Editor: Proposals to amend the FCPA have been advanced this year. What changes do you see coming in the short to medium range?
Moyer: There are really two paths for change. One is legislative, as there have been calls for amendments to the FCPA. The other is guidance from the Justice Department, which it has announced it intends to provide.
There are some obstacles to legislative change. Some of the proposed legislative changes would not really change existing law. Rather, they would address perceived ambiguities or potential problems, as opposed to curbing demonstrated instances of governmental overreaching. The administration’s unequivocal opposition to any legislative change is another obstacle. And there is also the risk that if the statute were to be reopened, the proponents of change might get things that they have not asked for. More likely, I think, is that we will see guidance from the Department of Justice that will address some of the issues that have been the focus of legislative proposals. I suspect that some, but not all, of the guidance will be welcomed by the advocates for legislative change.
Editor: To what extent have Justice and the SEC clarified the guidelines as to what constitutes a violation?
Moyer: The agencies have not previously issued guidelines, nor have they significantly redefined what constitutes a violation of the law. The statutory prohibitions have not changed. In 1998 there were amendments to the law that expanded its jurisdictional reach but did not change what is a violation.
Over the years the prohibitions have been applied in different contexts. For example, in the last few years, most enforcement actions have involved payments through third-party intermediaries of one sort or another. That’s an enforcement trend but not an example of the agencies redefining what a violation is. They have also aggressively applied the Act’s definition of knowledge, which relates to third-party liability, but the act’s language has not changed in 24 years.
Editor: Some high-profile cases have gone to trial in recent months, and some have not resulted in convictions. What do you see as the longer-term implications of these cases?
Moyer: I don’t think they foreshadow fundamental changes in FCPA enforcement. These cases are quite fact-specific, and the key issues in some have been unrelated to the FCPA. What these cases may do is sharpen the focus on both sides of the equation – prosecutors and defense counsel – in terms of evaluating the sufficiency of the evidence and whether all the elements of a violation have been met. The fact that the ice has been broken on litigation may create a more balanced dialogue in future cases.
Editor: Why have Sarbanes-Oxley and Dodd-Frank triggered greater emphasis on FCPA compliance?
Moyer: Both these laws have increased the likelihood that violations will be disclosed: in the case of Sarbanes-Oxley, by increasing the possibility that boards of directors or audit committees will press for disclosure; in the case of Dodd-Frank, by incentivizing whistleblower reports. These developments have put a greater premium on preventing violations and, when a possible violation surfaces, on responding to it quickly.
Editor: Each year sees an increase in the amount and variety of penalties for FCPA violations. What else might be in the offing?
Moyer: If you look back over the history of enforcement of the FCPA, you will see that the government has expanded both the size and the variety of penalties.
The Siemens case raised the bar quite high in terms of potential monetary penalties. DoJ has introduced deferred prosecution agreements and non-prosecution agreements, and the SEC recently announced and applied its own version of a deferred prosecution agreement. Both have introduced compliance monitors. We have begun to see cases with disgorgement of profits, another potentially potent SEC remedy. We will also probably continue to see an evolution of compliance and reporting obligations that are incorporated into settlements. And perhaps we will see the government accept offers by corporations to spend money for anti-corruption purposes that might otherwise be paid as a penalty, not unlike the commitment Siemens made to the World Bank to avoid debarment.
Editor: Have there been changes on the part of corporations in how they achieve compliance with the FCPA?
Moyer: Absolutely. Anti-corruption compliance programs today are very different from what they were 10 or 15 years ago, and the way the government regards compliance programs has changed. A decade or so ago, simply having an anti-corruption compliance program was exceptional; now they are expected, and the focus is much more on their effectiveness and the compliance culture of the company. The principal value of a compliance program should be its effectiveness in surfacing issues and preventing violations; the fact that having a strong compliance program is a mitigation factor should be an ancillary benefit.
Editor: What criteria should be applied in testing the effectiveness of a compliance program?
Moyer: An effective compliance program is art as well as science and is no longer evaluated by just a checklist. If a company says, we have a compliance program and we’ve not had one issue arise, that’s not necessarily an A-plus compliance program. It could be the opposite.
In testing effectiveness, I look at whether there’s a good understanding of the program in the field. Is the program tailored to the company’s risks? Are business managers accountable for compliance failures? Do they feel they are owners of the program? Does the company run a tight ship – does it know exactly where and for what its money is going? Does it regularly test its own program on a risk-based basis? Those are among the indicators that can tell you about a program’s effectiveness.
Editor: What are the advantages and disadvantages of reporting possible violations or questionable practices to the Justice Department or SEC? What about the benefits of seeking an advisory opinion?
Moyer: As to reporting, there are multiple variables. When companies consider voluntary disclosure, they often start by considering the chances that the matter will be involuntarily disclosed. Were the government to learn about an issue through the press, a whistleblower or otherwise, a prior voluntary disclosure would earn the company credit. If a company thinks a matter is unlikely to come to the government's attention, it might weigh voluntary disclosure differently. Other factors that may come into play are the seriousness of the issue, the aggressiveness of the company’s response, the involvement of the audit committee, the company’s risk tolerance, and possibly extraneous business considerations. It is true that in almost all cases that ended with a non-prosecution agreement, the company made a voluntary disclosure.
As to advisory opinions, which you can get from the Justice Department, they, too, are a form of voluntary disclosure because in order to get an advisory opinion, you have to lay out all the facts of the matter. If you go down that path and the government is leaning in the direction of saying “no, that’s not something on which we would give you a clean bill of health,” you can withdraw your request, but at that point you have already fully disclosed facts that enforcement officials have concluded would be a problem if you proceed. On the other hand, if the government responds favorably, you are inoculated. That’s the upside of getting an advisory opinion, but over the years opinions have enjoyed limited popularity.
Editor: How can Justice improve its procedures to provide greater clarity?
Moyer: By being more open in its reasoning and analysis. One way it could do this is by making public the rationales on which its advisory opinions are based. Currently, Justice Department advisory opinions typically give you an answer but often little rationale.
The primary source of FCPA jurisprudence has been settlement documents, which are more transparent than they once were, but they, too, could reveal more of the underlying rationale. Most helpful, potentially, could be the upcoming DoJ guidelines and transparency on declinations and the underlying reasons.
Editor: How can companies best manage the costs of an expensive internal investigation into possible FCPA violations without appearing to try to limit its scope?
Moyer: Because the reported costs of some investigations have been astronomical, this issue is getting increasing attention. The solution is not the government, which is rarely going to step in and say, “stop, you have done enough.” They will let the company investigate as far and wide as it chooses.
So the burden falls on companies and the firms they retain to be efficient and cost-effective in defining scope, in staffing, in the investigative techniques employed, in engaging forensic expertise as needed, and in knowing when to end an investigation – all without compromising its independence or integrity.
Learning curves for the investigating firm, misjudging the likely reactions of enforcement officials, or over-investigating can all be costly to clients. The balance to be struck is that at the end of the day, the investigation must be credible and sufficiently rigorous that enforcement agencies are comfortable in substantially relying on it.
Editor: Certain industries have been targeted recently. Is this an indication that enforcement agencies are targeting particular industries?
Moyer: It is true that the enforcement agencies have proceeded against companies in the medical device, pharmaceutical and oil service industries. It is not because these industries are unique, however. Industry sweeps have involved situations in which one company was found to have violated the statute in a particular way, and the agencies came to believe that similar violations may be common throughout the industry. Any industry that does business with a government or government-controlled entity or that is regulated by government agencies would be considered fair game by enforcement agencies. These three happened to find themselves in the spotlight before others.
Private equity and hedge funds dealing with sovereign wealth funds, which have come under scrutiny, are another example of the FCPA’s reaching into a new industry. Obviously, a corrupt inducement to invest directed to a governmental entity would be as violative of the Act as a corrupt inducement to buy products or services.
Editor: Why have many companies avoided making facilitating payments? Has the language regarding these payments ever been clarified in the Act, either by judicial ruling, advisory opinion or otherwise?
Moyer: In 1977, when this law was enacted, an exception for facilitating payments was a political necessity. In 1988, the statutory language was changed, but the meaning remained essentially the same. In more recent years we have seen more and more companies, as a matter of policy, moving away from facilitating payments, for a variety of reasons. For one, it’s easy to confuse lawful facilitating payments and unlawful small bribes, and if you have non-lawyer personnel in the field trying to make those judgments, that’s a high-risk activity. Many companies find it ethically anomalous to prohibit large bribes but permit smaller bribes. And it is a training challenge to explain and enforce that distinction. The fact that the new UK Bribery Act and some international conventions contain no facilitating payments exception has intensified the trend and prompted a little gleeful finger-pointing at the U.S. for maintaining its exception. To date, however, the debate has been greater than the risk, for there has been no rush to prosecute facilitating payments under any of these laws.
Editor: What are your thoughts about independent compliance monitors?
Moyer: I think they will continue to be used, albeit selectively. Compliance monitors present challenges. One is that monitors, ironically, are an unmonitored part of the FCPA world. Once a compliance monitor is appointed, there’s relatively little oversight by the government. Costs sometimes become excessive, as occasional press reports have confirmed. The monitor needs to strike a balance between being probing and thorough with being reasonable and exercising some level of self-restraint.
The mandate of an FCPA monitor is to evaluate and provide expert advice on a corporate anti-corruption compliance program. Not even all FCPA lawyers have that expertise, and if the monitor happens not to be familiar with the FCPA, the frictions and costs can increase. If a company has not been successful in avoiding having a monitor, it then needs to be thoughtful in selecting the monitor, open in addressing questions of cost, anticipatory in preparing for the monitor, and deft in establishing a satisfactory working relationship. While some companies acknowledge having benefited from having a monitor, few welcome the prospect.
Editor: Why is it important for companies to incorporate clear language about avoidance of foreign payments implicating bribes in all contracts?
Moyer: It’s important, first, because it is now an expected safeguard. I view contract provisions as helpful but not sufficient. The fact that you have an anti-corruption clause in your contract is not at the cutting edge of compliance today. If your contract is with someone who is willing to pay a bribe to a foreign official, that person is probably willing to sign a contract that has buried in it an anti-corruption clause. So the way to think about the contract clause is the same way you think about due diligence and other safeguards or preventive measures – namely, it’s a risk-reduction tool, but it’s not a legal defense. Managing third parties and the risk of vicarious liability for what they do now goes well beyond just contract clauses.