If you view public corruption as a bad thing (and we assume you do), then enforcement of the Foreign Corrupt Practices Act (FCPA) and other public integrity laws, in and of itself, is a good thing. But the way in which a law is enforced can be equally as important as combating the wrong it is intended to address. From this perspective, FCPA enforcement has made significant and positive contributions to the development of compliance programs and standards over the past decade.
It is no coincidence that the stature and resources of the compliance function in most multinational companies has increased dramatically during the current period of heightened FCPA enforcement. FCPA enforcement has emphasized that an effective compliance program can mitigate—and in some cases, such as the landmark Morgan Stanley/Garth Peterson resolution, absolve—corporate liability for FCPA violations. This means that compliance, long seen as just a cost center, is now perceived as a vital protector of corporate assets. And the Department of Justice intends to make sure that this trend of increased respect for compliance sticks. The Justice Department’s FCPA Corporate Enforcement Policy, released in November 2017, states that among the factors the DoJ considers in deciding whether a company is entitled to mitigation credit are the resources and independence of the compliance function and the competence—and even the compensation—of its compliance personnel.
When taken together with the efforts of multinational organizations such as the Organisation for Economic Co-operation and Development (OECD), FCPA enforcement has contributed to an emerging international consensus regarding the components of an effective compliance program. Major economies such as Brazil, France, Japan, the United Kingdom, and the United States have all issued guidance on their expectations for what constitutes an effective compliance program. This emerging consensus helps companies design a consistent approach to compliance across multiple jurisdictions and should assist companies in responding to the demands of multiple enforcement authorities.
To ensure that FCPA enforcement continues an overall positive trajectory, companies must continue to raise their concerns and, when appropriate, push back against what they see as unfair and impractical positions taken by regulators and prosecutors.
The compliance measures that have been identified as components of an effective compliance program also have benefits to corporations beyond promoting compliance with anticorruption laws. In particular, the same internal controls that are designed to prevent and detect bribery—third-party management and gift, travel, and entertainment controls, among others—prevent and detect other instances of fraud, waste, and abuse, such as conflicts of interest and embezzlement. These compliance measures can also highlight business practices that, even if legal, are not efficient uses of a company’s assets. Companies that have implemented financial and other controls to address corruption risk are now better equipped to track their expenses and tie them to KPIs, in no small part because FCPA enforcement has raised the bar on what is expected of an effective global compliance program.
This is not to say that FCPA enforcement is perfect. It is not. Companies have raised legitimate concerns about the lack of transparency in charging decisions, as well as the unfairness of facing multiple enforcement actions for the same conduct. But there are indications that the Justice Department and SEC have listened and tried to respond to this criticism, including, for example, increasing transparency through the FCPA Resource Guide and the FCPA Corporate Enforcement Policy, and crediting companies for penalties paid overseas.
To ensure that FCPA enforcement continues an overall positive trajectory, companies must continue to raise their concerns and, when appropriate, push back against what they see as unfair and impractical positions taken by regulators and prosecutors. Equally important, the DoJ and SEC must continue to listen to the needs and concerns of the business community. FCPA enforcement should not be so puritanical as to stifle legitimate business opportunities or cause companies to overspend on ineffective compliance measures. Having worked both to enforce the FCPA and to defend companies subject to its enforcement, I believe the goal of ending bribery in international business transactions is best served when enforcement officials and business leaders work together to find common ground.
James Koukios is a white-collar investigations and compliance attorney at Morrison & Foerster in Washington, D.C. During the last six of years of his decade-long tenure at the Justice Department, he focused on investigating and prosecuting corporate crimes. As an FCPA assistant chief and senior deputy chief in the Fraud Section, he helped draft the FCPA Resource Guide and regularly liaised with the business and compliance communities to discuss FCPA enforcement policies and compliance expectations.