T&E Controls That Won’t Get You Busted

Yes, yes, we all know that travel and entertainment expenses have long been a haven for fraud, bribes, and other spending abuses—but the T&E account has rarely been the starring culprit in a regulatory enforcement action.

Until now, that is.

In an unusual move, the Securities and Exchange Commission recently brought two enforcement actions under the Foreign Corrupt Practices Act for bribery payments hidden as gifts, travel, and entertainment expenses. The cases are yet another cautionary tale of what can happen to a company without proper T&E controls.

“A lot of times, T&E abuses are add-on charges to an FCPA enforcement action involving a larger pool of improper activity, including allegations of significant cash bribes,” says James Tillen, a partner with law firm Miller & Chevalier. That was not the case, however, for Bruker Corp., a maker of scientific instruments based in suburban Boston. The company paid a $2.4 million penalty to the SEC in December for providing improper payments for non-business related travel to various Chinese government officials as it wooed them for business.

According to the SEC, Bruker’s lax internal controls allowed employees in its China offices to make $230,000 in improper payments by entering into sham collaboration agreements, and the money was used to send Chinese officials on sightseeing trips around the world. Bruker then falsely recorded the payments as legitimate business and marketing expenses, disguising them as research services.  

The FCPA community hasn’t seen an enforcement action like that since 2009, when telecom equipment maker UTStarcom agreed to pay $3 million in civil and criminal fines for paying to send executives of Chinese state-owned telecommunications companies to popular tourist destinations.

The Bruker case underlines the importance of having strong internal controls that can detect T&E abuses. “In general, companies are getting into trouble by having an overall lack of controls where you don’t have proper monitoring, or a proper approval process,” says Tony Jordan, a partner in EY’s Fraud Investigation & Dispute Services practice. He declined to comment specifically on the Bruker case.

“When a company has strong internal controls, they have well thought out policies and procedures in place along with some means of monitoring them to ensure those controls are effective,” Jordan adds. 

“When you have strong internal controls, you have both policies and procedures in place, as well as some means of monitoring that and ensuring those controls are effective.”


Tony Jordan, Partner, Ernst & Young

The Bruker case also highlights the difficulties that can arise when doing business in countries where lavish gifts are expected, or sometimes even required. “There are certain countries where gifts and entertainment and meals are an integral part of the business culture,” Tillen says. (Yes, China is one of them.)

Respecting cultural norms while not violating the FCPA requires a careful balancing act. Because the FCPA does not prohibit the payment of “normal and customary” expenses, what’s a normal and customary expense in one region may not be in another.

Thus, when establishing policies around T&E expenses, it helps to draft a set of rules tailored to local law and a country’s standard of living. That at least gives the compliance department a better chance of support from local employees who interact with foreign government officials.

T&E Policies

Another way to prevent FCPA violations: Get a better grip on T&E expenses in general. Preventive controls include pre-approvals for expenses over a certain threshold, pre-approved vendors, and requiring employees to provide receipts, Tillen says. T&E abuses can also lead to an enforcement action when companies do a poor job on anti-corruption training, and employees don’t understand what improper T&E practices are.

Having proper controls in training in place may partly explain why defense contractor FLIR Systems dodged an enforcement action, even after the SEC fined two of its former employees, Stephen Timms and Yasser Ramahi, $50,000 and $20,000, respectively, for FCPA violations. According to the SEC, Timms and Ramahi took Saudi Arabian government officials on a “world tour” to help secure business for the company, and later falsified records to hide their misconduct.

In an administrative proceeding, the SEC noted that FLIR did have a Code of Conduct that required employees to record information “accurately and honestly” in FLIR’s books and records, with no materiality requirement or threshold for a violation. Furthermore, both Ramahi and Timms received training on their obligations under the FCPA and FLIR’s T&E policies. That training specifically cited “side trips during official business travel” as an example of what not to do.

Another warning raised by the FLIR case is to watch for rogue employees, and investigate accordingly. “Where there is smoke, there is fire,” says Patrick Taylor, chief executive officer of Oversight Systems. If suspicious T&E expenses involve certain employees, examine what other activities those employees are involved in. “You may find that there’s more going on,” he says.

Data Analytics

According to an analysis conducted by Oversight Systems of more than 10 million transactions and more than $1 billion in expenses, 82 percent of T&E-related fraudulent activity was committed by only 5 percent of employees—meaning each company has only a handful of bad actors. That being said, Taylor recommends looking for patterns of activity across multiple expense categories, such as out-of-pocket expenses that wouldn’t be found on the corporate credit card, or duplicate expenses on more than one expense report. “The more you can see patterns of behavior, the less likely it’s an innocent mistake,” he says.

Technology is also playing a larger role in detecting T&E abuse, Jordan says. “Using data analytics is extremely powerful in this area,” he says.

IMPROPER FUNDING OF LEISURE TRAVEL

Below is an excerpt from the decision in In the Matter of Bruker.
The Bruker China Offices funded leisure travel for Chinese government officials to visit the United States, the Czech Republic, Norway, Sweden, France, Germany, Switzerland and Italy. These leisure trips typically followed business-related travel funded by the Bruker China Offices. The Chinese government officials who went on the trips often authorized the purchase of products from the Bruker China Offices. For example, during 2006, as part of a sales contract with an SOE [state-owned entity], a Bruker China Office paid for purported training expenses for a Chinese government official (who signed the sales contract on behalf of the SOE). In fact, the payment included reimbursement for sightseeing, tour tickets, shopping and other leisure activities in Frankfurt and Paris. Also, in 2007, a Bruker China Office paid for three Chinese government officials to visit Sweden for a conference, but included as part of the travel, several days of sightseeing in Sweden, Finland, and Norway.
The Bruker China Offices also funded certain trips for Chinese government officials that had no legitimate business component. For example, during 2009, a Bruker China Office paid for two Chinese government officials to travel to New York, despite the lack of any Bruker facilities there, and to Los Angeles, where they engaged in sightseeing activities. Also during2009, a Bruker China Office paid for three Chinese government officials to visit destinations in Europe for sight-seeing. In another instance, during 2010, a Bruker China Office paid for three Chinese government officials to visit Frankfurt, Heidelberg, Stuttgart, and Munich, in Germany, as well as Salzburg, Liz, Innsbruck, Graz, and Vienna, in Austria. And in 2011, a Bruker China Office paid for Chinese government officials from seven SOEs to go on sightseeing visits to Europe, including Austria, France, Switzerland, Italy, and the Czech Republic. In certain cases, the Chinese government officials who went on these trips were involved in purchasing products from the Bruker China Offices.
Overall, from 2005 through 2011, the Bruker China Offices paid approximately $119,710 to fund 17 trips for Chinese government officials that were for the most part not related to any legitimate business purpose. These trips were recorded in Bruker’s books and records as business expenses, without any indication that they were primarily for sightseeing and other non-business related activities. Bruker improperly profited by $1,131,740 from contracts obtained from the SOEs whose officials participated on these trips.
Source: In the Matter of Bruker.

As a practical example, let’s say you have multiple employees in different locations around the world directing gifts and T&E-related expenses to one government official. Savvy data analytics would monitor the aggregate amount of T&E expenses going to that official over a given period of time to ensure compliance with all expense thresholds. 

Furthermore, compliance and audit should cooperate to weed out weaknesses in T&E processes and controls. Internal audit will inevitably discover issues that compliance should know about, Jordan says. “Not tapping into that knowledge source is a big mistake,” he says.

When T&E abuses are discovered, for example, compliance should ask internal audit what additional intelligence it has about possible misconduct to help the compliance team improve the company’s anti-corruption controls, Jordan says. “Ask, ‘What are we potentially missing?’”

If companies were to draw only one lesson from the Bruker and FLIR Systems’ enforcement actions, it should be that T&E abuses alone are not immune to an FCPA enforcement action. Even though the FCPA Resource Guide includes language that cautions against dwelling too much on monitoring gifts and entertainment, no company is ever immune to T&E abuses.

The Department of Justice and SEC will not hesitate to prosecute a company with a systematic pattern of T&E abuses, Tillen says; the recurring pattern raises alarms that the company’s internal controls or culture are insufficient to stop the behavior. If the misconduct is a single instance where an employee provided a lavish trip to an official, “that’s not likely to result in a prosecution,” he adds, “but if it’s happening time and time again, that is what’s going to get their interest.”