The following speech was given by Andrew Ceresney, Director of the Division of Enforcement at the U.S. Securities and Exchange Commission, at the 31st International Conference on the Foreign Corrupt Practices Act on November 19, 2014. A copy of the speech is also available here.
At the outset, let me give the requisite reminder that the views I express today are my own and do not necessarily represent the views of the Commission or its staff.
I am very excited to be here again this year to discuss the latest developments in the SEC’s FCPA enforcement. Pursuing such violations remains a critical part of our enforcement efforts, as international bribery has many nefarious impacts, including sapping investor confidence in the legitimacy of a company’s performance and undermining the accuracy of a company’s books and records.
Our specialized FCPA unit as well as other parts of the Enforcement Division continue to do remarkable work in this space, bringing significant and impactful cases often in partnership with the DOJ and FBI. Last fiscal year, for example, we obtained over $380 million in disgorgement and penalties in FCPA cases. In our case against Alcoa we obtained a $175 million settlement in connection with corrupt payments to Bahrani officials to maintain aluminum contracts. We worked with DOJ to secure a $108 million settlement against H-P arising from improper payments in several countries to obtain or retain lucrative public contracts. And we reached a $250 million global resolution against one of the largest oil and natural gas service companies for bribes and other misconduct in the Middle East and Africa, including improper sales to sanctioned countries.
Looking ahead, I anticipate another productive year of FCPA enforcement, as we have a robust pipeline of investigations across the globe. I thought I would spend my time this morning discussing some areas we will be focusing on in the coming year and beyond, and then, if we have time, I can take some questions.
Focus on Individuals
Let me start with cases against individuals. It is a hot topic of the day, in the face of some significant enforcement actions against entities alone, to ask the question of whether enforcement actions against entities are as impactful as actions against individuals, and whether actions against entities actually deter misconduct.
I always have said that actions against individuals have the largest deterrent impact. Individual accountability is a powerful deterrent because people pay attention and alter their conduct when they personally face potential punishment. And so in the FCPA arena as well as all other areas of our enforcement efforts, we are very focused on attempting to bring cases against individuals.
That is not to say that cases against companies are unimportant — in fact, I think FCPA enforcement is perhaps one of the best examples of how actions against entities can have a tremendous deterrent effect. Our actions against entities have had a tremendous impact in the last 10 years on FCPA compliance. Companies have increased their compliance spending and focus exponentially — the attendance at this conference is but one example of that. And these actions continue to provide significant deterrence and send important messages about areas that companies should be focused on. Every action we bring is scrutinized closely and dissected for information on areas of risk. That is a great dynamic and one we should continue to foster. But individual accountability is critical to FCPA enforcement — and imposing personal consequences on bad actors, including through bars and monetary sanctions, will continue to be a high priority for us.
Now it is important to recognize that FCPA cases against individuals can present some unique challenges for us and we simply are unable to bring cases against individuals in connection with a number of our cases. For example, in many cases we face significant investigative hurdles, including difficulties in gathering specific testimony and documents from overseas that will be admissible at trial. This is one area where we have been working closely with our counterparts in other jurisdictions, to access foreign witnesses, bank statements, and company records. These efforts have been more and more successful as we form strong partnerships with other countries to combat corruption.
When the conduct involves foreign nationals — as it often does — another challenge can be establishing personal jurisdiction over the bad actor. We have had some favorable decisions in this area, but it still remains a challenge in certain cases. Statute of limitations issues also complicate these cases.
Despite these various challenges, we continue to vigorously pursue cases against individuals. Just earlier this week, we brought a cease-and-desist proceeding charging two former sales employees of U.S.-based defense contractor, FLIR Systems, with FCPA violations. The Commission’s Order stated that, while working abroad, the employees engaged in a pattern of bribery of foreign government officials to obtain nearly $30 million in business. They purchased extravagant watches and sent officials on a world tour that included stops in Casablanca, Paris, Dubai and Beirut. They also falsified documents and circumvented internal controls to conceal their bribes from their employer once an investigation was started. These individuals settled to significant penalties.
These charges come on the heels of our actions in recent years against various executives of Siemens, Noble, and Magyar Telekom, and we expect more cases against individuals in the coming year.
Importance of FCPA Compliance Programs
Which brings me to the next area that I wanted to discuss today — the importance of comprehensive FCPA compliance programs. This is a message that I think has started to get through in the past 5 years. Nothing situates a company better to avoid FCPA issues than a robust FCPA compliance program.
The best companies have adopted strong programs that include compliance personnel, extensive policies and procedures, training, vendor reviews, due diligence on third-party agents, expense controls, escalation of red flags, and internal audits to review compliance. You can look to our Resource Guide on the FCPA that we jointly published with the DOJ, to see what some of the hallmarks of an effective compliance program are. I won’t mention them all because you should be familiar with many that relate to policies, procedures and training. But, I’ll highlight just a few others. Companies should perform risk assessments that take into account a host of factors listed in the guide and then place controls in these risk areas. Companies should have disciplinary measures in place to deter violations and compliance programs should be periodically tested and reviewed to ensure they are keeping pace with the business. Such programs, properly implemented, will also help companies avoid other problems at foreign subsidiaries, like self-dealing, embezzlement and financial fraud.
As part of our settlements, we have on occasion required the retention of a monitor to assist in administering such compliance programs. For those companies that have developed robust programs during the investigation, we have required self-reporting and certifications. But the overwhelming message that one has to take away from our actions is how important such programs are for ensuring compliance.
Of course, it is critical for such programs to be real programs. When I was in private practice, I saw companies that had great paper programs but did not implement them effectively. When the business would push back, they would remove requirements and make exceptions. The best companies would put the compliance program ahead of business interests and allow decisions to be made to ensure compliance with the law, no matter the business consequences. It is that sort of attitude that is the measure of whether such programs will be successful.
As I said, we have seen many companies improving and properly implementing their compliance programs, as the message from our cases over the years has penetrated the legal and compliance community. But there is still more work to be done, particularly for small-to-medium sized companies trying to enter foreign markets to grow their businesses. As those businesses seek to expand and globalize, their compliance functions must keep pace.
One cautionary tale in that respect is our Smith & Wesson case from earlier this year. The company settled to a cease-and-desist order, which noted that, when expanding into new overseas markets, the company’s international sales staff engaged in a pervasive effort to attract new business through gifts to foreign government officials. The Vice President for International Sales had almost complete authority to conduct the company’s international business. Meanwhile, the company had performed no anti-corruption risk assessment and virtually no due-diligence on its third-party agents. The company did not have in place a compliance program or other internal controls to guard against abuses. In resolving the matter, the company disgorged the profits from the conduct, plus interest, and paid nearly $2 million in civil penalties. The bottom line is that no responsible company should operate overseas without a comprehensive compliance program to guard against FCPA risk.
One other aspect of compliance programs is the benefit that companies will derive from having them if a problem should arise. I can tell you that the SEC staff will look well on companies that have robust programs and that the existence of such programs will pay dividends should an FCPA issue arise despite the existence of such programs.
Related to the issue of the existence of FCPA compliance programs, I wanted to focus for a moment on self-reporting and cooperation. The existence of FCPA compliance programs place the company in the best position to detect FCPA misconduct. But the question is what a company does once it learns of such misconduct. There has been a lot of discussion recently about the advisability of self-reporting FCPA misconduct to the SEC. Let me be clear about my views — I think any company that does the calculus will realize that self-reporting is always in the company’s best interest. Let me explain why.
Self-reporting from individuals and entities has long been an important part of our enforcement program. Self-reporting and cooperation allows us to detect and investigate misconduct more quickly than we otherwise could, as companies are often in a position to short circuit our investigations by quickly providing important factual information about misconduct resulting from their own internal investigations.
In addition to the benefits we get from cooperation, however, parties are positioned to also help themselves by aggressively policing their own conduct and reporting misconduct to us. We recognize that it is important to provide benefits for cooperation to incentivize companies to cooperate. And we have been focused on making sure that people understand there will be such benefits. We continue to find ways to enhance our cooperation program to encourage issuers, regulated entities, and individuals to promptly report suspected misconduct. The Division has a wide spectrum of tools to facilitate and reward meaningful cooperation, from reduced charges and penalties, to non-prosecution or deferred prosecution agreements in instances of outstanding cooperation.
Last year, for example, we announced our first-ever non-prosecution agreement in an FCPA matter with a company that promptly reported violations and provided real-time, extensive cooperation in our investigation.
More commonly, we have reflected the cooperation in reduced penalties. Companies that cooperate can receive smaller penalties than they otherwise would face, and in some cases of extraordinary cooperation, pay significantly less.
Two recent FCPA matters illustrate the considerable benefits that can flow from coming forward and cooperating. Last month, we charged Layne Christensen with FCPA violations involving improper payments to foreign officials in several African countries in order to obtain beneficial treatment and reduce its tax liability. In settling the matter for $5 million, we credited the company for self-reporting the misconduct and cooperating with our investigation. Among other things, the company provided real-time reports of its investigative findings, produced English language translations of documents, made foreign witnesses available, and shared summaries of witness interviews and forensic reports. The company also undertook an extensive remediation effort. Because of the company’s extensive remediation, cooperation and self-reporting steps, we agreed to accept a significantly lower penalty from the company than we otherwise might have sought in the matter. The penalty imposed was around 10 percent of the disgorgement amount, whereas penalties have typically been closer to 100 percent of the disgorgement amount.
Similarly, our joint SEC-DOJ FCPA settlement with Bio-Rad Laboratories earlier this month for $55 million reflected a substantial reduction in penalties due to the company’s considerable cooperation in our investigation. In addition to self-reporting potential violations, the company provided translations of numerous key documents, produced witnesses from foreign jurisdictions, and undertook extensive remedial actions. There, the DOJ imposed a criminal fine of only $14 million, which was equivalent to about 40 percent of the disgorgement amount. Again, a large reduction from the typical ratio.
The bottom line is that the benefits from cooperation are significant and tangible. When I was a defense lawyer, I would explain to clients that by the time you become aware of the misconduct, there are only two things that you can do to improve your plight — remediate the misconduct and cooperate in the investigation. That obviously remains my view today. And I will add this — if we find the violations on our own, and the company chose not to self-report, the consequences will surely be worse and the opportunity to earn significant credit for cooperation may well be lost.
This risk of suffering adverse consequences from a failure to self-report is particularly acute in light of the continued success and expansion of our whistleblower program. As you know, the Dodd-Frank Act authorized the SEC to create a whistleblower program to provide monetary awards to certain individuals who provide information about securities laws violations that leads to successful enforcement actions.
The program creates a powerful inducement for those aware of wrongdoing to break their silence and it has been very successful, even transformative, in its impact. Whistleblowers have alerted us to conduct that we would otherwise have been unaware of, allowed us to expedite our investigations, and provided us with a detailed roadmap for misconduct. The kind of evidence they provide us often cannot be obtained from other sources.
Recent multi-million-dollar whistleblower awards have only reinforced the powerful incentive for whistleblowers to come forward and report misconduct. In September, we awarded our largest-ever award — more than $30 million — to a whistleblower who provided key, original information that led to a successful enforcement action. This record award follows last year’s successful efforts, which included an award of nearly $15 million to a whistleblower whose information led to a substantial recovery of investor funds. Yesterday, we released our annual report on the whistleblower program and we received 3,620 tips last year — a record number. Given that we have received over 3,000 whistleblower tips in each of the last three years, you should expect to see more large monetary awards over the coming year.
In addition to the growing size of the awards, our program is expanding its geographical reach. Last fiscal year, we received whistleblower tips from all 50 states and 60 different countries. We also have been issuing significant awards to foreign whistleblowers — much as we have domestic ones. Four of our awards to date have gone to whistleblowers living in a foreign country, including our recent $30 million dollar award. Through such efforts we aim to make it clear that whistleblowers worldwide have much to gain by coming forward with tips about securities law violations.
Of course the value of the whistleblower program is not only in the assistance provided by the particular tips but also through the incentives it creates for companies. The SEC’s whistleblower program has changed the calculus for companies considering whether to disclose misconduct to us, knowing that a whistleblower is likely to come forward. Companies that choose not to self-report are thus taking a huge gamble because if we learn of the misconduct through other means, the result will be far worse.
Items of Value
Finally, I wanted to touch on the issue of the definition of the concept in the FCPA of “anything of value.” The statute precludes the payment or provision of “anything of value” to a foreign official in order to induce that official to take official action for the purpose of obtaining or retaining business. Obviously, money or property is an item of value. Gifts to foreign officials also easily qualify as items of value.
But we also have successfully brought FCPA cases where other, less traditional, items of value have been given in order to obtain or retain business. For example, in three separate actions, Stryker, Eli Lilly and Schering-Plough, we brought bribery charges against pharmaceutical or medical technology companies that made contributions to charities that were headed by or affiliated with foreign government officials to induce them to direct business to the companies.
We also have charged companies for providing items of value to family members of foreign officials. In Tyson Foods, for example, we charged the company for providing no-show jobs to the spouses of foreign officials who were responsible for certifying the company’s products for export. More recently, in Weatherford, we charged the company for a variety of bribes to foreign officials and their families, including paying for the honeymoon of an official’s daughter and a religious trip by an official and his family that was improperly recorded as a donation.
As these examples make clear, bribes come in many shapes and sizes. So it is critical that we carefully scrutinize a wide range of unfair benefits to foreign officials when assessing compliance with the FCPA — whether it is cash, gifts, travel, entertainment, or employment of the family and friends of foreign officials. We should and will continue to pursue a broad interpretation of the FCPA that precludes bribery in all forms.
Let me end by saying that the Enforcement Division will continue to look for opportunities to enhance our impact with respect to FCPA enforcement. We have made significant progress over the last 10 years but there is still much more we can do. We will continue our efforts to level the playing field for companies doing business abroad and hold corrupt actors accountable when they fail to play by the rules.