DOJ/SEC's Resource Guide to the U.S. Foreign Corrupt Practices Act: Jones Day Summary and Analysis

For many years, Jones Day has advised multinational corporations and their boards and executives regarding compliance with the U.S. Foreign Corrupt Practices Act. Jones Day has led, and is leading, international investigations regarding suspected violations of the FCPA. Our experienced attorneys have appeared and are currently appearing before the U.S. Department of Justice, the U.S. Securities and Exchange Commission, and other federal, state, and foreign government entities on behalf of clients regarding anti-corruption matters. Jones Day's broad experience across a wide variety of industries makes us well positioned to understand the particular problems companies face. Moreover, our experienced team of former government attorneys and experienced trial attorneys, our 37 offices around the world, and our One Firm approach provide clients with a wealth of experience in handling global anti-corruption matters and compliance efforts. This publication provides our collective thoughts and observations on the DOJ's and SEC's recent FCPA guidance document.

Jones Day also regularly assists multinational companies in avoiding problems before they arise by helping them to design and implement effective corporate compliance programs that include best-in-class anti-corruption measures. We advise corporations on how to conduct effective anti-corruption due diligence in corporate transactions, and we defend the company, the board of directors and individual employees against allegations of wrongdoing by the government or private plaintiffs.

The Jones Day attorneys who work on these global anti-corruption measures and responses reviewed with great interest the recently released guidance from the DOJ and SEC regarding the FCPA. Much of what we see in the document echoes the conversations that we have on a daily and weekly basis with our colleagues in the U.S. enforcement community, and captures some of the most frequent questions posed to us by our clients. Other pieces of information in the guidance are newer and, we hope, will clarify and make more consistent the positions taken by prosecutors and regulators in FCPA cases.

Enclosed for our clients and friends are our summary observations regarding the guidance and our thoughts about where we go from here. Also enclosed, at the back of this publication, is a short "crib sheet" for clients that summarizes the main points in the guidance and provides page numbers for ease of reference, as many clients have expressed to us that they find the 120-page document too long to digest.

We hope that you will find these materials helpful, and that you will call one of the many experienced Jones Day practitioners listed at the back of this piece if you wish to discuss further.

Charles Carberry
Richard Deane, Jr.

Jones Day Corporate Criminal Investigations Practice Leaders

Peter Romatowski
Robert Gaffey

Jones Day Securities Enforcement and Litigation Practice Leaders

Jones Day Summary and Analysis

A full year after promising written guidance regarding enforcement of and compliance with the Foreign Corrupt Practices Act, the U.S. Department of Justice and the Securities and Exchange Commission issued on November 14, 2012, A Resource Guide to the U.S. Foreign Corrupt Practices Act (the "Guidance"). The 120-page document has been rightly criticized for offering little new by way of substance. Instead, the Guidance is primarily a compilation of restated policy pronouncements issued by enforcement authorities in other contexts. While it addresses "big picture" FCPA issues, the Guidance is notable primarily for what it does not say, belying the assertion by the Assistant Attorney General that the publication constitutes "perhaps the boldest manifestation of [the government's] transparent approach to enforcement."

The Guidance: What It Says

The Guidance does not break new ground by offering any new policy pronouncements, but it does contain useful guidance for companies seeking to comply with the FCPA. The Guidance provides a comprehensive and easily read summary of government policy on the FCPA. It also pulls together into a single location guidelines that had not previously been stated clearly by U.S. enforcement authorities and guidelines that had only been stated orally. And, in certain respects, the Guidance provides a vehicle for the DOJ and SEC to state explicitly certain policies that otherwise must be teased out of anecdotal information arising from corporate prosecutions.

Permissible Business Courtesies. Corporate compliance departments often spend enormous amounts of time and effort on defining the proper limits to and approving expenditures on travel, entertainment, and gift-giving involving putative foreign officials. When a company is doing business in a foreign country with substantial government involvement in the private economy, the FCPA provides little statutory basis for distinguishing between prohibited corrupt payments and legitimate corporate hospitality (all of which is intended to influence the recipient foreign official). Although the amounts at issue tend to be small, the frequency with which the issue arises is high, and the available government guidance on the issue has been scant.

While the Guidance does not answer all of the nagging questions relating to business courtesies, it does for the first time provide a government-sanctioned framework for evaluating corporate hospitality. To start, the Guidance explicitly recognizes the legitimacy of the practice, stating that "[a] small gift or token of esteem or gratitude is often an appropriate way for business people to display respect for each other." (pg. 15) On the other end of the spectrum, the Guidance states obviously that improper benefits include such things as "a $12,000 birthday trip for a government decision-maker" and a "trip to Italy for eight" officials consisting "primarily of sightseeing" and including "$1,000 in 'pocket money' for each official." (pg. 16)

Most helpfully, the Guidance identifies the specific "hallmarks of appropriate gift-giving" as being that the gift is:

  • "[G]iven openly and transparently,"
  • "[P]roperly recorded in the giver's books and records,"
  • "[P]rovided only to reflect esteem or gratitude, and"
  • "[P]ermitted under local law."

(pg. 15) In addition, the Guidance specifically suggests that organizations, particularly large ones, use automated systems "with clear monetary limits and annual limitations" in implementing compliance programs related to "routine gifts, travel and entertainment." (pg. 58) Together, these aspects of the Guidance provide a road map to companies seeking to avoid "[d]evoting a disproportionate amount of time to policing modest entertainment and gift-giving," thereby freeing the compliance department to focus on more significant expenditures and risk areas. (pg. 58)

Likewise with respect to travel, the Guidance provides useful advice to companies seeking to comply with the FCPA's affirmative defense for "reasonable and bona fide travel and lodging expenses … related to the promotion, demonstration, or explanation of a company's products or services." (pg. 24) As with gifts, this is an area where companies have been hard-pressed to set limits that will withstand government scrutiny. The Guidance therefore gathers together and clearly states the safeguards that it has deemed in the past to be appropriate in relation to travel expenditures:

  • Do not select the particular officials who will par­ticipate in the party's proposed trip or program or else select them based on pre-determined, merit-based criteria.
  • Pay all costs directly to travel and lodging vendors and/or reimburse costs only upon presentation of a receipt.
  • Do not advance funds or pay for reimbursements in cash.
  • Ensure that any stipends are reasonable approxima­tions of costs likely to be incurred and/or that expenses are limited to those that are necessary and reasonable.
  • Ensure the expenditures are transparent, both within the company and to the foreign government.
  • Do not condition payment of expenses on any action by the foreign official.
  • Obtain written confirmation that payment of the expenses is not contrary to local law.
  • Provide no additional compensation, stipends, or spending money beyond what is necessary to pay for actual expenses incurred.
  • Ensure that costs and expenses on behalf of the foreign officials will be accurately recorded in the company's books and records.

(pg. 24 (footnotes omitted)).

The examples that the Guidance provides regarding gifts, travel, and entertainment are equally instructive. In the form of hypotheticals, the Guidance advises readers that the FCPA is not violated when representatives of a U.S. company:

  • Pay for a "moderate bar tab" for customers, including government officials at an industry trade show.
  • Present "a moderately priced crystal vase" to the General Manager of a government-owned customer "as a wedding gift and token of esteem."
  • Cover business class airfare for employees of a government customer to inspect company facilities in the United States, consistent with internal company guidelines for reimbursing the cost of lengthy international flights.

(pgs. 17-18) By contrast, the Guidance states that the FCPA obviously would not permit first-class airfare for the officials to travel, with spouses, to Las Vegas on a vacation. All of the above is consistent with prior guidance from DOJ and SEC but is nonetheless helpful in its specificity. In particular, the Guidance's use of internal policies as a yardstick for the reasonableness of travel expenses (in this example, class of travel) ratifies a common compliance practice of treating expenditures for visiting officials in a manner similar to a company's own employees.

Corporate Mergers and Acquisitions. The Guidance likewise suggests important best practices to be followed regarding a company's merger with or acquisition of other companies. The most significant developments in this regard are the Guidance's advice regarding the liability an acquiring company does, and does not, acquire in a merger or acquisition and the use of due diligence to minimize that successor liability.

Successor Liability. In the Guidance, the DOJ explicitly recognizes the applicability of several important limitations on successor liability. First, the Guidance recognizes that if a U.S. "issuer were to acquire a foreign company that was not previously subject to the FCPA's jurisdiction, the mere acquisition of that foreign company would not retroactively create FCPA liability for the acquiring issuer." (pg. 28) This, of course, merely restates a basic premise of corporate and criminal law. It is, however, one that is regularly misunderstood, and the inclusion in the Guidance can only help to clarify the matter.

Second, the Guidance seems to recognize implicitly that an acquiring company should not become responsible for the prior violations of an acquired company with which it does not merge. The Guidance proposes a hypothetical fact scenario in which "Company A" does not discover bribery by "Company B" until after its acquisition, notwithstanding "extensive due diligence." Once it discovers the bribery, however, Company A "makes certain that the illegal payments stop, … voluntarily discloses the misconduct to DOJ and SEC," and implements robust remedial compliance measures. Under these circumstances, the Guidance opines: "Absent unusual circumstances not contemplated by this hypothetical, DOJ and SEC are unlikely to prosecute Company A for the pre-acquisition misconduct of Company B, provided that Company B still exists in a form that would allow it to be prosecuted separately (i.e., Company B is a subsidiary of Company A)." (pg. 33)

Under the facts of this hypothetical, the Guidance reaches the correct legal conclusion regarding the consequences of pre-acquisition conduct by a corporate entity that has not been merged into the acquiring company. That is, as to actions that took place entirely before the acquisition, the new sole shareholder (i.e., the acquiring company) does not become liable merely by virtue of the corporate transaction. The Guidance potentially comes up short, however, in recognizing that some unspecified "unusual circumstances" could exist under which the acquiring company would become liable for the pre-acquisition conduct of the acquired company. Assuming that these "unusual circumstances" are sufficiently circumscribed, though, the Guidance confirms an important safeguard to companies seeking to limit properly their responsibility for the pre-acquisition conduct of their subsidiaries. It also acts as a reminder of the importance in this context of maintaining the corporate separateness of acquired subsidiaries.

The corollary lesson to be drawn from this aspect of the Guidance is that an acquiring company that discovers pre-acquisition misconduct at a subsidiary has a strong incentive to remedy the conduct and disclose it voluntarily to authorities. If the DOJ and SEC are taken at their word, an acquiring company minimizes the exposure to itself (and, by extension, to its directors, officers, and employees) when it draws a clear distinction between itself and the misbehaving subsidiary in these circumstances, and when it assists the government in bringing an action against the subsidiary. This encouragement of self-disclosure is not accidental.

Risk-Based Due Diligence. The Guidance provides specific and detailed advice regarding the steps a company can take to minimize its liability in the context of a merger or acquisition. The Guidance states that "DOJ and SEC encourage companies engaging in mergers and acquisitions to" take the following steps:

  1. Conduct thorough risk-based FCPA and anti-corruption due diligence on potential new business acquisitions;
  2. Ensure that the acquiring company's code of conduct and compliance policies and procedures regarding the FCPA and other anti-corruption laws apply as quickly as is practicable to newly acquired businesses or merged entities;
  3. Train the directors, officers, and employees of newly acquired businesses or merged entities, and when appropriate, train agents and business partners, on the FCPA and other relevant anti-corruption laws and the company's code of conduct and compliance policies and procedures;
  4. Conduct an FCPA-specific audit of all newly acquired or merged businesses as quickly as practicable; and
  5. Disclose any corrupt payments discovered as part of its due diligence of newly acquired entities or merged entities.

(pg. 29) Here again, the Guidance does not depart from what has been apparent DOJ and SEC policy in recent years, but helpfully makes that policy explicit, providing companies with a readily-available checklist for pre-acquisition and post-closing diligence.

Duress Defense. The Guidance provides comfort for companies facing the infrequent, but significant, circumstance of "real threats of violence or harm to their employees." The Guidance assures those companies that "payments made in response to imminent threats to health or safety do not violate the FCPA," provided they are properly recorded in the books and records of the company. (pg. 27) While companies presumably would have reached the same conclusion as a purely practical matter, it is helpful for the DOJ and SEC to recognize as much.

This defense, according to the regulators, has some important limitations. As the Guidance and pre-existing policy make clear, DOJ and SEC do not consider threats of economic harm sufficient to justify corrupt payments to foreign officials. (pg. 27) And, the Guidance is silent on the question of whether payments in response to threats of physical violence could be prosecuted as violations of other laws, such as the prohibition against supporting designated terrorist organizations.

Corporate Compliance Programs. The Guidance provides a list of so-called "Hallmarks of Effective Compliance Programs." The "hallmarks" are a summary of guidance contained in prior publications, including the DOJ's U.S. Attorney Manual, the SEC's Seaboard Report, the Federal Sentencing Guidelines, and Press Releases. (pgs. 56-61; endnotes 302-326) The Guidance, however, also includes fairly detailed guidance regarding the government's expectations for effective programs by including reference to what many practitioners would call "best practices" in some areas. Looking at this guidance from a different angle, a compliance program that fails to include these "hallmarks" may be viewed skeptically by the DOJ and SEC. The "Hallmarks of Effective Compliance Programs" are as follows:

  • A proper "tone at the top" with the board of directors and senior executives demonstrating a commitment to compliance that is reinforced and implemented by middle managers and employees at all levels of the company. This should include unambiguous communication from senior management about the requirements for compliance that is "scrupulously followed" and disseminated throughout the organization. (pg. 57)
  • The code of conduct should take into account the company's specific business model and be written, clear, concise, accessible to all employees and agents, and available in local languages. (pgs. 57-58)
  • At least one senior executive, who has authority within the organization and autonomy from management, should be responsible for the oversight and implementation of the company's compliance program. (pg. 58)
  • Risk assessment should drive decisions about the amount of human and financial resources allocated to the program, and the management of those resources. Attention should focus on risks associated, for example, with large government bids, questionable payments to third-party consultants, or excessive discounts to resellers and distributors rather than low-risk activities, such as modest entertainment or gift-giving. (pgs. 58-59)
  • Periodic training on compliance policies and procedures should be provided to all directors, officers, relevant employees, and, where appropriate, agents and business partners. Moreover, specific audiences in higher risk functions should receive targeted and specific training. (pg. 59)
  • There should be appropriate and clear disciplinary procedures that are applied "reliably and promptly" and should be commensurate with the severity of the conduct. A company should be providing positive incentives to employees in all functions for compliant conduct, and include related standards in employee performance criteria. (pgs. 59-60)
  • There should be policies and procedures relating to the risks associated with third-parties, including the capacity for on-going monitoring and the ability to address any "red flags" that may surface during the course of the third-party relationship. (pgs. 60-61)
  • An effective compliance program provides a mechanism for the reporting of suspected wrongdoing, protects whistleblowers from retaliation, and has in place an efficient, reliable, and properly funded process for investigating the allegation. (pg. 61)
  • An effective compliance program "constantly evolve[s]" to reflect the changes to the company's business over time, including changes to the environment in which the company operates, the nature of its customers, the laws that govern the company's actions, and the standards of the company's industry. As a result, management should at least annually conduct a formal review of the effectiveness of the program and address any weaknesses. (pgs. 61-62)

For a company whose compliance program contains these "hallmarks" of effectiveness, the Guidance provides some encouragement, stating that the DOJ "may decline to pursue charges against a company based on the company's effective compliance program, or may otherwise seek to reward a company for its program, even when that program did not prevent the underlying FCPA violation that gave rise to the investigation." (pg. 56)

However, the Guidance notes that "individual companies have different compliance needs" and that "there is no one-size-fits-all program." (pg. 57) Importantly, the Guidance still leaves it to the company to determine what "reasonable" internal controls are. (pg. 58) Moreover, when determining what compliance controls are "reasonable," a company should be mindful that an effective compliance program is one that addresses risk, is implemented fully, and is enforced consistently, as a program that merely "employ[s] a 'check-the-box' approach may be insufficient." (pg. 57)

Books and Records Provisions. The Guidance confirms that the DOJ and SEC continue to view the books and records provisions of the FCPA as separate and distinct from bribery violations under the FCPA. The Guidance notes that the provisions apply to any circumstance in which the company's books and records do not accurately reflect the company's assets, liabilities, and transactions. It also reiterates the importance of recording transactions with reasonable detail. The Guidance emphasizes that mischaracterizing transactions in the company's books and records has facilitated concealment of bribe payments in past cases. The Guidance provides examples of bribes that were mischaracterized on a company's books and records:

  • Commissions or Royalties
  • Consulting Fees
  • Sales and Marketing Expenses
  • Scientific Incentives or Studies
  • Travel and Entertainment Expenses
  • Rebates or Discounts
  • After Sales Service Fees
  • Miscellaneous Expenses
  • Petty Cash Withdrawals
  • Free Goods
  • Intercompany Accounts
  • Supplier/Vendor Payments
  • Write-Offs
  • "Customs Intervention" Payments

The Guidance: What It Doesn't Say

Perhaps most important for corporations and their counsel in assessing the DOJ and SEC's guidance is to understand what the document does not say. Certain questions are, unsurprisingly, left unanswered. Many of these are matters of judgment while others are areas that the DOJ and SEC simply chose to leave vague, giving the government the most discretion possible in later enforcement actions.

Credit for Self-Reporting. One question not clearly resolved by the Guidance is what value or credit entities receive for self-reporting a potential FCPA issue to the government. The Guidance points to broad factors listed in pre-existing guidance such as the Sentencing Guidelines, DOJ's Principles of Federal Prosecution of Business Organizations and the SEC's Seaboard Report. What the Guidance does not do is provide any kind of measurement for how cooperation will be assessed or what credit will be given, and it does not address the conclusion of many (including a recent NYU study) that there is no observable difference in penalties between cases that are self-reported and those discovered by the government on its own.

Clients that are considering whether to self-report potential violations of the FCPA are in much the same boat that they were before the Guidance was released. There is no legal requirement to self-report violations of the statute. The DOJ and SEC warn corporations that they will be treated more harshly if they fail to self-report, and more leniently in a self-reporting scenario. But the objective evidence and the experience of investigative and defense counsel during investigations suggest that the outcome of an investigation depends most heavily on the seriousness of the underlying facts, and less on whether or not the company self-reported those facts. For example, the six examples of declinations cited in the Guidance were all self-reported, but they also involved amounts that were characterized by the government as small (or detected before the payment was made). (pgs. 77-79) The outcome also depends, at least in part, on the views of the individual prosecutors or regulators who are leading the inquiry, what other similar cases have recently been decided, timing, and many other factors that affect every government investigation.

Nonetheless, in our experience self-reporting still can have significant value. It is not the right answer in every case and is a decision that requires careful evaluation of the facts and circumstances by the company's leadership. In our experience, self-reporting impacts the dynamic between the company and the U.S. government throughout the course of the review. Self-reporting casts current management and the board of directors in the best possible light under difficult circumstances, giving defense counsel an opportunity to show the government at the very start of the review that the company wishes "to do the right thing." DOJ and SEC tend to give a self-reporting company more latitude in deciding how to get to the bottom of the facts, and at least facially they attempt to work with the company and its counsel to reach an appropriate and just resolution that takes into account the company's self-reporting. Individual corporate leaders or board members frequently take comfort, in a self-reporting setting, that their own conduct will be viewed in light of the decision to self-report. Moreover, the new Dodd-Frank whistleblower provisions have also impacted the dynamic in deciding whether to self report because of the possibility that a whistleblower will go to the government in advance of the company.

The dark side of self-reporting, of course, is that DOJ and SEC will look harshly at facts that present potential violations of the statute no matter how the case came to their attention. They will ask questions about when the company learned of the facts, how it responded, how long it took for the company to self-report, and whether adequate remediation was performed. They may also ask the company to expand an investigation that is already broad and expensive. And, at the end of the matter, the DOJ and SEC will want significant penalties for companies where violations occurred, whether or not the case began with self-reporting.

Corporate Exposure Resulting from Third Parties, JVs, and Others. General concepts of agency, piercing the corporate veil, and successor liability apply to the FCPA no less than to any other regulatory statute. DOJ and SEC also will pursue corporations on theories of conspiracy and aiding and abetting in appropriate cases.

The Guidance identifies common red flags associated with third-party transactions from which the government may infer willful blindness. The list includes examples such as excessive commissions to third-party agents and unreasonably large discounts to third-party distributors. As discussed above, the strength of a company's corporate compliance program (or the absence thereof) should play a major role in any analysis of the imputed knowledge issue.

Where a subsidiary involves itself in an FCPA violation, the Guidance makes it clear that DOJ and SEC will not hesitate to proceed against the corporate parent. Unless the parent directly participates in the violation, a case of that kind often will turn on whether the officers and agents of the parent essentially controlled the actions of the subsidiary. Any analysis of that issue will be heavily fact-intensive. It is therefore not surprising that the Guidance offers scant clarification of what facts will and will not suffice to prove control. Based on the one example cited, heightened risk certainly will arise where the subsidiary's president serves on the parent's senior management team, where the parent's in-house lawyers review and approve the subsidiary's third-party relationships, where that approval ignores a documented lack of due diligence, and where one of the parent's officers approves a corrupt payment. Whether the parent would face liability absent the latter approval is far more difficult to say—and not addressed by the Guidance.

The Guidance also fails to distinguish between a due diligence review of an agent or a distributor on the one hand and a customer or a supplier on the other.[1] Although customers and suppliers are mentioned in many non-prosecution agreements and deferred prosecution agreements as "business partners," companies may have thousands of customers and suppliers, rendering it unrealistic to conduct the same type of due diligence of such entities as would be required for an agent or a distributor. Furthermore, the Guidance does not create a compliance defense.[2] A corporation may conduct a due diligence check of a third party as part of a robust corporate compliance program and still be liable for an FCPA violation committed by that party.Given the widely publicized, massive recoveries in recent cases arising from corrupt payments by intermediaries of joint ventures, it is somewhat surprising that the Guidance does not explicitly caution corporations against the dangers arising from such ventures. In a joint venture setting, conspiracy principles may pose the greatest risk, but those principles have their limits. On page 12, and again at page 34, the Guidance cites Pinkerton v. United States , 328 U.S. 640, 647-48 (1946), and carefully notes that conspiracy liability (and jurisdiction premised on that liability) cannot extend beyond "reasonably foreseeable" acts of co-conspirators in furtherance of a substantive offense. These concepts of foreseeability and reasonableness are firmly rooted in both international law and American due process.[3] They may ultimately curb some future prosecution of a company that prefers to seek a ruling, rather than a settlement.

Prosecutorial Discretion. While the Guidance provides substantial insight into how certain factual scenarios and statutory terms may be viewed by DOJ and SEC, it makes plain that the publication is not binding on line prosecutors or staff attorneys and creates no new substantive rights for targets or defendants. Essentially, prosecutors and regulators retain the right to exercise prosecutorial discretion which may well vary between offices and individuals. Unfortunately, the Guidance does not establish bright line guidance to restrict potentially over-broad interpretations of statutory terms and jurisdictional boundaries.

How the Guidance Interacts with UK Bribery Act Guidance

The Guidance makes it plain that there will be occasions when strict compliance with the FCPA will not necessarily ensure compliance with other national legislation. In particular, it cites the UK Bribery Act 2010 ("UKBA") and notes that the UKBA does not make an exception for facilitation payments whereas the FCPA does.

This is not the only difference between the two regimes. We offer a table on page 9 of the attached PDF that sets out a simplified comparison between some of the key areas covered by the two Acts.

There will also be occasions when a corporate entity potentially has liability under both the FCPA and the UKBA. The case of Innospec, which is referred to on a number of occasions within the Guidance, is an example of a company that had to deal both with the DOJ and the UK Serious Fraud Office.

The following is a brief summary of the major legislative provisions of the UKBA. The UKBA creates three general offenses:

  • Paying a bribe, contrary to section 1 UKBA;
  • Receiving a bribe, contrary to section 2 UKBA; and
  • Bribing an overseas public official, contrary to section 6 UKBA.

The offenses of paying a bribe (section 1) and receiving a bribe (section 2) apply equally to transactions with private individuals as they do to transactions with government officials.

Additionally, any corporate entity that carries on any part of its business in the UK commits an offense in violation of section 7 UKBA if it fails to prevent persons associated with it from committing acts which, if committed in the UK, would constitute offenses contrary to sections 1 and 6.

There is no statutory definition of what constitutes carrying on "a part of" a business in the UK. Guidance issued by the UK Ministry of Justice suggests that a bare listing on a UK exchange would not be sufficient to satisfy the test, but the UKBA is drafted widely and there is, to date, no case law to assist corporations and their advisors in deciding where the bar is likely to be set.

The definition of "associated persons" is likewise broad. It includes employees, agents, consultants and joint venture partners.

The only defense available to a corporation facing prosecution for the section 7 offense is that it had in place adequate procedures to prevent bribery. The UK Ministry of Justice has issued guidance on what constitutes "adequate procedures."[4]

FCPA Enforcement and Compliance: Where We Go From Here

In the hours (and even the minutes) following the release of the Guidance, commentators quickly issued pronouncements regarding whether or not the guidance will change the landscape of FCPA enforcement and compliance. Similar to the desire of the media to declare a "winner" in a presidential debate, publications offered immediate opinions on whether or not the Guidance will alter how companies behave or how prosecutors and regulators will evaluate those companies and corporate leadership and employees.

In our view, the Guidance is critically important because it represents the official words of the U.S. government regarding FCPA interpretation. The role of counsel, now, whether in an investigation or compliance setting, is to understand what the Guidance says and to help companies interpret it in light of counsel's experience and judgment. The Guidance is not, however, a complete "how to" guide that companies can use to solve all of their issues and questions in the area of anti-corruption. It is a tool that must now be used and considered carefully, and which counsel can use on companies' behalf when making arguments to DOJ and SEC about how the company tried to comply.

At the end of the day, corporations are best positioned against corruption, however, not through adherence to a publication from DOJ or SEC, but through thoughtful and reasonable assessment of the risks attendant to their business, drafting and communicating effective policies that address those risks, monitoring compliance with policies, enforcing rules when policies are violated, and ensuring that issues of non-compliance are considered and addressed responsibly. When this cycle is complete, companies should "rinse and repeat" and begin the process again through a living, breathing compliance structure that leadership supports and employees understand and embrace.

As defense and investigative counsel, it is the paradox of our role that the best result for our clients—the end of the investigation and the resolution of compliance issues—makes us obsolete. This comes with the territory, and the best clients know and understand that our work is designed to remove outside counsel from the process as quickly, efficiently, and early as possible so that the company can focus on running its business. While the completion of the review to the benefit of the client is always our goal, we do not believe, however, that the Guidance eliminates the difficult issues that companies must address, and many questions remain even after examining the guidance in detail. As always, we stand at the ready to assist our clients in working through these issues and to improve each client's position.

Lawyer Contacts

For further information, please contact your principal Firm representative or one of the lawyers listed below. General email messages may be sent using our "Contact Us" form, which can be found at

Henry W. Asbill
Former Trial and Appellate Attorney, D.C. Public Defender Service

David J. Bailey
Former Assistant Attorney General for the State of Georgia

Jean-Paul Boulee
Former Captain, U.S. Army Judge Advocate General's Corps

Charles Carberry
Former Assistant U.S. Attorney
New York / Washington
+1.212.326.3920 / +1.202.879.5453

Theodore T. Chung
Former Assistant U.S. Attorney
N.D. Illinois

R. Christopher Cook
Former Assistant U.S. Attorney
N.D. Illinois

Roman E. Darmer
Former Assistant U.S. Attorney

Richard H. Deane, Jr.
Former U.S. Attorney
N.D. Georgia

James C. Dunlop
Former Special Assistant Attorney General

Robert W. Gaffey
Former Assistant U.S. Attorney
New York

Randy S. Grossman
Former Deputy District Attorney
San Diego County
San Diego

Fahad A. Habib
Saudi Arabia / Washington
+966.2.616.1666 / +1.202.879.3663

Brian Hershman
Former Assistant U.S. Attorney
C.D. California
Los Angeles

Karen P. Hewitt
Former U.S. Attorney
S.D. California
San Diego

Jeffrey J. Jones

Beong-Soo Kim
Former Assistant U.S. Attorney
C.D. California
Los Angeles

Henry Klehm III
Former Senior Associate Regional Director, SEC Enforcement Division
Northeast Regional Office
New York

Jonathan B. Leiken
Former Assistant U.S. Attorney
Cleveland / New York
+1.216.586.7744 / +1.212.901.7256

Harriet B. Leva
Former Assistant U.S. Attorney
C.D. California
Los Angeles

Weston C. Loegering

George T. Manning
Former Assistant U.S. Attorney

Robert F. Mayo

Joan E. McKown
Former Chief Counsel, SEC Division of Enforcement

Brian O'Neill
Former Assistant U.S. Attorney
C.D. California
Los Angeles

Matthew D. Orwig
Former U.S. Attorney
E.D. Texas
Former Assistant U.S. Attorney
E.D. Texas
Dallas / Houston
+1.214.969.5267 / +1.832.239.3798

Glyn Powell
Former Head of the Fraud Business Area, U.K. Serious Fraud Office

Daniel E. Reidy
Former First Assistant U.S. Attorney
N.D. Illinois

Sion Richards

Joshua S. Roseman

Peter J. Romatowski
Former Assistant U.S. Attorney

Kerri L. Ruttenberg

Sheila L. Shadmand

Stephen G. Sozio
Former Assistant U.S. Attorney
N.D. Ohio

Neal Stephens
Former Assistant U.S. Attorney
S.D. Florida
Silicon Valley

Brian A. Sun
Former Assistant U.S. Attorney
C.D. California
Los Angeles

Harriet Territt

Sergei Volfson
Former member of the Russian Military

Hank B. Walther
Former Assistant Chief, FCPA Unit
Department of Justice, Criminal Division

Peter J. Wang
Shanghai / Beijing
+86.21.2201.8040 / +86.10.5866.1111

James R. Wooley
Former Assistant U.S. Attorney
N.D. Ohio
Former Assistant District Attorney
Manhattan District Attorney's Office

Jones Day publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our "Contact Us" form, which can be found on our web site at The mailing of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.


A Jones Day Crib Sheet


On November 14, 2012, the U.S. Department of Justice ("DOJ") and the U.S. Securities and Exchange Commission ("SEC") released their long-awaited guidance on enforcement of the U.S. Foreign Corrupt Practices Act ("FCPA"). At 120 pages, the Resource Guide to the U.S. Foreign Corrupt Practices Act (the "Guide") is designed, in the words of the SEC Director of Enforcement, so that "[p]ublic company officers can put this on their desk … and understand what it is we're doing in this space, and run their companies accordingly."

The Guide is nonbinding, informal guidance designed to summarize the FCPA's provisions and to provide insight into DOJ and SEC enforcement practices.


Jurisdiction (pages 10-12)

  • The FCPA anti-bribery provisions prohibit U.S. persons and businesses and U.S. and foreign public companies listed on U.S. exchanges or who are required to file periodic reports with the SEC from making corrupt payments to foreign officials to obtain or retain business.
  • Foreign persons and businesses may be liable under the FCPA for acts in furtherance of a corrupt payment while in the territory of the United States.

The Business Purpose Test (pages 12-14)

  • The FCPA applies to payments intended to induce or influence a foreign official to use his or her position to assist in obtaining or retaining business for or with, or directing any business to, any person.
  • This provision is broadly interpreted to include (a) winning a contract; (b) influencing the procurement process; (c) circumventing the rules for importation of products; (d) gaining access to non-public bid tender information; (e) evading taxes or penalties; (f) influencing the adjudication of lawsuits or enforcement actions; (g) obtaining exceptions to regulation; and (h) avoiding contract termination.

"Anything of Value" (pages 14-19)

  • The FCPA prohibits bribes in the form of a corrupt offer, payment, promise to pay, or authorization of the giving of anything of value to a foreign official.
  • In addition to cash, the FCPA prohibits gifts, travel, entertainment, and other things of value.
  • Corruptly given charitable contributions are also prohibited.
  • Gifts and contributions should only be made where (a) given openly and transparently; (b) properly recorded in the giver's books and records; (c) provided only to reflect esteem or gratitude; and (d) permitted under local law.

Foreign Officials (pages 19-21)

  • The FCPA broadly applies to corrupt payments to "any" officer or employee of a foreign government and to those acting on the foreign government's behalf, including both high ranking officials and low-level employees.
  • Payments to foreign governments are not prohibited, but companies should take steps to ensure that no monies are used for corrupt purposes or for the personal benefit of foreign officials.
  • The FCPA also prohibits payments to officers or employees of instrumentalities of foreign governments, which includes state-owned or state-controlled entities.
    • Case law interpreting "instrumentality" is only beginning to develop, but the clear trend thus far is for courts to reject arguments that Congress did not intend "instrumentality" to cover state-owned commercial entities.

Payments to Third Parties (pages 21-23)

  • The FCPA expressly prohibits corrupt payments knowingly made through third parties or intermediaries, and companies cannot avoid liability by remaining deliberately ignorant of the actions of third parties.
  • Companies can reduce FCPA risks associated with third parties by implementing effective compliance programs that include due diligence of prospective foreign agents.
  • Facilitating or Expediting Payments.

Facilitating Payments (pages 25-26)

  • The FCPA contains a narrow exception for facilitating or expediting payments made in furtherance of routine governmental action involving nondiscretionary acts.
  • If the payment's purpose is to make an official exercise discretion in favor of the company making the payment, then the facilitating payments exception cannot apply.

Principles of Corporate Liability for Anti-Bribery Violations (pages 27-33)

  • Parents may be liable for bribes paid by their subsidiary through traditional agency principles if the parent exercise control over the subsidiary. In addition, a parent may be liable for the actions of its subsidiary if the parent participated in the activity.
  • The Guide notes that in a significant number of instances, DOJ and SEC have declined to take action against companies that voluntarily disclosed and remediated conduct and cooperated with DOJ and SEC in the merger and acquisition context. Successor companies have been held liable in situations where the violations were egregious and sustained or where the successor directly participated in or failed to stop the misconduct.
  • Successor liability does not create liability where none previously existed. An issuer's acquisition of a foreign company does not retroactively create FCPA jurisdiction for the acquiring issuer.

Statute of Limitations (pages 34-35)

  • In both criminal and civil FCPA enforcement actions, the statute of limitations is five years.
  • In cases involving conspiracies, the government may be able to reach conduct occurring before the five-year limitations period if an act in furtherance of the conspiracy occurred within the five-year limitations period.


The FCPA's accounting provisions apply to every issuer that has a class of securities registered pursuant to Section 12 of the Exchange Act or that is required to file annual or other periodic reports pursuant to Section 15(d) of the Exchange Act. Individuals may also face liability for aiding and abetting or causing an issuer's violation of the accounting provisions.

Covered Conduct (pages 39-41)

  • Issuers are required to make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer. Companies must never mischaracterize transactions in their books and records.
  • Issuers must also devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances regarding the reliability of financial reporting and preparation of financial statements. The FCPA does not specify a particular set of controls companies are required to implement.
  • An effective compliance program is a critical component of an issuer's internal controls.


DOJ's decision whether to pursue an FCPA investigation is guided by Principles of Federal Prosecution and Principles of Federal Prosecution of Business Organizations published in the U.S. Attorney's Manual. (pages 52-53)

SEC's decision is guided by the SEC's Enforcement Manual published by the SEC's Enforcement Division. (pages 53-54)

The Effect of Self-Reporting (pages 54-56)

  • DOJ and SEC place a high premium on self-reporting, along with cooperation and remedial efforts.
  • In criminal matters, DOJ considers the voluntariness and timeliness of a company's disclosure, as well as whether a company's remedial measures were both meaningful and sufficient to illustrate the company's recognition of the seriousness of the misconduct.
  • In civil cases, the SEC considers four broad measures of a company's cooperation: (a) self-policing prior to the discovery of the misconduct; (b) prompt self-reporting upon discovery of the misconduct; (c) remediation, including appropriately compensating those adversely affected; and (d) cooperation with law enforcement.

Effective Compliance Programs (pages 56-62)

  • Role of Compliance Programs in DOJ and SEC enforcement decisions (page 56)
    • DOJ and SEC both view an effective compliance program as a critical component of a company's internal controls and as vital to detecting and preventing FCPA violations.
    • Compliance programs should be tailored to each company's specific business and the risks associated with that business.
    • The adequacy of a company's compliance program is a key consideration assessed by DOJ and SEC when deciding what, if any, enforcement action to take.
    • DOJ and SEC will analyze a company's compliance program by asking (a) Is the program well designed? (b) Is it applied in good faith? and (c) Does it work?
  • Hallmarks of an Effective Compliance Program (pages 57-62)
    • Commitment from senior management and a clearly articulated policy against corruption
    • Code of conduct and compliance policies
    • Oversight, autonomy and resources
    • Risk assessment
    • Training and continuing advice
    • Incentives and disciplinary measures
    • Third-party due diligence and payments
    • Confidential Reporting and Internal Investigations
    • Continuous Improvement


For violations of the anti-bribery provisions, the FCPA provides that corporations and business entities are subject to a fine up to $2 million. Individuals are subject to a fine of up to $100,000 and imprisonment up to 5 years. (page 68)

For violations of the accounting provisions, the FCPA provides that corporations are subject to a fine of up to $25 million. Individuals are subject to a fine of up to $5 million and imprisonment up to 20 years. (page 68)

Corporations, business entities, and individuals may also be subject to a civil penalties of up to $16,000 per violation pursued by DOJ, and civil penalties up to $500,000 or the gain obtained as a result of the violation if pursued by SEC. (page 69)

RESOLUTIONS (pages 74-79)

DOJ enforcement actions can be resolved by plea agreements; deferred prosecution agreements; non-prosecution agreements; and declinations. (pages 74-75)

SEC enforcement actions can be resolved by injunctive actions and remedies; administrative actions and remedies; deferred prosecution agreements; non-prosecution agreements; and termination letters and declinations. (pages 76-77)

While DOJ and SEC generally do not publicize declinations, the Guide provides six examples of recent declination decisions. (pages 77-79)


Companies need to be aware that both the Sarbanes-Oxley Act of 2002 and the Dodd-Frank Act of 2010 contain provisions that incentivize and protect whistleblowers who report possible securities law violations.


DOJ continues to encourage companies to use the DOJ opinion procedure to determine whether proposed conduct would be prosecuted by DOJ under the FCPA.

Companies should note that DOJ FCPA opinions relate only to the anti-bribery provisions.

[1] Compare Ministry of Justice, The Bribery Act 2010: Guidance about procedures which relevant commercial organizations can put into place to prevent persons associated with them from bribing, 27, available here (discussing the broad scope of business relationships covered by the Act and the need to conduct due diligence proportionate to the risk created by each relationship).

[2] Compare 2010 UK Bribery Act, available here (providing "adequate procedures" defense to strict liability for failure by a commercial organization to prevent bribery).

[3] See H. Lowell Brown, "Extraterritorial Jurisdiction Under the 1998 Amendments to the Foreign Corrupt Practices Act: Does the Government's Reach Now Exceed its Grasp," 26, N.C. J. Int'l L. & Com. Reg. 239, 328-38 (2001).