For supply chain companies operating in a global environment, the Foreign Corrupt Practices Act has been a key element of compliance planning for many years, sitting alongside regulations related to sanctions, export controls, forced labor, and other issues. Over the past few months, the U.S. government has issued a set of FCPA-related communications and positions that have caused practitioners and compliance professionals to step back and evaluate whether the risk environment has changed and how/whether to respond. Despite the recent activity by the U.S. Department of Justice – first to pause enforcement of the FCPA and then restart it within a defined set of parameters – now is NOT the time to revise a company’s risk tolerance or assume that the lessons of 48 years of FCPA enforcement can be ignored.
The FCPA has become embedded into the compliance culture of global supply chain companies for a number of reasons:
§ For almost 50 years, the FCPA has been the law of the land, and it remains on the books.
§ The United States has been a global leader in encouraging other jurisdictions to enact and enforce anticorruption laws to level the playing field and ensure that bribery is prohibited across the globe.
§ The consequences of an actual or even alleged FCPA violation can be profound, often involving significant fines, distracting investigations, and in some instances incarceration for those involved.
In important ways, the global supply chain is exposed to more acute corruption risks than other sectors. Goods transiting borders are subject to many touchpoints with government functions; political risks fluctuate regularly, requiring constant attention; and third parties or joint ventures are a common feature of the business landscape.
What happened?
The two most important recent pronouncements about the government’s FCPA priorities are (1) the Feb. 10 executive order titled, “Pausing Foreign Corrupt Practices Act Enforcement to Further American Economic and National Security” and (2) the June 9 DOJ memorandum titled, “Guidelines for Investigations and Enforcement of the Foreign Corrupt Practices Act (FCPA).”
In the February EO, the White House observed that the FCPA “has been systematically, and to a steadily increasing degree, stretched beyond proper bounds and abused in a manner that harms the interests of the United States … impedes the United States’ foreign policy objectives … [enforcement is] overexpansive and unpredictable … [and] harms American economic competitiveness . …” The resulting directive called upon the DOJ for a 180-day period to “cease initiation of any new FCPA investigations or enforcement, … review in detail all existing FCPA investigations or enforcement actions and … restore proper bounds on FCPA enforcement … [and] issue updated guidelines. …” During this 180-day “pause,” practitioners reported varying experiences with the DOJ, ranging from a full stop on investigations to full speed ahead for a defendant’s sentencing hearing.
The June DOJ memorandum then provided guidelines designed to limit “… undue burdens on American companies that operate abroad and [target] enforcement actions against conduct that directly undermines U.S. national interests.”
For compliance professionals, the memorandum should be required reading, but headlines for these guidelines are:
§ Total elimination of cartels and transnational criminal organizations: For supply chains that reach into geographies where cartels and transnational criminal organizations operate, this is a warning.
§ Safeguarding fair opportunities for U.S. companies: The memorandum comments that the “most blatant bribery schemes have historically been committed by foreign companies” and focuses on economic disadvantages, i.e. “whether the alleged misconduct deprived specific and identifiable U.S. entities of fair access to compete and/or resulted in economic injury to specific and identifiable American companies or individuals.”
§ Advancing U.S. national security: “FCPA enforcement will … focus on the most urgent threats to U.S. national security resulting from the bribery of corrupt foreign officials involving key infrastructure or assets. …,” such as defense, infrastructure, or critical minerals.
§ Prioritizing investigations of serious misconduct: The memorandum notes that enforcement actions “shall not focus on alleged misconduct involving routine business practices or the type of corporate conduct that involves de minimus or low-dollar, generally accepted business courtesies.” Thus, enforcement will focus only on series misconduct.
The memorandum thus lifted the “pause” and offered some changes of emphasis that, when taken together, indicate that the DOJ remains active and focused on FCPA investigations and enforcement.
What does it mean?
It is too early to know whether or how this changes the landscape of FCPA enforcement. For those companies and individuals in the midst of an investigation and enforcement action, the memorandum allows counsel numerous potential arguments about the scope and pace of an investigation, and anecdotal evidence suggests that the DOJ is hearing those arguments regularly. Press reports indicate that one company saw a multiyear monitorship terminated before the period called for in its DOJ resolution.
However, for supply chain companies seeking to identify and mitigate corruption risks in their daily global operations, what has changed? Here are key risk considerations.
Inherent risk remains the same: Nothing about the pause or memorandum changes the corruption risks faced when navigating a high-risk jurisdiction. No rent-seeking government official will modify their behavior in a way that reduces corruption risks for a supply chain; indeed, anecdotal evidence indicates that some risks may increase. When faced with a bribe solicitation, many companies have built their responses on the definitive statement that U.S. law prohibits payment; now, the demand side of the transaction has started to comment that the U.S. allows some payments.
The memorandum goes to prosecutorial discretion and does not change the law: Because the FCPA remains on the books as is, exposure created by a compliance gap remains, whether or not there is a near-term prosecution. The statute of limitations for an FCPA violation is five years, leaving open the possibility that a later change in DOJ guidance could result in a prosecution when the administration changes.
Non-U.S. jurisdictions are more active: One of the long-term trends in anticorruption compliance and enforcement involves a greater number of jurisdictions with antibribery legislation. Coupled with the inherently multijurisdictional nature of an FCPA fact pattern, this means that even if the U.S. declines to investigate or prosecute, another jurisdiction is increasingly likely to investigate and has been building the capacity to conduct a successful prosecution.
One risk merits particular focus for risks in supply chain. As noted above, the memorandum calls out “total elimination of Cartels and transnational criminal organizations,” a factor that relates to a series of Foreign Terrorist Organization (FTO) designations implemented by the government earlier this year. For companies with supply chain operations that touch into geographies where these cartels or TCOs may operate – at least Mexico, Colombia, Ecuador, Chile, El Salvador, Honduras, and Guatemala – compliance challenges are acute and sound in more than just the FCPA as providing material support to an FTO is itself a violation.
Summary
For those companies that face FCPA and corruption risk issues – including supply chain companies that operate across borders – the U.S. government’s pronouncements about enforcement priorities merit close attention and awareness. Because the corruption risks inherent to global operations are no different than before, now is not the time to modify risk tolerance to take on more risk. In the event of an internal investigation or enforcement action, the government’s memorandum and the prosecutorial discretion will come into play.
