After years of waiting, companies doing business overseas got an early holiday gift from the Feds on November 14th — the long-awaited guidance on the FCPA. Unfortunately, the 120-page document entitled A Resource Guide to the U.S. Foreign Corrupt Practices Act (issued jointly by the DOJ and SEC) is much like that beautifully wrapped large gift one often finds under a Christmas tree: as the wrapping paper is torn and the box’s contents inspected, the excitement dwindles when the recipient realizes he got the same gift last year . . . and the year before.
Okay. Maybe the gift analogy doesn’t work for everybody, but for those of us who follow developments in this ever-burgeoning area of federal enforcement, there isn’t much in the FCPA Guidance that one can describe as “new.” This is especially true for life science companies (with which this blog is concerned) that were hoping for clearer guidance on the boundaries of what constitutes a “foreign official” and “instrumentality” of a foreign government. As the Guidance notes, “governments can be organized in very different ways. Many operate through state-owned and state-controlled agencies, particularly in such areas as . . . healthcare and life sciences . . . .” See Resource Guide at p. 20. Indeed, in dealing with foreign health care providers outside communist/socialist countries — where it can be safely assumed that all are foreign government officials — under the Guidance a U.S. life science company would need to consider the “non-exclusive” list of 11 factors taken from “approved final jury instructions” in FCPA cases to determine if the particular entity employing the healthcare provider (like a hospital) is an instrumentality of a foreign government. Id. Although the Guidance states that DOJ/SEC will continue to analyze an entity’s “ownership, control, status and function in determining whether the entity is an instrumentality of a foreign government,” “control” appears to be the key factor. For example, although the Guidance uses a 50% foreign government ownership stake as a basic litmus test for establishing that the entity is a government instrumentality, it quickly points out that less than 50% government ownership doesn’t preclude FCPA liability where the foreign government exercises significant operational control. It follows, therefore, that if a medical device company doesn’t have a clear understanding of the extent of the foreign government’s control at a foreign hospital, it can’t have a clear understanding on whether the hospital is an “instrumentality” of the government . . . and can’t have a clear understanding of whether the physician working for the hospital is a “foreign official” under the FCPA. In short, despite a lot of talk, lawyers will still be advising their clients that when in doubt, treat the good foreign doctor as an official working for an instrumentality of his government.
Of course, the lack of clarity regarding FCPA terms doesn’t mean that the Guidance isn’t a useful reference manual for private industry. In fact, it is quite useful in several areas. For example, the Guidance provides reassurance that reason will be applied to gifts and entertainment, strongly indicating that providing “cups of coffee, taxi fare or company promotional items of nominal value,” or even taking a foreign government official (traveling in the U.S. on legitimate business) to a baseball game or the theatre, are permissible under the FCPA . Id. at 15-18. Even more helpful, the Guidance in its Chapter on “Resolutions” (Chapter 7) provides concrete instruction through descriptions of six FCPA investigations that the Government declined to prosecute. The common elements underlying those declination decisions are that the companies all (1) initiated aggressive and thorough internal investigations upon learning of the violation; (2) addressed, strengthened and remediated compliance program weaknesses; and (3) quickly disclosed the violation to DOJ and/or SEC. Id., pp. 77-79. Although the Guidance offers no promises on the Government’s oft-quoted pronouncement that voluntary self-disclosure = a reduction in penalties, it is clear from the declination examples that self-disclosure is a necessary (if not sufficient) prerequisite to favorable treatment.
As expected, the Guidance emphasizes the importance of an effective compliance program in determining whether a company will get prosecuted or receive leniency in terms of a declination, non-prosecution agreement (NPA), or deferred prosecution agreement (DPA). Id. pp. 56-65. Besides the usual admonitions on the need for compliance oversight, codes, policies, training, and confidential reporting and corrective action, the Guidance offers pointed instruction in three areas that warrant further discussion here: the importance of risk assessments, third-party due diligence and compliance “incentives.”
Risk Assessment. According to the Guidance, it is important for companies to avoid spreading thin resources on low risk activities (like cups of coffee) instead of “large government bids, questionable payments to third-party consultants, or excessive discounts to resellers and distributors.” Id. p. 58
Due Diligence. With respect to third parties, the Guidance issues three guiding principles to companies: 1) understand the qualifications and associations of the third-party and increase scrutiny as red flags surface; 2) understand the business rationale for the third party, including the role and need for the third party, and ensure that the contract specifically describes the services the third party is to perform; and 3) monitor third-party relationships on an ongoing basis. Id. p. 60. (Although not necessarily a part of the compliance program, a thorough, risk-based FCPA and anti-corruption due diligence program is also essential with respect to merger and acquisition activities. Id. p. 29).
Incentives. The Guidance goes out of its way to explain the importance of incentivizing and rewarding compliant behavior through numerous examples, including personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, rewards for ”ethics and compliance leadership,” tying compensation and bonuses to compliance, and making a tour of duty in the Compliance Department a rung in climbing the corporate career ladder. Id. pp. 59-60.
While many are unhappy that the Guidance didn’t go further in clarifying key FCPA terms, no one should really be surprised. The Feds, even when they try to be helpful — and I believe they tried here — are never willing to tie their hands. Although following the Guidance doesn’t guarantee any company that it will get a pass down the road, you can bet that not following the Guidance will mean costly investigations, big fines and much worse for the company’s management.