Compliance officers in the pharmaceutical industry have a few new clues to consider from a top voice at the Securities and Exchange Commission about violations of the Foreign Corrupt Practices Act, and how to avoid them.
In remarks at a recent pharmaceutical industry conference, SEC Director of Enforcement Andrew Ceresney described FCPA enforcement in the pharma sector as a high priority. “Our FCPA focus obviously covers many industries,” Ceresney said. “But the pharma industry is one on which we have been particularly focused in recent years.”
FCPA risk is painfully high for pharma and medical device companies, because so much of their business overseas involves working with government-run healthcare systems. “Pharmaceutical representatives have regular contact with doctors, pharmacists, and administrators from public hospitals in foreign countries,” Ceresney said. “Those people often are classified as foreign officials for purposes of the FCPA, and they often decide what products public hospitals or pharmacies will purchase.”
Ceresney went on to cite three types of misconduct that arise most often in an FCPA enforcement action in the pharmaceutical industry. They are:
Pay-to-prescribe. Ceresney gave the example of Pfizer’s $60 million settlement reached in 2012 with the SEC and Justice Department to resolve charges that Pfizer subsidiaries bribed doctors and healthcare professionals in several countries to win business and increase sales. In Croatia, Pfizer employees created a “bonus program” for Croatian doctors who were employed in senior positions in Croatian government healthcare institutions. Once a doctor agreed to use Pfizer products, a percentage of the value purchased by a doctor’s institution would be funneled back to the doctor in the form of cash, international travel, or free products. “Each of these schemes violated the FCPA by routing money to foreign officials in exchange for business,” Ceresney said.
Bribes paid to get products listed in a formulary. In 2012, Eli Lilly reached a $29 million settlement with the SEC to resolve charges that the company’s subsidiary in Poland made payments totaling $39,000 to a small foundation started by the head of a regional government health authority. That official, in exchange, placed Lilly drugs on the government reimbursement list.
“Our FCPA focus obviously covers many industries. But the pharma industry is one on which we have been particularly focused in recent years.”
Andrew Ceresney, Director of Enforcement Division, SEC
Bribes disguised as charitable contributions. In 2013, medical technology company Stryker paid $13.2 million to the SEC to resolve charges Stryker’s subsidiary in Greece made a purported donation of nearly $200,000 to a public university to fund a laboratory that was the pet project of a public hospital doctor. In return, the doctor agreed to provide business to Stryker. “The lesson is that bribes come in many shapes and sizes, and those made under the guise of charitable giving are of particular risk in the pharmaceutical industry,” Ceresney said.
Avoiding the Pitfalls
Plenty of others agree that Ceresney’s three offenses are prime risks for pharma and medical device businesses that need careful attention. “The types of cases Ceresney talked about provide a nice roadmap of the type of risks that drug and medical device companies should consider as part of their risk assessments,” says Pam Verick, solution leader of fraud risk management at Protiviti. “You need to take a look at both your financial and operational processes to understand where you may have touch points with government officials from an FCPA perspective.”
Below are several other ways that drug and medical device companies can reduce the risk of an FCPA enforcement action.
CERESNEY TALKS FCPA FOR PHARMAS
Below is an excerpt of SEC Director of Enforcement Andrew Ceresney’s speech at CBI’s Annual Pharmaceutical Compliance Congress, in which he discussed FCPA compliance in the pharmaceutical industry.
The best way for a company to avoid some of the violations that I have just described is a robust FCPA compliance program. I can’t emphasize enough the importance of such programs. This is a message that I think has started to get through in the past 5 years.
The best companies have adopted strong FCPA compliance programs that include compliance personnel, extensive policies and procedures, training, vendor reviews, due diligence on third-party agents, expense controls, escalation of red flags, and internal audits to review compliance. I encourage you to look to our Resource Guide on the FCPA that we jointly published with the DOJ, to see what some of the hallmarks of an effective compliance program are. I’ll highlight just a couple.
First, companies should perform risk assessments that take into account a host of factors listed in the guide and then place controls in these risk areas. The pharmaceutical industry operates in virtually every country, including many high risk countries prone to corruption. The industry also comes into contact with customs officials and may need perishable medicines and other goods cleared through customs quickly. They may also come into contact with officials involved in licensing and inspections. These are just a few examples of risk factors that a risk assessment should be focused on in this particular sector.
A healthy compliance program should also include third-party agent due diligence. In addition to using third-party agents, many pharmaceutical companies use distributors. This creates the risk that the distributor will use their margin or spread to create a slush fund of cash that will be used to pay bribes to foreign officials. Because of this added layer of cash flow, companies frequently improperly account for bribes as legitimate expenses. To properly combat against these abuses, a compliance program must thoroughly vet its third-party agents to include an understanding of the business rationale for contracting with the agent. Appropriate expense controls must also be in place to ensure that payments to third-parties are legitimate business expenses and not being used to funnel bribes to foreign officials.
Source: Department of Justice.
Convey a proper culture of compliance. Setting the right mood for middle managers is especially important in the pharmaceutical industry, where sales representatives often are incentivized, and feel inherently pressured, to hit their targets. Consider the pay-to-prescribe cases that Ceresney mentioned: If sale reps are willing to pay bribes to goose sales of drugs and medical devices, “you need to wonder what tone is being set by that field supervisor,” says Marsha Ershaghi Hames, a senior executive at ethics and compliance advisory firm LRN.
If managers are not openly discussing the potential consequences of poor judgment and decision making, “the absence of it also creates a climate of intense pressure, and people resort to poor judgment,” Ershaghi Hames adds.
“Do pharmaceutical companies need to reconsider how they incentivize their sales reps?” Verick says. “Compliance needs to be a performance metric.”
Findings from a recent LRN survey underline the importance that compliance and ethics officers in the pharmaceutical industry place on a values-driven workforce. According to a poll of 104 compliance officers in pharma, a solid majority (57 percent) said that “clarity on company values” is by far the most important component of an ethics and compliance program, even more important than clarity on rules and regulations.
Conduct robust third-party due diligence. Ceresney noted the common practice in pharma to use distributors, as well third-party agents, to foster sales in foreign markets. That creates the risk that the distributor will use its margin to create a slush fund of cash that could be used to pay bribes. Because of that added layer of cash flow, he warned, companies frequently improperly account for bribes as legitimate expenses.
“To properly combat against these abuses, a compliance program must thoroughly vet its third-party agents to include an understanding of the business rationale for contracting with the agent,” Ceresney said. “Appropriate expense controls must also be in place to ensure that payments to third parties are legitimate business expenses and not being used to funnel bribes to foreign officials.”
Michael Burke, a partner with law firm Arnall Golden Gregory, further recommends that drug companies develop and rigorously use standardized documentation and contractual terms for foreign agents, representatives, consultants, distributors, and clinical research organizations. “Those terms should include affirmations that the third parties agree to comply with the FCPA’s obligations,” he says.
Monitor and audit activities of overseas markets. One theme that can be drawn from many of the FCPA enforcement actions brought against drug companies is the risk that overseas markets pose. “It’s generally subsidiaries in overseas markets where issues have started, and perhaps even flourished,” Verick says. “How closely are companies monitoring what’s going on in their overseas offices?”
In addition to internal audits, continuous monitoring is also important. The focus for the compliance officer should be on each business unit and what it does to monitor activities related to third-party relationships and payments, including to customers, government officials, vendors, suppliers, and business partners, Verick says.
“It is critical that we carefully scrutinize a wide range of unfair benefits to foreign officials when assessing compliance with the FCPA—whether it is cash, gifts, travel, entertainment, or charitable contributions,” Ceresney warned. “We will continue to pursue a broad interpretation of the FCPA that addresses bribery in all forms.”
Provide relevant training. A written compliance policy by itself is not effective. “You can have the best policy in the world, but if people aren’t aware of it and don’t understand it, it’s just a pretty piece of paper,” Verick says. Business unit managers need to conduct training in the context of people’s individual roles and responsibilities. “The training you give a sales agent might be different than what you give your finance team,” Verick says.