articles

February 15, 2013

Designing And Implementing An Effective FCPA And UKBA Compliance Program


- Paras Kumar Jain, Company Secretary [ Nuziveedu Seeds Limited ]

FCPA And UKBA

As India Inc goes global, compliance with anti bribery legislations of the developed countries, in particular of the United States of America (the “US”) and the United Kingdom (the “UK”) may become essential. An attempt has been made in this article to describe how an effective compliance program can be designed and implemented for ensuring adherence to the US and the UK anti bribery laws.

Background to the FCPA and the UKBA:


Foreign Corrupt Practices Act, 1977 ( the “FCPA”) was enacted by the US Congress in response to a maelstrom of outrage following the report by the Watergate Special Prosecutor that US corporations were bribing government officials in foreign lands.

Following the pressure mounted by the Organisation for Economic Cooperation and Development and the US to act tough against the bribery, the UK Parliament passed the Bribery Act 2010 (the “UKBA”) and brought the same into force from 1st July 2011.

The FCPA and the UKBA – in brief:


The FCPA prohibits direct or indirect bribing of foreign public officials, political parties or politicians, for the purpose of obtaining or retaining business or securing improper advantage. It also mandates that companies registered with securities exchange commission to maintain accurate books and records of all transactions and an effective internal control system. It applies broadly to the US companies and their foreign subsidiaries, individuals, companies that have issued securities registered in the US, directors, employees and agents of the US businesses, and foreign nationals and businesses that cause prohibited acts in the US.

The UKBA prohibits bribery of both government and private officials, whether in the UK or at any place in the world by a person having ‘close connection’ [defined under section 12] with the UK. Close connection is very widely defined term under the UKBA and includes individual holding UK citizenship or nationality or a body incorporated in the UK.

A criminal offence will be committed under the UKBA if an employee or ‘associated person’ [defined under section 8] acting for, or on behalf of, ‘relevant commercial organisation’ [defined under section 7] offers, promises, gives, requests, receives or agrees to receive a bribe; and if such relevant commercial organisation does not have the defense that it has adequate procedures in place to prevent bribery by its employees or associated persons.

Distinction between the FCPA and the UKBA:


While both the FCPA and the UKBA deal with anti bribery provisions, following are key differences:

Particulars FCPA UKBA

Type of Bribery

Applies only to bribery of foreign official.

Prohibits bribe to ‘any person’. Thus, a bribe to a private individual or corporate is also covered.

Active and Passive Bribery

It is an offence to give bribe. But it is not an offence to receive bribe.

Covers both receiving a bribe and giving a bribe, i.e., not only is the act of offering, promising or giving a bribe criminal, the passive acceptance of a bribe.

Mens rea

It must be proved that person offering the bribe did so with a “dishonest or corrupt” intent.

No requirement to prove dishonest or corrupt intent in case of bribes to foreign public officials. The company is strict liable for failure to prevent acts of bribery.

Facilitation Payment

Allows facilitation payments under limited circumstances provided such payments are properly reported in the company’s financial records.

Facilitation payments are illegal.

Promotional expenses

Allows promotional expenses if it can be demonstrated that they were a reasonable and bona fide expenditure.

No such provision. However Ministry of Justice (“MoJ”) has provided some comfort on this aspect in its guidance by stating that hospitality may be legitimate provided it is reasonable and proportionate for the organisations’ business.

Defense

Existence of compliance program is not a defense; however it would be an essential factor for considering prosecution and the terms of settlement.

While relevant commercial organisation is accountable for failing to prevent bribery, it is a statutory defense if it is proved that the relevant commercial organisation had in place “adequate procedures” designed to prevent bribery.

Liability of senior officers

Senior officers (officer, director, supervisor, manager, or another person having “control” over the conduct) may be held liable for offence in their capacity as a ‘control person’.

Senior officers (director, manager, secretary or other similar officer of a body corporate) may not liable if such offence is committed without their consent or connivance.

Penalties

Individual:
Bribery. Imprisonment upto 5 years and fine up to US$ 2,50,000 per violation. Penalties may be levied under other laws as well.

Accounting Offence. Imprisonment upto 20 years and fine up to US$50,00,000 per violation. Penalties may be levied under other legislations as well.

Corporate:
Bribery. Fine up to US$ 20,00,000. Penalties may be levied under other laws as well. Accounting Offence. US$ 250,00,000 or twice the benefit sought. Penalties may be levied under other laws as well.

Individual: Imprisonment upto 10 years and unlimited fines. Penalties may be levied under other laws as well.

Corporate: Unlimited fines. Penalties may be levied under other laws as well.

 

Relevance of the FCPA and the UKBA to an Indian Company:

a) Under the following circumstances, an Indian company ( including its directors, employees or agents) is required to comply with the FCPA and the UKBA :

FCPA UKBA

1) has principal place of business is US; or

1) it carries on a business or any part of a business in the UK;or

2) is listed on the US stock exchange(s); or

2) is listed on the UK stock exchange(s); or

3) is required to file periodic reports with the US Securities and Exchange commission (the “SEC”); or

3) is a branch or subsidiary or a joint venture of the UK entity.

4) is a branch or subsidiary or a joint venture of the US entity.

b) An Indian company positioning itself to act as an agent, representative, distributor, reseller, consultant, contractor, sub contractor or as any other service provider; or for merger, joint venture, acquisition; or foreign investment from a organisation, subject to the FCPA and the UKBA (the “covered persons”),need to ensure that it complies with the FCPA and the UKBA provisions, because the covered persons:

    1. may conduct adequate and proportionate due diligence to ascertain past and present compliance with anti bribery laws;
    2. may insist on representation, warranties and indemnities in the contracts on past, present and future compliance with anti bribery laws;
    3. may insist on right to terminate the contract or mandatory ‘put option’ on the Indian company to exit in the event of violations of anti bribery laws.

c) FCPA cases relating to Indian Companies.

    1. SEC vs. Oracle Corporationi : The SEC charged Oracle Corporation (“Oracle”) with violation of the FCPA for failing to prevent its Indian subsidiary from secretly setting aside money off the company's books that was eventually used to make unauthorized payments to phony vendors in India. Oracle without admitting or denying the SEC's allegations paid US$ 20,00,000 to settle the SEC's charges.
    2. SEC v. Westinghouse Air Brake Technologies Corporationii : The SEC charged Westinghouse Air Brake Technologies Corporation (“WATC”) with violation of the FCPA for improper payments that WATC's Indian subsidiary, Pioneer Friction Limited (“Pioneer”), made to employees of the government of India in order to obtain or retain business from the Indian railway.WATC without admitting or denying the SEC's allegations paid approximately US$288,000 to settle the SEC's charges. Similarly, in a related matter, under non prosecution agreementiii with Department of Justice, US (the “DoJ”), WATC paid US$3,00,000 penalty.
    3. SEC vs. Chandramowli Srinivasaniv : The SEC charged Mr. Chandramowli Srinivasan (“Mr. Chandramouli”), the former president of A.T. Kearney India Limited (“ATK”) for his role in improper payment. Mr. Chandramowli without admitting or denying the SEC's allegations paid US$70,000 to settle the SEC's charges. In related administrative proceeding under file no. 3-12825 dated 25th September, 2007v, Electronic Data Systems Corporation, holding company for ATK without admitting or denying the SEC's allegations paid US$ 4,90,902 to settle the SEC's charges.
    4. SEC v. The Dow Chemical Covi : The SEC charged Dow Chemical Company (“Dow”) with violation of the FCPA for improper payments by its Indian subsidiary to a government official to speed up registration of its product. Dow without admitting or denying the SEC's allegations paid US$3,25,000 to settle the SEC's charges.

Designing and implementing the FCPA and the UKBA Compliance framework:


Importance of designing and maintaining a strong compliance program for the FCPA and the UKBA stems from the fact that:

a) it provides assurance to the stakeholders that the company operates ethically and transparently;
b) under the FCPA, in case of violation, it may help in avoiding prosecution or reducing the penalty; and
c) under the UKBA, it acts as full defense against liability if it is established that proper and adequate procedures were in place to prevent bribery.

The DoJ in various cases settled under the FCPA has prescribed best practices for the FCPA compliance program. The MOJ in accordance with section 9 of the UKBA, on 30th March 2011, published ‘adequate procedures’ guidance that relevant commercial organisations can put in place to prevent their ‘associated persons’ from committing bribery.

Combined analysis of the compliance programs prescribed under various deferred prosecution agreements and non prosecution agreements under the FCPA by the DoJ and the guidance of the MoJ on the ‘adequate procedures’ under the UKBA, reveal that there are several important components to an effective FCPA and the UKBA compliance program (compliance program”). Following are the practical tips for the company to consider while designing and implementing compliance program:

    1. Top level commitment: The tone at the top is fundamental to organisation’s culture and is foundation for building blocks of compliance program. Like any other important initiative, it is impossible to effectively implement compliance program without support of the higher echelons. The Board and the senior management should be educated about the anti bribery laws and the vigor of the enforcement agencies. Additionally, it is vital for success of compliance program to seek participation and backing from organisation’s various business leaders and stakeholders. The buy in for compliance program would only come when the importance of compliance and the value it brings to the organisation is clearly articulated to all concerned. Compliance program with top level commitment would essentially have :
        • adequate financial and other resources;
        • a senior management member overseeing the development and roll out of compliance program; and ensures that it evolves and functions the way it is designed to work;
        • a "zero tolerance anti bribery policy" in every facet of the organisation's operation; and
        • explicit message of the consequences that all concerned will suffer in the event they violate the anti bribery policy.
    2. Risk Assessment: It is only upon identification of the risks, efforts and resources can be directed for developing a program for mitigating them. Therefore, it is essential to begin the process with the risk assessment. The risk assessment exercise interalia involves review of social and political environment of the geography, business activities, business processes, local business practices and customs, relationships with partners, suppliers, agents, consultants, intermediaries, government bodies and own employees, spot bribery risks inherent in those activities, and try to estimate the probability of the incidence of the risks and its impact on the business.

      The risk assessment procedures should be designed keeping in view the nature and size of the organisation, its activities, customers and countries of operation. The risk assessment can be done using various methodologies and tools including reviewing audit reports, customer complaints, employee interviews, surveys, review of targeted accounting records.

      Having identified the relevant areas of risk, the next task is to establish relevant and proportionate policies, procedures and controls that address the likely areas of bribery.
    3. Proportionate policies and controls: The company should establish strong policies and controls to prevent and detect violation of applicable anti corruption laws and the organisation’s code of conduct. While the type of policies and procedures may defer from organisation to organisation depending on the nature and size of the business, and the countries of operation, but they all need to be simple and complete. Effective policy is one which explains, what constitutes an improper payment, dos and don’ts, and what to do if improper payment is requested. It is imperative that the policies and procedures shouldn’t not be just on paper, but should also be implemented in a manner that promotes “ethical conduct” and allegiance to compliance with applicable anti bribery laws. Following policies and controls are relevant for effective implementation of compliance program:

      (i) Code of Conduct: Code of conduct is an important element of compliance program as it gives broad guidelines for expected ethical behavior from all concerned. Code of conduct should detail required standards of behaviour from directors, employees, third parties viz., agents, representatives, distributors, resellers, consultants, contractors, sub contractors or any other service provider (“business associate”). Following are best practices in drafting and implementing an effective code of conduct:

    • code of conduct should act as a guide to apposite conduct by detailing what is expected from the employees and business associate in their dealings with the company and outside of the company;
    • ensure that all concerned understand their responsibilities under the code of conduct;
    • consider conduct in relation to the code of conduct when evaluating employees or business relationships;
    • roll out annual questionnaire on code of conduct to be filed by all the concerned;
    • all concerned to annually affirm compliance with code of conduct; and
    • always act to stop violations of the code of conduct.

(ii) Anti Bribery Policy: Zero tolerance towards bribery, consequences in case of breach, and the company’s aim to maintain anti bribery compliance as business as usual rather than as a one-off exercise should be made clear through this policy. Following are best practices in drafting and implementing an effective anti bribery policy:

    • the policy should be commensurate with the company’s size, industry, culture and the level of risk the company faces;
    • the policy should describe the company’s position on anti bribery, outline the process for identifying, reporting and dealing with suspected anti bribery cases;
    • ensure that the applicability and procedures are clear and employees and business associate are aware of their responsibilities in terms of managing the risks associated with potential bribery;
    • provide real life examples for acceptable and unacceptable practices and how to deal appropriately; and
    • all concerned to annually affirm compliance with code of conduct; and
    • specify names of the individual(s) who are charged with the responsibility of enforcing and monitoring compliance of the policy and who can be contacted in the case any guidance or clarification is required.

(iii) Facilitation Payment Policy: It should be made clear through this policy, that none should, on behalf of the company, offer, pay, and promise or provide gifts or anything of value to a government official in exchange for a business advantage. Following are best practices in drafting and implementing an effective facilitation payment policy:

    • don’t allow payment to be made, except when faced with a imminent threat of, or fear of,violence or loss of liberty to the health, safety or welfare of an employee, family member or co-worker; and
    • where payment is determined to be unavoidable and payment is made, this should be completely and timely recorded for in books and records.

(iv) Gift & Entertainment Policy: It should be made clear through this policy, that no gift or entertainment should be given or received if doing so will improperly influence a decision or create a sense of obligation or if there is a risk it could be perceived as doing so. Also limit on receipt or giving of genuine gift & entertainment and the procedure for reporting the same shall be established. Following are best practices in drafting and implementing an effective gift & entertainment policy:

    • gift or entertainment should be in line with customary regional practices, business policies, applicable laws and regulations;
    • gift or entertainment should be reasonable and appropriate for the event;
    • the expense shouldn’t impose sense of obligation on the recipient;
    • don’t allow offer or acceptance of gift or entertainment during the periods when important decisions are to be made by them which will affect the company;
    • cash shouldn’t be provided as gift;
    • identify and exclude deminimis items (pen, coffee mugs or other marketing items with the company’s logo) from the purview of the policy;
    • gift or entertainment shouldn’t be lavish ;
    • gift or entertainment should be transparent and should be given in a manner that avoids intent and appearance of impropriety;
    • gifts offered should be recorded in a separate register; and
    • the expense shouldn’t exceed the reasonable fixed value and must be completely and timely accounted for in books and records.

(v) Travel Policy: It should be made clear through this policy, that the company will not pay or reimburse third party travel expenses, such as airfare, lodging, boarding and other incidentals, unless such expenses relate to (i) promotion, demonstration, or explanation of the company’s products or services, or (ii) execution or performance of a contract, and provided such costs are modest and in accordance with the third party’s own travel regulations and restrictions. Following are best practices in drafting and implementing an effective travel policy :

    • should comply with the stricter of any local laws or the company policies;
    • the expense should be openly incurred;
    • the expense shouldn’t impose sense of obligation on the recipient;
    • don’t select or recommend particular official for travel;
    • no side trip shall be allowed;
    • avoid cash payments to officials to cover travel and travel-related expenses;
    • don’t pay for or reimburse travel expenses incurred on designated official’s family members or friends;
    • preferably pay directly to the third-party service provider or reimburse against valid third party receipts;
    • pay incidental and local transportation only when such expense is associated with the official's participation in the relevant activities; and
    • the expense is completely and timely accounted for in books and records.

(vi) Political, Charitable contributions and sponsorship Policy: Through this policy, guidance should be provided on political, charitable donations and sponsorship, including a clear prohibition of the sponsorship or payment of donations to political parties or charities that are directly linked to obtaining new business or gaining a business advantage. Following are best practices in drafting and implementing an effective political, charitable contributions and sponsorship policy:

    • the expense should comply with the stricter of any local laws or the company policies;
    • the expense shouldn’t impose sense of obligation on the recipient;
    • the expense should not be incurred if it is intended to influence official action or secure an improper advantage;
    • payment to private account or in cash shouldn’t be permitted;
    • should be incurred and given in a manner that avoids intent and appearance of impropriety;
    • obtain receipt or acknowledgement for the payment; and
    • the expense is completely and timely accounted for in books and records.

(vii) Petty Cash Policy Following are best practices in drafting and implementing an effective petty cash policy. Petty cash should not be allowed for :

    • any gifts, entertainment, travel, political or charitable donations, or other expenses benefitting, or at the request of, a government official;
    • payments to, or on behalf of, a government official;
    • payments connected to seeking clearance from government departments;
    • payment to business associates; and
    • other items generally reimbursed through a designated reporting process.

(viii) Whistle Blower Policy Following are best practices in drafting and implementing an effective whistle blower policy:

    • clearly explain the legal position and the rights available to the whistle blower;
    • specify reporting mechanism (designated individuals, hotlines, websites, or suggestion boxes) for making disclosure;
    • explain how the disclosure will be investigated;
    • make clear that disciplinary action or appropriate proceedings will be launched against those who retaliate against whistleblowers;
    • encourages culture where all concerned can raise concerns or draw attention to the breaches of the anti bribery policy;
    • management should demonstrate its commitment that it takes seriously any concerns raised in good faith and deal with them appropriately;
    • inform progress of the disclosure to the whistle blower; and
    • review effectiveness of the policy and procedures on a regular basis.

(ix) HR Process Thorough and effective system for pre-employment verification should be introduced and regular training and awareness programs should be conducted to ensure the company’s values and policies are understood and put into practice at all levels.

(x) Due Diligence To help employees identify warning signs of potential bribery practices and minimise the risk of potential liability for the actions of business associate, the company should adopt comprehensive anti bribery due diligence procedures to screen and monitor such business associate business associate prior to engaging them. Some of the steps that may be taken while engaging business associate are :

    1. Online Check: Check online using search engines to find out allegations of bribery against the proposed business associate.
    2. Reference Check: obtain and verify three references from reputable organisations, and check with industry association or local chambers of commerce.
    3. Contracts: The contract with the business associate should include, among other things, the following provisions:

    • the business associate ’s obligation to strictly comply with the applicable anti bribery laws and strict adherence to the company’s policies;
    • the business associate ’s obligation to maintain separate books and records;
    • the company’s right to audit the business associate’s books and records, including documents pertaining to the business associate’s interaction with government officials on behalf of the company;
    • the business associate shall not assign or sub-contract work under the contract without the prior approval of the company;
    • the business associate shall indemnify the company for any losses that result from the breach of any of the business associate’s representations;
    • payments shall always be by check or wire transfer; and
    • the company’s right to forthwith and unilaterally terminate the contract, without penalty or claim for damages, in the event there is credible evidence or reasonable belief that business associate has or may have violated applicable anti bribery laws or the company’s anti bribery policy.

M&A due diligence: The company may be held liable for past anti bribery violations of the target and there could be potential risk from target’s conduct that continues post-closing. Accordingly, the company must review, as part of its M&A due diligence exercise, target’s compliance with anti bribery laws and potential exposure stemming from its past activities. The due diligence process should also address whether the target has any weaknesses in accounting, record keeping requirements and internal controls systems. Specific attention should be paid to the following:


    • whether the target has ever been accused of violating anti-bribery laws;
    • what percentage of target’s business is derived from government contracts;
    • the involvement of government officials in the target’s business (either as owners, directors or employees);
    • the types and identities of agents and consultants engaged by the target and their compensation arrangements; and
    • the condition of the target’s internal controls and books and records.

Warning signals: Employees should be trained to be alert for suspicious circumstances. Examples of common warning signs are:


    • the country where the transaction is taking place has a history of bribery;
    • the business associate was recommended by a government official;
    • the business associate has family or business ties to the relevant government officials;
    • the business associate refuses to agree to abide by the anti bribery policy of the company or refuses to agree to or sign required representations, warranties, or certifications;
    • the business associate provides incomplete or incorrect information in required disclosures or refuses to submit the required information;
    • the business associate makes unusual requests, such as to backdate invoices;
    • the business associate requests that payment be made in cash or that checks be made out to "bearer" or "cash," or seeks payment by some other unusual means, such as payment be made to a third party or in some other country than where services are being provided;
    • the business associate doesn’t want to appear with the company official before officials or staff of governmental agencies, embassies or multilateral organisations;
    • the business associate requests reimbursement of vaguely described or questionable expenses;
    • the business associate makes unusually large or frequent political contributions;
    • the business associate appears to lack the adequate resources to perform the services contemplated by the contract or cannot provide references or cannot document its claimed experience; and
    • bribery concerns have been raised in the past about similar transactions.

(xi) Accounting and internal control: Following are best practices in maintaining accounting records and internal controls:

    • maintain detailed and accurate books and records that reflect the transactions in reasonable detail. Documentation must not only record financial facts related to any transaction, but must also include relevant information alerting the assessor to illegality, if any; and
    • maintain system of internal controls commensurate with the size of the organisation and adequate to provide reasonable assurances that, among other things, transactions have been conducted in accordance with management’s specific sanction and accounted in accordance with generally accepted accounting principles.

Communication and Training: Communication and training help people realise what is expected of them and make them accountable. End result, everyone understands their roles and responsibilities. Thus, effective communication and training throughout the organisation is pivotal to implementation of compliance program. Following are best practices for effective communication and training:

    • training shall be part of the directors and employee’s induction process and there should be regular training updates on how to implement and adhere to the policy;
    • training where necessary and appropriate, business associates and prohibition on bribery must be communicated to all business associate at the outset of the company’s business relationship with them, and as appropriate during the course of their work for the company;
    • training may be given through e-learning tools, face-to-face sessions and team briefings on various aspects of compliance program, depending on their role;
    • communication and training materials should be developed in relevant languages to create awareness of current issues, familiarize all concerned with business conduct expectations, and promote understanding of the company’s business values and philosophy;
    • introduce “train the trainers” concept by training identified champions who would in turn train and carry anti bribery message within the company;
    • create dedicated intranet page which provides information related to the company’s compliance program, including anti-bribery policy with supporting guidance. The company’s Code of Conduct should be made available in the local languages of relevant markets;
    • conduct face to face workshops to enable employees working in high risk areas (such as government relations, procurement and business development) have a realistic understanding of the important issues. These workshops should use real life situations to challenge participants to think about proper courses of action based on the company’s policies;
    • letters, posters, articles, newsletters, social media posts, and games may be used as communication mediums;
    • maintaining records setting out what training was completed and when; and
    • seek declarations from all concerned certifying compliance with the training requirements.

Monitor, Audit and evaluate: It is only periodic monitoring and evaluation exercise that would tell whether or not compliance program is on track and whether or not it achieved it objectives. Procedural and substantial compliance should be monitored and audited at regular intervals to identify potential violation, to uncover new risks which have to be addressed and to assess effectiveness and performance in various ways. Frequency and depth of the monitoring and evaluation should be proportionate to the risk associated with the relationship. Following are best practices in monitoring and evaluating effectiveness of compliance program:

    • development of annual anti bribery compliance audit plan with particular focus on;
        • compliance of policy for engaging business associate;
        • payments to business associate;
        • review of our compliance program;
        • assurance that contracts with business associate have necessary safeguards to protect the company from potential violations of the anti bribery laws;
        • the internal reporting system, follow-up activities, and related investigations;
        • review of the company’s books and records pertaining to gift & entertainment, travel and travel related expenditures on behalf of government officials; and
        • review of any charitable contribution or sponsorship or any other corporate social responsibility activities; and
        • submission of compliance reports to the audit committee and the board of directors;

    • designate senior level officer with authority to report matters directly to board of directors or any appropriate committee of the board, to monitor effectiveness of, and ensure there is a review of the implementation of policy, regularly considering its suitability, adequacy and effectiveness. shall have the
    • establish hotline and additional means of communication for reporting and resolution of questions and issues;
    • usage of data analytical tools to identify risk indicators; and
    • monitor and review the records of personnel working in high risk areas.

 

Conclusion:


Both the FCPA and the UKBA contain wide range of anti bribery provisions and empower the regulating agencies to enforce civil and criminal provisions.The expansive and extraterritorial jurisdiction reach of these two statutes encompasses many companies’ global operations and sharpens the focus on issues of bribery. For organisations committed to conducting business ethically and lawfully, a robust compliance program acts as a tool, for doing business -the right way.

Footnote:

References:
i http://www.sec.gov/news/press/2012/2012-158.htm
ii http://www.sec.gov/litigation/litreleases/2008/lr20457.htm
iii http://www.justice.gov/opa/pr/2008/February/08_crm_116.html
iv http://www.sec.gov/litigation/litreleases/2007/lr20296.htm
v http://www.sec.gov/litigation/admin/2007/34-56519.pdf
vi http://www.sec.gov/litigation/litreleases/2007/lr20000.htm

 

Disclaimer – The views expressed herein are personal views of the author and not those of the employer of the author. This article is for general information only and does not purport to render legal advice. The author expressly disclaims all liability of any kind or nature with respect to any act or omission based wholly or in part in reliance on anything contained in this article.



Related Post

follow us

Publication & Enquiries

phone icon  +91 8879635570/8879635571

mail icon   editor@legalera.in