Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

At Large: Are agents ever ‘legal’ under the FCPA?

My serious purpose in asking if agents are legal under the FCPA is about compliance with the accounting standards.

The accounting standards require issuers — generally companies with securities registered with the SEC —  to keep accurate books and records (the books and records provisions), and to maintain internal accounting controls sufficient to provide reasonable assurance that transactions are accurately recorded, lawful, and in accordance with management’s authorization (the internal controls provisions).

Concerning the FCPA internal controls provisions, my question is: Can issuers meet the requirement if they use intermediaries? Or, is the use of an agent, which necessarily involves some loss of control, always non-compliant with management’s legal duty to provide reasonable assurance that transactions are accurately recorded, lawful, and in accordance with management’s authorization?

The usual justification companies give for hiring agents is that they need the agent’s local knowledge to do business in a new or challenging market. That local knowledge might be about navigating government bidding rules or licensing requirements, complying with a “local content” regime, coordinating logistics, advice about protocols, or even avoiding incorrect use of a local language or dialect.

Despite those typical and apparently reasonable justifications, most FCPA enforcement actions involve intermediaries. Agents, distributors, channel or licensing partners, consultants, and joint venture partners grease local palms, either in knowing collaboration with the company that hired them, or on their own initiative. In every FCPA case where there’s an intermediary, the issuer’s internal controls fall short of what’s required.

How many FCPA enforcement actions involve intermediaries? This year, four of the five corporate enforcement actions have involved intermediaries, including Airbus, Eni S.p.A, Cardinal Health, and Alexion Pharmaceuticals. Last year, nine of the 14 corporate FCPA enforcement actions involved some sort of middleman, including actions against Ericsson, Samsung Heavy Industries, Juniper Networks, Microsoft Corporation, TechnipFMC plc, Walmart Inc., Fresenius, MTS, and Cognizant Technology.

When those companies decided to work with intermediaries, did someone inside make a strong business case for doing so? We know they sometimes didn’t, because the DOJ and SEC said agreements with some of the intermediaries were “shams,” used to funnel  bribes to foreign officials or cover up the bribes.

But even if the agreements weren’t shams, even if proponents inside the companies believed sincerely that the agents were necessary, is there a credible justification? Let me ask it another way: Should a company that wants to do business in a new or challenging market ever subcontract to a third party crucial corporate functions, such as marketing and sales, government affairs, and the like? Is doing that consistent with management’s responsibility to be in control of the company?

I’m asking whether a company that believes it must hire third parties to perform crucial corporate functions in its stead should be doing business in that market in the first place? If the answer is “no” as a matter of corporate control, then there’s no legitimate business case for retaining the intermediary. And if that’s true, but the company is retaining agents anyway, then its compliance program is broken.

I’m not convinced this argument against agents and other intermediaries stands up. There may be times and places when agents serve an important purpose. But anyone looking at the FCPA corporate enforcement record can see that intermediaries bring with them alarming compliance risks. So, I think it’s appropriate to ask whether agents can ever have a legitimate business purpose? Or should we say instead that any market where business can be done only through or with an intermediary is automatically off-limits?

Your comments are always welcome.

Share this post



  1. Dear Sir,
    This is actually an exciting question, especially for a non US company, based in civil law country. Indeed, distribution via brokers, agents, commissionnaires and distributors are common for civil law lawyers while the US infernal controls requirements are rather ignored. Therefore, most of them would object to your article that you do not provide the test which make agency agreements unlawful and the others ok. Take the brokers, the commisionaires and some types of distributor agreements such as buy back or drop shipping agreements. They could be condidered as preparing, liaising, intermediating on behalf of the principal. So, sanctions should also hit these schemes. Unless the FCPA only focuses on those who act « in the name and on behalf » of a principal. That is the agent.

  2. As usual Richard, a great topic for discussion.

    However, the issue with the examples you use is that they only identify the times agents are mentioned in the final settlement order. What would the statistics tell us if we knew of all incidents where agents were used?

    I am familiar with one FCPA settlement where an agent was used, because of his strong political contacts. The use of that agent wasn’t mentioned in the final order, possibly because the company was more concerned about the agent’s reputation than that of the senior employees left behind to clean up the mess.

    For me its common sense not to use an agent. You know you’re headed down the wrong path when a senior executive, or his or her advisors, say…..”we have a problem and we need to hire someone with political connections to help us resolve the problem”.

    Any conversation that starts that way is the beginning of a significant problem for the company. It doesn’t require a rocket scientist to recognize the risk posed by that request.

  3. I think contracting an agent by a multinational company could in some cases be a wise business decision. What the company needs to do, is to ensure that the agent compliance with appropriate and stated standards of the principal. Some third party agents come with added advantage to the business and we can’t reduced the benefits of such agents. A good agency agreement will perhaps help parties streamline perceived compliance gaps, conduct checks and ensure due diligence.

    • On first glance, it may seem that an agent could be useful. However, one needs to seriously consider the purpose. Are they being hired for their contacts or advice? If its just for their advice and they will have no communication role with foreign officials, then perhaps that’s alright.

      Problem is, I’ve never met someone with contacts who doesn’t want to contact those influential friends, either directly or indirectly. Keep in mind, most influential agents want to be paid a bonus and they want to collect that bonus as quickly as possible. They will do whatever is necessary to collect.

      Many companies stay away from agents for this reason. It can get very murky and the hiring company often loses control. In the case I mentioned above, all the due diligence was done and an internal contact was assigned to the agent. The agent said they would comply with local and international law. Unfortunately they did not comply.

  4. To Richard Cassin’s question….”Are agents ever legal?”

    Perhaps the best place to start, in trying to answer this question, is where it is illegal. Because, in some jurisdictions a company is prohibited from hiring an agent for the purpose of using that agent’s close relationship with a foreign official to help in any matter. The definition of a close relationship can be very broad.

    The company, agent and foreign official may be charged criminally in those jurisdictions.

  5. From my perspective, and almost by definition, I don’t think internal controls can ever effectively monitor an external entity. That’s not how internal controls work. When a company decides to hire a third party they are necessarily agreeing to forfeit some control. Perhaps the best a company can hope for is to on-board the third-party like they would a regular employee and train them up and hope for the best.

    • You have a valid point Nick.

      Most organizations have internal controls (the controls or management systems to help mitigate the risk of corruption within the organization via their employees, contractors, representatives and service providers) and those controls should be used to conduct the appropriate due diligence on a third-party and manage that party through the length of the relationship.

      A third-party should not be treated any different from an employee.

      I think the issue that Richard Cassin is targeting is the use of special agents (a hired fixer or a well connected joint venture partner) to do things that the organization might not normally do, or think they can’t do. While the company might not intend to do anything illegal, agents, because of the nature and scope of their work, are less likely to follow company procedures, no mater how much training they receive.

      I’m not sure about you, but I have heard an agent say… “the corporate office just doesn’t understand our culture and how to get things done”. In fact, it was the same agent I mentioned in my first comment.

      In my view, organizations are better off ruling out the need for agents (fixers), and there are many organizations doing just that. To be clear, these are not the contractors and consultants who provide a valuable service to an organization. When well managed, the risks of corruption within these organizations can be reduced.

  6. I think at the very least, company reports should specify and split Agency-derived income, costs, profits from Own-derived income, costs, profits.

    In the case of Wirecard, I believe that 2/3 was Agency-derived. Mostly fictitious, it seems.

Comments are closed for this article!