Most private equity firms and their principals have probably heard of the Foreign Corrupt Practices Act or FCPA at some point, but just assumed that it could not possibly apply to them. It is a simple, but potentially costly mistake. In reality, private equity firms have become potential targets of enforcement action under the Act by the U.S. Department of Justice and the Securities and Exchange Commission.
The fact that a private equity firm and its principals do not know of, much less condone, a violation of the FCPA, the fact that the violations may have been committed by a portfolio company, not by the private equity firm itself, and the fact that the portfolio company may have committed the violation only before it was acquired by the private equity firm, do not necessarily insulate the private equity firm and its principals from potential liability. Moreover, other countries, most notably the United Kingdom, have also enacted statutes that can snare private equity firms in a web of significant potential liability. In short, with more portfolio companies “going global,” this is an area of risk and potential liability that private equity firm principals cannot afford to ignore. The good news is that there are concrete steps that private equity firms can take to significantly lower their risk profile.
Recent Aggressive Enforcement
It is only within the last several years that the long dormant FCPA has become aggressively enforced by both the DOJ and the SEC.
As part of such enforcement, the DOJ and SEC have targeted specific business sectors for heightened scrutiny, first focusing on the defense and pharmaceuticals industries. The DOJ and SEC target specific business sectors because information that the government obtains from one company in the business sector may be indicative of business practices common to the entire sector and can sometimes provide leads to uncovering violations by other companies. Commencing early this year, the DOJ and SEC began targeting the banking and finance industry, including private equity firms.
The basic thrust of the FCPA and other anti-corruption laws is to make it unlawful to provide a bribe which can be anything of value to a foreign official for the purpose of having the foreign official take action for the benefit of the company that he might not have taken, but for receipt of the bribe. Improper payments can take many forms such as gratuities and kickbacks, gifts and lavish entertainment, travel and lodging expenses, charitable or social contributions or special processing fees, false or inflated invoices, and underpricing for goods or services. It is irrelevant whether the foreign official is paid or unpaid or holds an official state post. The FCPA includes employees of government owned or controlled entities in the definition of foreign officials.
Under the FCPA, the only requirement for liability is the intent to bribe a foreign official. It is irrelevant whether or not the bribe is actually made. An example is the so-called Short Show Case involving last year’s arrest by FBI agents of 22 individuals who thought that they had bribed an official of the government of Gabon, but who was in fact an FBI agent. Even internally authorizing an unlawful payment alone can trigger liability.
Broad Jurisdictional Reach
Another reason why private equity firms and their principals must be on guard is that the jurisdictional reach of the FCPA and other international anti-corruption laws is very extensive. The FCPA covers U.S. citizens and companies wherever they are located and wherever the prohibited conduct occurred.
Under the legal theory of successor liability, a private equity firm can be liable for prior FCPA violations of a company that it acquires. Also, under the legal theory of respondent superior, a private equity firm can be held liable for violations of a company it controls, even if it is unaware of the violations. If a private equity firm principal sits on the portfolio company board, he will be even more directly in the line of fire.
For public companies, the FCPA also mandates detailed record keeping, with an expected system of internal controls and periodic monitoring and auditing. Failure to comply can trigger liability, even where there is not underlying improper activity.
The FCPA also covers foreign individuals and companies where some action or nexus related to the improper payment takes place in the U.S. For example, if the foreign company has American Depositary Receipts listed on a U.S. exchange or uses a U.S bank to wire funds, a court will find a sufficient basis for asserting jurisdiction for application of the Act.
Penalties under the FCPA are stiff. Bribery violations are subject to a fine of $2 million or restitution per each violation. Record keeping violations can result in criminal fines of up to $25 million per violation, or civil fines of $10,000 per violation. An offending company also runs the risk of being debarred from contracting with the U.S. government or having its export/import licenses revoked and, of course, there is always the possibility of follow-on civil class actions and derivative suits.
New UK Bribery Law
In the 1990’s, numerous new anti-corruption treaties were forged and laws enacted, including the U.N. Convention Against Corruption and the OECD Convention. Most recently, the United Kingdom adopted the U.K. Bribery Act of 2010, which comes into effect on July 1, 2011. The jurisdictional reach of the U.K. Bribery Act of 2010 is even broader than that of the FCPA. The Bribery Act covers any company which has a business presence in the United Kingdom (such as an office, agent, or representative) even if the prohibited act occurred in some other country and had nothing to do with the company’s business presence in the U.K. The Bribery Act also provides that a company is liable if the prohibited conduct was performed by an “associated person” (anyone who provides services on behalf of the company whether as an employee or third party) and even though the company did not authorize or know of such conduct.
The Bribery Act also includes many provisions which are stricter than the FCPA. For example, the FCPA includes an exemption for “facilitating payments.” A facilitating payment is a small payment made to a government official for the sole purpose of facilitating or expediting an official act to which the company making the payment is entitled and which the foreign official has no discretion to deny. The Bribery Act contains no such exemption. Moreover, the Bribery Act makes the bribe taker liable as well as the bribe maker whereas it is only the bribe maker who is liable under the FCPA, and also criminalizes private sector bribery as well as public sector bribery.
The Bribery Act also contains a provision that is somewhat of a two-edged sword. The Bribery Act makes, “failure to prevent bribery” a crime, the effect of which is to make the company strictly liable if bribery is committed by an employee or other associated person, even if the management of the company had no knowledge of the offense. However, the Bribery Act also provides that if at the time the offense was committed the company had “adequate procedures” in place to prevent bribery, the company will not be held liable for the acts of its employees or associated persons so long as management did not have knowledge of or condone such acts. What this means is that in order to insulate itself from unauthorized acts of bribery by its employees or other associated persons, a company must have an effective anti-corruption compliance program in place at the time the bribery occurs.
Due Diligence, Risk Assessment
So how does a private equity firm and its principals protect themselves from this relatively new and rapidly developing area of risk and potential liability? As a first step, it is necessary to evaluate the way that each portfolio company is presently doing business. Ideally, a private equity firm should do this as a matter of due diligence before investing in or acquiring a portfolio company.
A number of factors need to be considered such as the countries in which the company is doing business (high risk countries or low risk countries). With regard to the company’s interactions with foreign officials, are contacts made by company employees or third parties acting on behalf of the company (in which case what sort of due diligence has been conducted with regard to such third parties). It is also important to consider whether the companies’ products or services are marketed in high or low risk industrial sectors (high risk industries include defense, telecommunications and pharmaceuticals). Once the risk assessment has been made, a compliance program can be appropriately tailored to focus on the areas of greatest exposure.
Perhaps the most important aspect of developing a comprehensive and effective anti-corruption plan is setting the right “tone at the top.” Employees are perceptive in assessing which of a company’s policies are merely window dressing and which have senior management’s full support. Therefore, PE firms must establish clear and precise policies prohibiting bribery, and private equity firm principals must insist upon strict compliance.
The basic elements of such a compliance program typically would include the following:
• A clear, written, management supported anti-corruption policy;
• Effective communication of the policy;
• Appointment of a chief compliance officer;
• Regular training regarding anti-corruption compliance;
• Annual compliance certifications;
• Effective bribery reporting system (including an anonymous hotline);
• Extensive due diligence of agents, business partners and of any companies being acquired;
• Anti-corruption representations/warranties in relevant agreements; and
• Appropriate financial and accounting procedures.
Once the compliance program has been developed and implemented, it is also necessary to continually monitor the program and make changes as the risk profile of the private equity firm and its companies change. An effective program can dramatically reduce the hazards posed by the FCPA and other anti-corruption laws.
Dennis J. White is a business law partner in the Boston office of Verrill Dana LLP and Immediate Past Chairman of the global board of directors of The Association for Corporate Growth. He can be reached at email@example.com. William J. Shannon is a partner in the Boston and Portland offices of Verrill Dana LLP where he has a broad based international practice. He can be reached at firstname.lastname@example.org and his bio is at www.verrilldana.com/wshannon.