BEST PRACTICES FOR

MITIGATING FCPA RISK

Prepared for Strafford Publications Teleconference Ed Fishman

“Foreign Corrupt Practices Act in China” Kirkpatrick & Lockhart Preston Gates Ellis LLP
April 1, 2008 1601 K Street, NW
Washington, DC 20006-1600
(202) 778-9456
ed.fishman@klgates.com
©2007 Kirkpatrick & Lockhart Preston Gates Ellis LLP
All Rights Reserved
Why is Risk Mitigation Important?
 Criminal Penalties
 Up to $2 million per violation for companies
 Up to $250,000 fine and 5 years in prison for individuals
 Alternative fines equal to twice amount of total profit
 Civil Penalties
 Injunctions against future violations
 Civil monetary penalties
 Collateral consequences (e.g., debarment)
 A company cannot indemnify an officer, director, employee or
consultant for fines assessed in violation of the FCPA and
insurance will not cover such fines or penalties.
FCPA Risk Mitigation Essentials
Three Core Elements:

 Internal Compliance Program

 Due Diligence on Third Parties/Transactions
 Prompt Response to Possible Violations

U.S. Government will consider each of these

elements in evaluating whether to bring
enforcement action.
FCPA Compliance Program Essentials
 FCPA Policy Framework
 Written and Clearly Defined Corporate Policy
 Regularly Updated and Improved
 Aim for Clarity and Simplicity
 Effectively Disseminated and Communicated
 Tailored To Local Risks and Practices
 Subset of Corporate Ethics Policies
 Addresses Local and Other Applicable Laws
FCPA Compliance Policy (cont.)
 Substantive Content of FCPA Policy
 Explain Key Statutory Provisions and Risk Areas
 Provide Guidance on Permissible Behavior
 Tailor to Specific Operating Risks
 Gift Guidelines – No Cash; Nominal Value
 Meal and Entertainment – Legitimate Business
Purpose, No Cash and Not Excessive
 Travel – Reasonable and Bona Fide Expenditures in
Connection with Product Demonstration
 Donations and Lobbying – Seek Company Approval
FCPA Compliance Policy (Cont.)
 FCPA Internal Controls
 Cash Handling Procedures
 Accounting and Financial Controls
 Recordkeeping Requirements
 Segregation of Duties
 Documentation Requirements
 Authorization Requirements
FCPA Compliance Program (cont.)
 Training and Education
 Live Training Preferred
 Local Language If Necessary
 Must Be Understandable To Be Effective
 Initial Training Upon Hiring/Acquisition
 Periodic Refresher Sessions
 Supplemental Distributions of Policy/Law Changes
FCPA Compliance Program (Cont.)
 Compliance Monitoring
 Training Completion Certification
 Annual Compliance Certification
 Audit Testing of High-Risk Areas
 Internal/External Compliance Audits
 Confidential Reporting System
 “Tone at the Top”
FCPA Compliance Program (cont.)
 Third Party Agent/Partner Compliance Framework
 FCPA Certifications
 Contract Reps and Warranties
 FCPA Policy Communication and Training
 Third Party Due Diligence Steps (discussed further
below)
 Range of Third Party Relationships At Issue
 Challenge is Finding Right Balance
FCPA Third Party Due Diligence
 Determine the Competence, Expertise and Reputation of the
Third Party
 Determine Third Party’s Relations With Government Officials
through Family, Prior Employment or Political Activity
 Caution: Carefully Scrutinize “Success Fees”
 Maintain Records of Due Diligence
 Sources of Inquiry: Law Firms, Audit/Consulting Firms, U.S.
Embassy, Commerce/State Department, Private
Investigators, and Possibly Legal Opinions
FCPA Third Party Due Diligence Red Flags
 A history of corruption in a country
 Any family relationship between participants and
government officials
 Any unusual means of payment
 The size of the commission paid to the agent in
relation to the services performed
 Apparent lack of qualifications on the part of the
agent to perform services
FCPA Third Party Due Diligence Red Flags (cont.)

 Refusal by any participants to sign certifications or

make representations that they will not violate FCPA
 Any misrepresentations in connection with
proposed transaction
 Requests for false or incomplete documentation
 Lack of transparency in financial records
 Lack of internal controls
FCPA Red Flags in Plain English
 “Please Pay Me In Cash”
 “Pay Me Through My Offshore Bank Account”
 “My Close Relative Is A Government Official, and You Don’t
Have A Chance Unless You Deal With Me”
 “I Have No Facilities or Staff, But I’ll Get the Job Done”
 “I Have Never Worked In Your Industry Before, But I Know
The Right People”
 “While My Commission Rate is Twice The Market Rate, I’m
Well Worth It”
FCPA Transactional Due Diligence
 Evaluate the Target Company
 Competence and Expertise
 Business Model
 Relationships with Government Officials
 Family and Business Relationships
 Corporate Compliance Culture
 Management Structure
FCPA Transactional Due Diligence
 Evaluate FCPA Compliance Risk
 Audit Books and Records
 Audit Internal Controls
 Examine FCPA Compliance History
 Review Due Diligence Practices
 Obtain Legal Opinion on Compliance with Local Laws
 Obtain Reps and Warranties
Prompt Response to Potential Violations
 What to do if potential FCPA violation is suspected?
 Investigate through internal/external resources
 Maintain objectivity, confidentiality and privileges
 Conduct prompt and thorough investigation
 Comply with applicable employment/other laws
 Report findings to appropriate internal channels
 Evaluate voluntary disclosure issue
Prompt Response to Potential Violations
 Voluntary Disclosure Considerations
 DOJ/SEC Cooperation for Credit
 Attorney-Client Privilege Waiver
 Prior Violations
 Clarity of Evidence
 Public or Private Company Considerations
Prompt Response to Potential Violations
 What to do when you encounter Red Flags?
 Increase Level of Due Diligence Investigation
 Require Investigation by M&A Target
 Conduct Joint Investigation
 Evaluate Potential Successor Liability
 Weigh Business Risks of Transaction
Prompt Response to Potential Violations
 What to do when you discover potential violation as part of
M&A transaction?
 Require Disclosure
 Government
 Public Filings
 Require Resolution As Condition to Closing
 Delay
 Material Changes
 Accept Risk and Close
 Protection through Escrow
 Obligation to Continue Investigation
 Open-ended Liability
QUESTIONS?
 Contact:

Ed Fishman
Kirkpatrick & Lockhart Preston Gates Ellis LLP
1601 K Street N.W.
Washington, D.C. 20006
(202)778-9456 (direct)
ed.fishman@klgates.com