Just as the 2016 FCPA enforcement year left us plenty of topics to discuss, the new year brings many uncertainties, and the direction of the law’s enforcement is a matter of some debate.
Last week, I spoke with Shearman & Sterling partner Philip Urofsky, a former federal prosecutor responsible for investigating, prosecuting, and arguing the appeals in cases involving violations of the Foreign Corrupt Practices Act.
Urofsky leads the Shearman & Sterling team that produced the 2017 FCPA Digest, an annual compendium of annual FCPA reviews of the prior year’s enforcement actions and related issues.
We started our conversation looking at the new head of the Securities and Exchange Commission (SEC), Jay Clayton, a Wall Street lawyer.
“Clayton co-authored a report on the FCPA in 2011 that gives us some clues as to his thoughts on FCPA enforcement — at least his thoughts at the time. And he certainly believed the FCPA to be an overly burdensome law that put covered businesses at a disadvantage to those not subject to it,” Urofsky said.
Whether his views will be tempered as the head of the SEC, and possibly influenced by his closest associates there — such as the deputy of enforcement, etc. — are open questions.
Urofsky noted how Andrew Weissmann’s proactive FCPA stance at the Department of Justice surprised some because he had formerly served at the business-friendly Chamber of Commerce.
Anything is possible.
Still, it’s obvious looking at the last couple of months of 2016 and first weeks of 2017 that regulators — even the Serious Fraud Office in the UK — were rushing to get some cases (like the one against Rolls-Royce) through before January 20.
“The proactive posture of the securities regulator in terms of the number of enforcement actions and a couple of huge dollar-value sanctions in the past year might not be replicated in 2017,” Urofsky said.
I see a more balanced approach with regard to enforcement generally coming from the SEC and DOJ this year,” he continued. “The Broken Windows Approach of going after the lower-hanging fruit might not be top of mind.”
The FCPA’s direct effect on investors is often minimal, Urofsky said, unlike accounting fraud and insider trading, and he sees the SEC possibly prioritizing violations that cause more direct harm to investors’ assets.
In written answers made public on January 26, Senator Jeff Sessions of Alabama told members of the Senate Judiciary Committee that if he’s confirmed as U.S. attorney general, he will enforce the Foreign Corrupt Practices Act. He had been critical of the law in the past as a burden to global firms.
It is to what degree Sen. Sessions is committed that remains an open question.
“Regardless of who heads up the SEC or the Justice Department, a firm should never do any less due diligence than scrupulous due diligence,” Urofsky said.
“You cannot afford to be complacent — other countries are still enforcing their own foreign bribery legislation. And it’s unlikely either agency will say that small bribes are just fine — or that you can calibrate your compliance program to only permit small bribes.”
“There are still over-arching, guiding principles of corruption law that must be attended to, and bribery showcases fault lines in a business’s procedures to identify and control for risk,” Urofsky said.
* * *
To help compliance professionals prevent bribery and promptly detect its occurrence, Urofsky offered several recommendations to consider:
- No matter how good your controls are, willful violations can penetrate them. People can fairly easily doctor the system; keep this In mind before thinking that is where all of your problems lie. Your controls could be from where none or only a few of them stem.
- Regulatory technology tools can help to spot financial spikes and dips in accounts that merit closer attention, making the right ones for your firm’s risk profile a worthy investment.
- Compliance teams can sometimes get bogged down in the routine (but FCPA-related) paperwork and filings that go with such things as gifts and entertainment, but miss many of the other ways bribes can be paid, such as through a chain of intermediaries about which you know nothing.
- Make sure intermediaries are hired under the strictest of conditions and that the attention paid to them remains, as effective compliance means endless skepticism of those working on behalf of the business in any capacity.
- Don’t act like FCPA compliance is just for the compliance department. It is not; it is a corporate-wide pursuit of using technology, monitoring persons, auditing financials and training personnel to speak up when something looks suspicious.
Julie DiMauro is a regulatory intelligence expert in the Enterprise Risk division of Thomson Reuters Regulatory Intelligence (TRRI). Follow Julie on Twitter @Julie_DiMauro and email her at [email protected].
Compliance and risk professionals, please take the TRRI Cost of Compliance Survey that forms the basis of our annual comprehensive report designed for you here: http://bit.ly/2k4NMEG