Wal-Mart faces scandal over alleged bribery in Mexican unitPosted On: Apr. 29, 2012 12:00 AM CST
Multinational organizations operating in countries where bribing officials can be a condition of doing business face heightened enforcement of anti-corruption laws by U.S. agencies, but strong compliance and training programs can go some way toward mitigating the risks.
Establishing protocols for internal investigations, rewording contracts to require compliance with the U.S. Foreign Corrupt Practices Act by third-party vendors and regular audits can help, but there is no fail-safe plan that will stop some employees from violating the FCPA, experts say.
And if the safeguards fail, the consequences can be serious.
Faced with corruption and bribery allegations at its Mexican unit, Wal-Mart Stores Inc. was hit with a shareholder lawsuit as shares fell 4.7% last week. In addition, the Bentonville, Ark.-based retailing giant may face fines under the FCPA.
The FCPA, a federal law with criminal and civil penalties jointly enforced by the Department of Justice and the Securities and Exchange Commission, punishes foreign bribery, inaccurate financial records and inadequate controls.
“There's nothing a company can do to ensure 100% compliance,” said Mike Koehler, assistant professor of business law at Butler University's College of Business in Indianapolis.
“A company can face legal exposure literally based upon the actions of one of its employees, notwithstanding the fact that the company may have pre-existing FCPA compliance policies and procedures in place,” he said.
A major concern for companies is the reliance on third-party contractors, agents or any other independent employee acting on behalf of the organization in a foreign country, said Greg Husisian, Washington-based of counsel at Foley & Lardner L.L.P.
“Those people are risk points, especially if they're dealing with state-owned entities or with foreign officials,” Mr. Husisian said. “You could be very well-intentioned going into this, trying to do the right thing, and you're being undermined by your agent,” he said.
Nearly half of the enforcement actions come from allegations stemming from third-party intermediaries that expose U.S. companies to FCPA violations, Mr. Husisian said.
Since 2008, FCPA enforcement trends show that the size of the penalties is increasing, and many of the largest settlements occurred in 2010 and 2011, experts say.
According to a Marsh Inc. report, the Department of Justice in 2010 imposed a record $1.2 billion in criminal fines for FCPA-related cases, and the SEC received about $530 million in disgorgement, civil penalties and pre-judgment interest. The combined recovery is more than twice the $890 million recovered in 2008, Marsh said.
Enforcement trends show high-risk geographies and industries for FCPA activity, which include oil and gas, mining, infrastructure, telecommunications and technology industries in countries such as China, Indonesia, Iraq, Nigeria and Mexico, experts say.
“All this is intended to have a deterring effect so that companies don't say, "This is just the way you have to do business in these countries,' “ Mr. Husisian said.
In the case of Wal-Mart, which is under investigation over allegations that Wal-Mart de Mexico paid $24 million in bribes to foreign officials, potential settlements with U.S. authorities reportedly involve several hundreds of millions, or even billions, of dollars of penalties. Wal-Mart did not return calls seeking comment.
With the increased FCPA enforcement, companies' compliance with the regulation is a top priority for senior-level executives, who are concerned with other implications of FCPA violations such as loss of business and reputational harm, said Joe C. Underwood, principal at Albert Risk Management Consultants Inc. in Needham, Mass.
“It's not just the penalties,” he said. “They could lose very lucrative contracts if they were found in violation of the FCPA. They can have reputational injury. There could be stock value drops. These are difficult to measure, but they are substantial.”
Machua Millett, Boston-based senior vp in Marsh's FINPRO practice, said most multinational companies seek to comply with FCPA regulations with robust compliance and legal departments.
“But there comes a point at which it becomes impossible to control every single employee and every single third-party agent that you interact with and hire,” he said.
“In response to that more aggressive focus on this issue, companies are doing everything they can to ensure that they're in compliance with the law,” said Bryan Quigley, Washington-based senior vp and spokesman for the U.S. Chamber of Commerce's Institute for Legal Reform.
Mr. Quigley said companies are pushing for clarity and guidance in terms of how authorities are pursuing FCPA issues.
While experts note that changes to the FCPA are unlikely, the Chamber of Commerce has proposed guidelines for enforcement clarity to help organizations comply (see related story).
To mitigate FCPA violations, multinational companies should first institute reasonable internal controls and develop a formal compliance program, which would include training and obtaining written agreements if, for example, a foreign official is to receive payment that he or she will not have a role in awarding a contract, Mr. Underwood said.
“Because of the ambiguity regarding who constitutes a foreign official, I would err on the side of caution and make it a broad assessment,” he said.
Multinational companies also should utilize independent FCPA experts and advisers when building and structuring their compliance program, such as legal and financial consultants, and decide whether to launch an internal investigation and self-report to the Department of Justice in the event of a violation, said Marsh's Mr. Millett.
Organizations also need strong contractual provisions for third-party vendors and consultants to quickly cut someone off if an FCPA violation occurs, Mr. Husisian said. “The only way to combat that is to make sure you have the right agent, make sure the agent is trained and realizes the risk, and that you're checking up on the agent through audits,” he said.
Once contracts and compliance standards are in place, companies need to monitor, supervise and periodically audit those agents, Butler University's Mr. Koehler said, also noting that FCPA compliance should be applied holistically and not be the sole responsibility of the legal department.
An organization's finance, audit, logistic, risk management and human resource departments need to have “a pair of FCPA goggles,” Mr. Koehler said. “They don't need to be experts, but they need to know enough to spot issues.”