Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Good-faith defense: A trump card for compliance officers

Preston Tull Eldridge of the Arkansas Law Review argued in a recent article that FCPA enforcement practices are “a lose-lose situation for corporate compliance programs.”

The problem, he said, is that deferred- and non-prosecution agreements, however useful they may be, coupled with respondeat superior, increase prosecutors’ leverage over corporations. That leverage in turn incentivizes settlements and reduces judicial scrutiny of the FCPA. And it reduces reasons for companies to have strong compliance programs.

He’s right about respondeat superior. We’ve called it the most important influence on FCPA enforcement. It’s the big reason why no issuer has fought FCPA charges in court for nearly 25 years. Yet respondeat superior attracts little attention from the academy or the defense bar.

But Eldridge waded in. He explained the problem for companies this way:

Under respondeat superior, if a bribe-paying employee’s actions—regardless of their departure from a compliance program’s rules—occur within the employee’s scope of employment and benefit the company “at least in part,” the parent corporation will be held liable under the FCPA. A company’s risks under respondeat superior surge when the company enters an emerging foreign market, where it will likely hire local employees at all levels of the company’s operations.

Eldridge said: “The near strict liability for FCPA violations through respondeat superior—regardless of compliance efforts—and the inducement of settling do not adequately reward proactive compliance programs.”

The fix? A good-faith-compliance defense. This, he said, “will provide good corporate citizens with a workable defense to FCPA violations by rogue employees, increase prosecutorial attention to individual wrongdoers, and better incentivize proactive corporate compliance.”

Eldridge makes a good argument. Others agree with him.

Maybe someone in Congress or at the DOJ will agree too. Why should they? Because it will lead to more and better compliance.

A good-faith defense removes any lingering doubt that an effective compliance program is essential. And that would strengthen the hand of compliance officers everywhere, whose first and toughest job is to convince management and board members about the need for an effective compliance program. 

Preston Tull Eldridge’s ‘Without Bounds: Navigating Corporate Compliance Through Enforcement of the Foreign Corrupt Practices Act’ can be found in the Arkansas Law Review (66 Ark. L. Rev. 733) here.


Richard L. Cassin is the Publisher and Editor of the FCPA Blog. He can be contacted here.

Share this post


1 Comment

  1. Richard

    You make a good point with regard to the "good faith compliance defense". No compliance program, no matter how well designed and how effective can guarantee that there will never be a breach. The reason – the people.

    No matter how well trained the employees and contractors are and how clear the policies and procedures, people will at times make deliberate decisions to breach the rules. This is generally because they see some personal advantage to them (e.g. it get s project over the line or may ensure their entitlement to incentives/bonuses).

    Unfortunately it is next to impossible to show all the times the program has ensured that a breach did not occur. In my experience, Regulators generally focus on the breach as evidence of the failure of the compliance program – often arguing for no "discount" to the penalty for the business having implemented the compliance program. What this can lead to is people saying that they are better off not spending the money on a compliance program, but instead saving it for the cost of dealing with a breach of the law. Frankly, such an outcome is in no one's interest.

    A company defense based on establishing that its compliance program was well designed and implemented (and maybe that it could not have done anything more to prevent the breach) would certainly provide a very clear positive incentive for businesses. It would also help to move compliance staff from purely being seen as the "Abominable No Men" of the business to being seen as what they are – the trusted internal managers helping to protect the business from a range of business risks.


Comments are closed for this article!