The Foreign Corrupt Practices Act

The Foreign Corrupt Practices Act (FCPA) contains provisions that directly prohibit bribery, known as the “anti-bribery provisions,” and provisions that prohibit the failure to reflect the true nature of transactions in a company’s accounts, known as the “books and records provisions.” The FCPA also contains “internal controls” provisions, requiring an issuer to maintain adequate internal controls to provide assurance that transactions are properly authorized and accurately recorded. Together, these provisions prohibit both bribery of foreign officials and accounting practices that may conceal such activity. Importantly, however, the books and records and internal controls provisions require a company to account accurately for the disposition of assets and to maintain controls to ensure that it can do so, even if no improper payment has been made.

The FCPA’s provisions are broadly worded and subject, in certain instances, to competing interpretations. Companies seeking to comply with the provisions must rely on the few decided cases, US Department of Justice (DOJ) and the US Securities and Exchange Commission (SEC) guidance, and established enforcement practice. While this structure can be a recipe for confusion, the discussion below is intended to provide a straightforward description of these provisions and answers to frequently asked questions.

The FCPA’s Anti-Bribery Provisions

The FCPA’s anti-bribery provisions prohibit an offer of payment, promise to pay, or authorization of payment, of any money or anything of value to any foreign official, or to any other person (i.e., a third party) while knowing that any portion of the thing of value will be offered, given, or promised, directly or indirectly, to a foreign official with corrupt intent for the purpose of influencing an official to obtain or retain business, or to direct business to any person.

The FCPA contains certain limitations on who may be prosecuted under this provision and a few substantive affirmative defenses.

These statutory elements, limitations, and defenses are discussed in more detail below.

1. Jurisdiction

FCPA jurisdiction is broad. It extends to all US companies or persons and their agents, as well as to foreign companies that are registered with the SEC and foreign companies or persons that act in furtherance of an improper payment or offer while in the United States.

Territorial-based jurisdiction extends to any “issuer,” “domestic concern,” officer, director, employee, or agent of such issuer or domestic concern, or stockholder acting on behalf of such issuer or domestic concern, that makes use of any instrumentality of interstate commerce in furtherance of any improper payment or offer of payment.[1] An “issuer” is any person—American or foreign—who either issues securities within the United States or is required to file reports with the SEC.[2] A “domestic concern” is a US citizen, national, resident, or a corporation or other business entity with its principal place of business in the United States or organized under the laws of the United States.[3] Note that the domestic concern need not be the ultimate beneficiary for the FCPA to apply.[4] (Rather, the statute precludes officers and directors of domestic concerns from paying bribes to foreign officials “in order to assist such domestic concern in obtaining . . . business for . . . any person.”).

Another type of territorial-based jurisdiction extends to foreign citizens and foreign companies (or, more specifically, foreign companies that are not issuers) that commit any act in furtherance of an improper payment or offer in the territory of the United States.[5]

Finally, the FCPA’s anti-bribery provisions include an “alternative jurisdiction” that applies, based on US nationality alone, to acts outside the United States in furtherance of an improper payment or offer by any of the following: (1) any issuer organized under the laws of the United States; (2) US persons who are officers, directors, employees, agents, and stockholders of such issuer and are acting on behalf of such issuer; (3) any other corporation, partnership, association, joint-stock company, business trust, unincorporated organization, or sole proprietorship organized under the laws of the United States; or (4) any other citizen or national of the United States.[6] Thus, US companies and citizens are subject to the FCPA regardless of where the act in furtherance of an improper payment or offer takes place, and, if the act takes place overseas, even if no means of interstate commerce is used.

Questions about the scope of jurisdiction often arise in the context of a company’s liability for conduct of foreign subsidiaries. A company can be liable for its subsidiary’s improper payments under two theories: (1) because the parent sufficiently participated in the payment by authorizing the payment or providing funds “knowing” that the funds would be used for an improper purpose, or (2) because the subsidiary’s acts in making the payments can be attributed to the parent under traditional agency principles. DOJ and the SEC endorsed both theories of parent liability in their 2020 joint Resource Guide to FCPA enforcement.[7]

DOJ and the SEC have shown a willingness to hold a parent company liable for its subsidiary’s actions solely based on the corporate relationship. In 2013, for example, both agencies reached non-prosecution agreements with Ralph Lauren Corporation for alleged bribes paid by an Argentine subsidiary to expedite customs clearances.[8] The government did not allege actual knowledge or participation by the parent in the subsidiary’s conduct. Rather, liability appeared to be premised on the fact that Ralph Lauren Corporation was the sole owner of the subsidiary and had appointed its general manager.

This is one example of a foreign subsidiary being considered an “agent” of its parent, a relationship that could trigger FCPA liability for both the foreign subsidiary and the parent corporation. The statute makes “agents” of issuers as well as “agents” of domestic concerns subject to the FCPA. In addition, under US common law principles of vicarious liability, a corporation can be held liable for the conduct of its agent. For example, in 2014, the SEC held Alcoa Inc. liable for alleged improper payments by its subsidiaries, despite making “no findings that an officer, director or employee of Alcoa knowingly engaged in the bribe scheme.”[9] The SEC’s finding of liability was based on the level of control Alcoa exercised over its subsidiaries, including its appointment of key leadership for the subsidiaries, its development of business and financial goals for them, and its coordination of legal, audit, and compliance functions. This approach is consistent with the statement in the Resource Guide that “[t]he fundamental characteristic of agency is control.”[10]

A company may also be held liable for, or suffer other consequences from, the prior illegal acts of a company that it acquires or with which it becomes associated as the result of a merger. In a 2014 opinion release,[11] DOJ made clear that the mere act of acquisition cannot create liability where none existed before.[12] DOJ explained that a US company that wished to acquire a foreign target would not be liable for that target’s past extraterritorial conduct if the prior conduct had no connection to the United States, putting it beyond US jurisdiction in the first place.[13] But where potential liability existed prior to an acquisition, the acquiring company can be held liable for the past conduct of its acquisition.

DOJ and the SEC devote substantial space to this topic in their Resource Guide, in which they explain that actions against the acquiring or successor company are generally reserved for cases “involving egregious and sustained violations or where the successor company directly participated in the violations or failed to stop the misconduct from continuing after the acquisition.”[14] They are less likely to take action against an acquiring company that discovered and quickly remediated violations.[15] Consequently, the Resource Guide recommends that companies conduct extensive due diligence prior to acquisition (or, where that is not possible, after acquisition) and quickly and effectively integrate the target company into the parent’s compliance program and internal controls.[16] Guidance from DOJ’s Criminal Division echoes this recommendation.[17] The FCPA Corporate Enforcement Policy provides that successor companies that uncover wrongdoing in connection with a merger or acquisition can get credit for voluntary self-disclosure, cooperation, and remediation if done in accordance with the terms of the policy.[18]

The US Court of Appeals for the Second Circuit has held that jurisdiction cannot be established simply based on a foreign national entering into a conspiracy to violate the FCPA with a US person. In an August 2015 decision, the district court in United States v. Hoskins, 123 F. Supp. 3d 316 (D. Conn. 2015), held that a person who is not himself subject to the FCPA cannot be charged as a co-conspirator or an accomplice to an FCPA violation. In Hoskins, the government alleged that, from 2002 through 2009, Alstom Power, Inc. (Alstom US), a company headquartered in Connecticut, was engaged in a bribery scheme to secure a $118-million project to build power stations for Indonesia’s state-owned and state-controlled electricity company. From 2001 through 2004, defendant Lawrence Hoskins, a UK national, was employed by Alstom UK, a British company, and assigned to work for Alstom Resource Management SA, a French company, in France. The government claimed that Hoskins participated in the bribery scheme by approving and authorizing payments to individuals hired to pay bribes to Indonesian officials in order to influence the award of the power stations contract. The government alleged multiple theories of jurisdiction over Hoskins, who was not American and did not act within the United States. Among other theories of jurisdiction, the government alleged that even if Hoskins was not an agent of Alstom US, he conspired with others to violate the FCPA. The district court rejected that argument, reasoning that “where Congress chooses to exclude a class of individuals from liability under a statute, ‘the Executive [may not] . . . override the Congressional intent not to prosecute’” those parties by charging them for conspiracy to violate that statute.[19] The government appealed the decision to the Second Circuit.

On appeal, the Second Circuit affirmed in part and reversed in part the district court’s decision.[20] The Second Circuit concluded that Hoskins (a foreign national) could not be liable for conspiring to violate (or violating) the FCPA without a showing that he was acting as an employee, officer, director, or agent of Alstom US when he engaged in the prohibited conduct or that he took action in furtherance of the violation while in the United States.[21] But the Second Circuit reversed the district court’s ruling insofar as it prohibited the government from attempting to establish that Hoskins was liable as an agent of Alstom US for conspiring with foreign nationals who committed relevant acts while in the United States.[22] The Second Circuit’s opinion establishes that there is a limit on the use of federal conspiracy charges to expand the scope of FCPA prosecutions, although agency remains a basis for establishing jurisdiction over foreign nationals. Hoskins was subsequently convicted at trial, including under the agency theory.[23] However, on February 26, 2020, the district court acquitted Hoskins as to the agency theory charges, while upholding his convictions for money laundering. After a thorough review of the facts and legal standard for establishing agency, the court held that the government had failed to present evidence upon which a rational jury could conclude that Hoskins was an agent of Alstom US.

The Second Circuit later affirmed the district court’s ruling on the basis that the government did not show that Alstom’s US subsidiary “actually controlled” Hoskins’ actions and applied common law principles of agency to conclude that the government failed to establish “a principal-agent relationship within the meaning of the FCPA.”[24] Judge Raymond J. Lohier Jr. dissented on the basis that the majority’s analysis focused on too broad an analysis of the formal agency relationship, despite “specific evidence of Hoskins’ targeted agency on behalf—and with authority granted to him by—[the subsidiary].”[25] According to Judge Lohier, the majority erroneously asked whether the government proved that the subsidiary “had a right to terminate Hoskins as a general matter,” rather than whether the subsidiary controlled Hoskins’ actions “in connection with the specific events” underlying the FCPA violation.[26] Judge Lohier’s dissent notwithstanding, the majority’s opinion in Hoskins demonstrates the limits of FCPA jurisdiction and indicates that an agency relationship under the FCPA requires more than mere collaboration, but rather an entity’s formal control over an actor demonstrated in organizational structures, reporting lines, the ability to terminate a relationship, and the ability to bind an entity to contracts or other final decisions. Although the Hoskins decision is controlling in the Second Circuit, DOJ and the SEC have observed that at least one district court from another circuit has rejected the reasoning of the Hoskins court, leaving an open question as to how the FCPA’s reach will be interpreted in other circuits in cases involving charges of conspiratorial liability.[27]

2. Corrupt Intent

The FCPA requires that the pertinent acts be committed “corruptly.” The act’s legislative history reflects that the payments “must be intended to induce the recipient to misuse his official position.”[28] “An act is ‘corruptly’ done if done voluntarily [a]nd intentionally, and with a bad purpose of accomplishing either an unlawful end or result, or a lawful end or result by some unlawful method or means.”[29]

In United States v. Kozeny, a federal district court considered whether a defendant may obtain a jury instruction that corrupt intent could be absent because the bribe was the result of extortion.[30] The court in Kozeny determined that “true extortion” can be a viable defense to an FCPA charge and held that, where a defendant presents sufficient evidence on that point, the court should instruct the jury as to what constitutes true extortion such that a defendant cannot be found to have the requisite corrupt intent.[31] The court was not called upon to decide the precise parameters of “true extortion” but concluded that it must involve more than a simple demand for payment.[32] Citing the FCPA’s legislative history, the court stated: “While the FCPA would apply to a situation in which a ‘payment [is] demanded on the part of a government official as a price for gaining entry into a market or to obtain a contract,’ it would not apply to one in which payment is made to an official ‘to keep an oil rig from being dynamited,’ an example of ‘true extortion.’”[33]

3. Anything of Value

The FCPA does not define “anything of value,” but the term has been “construed broadly” to include a variety of benefits, such as offers of employment, travel expenses, and charitable contributions.[34] In 2015, the SEC’s then-director of enforcement emphasized that “anything of value” is a “broad term” that is not limited to cash or tangible gifts but includes less traditional items of value that have been given in order to influence foreign officials.[35] He observed that the SEC has brought bribery charges in cases involving contributions to charities affiliated with foreign government officials, the provision of no-show jobs to the spouse of a foreign official, payment of a honeymoon of a foreign official’s daughter, and the provision of student internships to family members of a foreign government official.[36] Similarly, the Resource Guide states that “[a]n improper benefit can take many forms,” including not only cash but also travel expenses and expensive gifts.[37] The Resource Guide further states that “the FCPA does not contain a minimum threshold amount for corrupt gifts or payments.”[38] What may be considered a modest payment in the United States could be viewed as a larger and more significant amount in a foreign country.[39]

In addition to cash and cash equivalents (e.g., stock, stock options), things of value in the FCPA context have included travel and entertainment (e.g., 2013 DOJ Diebold matter); charitable contributions (e.g., 2004 SEC Schering-Plough matter); college scholarships (e.g., 1993 DOJ McDade matter); the services of a prostitute (e.g., DOJ Girard and Marmolejo matters); offers of future employment (e.g., DOJ Girard matter); and offers of employment to friends and family of an official (e.g., 2016 DOJ and SEC JP Morgan Chase matter).

Charitable contributions raise a particularly difficult issue. DOJ and the SEC have both advised that legitimate charitable donations do not violate the FCPA.[40] Yet enforcement practice reflects that the government will closely scrutinize donations made to charitable organizations or for educational purposes to ensure that any officials requesting donations, or otherwise associated with the donees, have no possible role in reviewing matters for, or providing preferential treatment to, the donating business. For example, in 2012, the SEC brought an FCPA enforcement action against Eli Lilly & Co. alleging that a subsidiary of the pharmaceutical company made $39,000 in donations to a Polish charity.[41] The SEC claimed the donations had been made at the request of a government official who had influence over pharmaceutical purchases in Poland.

4. Authorization of Unlawful Payments

The FCPA prohibits not only the making but also the “authorization” of any payment or giving of anything of value to a foreign official.[42]

The FCPA does not define the term “authorization,” and as with many aspects of the statute, the case law is undeveloped. The legislative history makes clear that authorization can be implicit or explicit.[43]

Note that it is not necessary that a company affirmatively authorize improper payments by its agents, vendors, distributors, or subcontractors for liability to attach. Simple knowledge of such payments will suffice, and, critically, knowledge is defined broadly enough to include even well-founded suspicions as described in the next subsection.

Certain factual situations raise unique questions about the “authorization” of a third-party improper payment. Distributors typically purchase goods and re-sell them to other end-users rather than facilitate a company’s direct sales as an agent or representative. Because of this distinction, any illegal payments a distributor makes after taking title to the goods generally cannot be attributed to the original seller, absent a prior specific conspiratorial agreement to make the payment or an ongoing relationship between the seller and the distributor in which the seller knowingly benefits from the illicit activity. For example, in Opinion Release 87-01, DOJ took no action on a US company’s sale of a product to a foreign company that planned to resell the product to its government on terms to be negotiated.[44] The US company represented that it was not aware of any illegal payment plans.[45]

Nevertheless, distributor relationships are not immune to risk. Where a company is aware or reasonably suspects that its distributor is offering or making improper payments to government officials, the company can be liable for the distributor’s actions. For example, in 2013, Weatherford International settled charges that stemmed in part from a distributor arrangement. The government alleged that Weatherford offered up to $15 million in “volume discounts” to a distributor in an unnamed Middle Eastern country, believing that the discounts would be used to pay illegal bribes to employees of the national oil company.[46]

In addition, foreign governments often require that a US contractor hire a local entity to do some portion of the work on a contract. A company should carefully monitor and document such arrangements because a corrupt subcontractor easily could pad its subcontract price to include improper payments. A US company, as the original source for those payments, therefore, may be liable if some portion is subsequently offered or paid to a foreign official. Accordingly, margins should be reasonable.

5. Knowing

In addition to prohibiting “authorizing” payments by a third party, the FCPA prohibits providing something of value to a third party while knowing that the third party will in turn provide it to a government official. The statute defines the term “knowing” broadly. Knowledge of a relevant circumstance exists “if a person is aware of a high probability of the existence of such circumstance, unless the person actually believes that such circumstance does not exist.”[47] Willful blindness to circumstances indicating a high probability of unlawful activity will satisfy the knowledge requirement.[48]

Accordingly, while one might believe that it is safest to know as little as possible about what service partners and third parties do with the payments they receive, exactly the opposite is true. Companies therefore should be alert to possible warning signs, such as, for example, when a government official directs the use of a specific third party; where a provider’s services are unclear or ill-defined; or where payments are made through non-traditional channels. Under the FCPA liability framework, US companies should closely monitor and document their third-party relationships to ensure that they are not viewed as taking a “head-in-the-sand” approach should payments ultimately be redirected to government officials.

6. Offers or Promises

The act prohibits not only improper payments but also offers or promises to make such payments; thus, the payment need not actually be made in order for a violation to occur.

7. Foreign Official

Under the FCPA, related case law, and DOJ and SEC guidance, the term “foreign official” includes elected and appointed government officials; officials of international organizations such as the International Monetary Fund, the World Bank, and the Red Cross; and employees of any “government instrumentality,” which can include state-owned enterprises that provide what might otherwise be thought of as commercial services.[49] The FCPA also defines “foreign official” as including “any person acting in an official capacity” for or on behalf of a foreign government.[50] Finally, the FCPA’s anti-bribery provision also extends to foreign political parties, foreign political party officials, and candidates for foreign political office.[51]

In a 2014 decision, the US Court of Appeals for the Eleventh Circuit focused on two critical features to determine whether a state-affiliated entity qualifies as a “government instrumentality”: (1) government control and (2) public function.[52] Assessing either of the features is a fact-intensive exercise, but the Eleventh Circuit identified several factors that will often affect the analysis.

Regarding government control, the Eleventh Circuit considered a non-exhaustive list of six factors: (1) the foreign government’s formal designation of the entity; (2) whether the government had a majority ownership interest; (3) the government’s authority to appoint or remove the entity’s principals; (4) the extent to which the entity’s profits are returned to the public treasury; (5) whether the entity would perform at a loss absent government subsidies; and (6) the length of time that the other factors indicated government control.[53]

With respect to whether a state-affiliated entity performs a public function, the Eleventh Circuit considered these non-exhaustive factors: (1) whether the entity enjoys a monopoly over its goods or services; (2) the extent of government subsidies for the entity; (3) whether the entity’s goods and services are available to the public at large; and (4) whether the public and government perceive the entity as performing a governmental function.[54]

The Eleventh Circuit’s holding closely tracks the past approach of DOJ and the SEC as seen in their prior enforcement actions.[55]

Members of royal families also present particular difficulty. Often, such individuals have no official role in government but may occupy important ceremonial roles and wield significant influence. In Opinion Release 12-01, DOJ set out the following factors for assessing whether a royal is a foreign official: (1) the degree of control or influence the individual has over the levers of governmental power, execution, administration, finances, and the like; (2) whether the foreign government characterizes the individual as having governmental power; and (3) whether and under what circumstances the individual may act on behalf of, or bind, a government. Applying these factors, DOJ concluded that the royal family member at issue in Opinion Release 12-01 was not a foreign official because he had no official or unofficial role in his country’s government and no authority to bind the relevant governmental decision makers.[56]

Thus, consultants and unofficial advisors to government officials, or others outside the formal government apparatus, may be deemed to be government officials under certain circumstances, particularly where they have decision-making authority or significant influence with respect to governmental actions. For example, in the 2006 Statoil ASA matter, Statoil was charged with making improper payments to the president of the National Iranian Oil Company. DOJ did not allege, however, that this position made him a foreign official, arguing instead that he was an “advisor to the Iranian Oil Minister” and a “very important guest”; that his family “controlled all contract awards within oil and gas in Iran”; and that Statoil had tested his influence by having him send a message back to Statoil through the Iranian Oil Minister.

The FCPA “does not prohibit payments to foreign governments or foreign government instrumentalities.”[57] However, a payment to a government entity may be improper where it substantially benefits a particular government official.[58]

8. Improper Purpose

To violate the FCPA, a promise, payment, or offer to a foreign official must be given for one of four purposes: (1) to influence any act or decision of such foreign official in his official capacity; (2) to induce such foreign official to do or omit to do any act in violation of the lawful duty of such official; (3) to secure any improper advantage; or (4) to induce such foreign official to use his influence with a foreign government or instrumentality thereof to affect or influence any act or decision of such government or instrumentality.

These purposes encompass nearly every act a foreign official might take that could benefit the party making the promise, payment, or offer. The first applies when the foreign official has some sort of discretion within the laws of the pertinent foreign country and the promise, payment, or offer is made in order to influence the exercise of that discretion. The second comes into play when a foreign official breaks the laws of the pertinent foreign country. The third purpose, “securing any improper advantage,” broadly concerns “something to which the company concerned was not clearly entitled, [such as] an operating permit for a factory which fails to meet the statutory requirements.”[59] An advantage that is not readily available to other competitors and that is secured by a payment could be deemed to fall within the scope of this provision.[60] The fourth purpose focuses on the foreign official’s use of his or her influence within the foreign government. For example, in the 2006 Statoil ASA matter, US authorities brought an enforcement action against a foreign oil company that entered into a $15 million consulting agreement with an Iranian official, the purpose of which was to induce the official to use his influence to assist the company in obtaining a contract.

9. To Obtain or Retain Business

The leading case on this issue is Kay I, in which the US Court of Appeals for the Fifth Circuit held that this statutory requirement was satisfied by payments designed “to secure illegally reduced customs and tax liability” because lower tax payments would “more generally help” a domestic payor obtain or retain business for some person in a foreign country.”[61] Thus, the “obtain or retain business” provision will be read broadly.

10. Use of Interstate Commerce in Furtherance of an Unlawful Payment

The FCPA’s anti-bribery provisions require a nexus between an issuer’s or a domestic concern’s use of interstate commerce and the unlawful payment.[62] In most cases, this requirement is easily met—for example, by email or telephonic communications relating to the payments or by the wiring of money or other payment mechanisms. Importantly, DOJ reads the provision as encompassing a much broader range of circumstances. An example is the 2008 AGA Medical Corporation matter, which involved the payment of improper “commissions” to doctors and patent agents in China in connection with sales of and patent approvals for certain medical devices. While the charging documents described email communications relating to the payments, DOJ also alleged that shipping the products to China qualified as the use of interstate commerce in furtherance of the unlawful payment. More recently, a federal district court held that even email correspondence sent and received in foreign locations may satisfy the interstate commerce requirement if the messages were routed through US-based servers.[63]

Defenses to an Anti-Bribery Prosecution

The breadth of the FCPA is reinforced by the relatively narrow nature of the exceptions and affirmative defenses to liability.[64] The recognized statutory exceptions and defenses are:

• Facilitating Payments: The FCPA does not apply to any payment to secure the performance of a routine governmental action.

• Lawful Under Local Law: It is an affirmative defense that an action is permitted by the law of the official’s country. This defense applies only to formal law, not the local custom.

• Reasonable and Bona Fide Expenses: It is an affirmative defense that an expense was a reasonable and bona fide business expense, such as reasonable travel for a product demonstration.

1. Facilitating Payments

The FCPA does not apply “to any facilitating or expediting payment to a foreign official, political party, or party official, the purpose of which is to expedite or to secure the performance of a routine governmental action.”[65] This so-called “facilitating” or “grease” payment exception is meant to cover routine, nondiscretionary “ministerial activities performed by mid- or low-level foreign functionaries,”[66] such as:

• obtaining permits, licenses, or other official documents to qualify a person to do business in a foreign country;

• processing governmental papers;

• providing police protection, mail pickup and delivery, or scheduling inspections associated with contract performance or inspections related to transit of goods;

• providing phone service, power and water supply, loading and unloading cargo, or protecting perishable products; or

• actions of a similar nature so long as the official’s decision does not involve whether, or on what terms, to award new business to, or to continue business with, a particular party.

15 U.S.C. § 78dd-1(f). By carving out these narrow categories of payments for “routine government action” from the FCPA’s coverage, Congress sought to differentiate between those acts “that induce an official to act ‘corruptly,’ i.e., actions requiring him ‘to misuse his official position’ and his discretionary authority,” and those acts that are “essentially ministerial [and] merely move a particular matter toward an eventual act or decision or which do not involve any discretionary action.”[67]

Those who seek to justify a payment under the “facilitating payment” exception should focus on the purpose of the payment and whether the official in question must exercise any discretion or judgment in deciding whether to take the requested action. A payment that convinces an official to bestow his good graces upon a company is suspect, whereas a payment that merely expedites a routine action to which the company is otherwise entitled is less problematic. Companies that permit such payments should ensure that they are reviewed and approved in advance by in-house or other counsel and that they are recorded properly in their books and records.

In their Resource Guide, DOJ and the SEC emphasize that the size of a payment does not determine whether it qualifies for the facilitating payment exception.[68] For example, in a 2009 matter brought against oilfield company Helmerich & Payne, Inc., DOJ cited a series of infrequent payments to Venezuelan customs officials, each of which was less than $2,000 and which, together, totaled only $7,000. In that case, however, the payments were allegedly made to avoid customs regulations and inspections rather than to obtain routine, non-discretionary action. The Resource Guide, however, also notes that especially large payments are less likely to be true facilitating payments.[69]

Even if a payment arguably fits within the exception for facilitating payments, issuers must be careful to ensure the transactions are properly recorded as such. In the 2014 Layne Christensen matter, the SEC faulted the company for some payments as small as $4 where the payments were mischaracterized as “honoraires,” “commissions,” and “service fees,” leading to books and records violations.[70]

Finally, it should be noted that the UK Bribery Act of 2010 does not contain a facilitating payments exception as described in detail below. The scope of the UK Bribery Act is quite broad, covering not only UK concerns but any companies conducting business in the United Kingdom, even where the charged conduct occurred elsewhere. Thus, companies subject to both the FCPA and UK Bribery Act may not be in a position to take advantage of the “facilitating payments” exception to the FCPA.

2. Lawful Under Local Law

Under the FCPA, it is an affirmative defense that “the payment, gift, offer, or promise of anything of value that was made, was lawful under the written laws and regulations of the foreign official’s, political party’s, party official’s, or candidate’s country.”[71] Note that the payments must be legal under the written laws or regulations of the foreign country and that such authorization must be express. While a country’s laws may acknowledge the existence of certain payments—for example, by including a provision in the tax code for how to treat them—this defense requires something greater: an explicit authorization for the payment itself.

The court in Kozeny addressed the scope of this affirmative defense. In that case, the defendant was alleged to have paid bribes in Azerbaijan related to obtaining business with SOCAR, the state oil company. The defendant argued that the alleged payments were legal under local law because he had reported the payments to Azeri authorities, and under Azeri law, the payor of a bribe is relieved from punishment if he makes such a report.[72] The court disagreed, concluding that the Azeri legal provision may waive punishment but does not render the payment itself lawful. “[T]here is no immunity from prosecution under the FCPA if a person could not have been prosecuted in the foreign country due to a technicality.”[73]

More recently, in United States v. Ng Lap Seng, the court rejected an argument that a defendant may put forth an affirmative defense where a foreign country’s anti-bribery laws are silent on whether a particular kind of payment is unlawful. The court held that this interpretation of the statute was inconsistent with the plain meaning of the FCPA’s text, was not supported by a majority of sources addressing the affirmative defense, and would lead to impractical results.[74]

3. Promotional Expenses

It is an affirmative defense that the payment or thing of value “was a reasonable and bona fide expenditure, such as travel and lodging expenses . . . and was directly related to . . . the promotion, demonstration, or explanation of products or services; or . . . the execution or performance of a contract . . . .”[75] This provision creates a limited exception for expenses associated with ordinary product demonstration and testing by companies seeking government contracts or for ongoing inspections related to the execution of such a contract.

DOJ opinion releases on this subject make clear that any expenditures must be closely tailored to the payor’s legitimate goals. For example, in connection with a product demonstration, the host may pay for foreign officials’ non-extravagant travel, lodging, and meals.[76]

DOJ’s opinion releases also permit some digression for the officials’ entertainment so long as they do not resemble added “perks” for the officials. It must be clear from the overall expense plan that the trip is for the purposes outlined in the statute and that the vast majority of expenses are advancing those ends. In Opinion Release 07-02, for example, DOJ approved payment for a modest four-hour city sightseeing tour for the six visiting foreign officials. In general, airfare should be economy class, but business class travel may be appropriate for higher-ranking officials.[77] Finally, although there may be situations in which an official’s family members may be included, that is rarely appropriate and should probably be avoided.[78]

The body of guidance from opinion releases and enforcement actions regarding educational trips provide a sound framework to consider gifts and hospitality generally. Hospitality and gifts may be extended if they are reasonable, have a sound business purpose, and are not intended to influence a government official to use his authority improperly to the business advantage of the company. These common-sense guidelines dictate that reasonable entertainment expenses (e.g., meals) are usually acceptable if connected to conducting business. Similarly, low-value tangible gifts (e.g., marketing items with company logos, such as pens, caps, cups, and shirts) may be given, provided such gifts are acceptable under the applicable government rules of the official’s home country and are permitted by the US company’s ethics policies. DOJ and the SEC have advised that “[i]tems of nominal value” are less likely to curry improper influence, while “[t]he larger or more extravagant the gift . . . the more likely it was given with an improper influence.”[79]

Hospitality, travel, and entertainment that are unconnected to bona fide business activities or that include luxurious or extravagant expenses potentially violate the FCPA’s anti-bribery provisions. In 2013, both DOJ and the SEC brought enforcement actions against Diebold, Inc., for providing leisure trips to Las Vegas and Disneyland, entertainment, and gifts to Chinese and Indonesian officials.[80] Similarly, in 2014, the SEC charged that Bruker Corporation provided a series of non-business and leisure side-trips to Chinese officials at state-owned enterprises.[81]

The FCPA’s Books and Records and Internal Controls Provisions

The books and records provisions of the FCPA work in tandem with the anti-bribery provisions. They require public companies to account accurately for and report expenditures, as well as to maintain accurate records to support accounting entries and expenditures. The internal control provisions require that an issuer devise and maintain internal controls that allow for this accurate record keeping.

These provisions apply regardless of whether any improper payments have been made and have been used as the basis for liability by DOJ and the SEC in matters where they have not (and arguably could not have) brought anti-bribery charges.

1. Substantive Requirements

The books and records and internal controls provisions require that an issuer:

A. Make and keep books, records and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer; and

B. Devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that:

(i.) transactions are executed in accordance with management’s general or specific authorization;

(ii.) transactions are recorded as necessary (1) to permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements and (2) to maintain accountability for assets;

(iii.) access to assets is permitted only in accordance with management’s general or specific authorization; and

(iv.) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences.

15 U.S.C. § 78m(b)(2). These provisions make clear that issuers must compile records in accordance with generally accepted accounting standards. These requirements are not based on any sense of “materiality” as that term is generally used in securities laws. Rather, the requirement is grounded in the concept of reasonableness and accuracy—what a business manager would reasonably want and expect in the day-to-day operation of a business.

Knowing violation of the books and records or internal controls requirements can trigger both civil and criminal liability.[82]

Because liability under the books and records or internal controls provisions does not depend on an improper payment, these provisions may be, and often are, used to sanction a company in cases involving suspected improper payments in which, for whatever reason, the government is unable to prove, or chooses not to pursue, an anti-bribery charge. For example, the SEC brought a settled civil enforcement action against Oracle Corporation where an Indian subsidiary of Oracle created slush funds for the purpose of paying future bribes to foreign government officials even though there were no bribes offered or contemplated.[83] Companies should avoid all arrangements that cannot be or are not openly recorded in the books.

Indeed, recent enforcement actions have reflected how the enforcement agencies use the books and records provision to reach accounting misconduct associated with corrupt conduct outside the FCPA’s reach. In a landmark 2012 case, the SEC brought charges against FalconStor Software, Inc. related to bribes allegedly paid to private sector employees of a JP Morgan Chase subsidiary in exchange for lucrative contracts. According to the SEC, the bribes were inaccurately recorded in FalconStor’s books as “compensation,” “sales promotion,” and “entertainment” expenses. The SEC charged FalconStor under the FCPA’s books and records provision for failing to accurately record the expenses associated with the bribes on the company’s books and records. FalconStor agreed to pay $2.9 million to settle the charges.[84]

In 2015, the SEC brought charges against Goodyear Tire & Rubber Company for violating the FCPA’s books and records provision by paying more than $3.2 million in bribes to government officials and employees of private companies. These bribes were falsely recorded in the books and records of Goodyear’s subsidiaries as legitimate business expenses. Goodyear agreed to pay more than $16 million to settle the SEC’s charges.[85]

The Goodyear and FalconStor matters both involved allegations of the failure to properly record payments associated with commercial bribery rather than official corruption. The SEC went one step further in the 2015 Polycom matter. There, the SEC applied the FCPA’s books and records provision to the accounting of benefits paid to a company’s own employee. The SEC alleged that Polycom’s former CEO used almost $200,000 of company money to pay for personal meals, entertainment, travel, and gifts, and Polycom falsely recorded these personal expenses as business expenses in its books and records.[86] Similarly, in SEC v. Live Ventures Inc., No. 2:21-cv-1433 (D. Nev. Aug. 2, 2021), the SEC charged an issuer and its executive officers with violations of the FCPA’s books and records provisions for alleged involvement in a scheme to falsify financial results and artificially inflate the issuer’s value. There was no allegation of foreign bribery.

The theory of liability pursued by the SEC in these matters continues to potentially expand the scope of conduct subject to scrutiny under the FCPA’s books and records provisions. These resolutions also highlight certain inadequate expense reporting processes—i.e., Polycom allowed its CEO to approve his own expenses and to book and charge airline flights without providing any description of their purpose—of which companies may want to take note and ensure the robustness of their own internal controls in the area of expense reporting.

In the 2016 LATAM Airlines matter, DOJ brought criminal books and records charges against LATAM (the successor to LAN Airlines) based on underlying conduct that arguably did not involve official corruption. In that case, a South American airline entered a sham consulting contract with a government official. Rather than perform services under the contract, the official paid a portion of the contract’s proceeds to union officials in order to induce the union to acquiesce to more favorable terms in negotiations with the airline. The applicability of the anti-bribery provisions in these circumstances, where the official is making a corrupt payment and may not be acting in his official capacity, is not clear. Yet DOJ brought criminal charges under the books and records and internal controls provisions in light of the fact that the sham consultant agreement and associated payments were not accurately recorded. LATAM Airlines entered into a deferred prosecution agreement and agreed to pay a $12 million criminal penalty.[87]

2. Applicability

The books and records and internal controls provisions apply only to issuers—that is, entities that have a class of securities registered pursuant to 15 U.S.C. § 78l and entities that are required to file reports with the SEC pursuant to 15 U.S.C. § 78o(d).[88]

There is no “jurisdictional” requirement for civil liability for failure to maintain adequate books and records or internal controls pursuant to 15 U.S.C. § 78m(b)(2). Any “issuer” within the meaning of the statute must comply with the statute’s requirements to maintain accurate books and records and adequate internal controls, wherever the books and records may be kept.

Where a subsidiary’s financial results are consolidated with a parent issuer’s financial statements, the FCPA’s requirements have been found to apply to books and records or internal control deficiencies occurring at the subsidiary. Thus, inaccurate books and records or internal control failures at the subsidiary level can trigger civil liability for the parent issuer without any US nexus (beyond issuer status of the parent).[89] Even where an issuer owns 50 percent or less of the voting power of a subsidiary, it must make “good faith” efforts to “use its influence, to the extent reasonable under the issuer’s circumstances, to cause such domestic or foreign firm to devise and maintain a system of internal accounting controls consistent with” the FCPA.[90]

But the jurisdictional limits of this section have not been fully tested in the courts; thus, for example, it is not entirely clear whether it would apply to a foreign non-issuer defendant who acts entirely outside the United States to knowingly falsify an issuer’s books and records. The government is likely to argue, however, that a US prosecution of such conduct would fall within established principles of extraterritorial jurisdiction, insofar as Congress clearly intended this provision to have extraterritorial reach and that the conduct at issue inherently has an impact on the United States (or the US securities market) because it involves the books and records of an issuer.[91]

DOJ relied on the criminal prohibition on circumventing internal accounting controls and falsifying books to bring criminal charges against Siemens AG, a foreign issuer directly subject to this provision.[92] Specifically, Siemens AG pleaded guilty to failing to address internal controls and books and records problems in the face of information that it had grave issues with its internal controls and with accuracy in books and records as a result of its ongoing engagement in bribery. No US jurisdictional nexus was alleged. In addition, one of Siemens AG’s foreign subsidiaries, Siemens Argentina, pleaded guilty to conspiracy to knowingly falsifying and causing to be falsified the books and records of an issuer (i.e., of its parent corporation, Siemens AG), in violation of 18 U.S.C. § 371 (the conspiracy statute). To satisfy the jurisdictional requirements of a conspiracy charge, DOJ alleged two meetings in the US and a bank transfer of bribe funds that went through a US correspondent bank account.[93]

By their terms, books and records and internal controls provisions apply only to issuers—and not individuals—but individuals have been charged with either criminal or civil violations of the books and records or internal controls provisions in a number of recent cases under various theories of vicarious liability such as aiding and abetting. Individuals also can be subject to civil liability as control persons. For example, in 2019, the SEC and DOJ charged two of Cognizant Technology Solutions Corp.’s executives with knowingly violating and conspiring to violate the FCPA’s anti-bribery and accounting provisions.[94] In 2012, a former managing director of Morgan Stanley pleaded guilty to conspiracy to circumvent internal controls in connection with a scheme to bribe a Chinese official.[95] In 2011, the former CEO of Innospec, Inc. was charged civilly with aiding and abetting violations of the books and records and internal controls provisions, circumventing internal controls, falsifying books and records, making false statements to accountants, and signing false certifications.[96] And in 2009, two executives of Nature’s Sunshine Products were charged civilly, as control persons of the company, with violations of the books and records and internal controls provisions.[97]

Resolution of FCPA Investigations

Government investigations into suspected corporate FCPA violations typically result in either a negotiated resolution between the enforcement agency and the company under investigation or a decision by the agency not to take action, often called a “declination” in cases where the enforcement agency has determined there was a violation of the law. A corporation, like an individual, could exercise its trial rights and put the government to its burden of proof, but corporations have rarely done so.

Any resolution of a potential violation other than a declination typically carries a hefty fine or civil penalty, in addition to the extensive costs associated with conducting an internal investigation and/or defending against government inquiries, harm to reputation, imposition of a compliance program meeting specific requirements (or a compliance monitor overseeing a company’s FCPA compliance program for a term of years), and the risk of imprisonment. Depending on the circumstances, resolutions of investigations may also carry collateral consequences for the company and more recent updates to that policy.

DOJ and the SEC have both asserted in speeches and other public pronouncements that voluntary disclosure and cooperation with the government’s investigation receive significant weight in their determination of an appropriate resolution. In addition, the FCPA Corporate Enforcement Policy of DOJ’s Criminal Division provides certain benefits to companies that fully cooperate with FCPA investigations and engage in timely and appropriate remediation, and even greater benefits to companies that take the extra step of voluntarily self-disclosing misconduct.

1. DOJ FCPA Corporate Enforcement Policy