribing foreign officials; She offers no data to back those opinions.

 

The DOJ and SEC have not brought a lot of cases under the FCPA and in most of them there has been clear evidence of a violation, either blatant bribery or a pattern of false books and records. Corporations usually do not go through long trials to force rulings on any points of law when they have poor facts to begin with. The FCPA is no exception. Many of the companies that have been the subject of litigation have had no FCPA compliance program or a program that was paper-thin and not calculated to deter bribery in situations where the company management should have known the risk of bribery was high.  Though it is not clear because they do not publish enough information, the DOJ and SEC seem to be willing to negotiate and many FCPA investigations are settled with no action taken.

Regon's assertions that the "reach of the FCPA is so vast and its provisions so amorphous " and the "DOJ overseeing and regulating virtually all American Companies and individuals seeking to do business abroad," sound really scary.  Based on her characterization one would think US companies were falling all over themselves to comply with the FCPA - instead of largely ignoring it.

In the 4th paragraph, after Regon lauds the idea of making bribery of foreign government officials a crime, she then goes on to assert without explanation or example, that the law might "be applied to criminalize all kinds of perfectly legitimate business activities." Her testimony then takes a turn and seems to advocate that bribery in certain amounts and to certain people should be permitted.  Her language is vague, but Regon seems to be agreeing that when a US company is dealing with a government owned enterprise overseas the chance that bribery and corruption will be involved is very high.  Instead of recommending that US companies should recognize the well known risk of bribery and establish internal controls and training programs to prevent that risk, she seems to be proposing to Congress that the FCPA should be amended to make it clearly legal for US companies to bribe mid level employees of state owned companies, because those government employees “do not fit a layperson’s view of a foreign official.”   The objective seems to be a revision of the FCPA to make it legal for US companies to pay smallish bribes to government officials or to pay any bribes to people who fall outside a narrowly drawn definition of government official, presumably based on a layperson’s opinion.

 

Companies are much better off when they set up their compliance programs to ensure they do not bribe anyone anywhere.  If their employees in the field truly lack the ability to determine when a person they are considering making a payment to is a government official or not, and they truly cannot discern whether the payment is an acceptable corporate marketing expenditure or a bribe, they should refrain from paying that person.  In fact, most people employed by US companies to do foreign business are able to quickly confirm whether a person they are dealing with works for a government or a government owned/controlled organization.  And US companies employ smart business people overseas - smart enough to understand the difference between acceptable corporate hospitality and a bribe.  The  “confusion” in that area is a smokescreen.  A well thought out and properly staffed and budgeted FCPA compliance program would end any confusion for the company.

Regon got it right when she said dealings with government owned enterprises are “automatically rife with potential criminal exposure.”  Companies are increasingly recognizing that shakedowns, demands for kickbacks, and bribes disguised in any number of typical or even inventive ways are common when they choose to deal with state owned enterprises in some countries.  The better corporations - those which have actually established anti-corruption programs - deal with that known risk by recognizing it, training their employees and business partners to recognize it, and setting up processes to prevent conduct in violation of the law from happening in their business. It is not especially complex or difficult for a company doing international business to conduct a risk assessment and implement training, programs and changes to record keeping processes to make it very difficult for its employees to pay bribes to employees of the state owned enterprises they deal with.

The first example contained in paragraph 5 of Regon’s testimony attempts to create an illusion that there is controversy over whether normal corporate marketing activities are violations of the FCPA.  It is a terrible example, probably because the writer had no real life experience with FCPA compliance or international business.  Experienced international business people working for US companies are generally smart and know when a payment is intended for a legitimate business purpose and when it is a bribe.  In almost all cases the line between a bribe and corporate hospitality is not vague and the decision is clear.  If their employees did not already know it on their own, some US companies provide thorough FCPA training to their international sales staff and explain bribery scenarios so their employees know that all types of bribery are prohibited.

 

Assuming the company in question actually had an FCPA compliance program, it is hard to imagine any experienced FCPA practitioner spending more than 10 minutes to determine the scenario Regon lays out in her paragraph 5 does not involve a violation of the FCPA.  If a company were actually flummoxed by that example it would demonstrate the company had an ineffective FCPA program, an ineffective program to deal with expenses for gifts, meals and entertainment and no lawyer or other employee on staff to answer standard questions who had a basic understanding of the FCPA and how the company did international business.   Ms. Regon is a criminal defense lawyer, not an international business lawyer or a compliance lawyer, and may have seen examples of other criminal defense lawyers giving the kind of timid, poorly informed advice she warns about.  Her example shows why companies should build up or acquire internal FCPA expertise and not expend time and money taking routine business issues to criminal defense lawyers who do not understand their business.

 

On the issue of “willful blindness,” business people must consider the risk. Nearly every businessperson with experience in Russia and the CIS will admit it is extremely difficult to do business in Russia/CIS without paying bribes.  In Russia it is not uncommon for employees, agents or business partners of US Companies to both give and accept bribes and kickbacks. So when a company is doing business in Russia/CIS it needs to operate on the assumption someone involved in its business is paying bribes – and that the bribe payers/receivers are smart and experienced and will do a sophisticated job of covering their tracks.  The company’s normal, lightweight FCPA compliance program and its SOX based financial controls are not sufficient for an environment like Russia/CIS. If a company is doing business in Russia and has not fortified its business with policies, training, partner due diligence and supervision, and a system of financial controls calculated to deal with the known high level of corruption, should its senior management (or its mid-level managers in charge of international business) be able to claim they did not have “knowledge” bribes were being paid?  They did not try to learn what was going on in their business. Is that acting in good faith?

Regon states that she recognizes corruption in international business is very real and insidious.  But her testimony does not convey an idea of how widespread bribery by employees of foreign subsidiaries of US companies really is.   Her argument falls apart when she says,  "But here is the reality..."  She states US companies large and small have "spent billions on sophisticated compliance programs."  She gives no source for the alleged spending or whether "sophisticated” equates with "intelligent and effective." Her examples are all depictions of companies which have such poor compliance programs that they have to go to outside counsel for routine, day-to-day FCPA questions. If a company goes to an outside criminal defense lawyer with a question over a $100 meal - that company has no FCPA compliance program.  Questions like those she states would be dealt with quickly through the company's program. Those US companies which have put in place effective FCPA compliance programs deal with gifts, meals, entertainment and travel early in the process and train their employees to follow their published guidelines.  Companies that behave like those in Regon's example do not have effective compliance programs.

 

Unfortunately members Congress also have little practical experience with FCPA compliance programs or bribery in international business.  They have a policy decision to make:  Do they amend the law to make prosecution of FCPA violations much more difficult, which will reduce the incentive for companies to put in place adequate compliance programs?  Or do they allow the Justice Department and SEC to continue the work started in the Bush administration to enforce the FCPA and make it clear that bribery in international business is a crime that can be investigated and result in punishment?

Many US companies that are exporting and doing business outside the US have spent very little time or money doing an objective assessment of the risk of bribery and corruption in their business. A risk assessment and basic understanding of the requirements of the FCPA are necessary prerequisites for establishing an effective FCPA compliance program.  Those companies have many avenues available to help them understand their risks and the FCPA and then to set up an effective compliance program.  It is probably OK to assume that by 2011 the majority of members of boards of directors of US companies which are exporting and most of their senior management have at least heard of the FCPA. So the conclusion is boards and management do not set up strong FCPA compliance programs because they believe the risk of prosecution is not great enough to warrant the expense and effort of establishing a compliance program.

One problem in US international business can be seen in Regon’s statement  "Most American companies a not trying to break the law (implying some are?); they are not looking for permission to bribe foreign officials."  She is not asking for permission either.  She is asking for a substantial reduction in enforcement so there will be even less incentive than there is now for companies to set up FCPA compliance programs.  In essence she is asking for changes to the law itself to make prosecution of bribery cases by the DOJ and SEC significantly more difficult, so difficult that companies will not have a need to implement effective processes to deter bribery and most bribery will continue to go undetected - as the situation is today.

 

Regon is correct, board members and senior management of US companies are not trying to break the law. The problem may be that many of them do not believe bribery is a problem in their company’s international business. People want to believe they run and work for clean, ethical companies that hire ethical employees. This positive bias makes it easy for them to downplay the existence of corruption and related falsification of corporate records in their company.  And their lack of experience with the on the ground reality of international business makes it difficult for them to recognize how difficult it is to prevent and detect bribery by their overseas employees, agents and business partners. 

 

Her assertion that "American businesspeople… are already doing whatever they can to ferret out and prevent violations of the law" is asserting fantasy as fact.  Some US companies are doing some activities, and a few companies, mainly those who have been investigated or have been targets for investigations and those who have discovered clear violations on their own, have set up very extensive anti-bribery compliance programs. But even those companies, with their well-funded, sophisticated compliance programs run by employees with FCPA experience, still have to remain vigilant and contend with bribery by employees and third parties in their organizations. They are rarely able to completely stamp it out. 

 

Companies that have put in place and are running robust FCPA compliance programs and play by the rules should receive credit and leniency in the investigation, charging and sentencing processes. This seems to be done in practice by the DOJ and SEC, but their guidance should be more specific.  Corporations are good at organizing solutions based on clear rules, so detailed guidance and certainty, in tandem with stiff enforcement and the reality of regularly seeing lawbreakers going to jail, would encourage companies to set up effective compliance programs. The more US companies that do put robust compliance programs in place, the more difficult it will be for employees with a propensity to pay bribes to lurk in their organizations and the more rare it will be for bribe-demanding government officials to get paid.  The way to level the playing field is to bring the recalcitrant up to the level of the compliant.  Ending corruption in international business is a long process. It may take generations to change attitudes and behavior. 

The FCPA has been the single most important law in the 35-year global movement to combat bribery in international business.  The US provided the leadership that convinced most other countries to pass similar laws.  The FCPA would have remained ineffective, and largely ignored by US corporations if the DOJ and SEC had not started to enforce it in a serious way during the Bush administration. Enforcement of the FCPA by the Bush administration pushed other countries to begin enforcement of their own laws against corruption in international business. Even in the US, the level of enforcement to date is still not enough to influence US business people to change their attitudes and practices about bribery in international business.

FCPA enforcement is not a solution looking for a problem.  Business people, including employees, agents and business partners of US companies, still frequently pay bribes to get or keep international business. FCPA enforcement and the increased number and types of prosecutions since 2005 have raised the bar and attracted the attention of enforcement regimes in many countries.  The US is the global leader in the fight against corruption in international business and has a firm ethical foundation for its leadership.  Congress is now considering amending the FCPA to give up that leadership. Maybe Germany and the UK will step up and take the lead when the US fades into the pack.  If Congress is going to make amendments to hamstring enforcement of the FCPA, the legislation should be based on fact and actual business examples, not misinformation and speculation.