In a new twist on an old statute, the Securities and Exchange Commission brought its first Foreign Corrupt Practices Act action charging control person liability under the Exchange Act.

In a July 31 settled enforcement action, the SEC charged a parent corporation, Nature’s Sunshine Products, with violating the FCPA’s anti-bribery, books and records, and internal controls provisions and other securities law violations based on payments allegedly paid by its Brazilian subsidiary to customs brokers to facilitate the importation of unregistered products.

Notably, the agency also charged current NSP executive Douglas Faggioli and former NSP executive Craig Huff with violating the FCPA’s books and records and internal controls provisions based on their position as “control persons,” even though the SEC didn’t allege that the executives had personal knowledge of the payments (See the SEC’s complaint.)

Without admitting or denying the allegations, all three defendants agreed to orders enjoining them from future violations. NSP agreed to pay a civil penalty of $600,000. Faggioli and Huff each agreed to pay a civil penalty of $25,000.

While as an FCPA case, “this is a relatively small matter,” says Shearman & Sterling partner Philip Urofsky, “What makes it noteworthy is that the SEC has for the first time invoked a theory of executive liability based on Section 20(a) of the Securities Exchange Act of 1934.”

Indeed, an Aug. 11 Shearman & Sterling alert notes that the case “may presage a broader enforcement effort against executives who fail to adequately supervise employees responsible for maintaining the company’s books and records and system of internal controls.”

Under Section 20, a “control person” is liable for the acts of other corporate employees under his control. “The question, of course, is what ‘control’ means and whether it includes an element of culpability,” says Urofsky. In some circuits, he says the plaintiff (here the SEC) is required to plead culpability, while in others, such as the 10th Circuit, it’s viewed as an affirmative defense where the defendant must raise good faith and lack of culpable knowledge.

While it may prove to be limited to its facts, the case “signals the SEC’s intention to hold executives liable for their company’s books and records and internal controls under all available theories,” the alert states.

The ability to bring this type of case in a jurisdiction that permits the SEC to plead 20(a) liability without pleading culpable knowledge allows the agency to impose liability and sanctions on executives “even where they don’t necessarily have the last evidentiary link between the knowledgeable and culpable subordinates and senior executives,” says Urofsky. However, he says, “Since good faith is a defense, regardless of how a particular Circuit defines ‘control,’ whether this will be a useful tool outside of a settled disposition is not clear.”