Alleged compliance breaches have led to combined fines and settlements worth hundreds of millions of dollars in Q2 of 2023. Regulators have taken enforcement action against companies over their activities in jurisdictions spanning four continents. In this blog, we look at some of the most significant regulatory interventions in recent months and suggest how companies should retool their compliance approach to mitigate growing legal, financial, reputational and strategic risks.
Round-up of major enforcement actions by regulators against alleged compliance failures
Regulators continue to proactively enforce ever-stronger anti-bribery and corruption legislation. The latest major fines and settlements include:
- US, UK, Singapore and North Korea: In April, the US Treasury’s Office of Foreign Assets Control (OFAC) announced its largest ever settlement with a non-financial institution. A UK-based multinational tobacco company will pay $508 million to resolve alleged violations of US sanctions against North Korea. The company was alleged to have circumvented sanctions by using US banks, North Korean banks, its Singaporean subsidiary, and other intermediaries to move funds.
- US, Netherlands and China: In May, the US Securities and Exchange Commission (SEC) announced that a company based in the Netherlands would pay more than $62 million over alleged violations of the Foreign Corrupt Practices Act (FCPA) over sales of medical equipment in China. The SEC said that the company’s subsidiary in China offered discounts which “created a risk” that distributors would make “improper payments to government employees” in state-run hospitals.
- US, Netherlands and Angola: In April, the SEC also announced a settlement with a Dutch company in the extractives sector over alleged payment of bribes to public officials in Angola in exchange for contracts. The company will pay around $8 million in relation to the allegations.
- UK and Turkey: A UK-based gambling firm declared in May that it expects to pay a “substantial financial penalty” over an investigation by UK regulators into alleged bribery at its Turkish division, according to a report by Citigroup.
- South Africa and US: In May, the SEC announced that a US-based technology company would pay nearly $2.5 million to settle allegations of bribery in South Africa. The regulator claimed that the company made payments in South Africa even though it “knew or consciously disregarded the possibility” that money would go to public officials to influence the award of lucrative contracts.
Three trends to note from recent enforcement actions
The cases above reinforce the need for companies to constantly review and strengthen their due diligence and compliance processes. Each of these alleged failures of due diligence and compliance not only carried significant financial and legal implications for the companies involved, but they also inflicted reputational damage through widespread media coverage and strategic costs of dealing with the investigation and applying remediations.
Three trends stand out from these recent regulatory actions, which should inform how companies approach compliance:
- Risk levels vary across company sectors: It is no surprise that some of the major enforcement actions in recent months took place in the extractive sector and medical/pharma industry. These carry higher risks of bribery and corruption, especially where firms are seeking to expand or win contracts internationally. Firms should review sector-specific risks for their current and prospective third parties and apply enhanced due diligence where relevant.
- Extraterritorial reach of anti-bribery and corruption legislation: All of the cases above involved a regulator taking enforcement action against a company based on alleged actions which happened outside its home jurisdiction. Companies’ due diligence must therefore cover global data, regardless of where they are based.
- Sanctions risk is growing: The rise of global sanctions against Russian entities over the last year is well-documented, but the US OFAC’s enforcement against alleged sanctions breaches in North Korea shows that sanctions risks are much broader. In relation to the sanctions case involving North Korea, the US Under Secretary of the Treasury for Terrorism and Financial Intelligence, Brian E. Nelson, issued a stark warning to companies. Nelson said: “Companies that seek to profit from circumventing sanctions by obscuring their involvement will be discovered and will pay a price … Firms that deal with blocked persons, even indirectly, will be penalized when their schemes implicate the U.S. financial system.” Firms must therefore regularly review sanctions lists at national and supra-national level for potential exposures.
Nexis Solutions: cutting through the noise to surface insights to mitigate regulatory risks
In response to growing regulatory interventions, companies must make it a priority to mitigate the financial, legal, reputational and strategic risks of a compliance failure. The best way to do that is to leverage data and technology to strengthen your due diligence process. This will help you to better detect any indication of wrongdoing happening within your business or by a customer, supplier or other third party.
Nexis Solutions helps firms to implement a more efficient and effective due diligence process to identify and mitigate third party risk by providing companies with authoritative data from the most relevant sources, including:
- News data to identify reputational risk of third parties.
- PEPs and sanctions data to identify third parties which may require enhanced due diligence.
- ESG data to assess third parties’ compliance with growing expectations from regulators and the public around human rights and environmental due diligence.
- Company data to help to build a picture of a company’s structure, directors and beneficial owners.
Nexis Solutions helps support firms to deploy technology across these sources to improve their approach to due diligence and risk management, including:
- Nexis Diligence
supports an effective due diligence process with our extensive archives and news searches going back more than 40 years. - Nexis® Data as a Service delivers an unrivalled collection of licensed and web content, deep archives and data, through our flexible data APIs.