Audit, Compliance and Risk Blog

Foreign Corrupt Practices Act: Federal Dos and Don'ts

Posted by Jon Elliott on Tue, Nov 20, 2012

foreign corrupt practicesThe Foreign Corrupt Practices Act (FCPA) of 1977 prohibits U.S. companies from making bribes or other “corrupt payments” to foreign officials for the purpose of obtaining or retaining business. Concerns that this U.S. attempt to mediate its companies’ overseas activities might prove quixotic—and potentially disadvantaging—to American competitiveness have abated (although not disappeared) since the Organization for Economic Cooperation and Development (OECD) promulgated its “Convention on Combating Bribery of Foreign Public Officials in International Business Transactions.” As of November 2012 the OECD Convention has been ratified by all 34 OECD member countries, and five others as well.

Ambiguities in the Regulations

It’s now been 35 years since passage of the initial FCPA legislation. Nobody should find it surprising that responses to these mandates continue to vary across companies, countries, and market conditions. Commercial and cultural pressures do not always support fair markets or transparency. However, some readers may find it surprising that compliance efforts are often complicated by ambiguities in FCPA’s requirements and prohibitions. In order to avoid the risk that overly-precise directives will be impossible to meet, legislators and administrative agencies have instead promulgated generalized directives that can be hard to parse, and therefore hard to meet.

Just this month, the US Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) have issued a massive “Resource Guide,” which attempts to clarify important ambiguities and provide useful Dos and Don’ts. These guidelines provide a useful sidebar to recent high profile FCPA-related actions, including Siemens AG’s $1.6 billion settlements in 2008 for a global pattern of bribery and corruption, individual criminal fines in 2009 against two U.S.-based executives of Nature’s Sunshine Products for failing to supervise underlings in Brazil, and internal and agency investigations in 2012 of Wal-Mart’s activities in Mexico and a growing list of other countries.

What Does FCPA Do – And How?

FCPA addresses the problem of international corruption in two complementary ways:

Anti-bribery Provisions

These prohibit individuals and businesses (whether private or publicly listed) from making “corrupt payments” to foreign government officials in order to obtain or retain business – enforcement agencies translate this into a “business purpose test” for illegal activities. Bribes are the most obvious form but other gifts, travel, entertainment and even contributions to charities might be covered. The new Resource Guide provides examples of “business purposes” that include attempts to do any of the following:

  • Win a contract

  • Influence the procurement process

  • Circumvent rules for importation of products (including customs)

  • Gain access to non-public bid tender information

  • Evade taxes or penalties

  • Influence the adjudication of lawsuits or enforcement actions

  • Obtain exceptions to regulations

  • Avoid contract termination.

Accounting Provisions

These additional provisions apply only to public companies (“issuers”), which are required to take specified record keeping and internal control requirements administered by SEC. They also prohibit individuals and these companies from knowingly falsifying books and records (including off-the-books accounting and failure to report bribes, thus bringing anti-bribery provisions into SEC’s purview) or circumventing or failing to comply with required internal controls. The Resource Guide notes that corrupt payments have been mischaracterized on company books as:

  • Commissions or Royalties

  • Consulting Fees

  • Sales and Marketing Expenses

  • Scientific Incentives or Studies

  • Travel and Entertainment Expenses

  • Rebates or Discounts

  • After Sales Service Fees

  • Miscellaneous Expenses

  • Petty Cash Withdrawals

  • Free Goods

  • Intercompany Accounts

  • Supplier / Vendor Payments

  • Write-offs

  • “Customs Intervention” Payments.

Since each of these categories reflects legitimate business activities, robust internal controls and vigorous auditing are necessary to ensure compliance. Importantly, these requirements apply to all public company accounting, not just those associated with payments to foreign officials. Controls installed to meet FCPA requirements can also prevent (or at least detect) domestic bribery, embezzlement and other violations by, or against, the organization.

Who Can Be Liable?

FCPA provisions are directed most obviously at companies doing business overseas, and at public companies (“issuers”). However, they may also apply to:

  • Parent companies, subsidiaries and affiliates

  • Successor organizations (who therefore must consider FCPA during mergers and acquisitions)

  • Individuals who violate FCPA provisions

  • Individual directors, officers and supervisors responsible for the individuals and business units responsible for the violations

  • Auditors who fail in their responsibilities, or even aid and abet in violations.

Readers should note that FCPA liability does not extend to the foreign officials, but their participation may violate U.S. money laundering or fraud requirements, as well as laws in their own countries.

How Do the Agencies Make Prosecution Decisions?

According to the Resource Guide, DOJ and SEC apply their general prosecutorial calculations to potential FCPA violations. DOJ, for example, considers the following nine factors:

  • Nature and seriousness of the offense, including risk of harm to the public

  • Pervasiveness of wrongdoing within the organization, including complicity or condoning by management

  • Organization’s similar misconduct

  • Organization’s timely and voluntary disclosure of wrongdoing and willingness to cooperate in the investigation of its agents

  • Existence and effectiveness of a pre-existing compliance program

  • Organization’s remedial actions, including any efforts to implement or improve a compliance program, replace responsible management, discipline or terminate wrongdoers, pay restitution, and cooperate with the agencies

  • Collateral consequences, including whether there is disproportionate harm to shareholders, pension holders, employees, and others not proven personally culpable, as well as impact on the public arising from the prosecution

  • Adequacy of prosecution of individuals responsible for the corporation’s malfeasance

  • Adequacy of remedies such as civil or regulatory enforcement actions.

The following checklist can help you start to consider whether your organization’s activities pose potential chemical threat to your coworkers’ families.

Implementation Checklist

  • Does your organization have a formalized code of conduct? 

- Does it specify policies against bribery and other forms of corruption?
- Does it apply to all management and non-management employees, agents, commissioned sales personnel and other affiliated personnel?
- Is it administered by appropriate individuals and/or organizational units?
- Does it include appropriate and accessible internal reporting and whistleblowing provisions?

  • Does your organization have a formalized compliance program? 

- Does it commit the organization to compliance with specific laws, including FCRA if applicable?
- Does it apply to all management and non-management employees, agents, commissioned sales personnel and other affiliated personnel?
- Is it administered by appropriate individuals and/or organizational units?
- Does it include appropriate and accessible internal reporting and whistleblowing provisions?

  • Does your organization do business outside the United States? 

- Does it have specific policies and procedures to ensure against bribery and other corrupt behavior?
- Does it include appropriate and accessible internal reporting and whistleblowing provisions?

  • Does your organization have effective internal accounting and auditing controls?

- Does the organization comply with applicable accounting, auditing and reporting standards and requirements?
- If it is a public company, do these controls meet SEC requirements?
- If it is a public company, are auditors registered with the Public Company Accounting Oversight Board (PCAOB; which oversees auditors and is subject to SEC oversight)?

Where Can I Go For More Information?

Department of Justice’s FCPA website

SEC’s FCPA website

Organization for Economic Cooperation and Development’s Bribery and Corruption webpage

UN Convention Against Corruption webpage


About the Author

Jon F. ElliottJon Elliott is President of Touchstone Environmental and has been a major contributor to STP’s product range for over 25 years. He was involved in developing 16 existing products, including Directors' and Officers' LiabilitySecurities Law and The Complete Guide to Environmental Law.

Mr. Elliott has a diverse educational background. In addition to his Juris Doctor (University of California, Boalt Hall School of Law, 1981), he holds a Master of Public Policy (Goldman School of Public Policy [GSPP], UC Berkeley, 1980), and a Bachelor of Science in Mechanical Engineering (Princeton University, 1977).

Mr. Elliott is active in professional and community organizations. In addition, he is a past chairman of the Board of Directors of the GSPP Alumni Association, and past member of the Executive Committee of the State Bar of California's Environmental Law Section (including past chair of its Legislative Committee).

You may contact Mr. Elliott directly at:









Tags: Corporate Governance, Business & Legal, SEC, Employer Best Practices, International