The Extraterritorial Implications of the FCPA and the U.K. Bribery Act: Why Nearly Every Global Company Needs a Robust Anti-Corruption Compliance Program, By Keith Korenchuk, Kathleen Harris, John Nassikas and Samuel Witten, Arnold & Porter LLP
Keith M. Korenchuk is a partner with Arnold & Porter LLP in the firm’s Washington, D.C., office. He advises global companies on regulatory and compliance matters, with a focus on compliance program effectiveness, compliance program implementation, operations, and evaluation, and related regulatory counseling and advice. Kathleen J. Harris is a London based partner at Arnold & Porter LLP. She advises clients in relation to compliance and economic crime and is the Criminal Advisor to the Management and Standards Committee for News Corp. John N. Nassikas III is the global chair of Arnold & Porter LLP’s White Collar Criminal Defense practice. He advises and defends companies and executives in criminal investigations and prosecutions, particularly in the areas of health care fraud, financial fraud, and antitrust. Samuel M. Witten is Counsel at Arnold & Porter LLP, joining the firm in 2010 after 22 years at the State Department, where he served as Deputy Legal Adviser. He helps companies develop and implement compliance programs and corrective actions related to the FCPA and anti-bribery legislation.
Business in today’s world is global, and anti-corruption enforcement is as well. Given the extraterritorial reach of the U.S. Foreign Corrupt Practices Act (FCPA) and the U.K. Bribery Act (Bribery Act), multinational corporations with connections to the United States and the United Kingdom are becoming increasingly aware of the risks of enforcement of these two statutes by the U.S. and U.K. authorities.1 Many companies operating or headquartered outside of the United States are questioning how these laws may be applied to their conduct, and, if so, what course of action they should take to protect themselves from liability.
Recent statistics reflect the global nature of enforcement. In 2011, 72 percent of the financial penalties in FCPA cases were assessed by U.S. authorities against non-U.S. companies, even though these companies comprised only 41 percent of those investigated.2 In the past two years, 16 of the 36 corporate FCPA enforcement cases—nearly half—have involved non-U.S. parent companies.3 Nine of the 10 largest penalties to date imposed by U.S. authorities for alleged FCPA violations were levied against foreign companies.4 Additionally, in 2011, there was a record number of non-U.S. individuals charged with crimes in the United States—of the 18 individuals charged in 2011, 12 were non-U.S. citizens.5
While enforcement of the Bribery Act is just getting underway in the aftermath of the law’s July 2011 effective date, the U.K.’s Serious Fraud Office (SFO) has made clear that the law will be enforced broadly on a worldwide scale. The Director of the U.K’s Serious Fraud Office, Richard Alderman, has commented that the Bribery Act’s extraterritorial jurisdictional provision is a crucial means by which the SFO intends to address his primary concern that the Bribery Act would otherwise “put ethical U.K. companies at a disadvantage with the consequential effect on their employees.” 6
This article highlights key principles of extraterritorial jurisdiction of the FCPA and the Bribery Act that multinational corporations should consider in connection with their international compliance efforts.7
Overview of Offenses Under the FCPA
The FCPA, enacted in 1977, consists of two general categories of offenses:
• Its anti-bribery provisions prohibit making—or offering to make—a corrupt payment to a foreign (i.e., non-U.S.) government official for the purpose of securing an improper advantage or obtaining or retaining business for or with, or directing business to, any person.
• Its books and records provisions require foreign or domestic issuers of securities who are registered on U.S. stock exchanges to comply with its additional provisions on recordkeeping and internal accounting controls. Books and records of covered entities must accurately and fairly reflect transactions (including the purposes of an organization’s transactions), and covered entities must devise and maintain an adequate system of internal accounting controls.
Extraterritorial Jurisdiction Under the FCPA
The FCPA applies broadly to numerous categories of U.S. and non-U.S. persons and businesses, and in many cases can give rise to liability even where the corrupt act takes place entirely or mostly outside the United States. There are three key extraterritorial features of the law.
First, U.S. persons and businesses are prohibited from undertaking corrupt conduct that violates the FCPA anywhere in the world. Such U.S. persons and businesses include U.S. citizens and resident aliens, as well as businesses organized under U.S. law or with a principal place of business in the United States. In addition, these U.S. persons and businesses may be considered responsible for the activities of their officers, directors, employees, and third-party agents (regardless of their citizenship), as well as of their foreign subsidiaries.8 The FCPA thus applies to the activities of U.S. persons, including companies, around the world.
Second, any issuer of securities on a U.S. stock exchange, whether the issuer is a U.S. or non-U.S. company, or any officer, director, employee, or third-party agent of such issuer or any stockholder thereof acting on behalf of such issuer, is prohibited from using the U.S. mails or any means or instrumentality of U.S. interstate commerce for corrupt conduct anywhere in the world.9 For example, companies that are listed on the New York Stock Exchange will find themselves subject to the FCPA even though their headquarters and principal place of business are located elsewhere.
Third, non-U.S. persons are prohibited from using U.S. mails or any means or instrumentality of interstate commerce or doing any other act in furtherance of an offer, payment, promise to pay, or authorization of the payment of any money, or offer, gift, promise to give, or authorization of the giving of anything of value corruptly to a foreign official. For example, the Justice Department asserted extraterritorial jurisdiction over Bridgestone, a Tokyo-based manufacturer, regarding FCPA violations based on emails sent between Japan and the United States in connection with a bribery scheme.10
Thus, liability under the FCPA does not end with U.S. persons and business or issuers of securities on U.S. exchanges, but also includes individuals of any citizenship that take any action that can be construed to be in the United States in furtherance of a corrupt payment to a foreign government official. In today’s matrixed business world with worldwide electronic communication and intertwined financial transactions, the reach of the FCPA can extend quite far. Accordingly, non-U.S. companies may find themselves subject to the FCPA because some business activity that relates to the misconduct has a U.S. connection, even though this connection is not great.
In addition to liability under the FCPA, non-U.S. persons and companies could be liable for conduct outside the United States that constitutes ancillary offenses under U.S. criminal law, such as conspiracy or aiding and abetting. For example, if a non-U.S. person who is not otherwise expressly covered under the FCPA assists a covered U.S person in consummating a corrupt act under the statute, the non-U.S. person might in some circumstances be subject to U.S. prosecution for providing that assistance.
The increasingly common reality is that U.S. enforcement agencies can make use of these extraterritorial provisions of the FCPA to exert jurisdiction on the basis of actions as slight as registering American Depository Receipts, sending incriminating emails, or making a transfer to a U.S. bank account. Companies also face significant risks related to third-party agents who act on their behalf in dealing with foreign governments.11
Another major consideration is that if an investigation is started by the U.S. government, a company subject to that investigation may try to raise the lack of jurisdiction as a defense. In that context it is likely that an investigation into the underlying conduct will proceed, with considerable defense costs being incurred while jurisdictional arguments are raised. From a practical perspective, therefore, the uncertainty of ultimately prevailing on a defense based on jurisdictional grounds will likely result in a negotiated settlement, particularly if there is underlying conduct that appears improper. In short, jurisdictional arguments will not prevent the costs and operational disruption of an investigation from being incurred.
Thus, it is crucial that multinational corporations, whether operating in the United States or not, take into consideration the potential liability under the FCPA to which their operations may be exposed.
Overview of Offenses Under the U.K. Bribery Act
The Bribery Act came into force with enormous fanfare on July 1, 2011.12 Much of the commentary in relation to the Bribery Act agonizes over what is perceived to be its broad jurisdictional reach.
The Bribery Act creates three offenses which seek to capture actual acts of bribery: bribing another person,13 being bribed, 14 and bribing a foreign public official15 (collectively “the Bribery Offenses”). In addition, the Bribery Act creates an entirely new offense for commercial organizations that fail to prevent bribery.16
Extraterritorial Jurisdiction of the Bribery Offenses Under the Bribery Act
In summary, the Bribery Act extends jurisdiction to both offenses committed in the U.K. and those committed elsewhere that retain a “close connection” to the U.K.
In cases where the Bribery Offenses are committed in whole or in part in the U.K., the nationality or place of incorporation of the culprit is irrelevant. In this regard, the Bribery Act is not, in any way, new or controversial. It accords with both the general criminal law of the U.K., which is usually concerned with conduct within the jurisdiction, and the pre-existing bribery legislation, which was brought into force in 2002 and later repealed and replaced by the Bribery Act. Under the Bribery Act, senior officers of a corporate body who are implicated in the commission of the Bribery Offenses are guilty of the same offense.17
The jurisdictional reach of the Bribery Offenses is wider when the criminal conduct is committed by individuals or corporate bodies with a “close connection” to the U.K.18
British citizens, citizens of British overseas territories, and bodies incorporated under the law of any part of the U.K., among others, are deemed to have a “close connection” with the U.K.,19 and they may be prosecuted where the offense takes place outside the U.K.20 While this exertion of jurisdiction does constitute an extension of the general criminal law of the U.K, it is largely in accordance with preexisting legislation. In fact, the only significant extension under the Bribery Act is that the Bribery Offenses now capture foreign nationals who commit bribery offenses abroad while domiciled or habitually resident in the U.K.21
Extraterritorial Jurisdiction of the Failure to Prevent Bribery Offense Under the U.K. Bribery Act
While prosecution of the Bribery Offenses largely relies on conventional principles of jurisdiction, the Bribery Act also creates an entirely new offense that broadly expands the Bribery Act’s extraterritorial reach: the criminalization of a commercial organization’s failure to prevent bribery. Liability for the actions of another in the context of a serious criminal offense like bribery is unusual in the U.K., but it is an important part of the new offense under the Bribery Act.
Under the Bribery Act, once it is established that a commercial organization carries on a business or part of a business in the U.K. (regardless of where it is incorporated), if an “associated person” 22 (for example, an employee, agent, or subsidiary) bribes another person or a foreign public official for its benefit, the organization may be guilty of the offense unless it can demonstrate that it had adequate procedures in place to prevent such conduct. Importantly, it does not matter if the “associated person” has no connection with the U.K. or that the offense took place abroad. This means that, theoretically, a parent company incorporated in Australia whose agent based in Vietnam bribes a Chinese official for the parent’s benefit could be prosecuted in the U.K. because its subsidiary is located in London, regardless of the fact that the subsidiary is uninvolved in the offense.
In this way, the jurisdictional reach of the offense of failure to prevent bribery is broader than the jurisdictional reach of the Bribery Offenses, in that the former extends to overseas commercial organizations that carry on a business or part of a business in the U.K. whereas the latter are restricted to entities with a “close connection” with the U.K., as described above.
Therefore, with regard to the offense of failure of a commercial organization to prevent bribery, there has, indeed, been a significant extension of jurisdiction under the Bribery Act, well beyond both the general criminal law of the U.K. and the pre-existing legislation. Given this extensive scope, there is clearly potential for multinational corporations to find themselves subject to concurrent scrutiny by the U.K. authorities under the Bribery Act and the U.S. authorities under the FCPA. It is important to note that there are significant differences as to what may constitute an offense under the Bribery Act and the FCPA, therefore corporate clients must ensure that their anti-corruption measures satisfy both jurisdictions.
It remains to be seen whether the SFO will succeed in utilizing its extensive new jurisdictional reach under the Bribery Act by prosecuting overseas commercial organizations with a presence in the U.K. for failure to prevent bribery outside the jurisdiction. As previously mentioned, the SFO has certainly expressed bullish intentions in this regard and, when asked whether they would investigate and prosecute companies that have a limited connection to the U.K., the SFO is quoted as saying:
In this climate, multinational corporations with a presence in the U.K. would be well-advised to take the precautionary step of ensuring the adequacy of their compliance procedures. In other words, they should ensure to implement an effective anti-corruption compliance program.
This is particularly important in light of the fact that the SFO has recently taken steps to enhance their intelligence gathering faculties, which may indicate that such words are not mere prosecutorial puff. On November 1, 2011, the SFO launched a new service for confidential reporting of suspected fraud or corruption. In a message to potential whistleblowers, SFO Director Richard Alderman said,
Increased Importance of Anti-Corruption Compliance Program
Years of enforcement by the DOJ and SEC have shown that the U.S. government is serious about applying the FCPA extraterritorially to the actions of both non-U.S. companies and foreign subsidiaries of U.S. corporations. And, although the U.K. Bribery Act is newer and lacks the enforcement history of the FCPA, as discussed above, the SFO has indicated that it will investigate and prosecute companies worldwide.
A robust corporate compliance program can both help to stop violations from occurring and detect those that do occur so that a company may respond appropriately. However, a compliance program may also help to insulate a company from some criminal liability and possibly reduce the penalty for those liable. Under the U.K. Bribery Act, having “adequate procedures” to prevent bribery, is an affirmative defense to the offense of failure of a commercial organization to prevent bribery.25
The FCPA contains no such affirmative defense, and a corporate compliance program certainly does not absolve a company of liability for past actions. However, the DOJ has made it clear that remedial actions taken by a company including the implementation or improvement of an effective compliance program, are to be considered in determining the treatment to afford a violator of the FCPA.26 The DOJ has also explicitly affirmed that it will look beyond the written policies of a company’s compliance program to understand whether it is a truly effective program or simply a “paper program.” 27
Given the benefits of a compliance program and the expansive jurisdictional reaches of both the FCPA and the U.K. Bribery Act, implementing, improving and maintaining a robust anti-corruption program is more important than ever to global companies.
Global companies must be vigilant and acutely aware that both the FCPA and the Bribery Act may have direct impacts on their operations, even if they only have limited activity in the United States or the United Kingdom. As evidenced above, non-U.S. companies have frequently been the targets of U.S. enforcement actions. While the Bribery Act is relatively new, similar enforcement trends in the United Kingdom seem likely.
For these reasons, global businesses should strongly consider the implementation of effective anti-corruption programs in order to reduce the risk of violating either anti-corruption statute by preventing, detecting, and responding to improper conduct. Asserting jurisdictional defenses is simply not likely to create a successful defense once a government enforcement authority has determined that it will proceed to prosecute under any of the rationales for extraterritorial jurisdiction outlined in this article. Implementing and maintaining an effective anti-corruption program remains a prudent and recommended course of action to decrease corruption risks.
This document and any discussions set forth herein are for informational purposes only, and should not be construed as legal advice, which has to be addressed to particular facts and circumstances involved in any given situation. Review or use of the document and any discussions does not create an attorney-client relationship with the author or publisher. To the extent that this document may contain suggested provisions, they will require modification to suit a particular transaction, jurisdiction or situation. Please consult with an attorney with the appropriate level of experience if you have any questions. Any tax information contained in the document or discussions is not intended to be used, and cannot be used, for purposes of avoiding penalties imposed under the United States Internal Revenue Code. Any opinions expressed are those of the author. Bloomberg Finance L.P. and its affiliated entities do not take responsibility for the content in this document or discussions and do not make any representation or warranty as to their completeness or accuracy.
© 2012 Bloomberg Finance L.P. All rights reserved. Bloomberg Law Reports ® is a registered trademark and service mark of Bloomberg Finance L.P.