The US Foreign Corrupt Practices Act: What it Means for Your Business

The Federal Corruptions Policy Act was established to address and end corruption and bribery in US business dealings with foreign officials. The FCPA seeks to keep legitimate businesses from losing contracts to companies engaged in corruption and bribery. The act does not solely speak to first tier businesses—it further requires all businesses have a process of due diligence to assure corruption and bribery is not happening in any part of its supply chain.

In this article we will discuss the statutory requirements of the FCPA and how to enact a successful process of due diligence and compliance that mitigates your company’s legal, financial, reputational, and strategic risk and helps you have working relationships free from of bribery and corruption.

US FCPA works to keep corruption and bribery out of US business and supply chains

The Foreign Corrupt Practices Act (FCPA) of 1977 was created and enforced to combat worldwide corruption. In its most basic terms, the FPCA makes it illegal for a US citizen or company to exchange anything of value with a foreign official for the express purpose of obtaining or maintaining business.

According the US government’s 2020 Resource Guide to the FCPA, “Congress enacted the FCPA in 1977 after revelations of widespread global corruption in the wake of the Watergate political scandal. SEC discovered that more than 400 U.S. companies had paid hundreds of millions of dollars in bribes to foreign government officials to secure business overseas.”

Amendments to the FCPA regarding foreign officials

A 1998 amendment took the FCPA a step further to apply the anti-bribery provisions of the FCPA to be enforced across all US territories. This change brought clarity to the anti-bribery and accounting provisions, what specifically defines a “foreign official”, and the jurisdictional reach of the FCPA. The act can apply to:

• US issuer: any employee or agent of a business or a stockholder acting at the company’s request
• Foreign official: can be considered a full foreign political party or member and applies to candidates for foreign political office
• Agents: any party involved, third-party relationships, consultants, distributors, joint-venture partners, and others
• Companies: foreign public companies listed on US stock exchanges, who must file with the SEC

A company cannot simply claim they did not know the violation was happening in their organization. The FCPA further requires that public companies keep accurate books and records that provide proof of a true system of accounting controls. These provisions in the FCPA prohibit individuals and business from fabricating records and from ignoring the requirement to devise said control system.

FCPA enforcement by the Department of Justice (DOJ) and the Securities and Exchanges Commission (SEC)

The FCPA targets the US entity that gives the bribe, not the foreign officials who willingly takes it. When it comes to enforcement of the FCPA, the DOJ and the SEC can both enforce the FCPA’s anti-bribery and accounting provisions. Additionally, they may work with federal and law enforcement agencies to fulfill their investigative and prosecutorial authority to end corruption.

Department of Justice enforcement

The DOJ has authority to prosecute criminal cases of US businesses, persons, and entities (including those acting on the US public company’s behalf) in violation of the FCPA. They also have civil and criminal prosecution power to enforce the FCPA’s anti-bribery provisions having to do with “domestic concerns”.

Domestic concerns are when: “ (a) U.S. citizens, nationals, and residents and (b) U.S. businesses and their officers, directors, employees, agents, or stockholders acting on the domestic concern’s behalf—and certain foreign persons and businesses that act in furtherance of an FCPA”.

In 2021, the DOJ grew their foreign bribery unit to a record size, employing new members with collective decades of private sector compliance and monitoring expertise and experience.

Securities and Exchange Commission enforcement

The SEC is responsible for investigating and prosecuting civil violations. In 2010, they started a new division solely dedicated to the enforcement of the FCPA. The division members use their FCPA expertise to ensure consistent enforcement of its statutes. They investigate complaints and allegations, analyze data to find violations, promote anti-corruptions efforts to raise awareness, and help businesses engage in the practice of good corporate governance.

Last year the Justice Department’s Fraud sector levied a record amount of penalties for corruption and bribery violations across the globe: a staggering $7.84 billion. The increased evidence of global cooperation to eradicate corruption is evident here. The number of compliance monitors has also increased. They work to bridge the gap of where a business is at and where it needs to be while realistically assessing the financial and structural investment a company needs to reach compliance.

Penalties for companies and individuals violating the FCPA can be significant and include actions like sanctions, profit paybacks, fines, and civil penalties.

MORE: Supply chain transparency, ethics, and the use of technology for due diligence

Recent enforcement actions on alleged regulatory breaches of the FCPA

The FBI’s Luis Quesada, Assistant Director of the Criminal Investigation Division, stated it plainly when he said, “The consequences of violating the FCPA are clear: Companies that bribe foreign officials for business advantage will be held accountable”. This has recently been seen in the following instances:

In 2023:

• A British mining organization was found in violation of the FCPA’s books and records and internal accounting control provisions when they paid a consultant $10.5 million to help them retain mining rights in certain blocks of Ginea’s Simandou mountain region, The consultant’s fee was given to a Guinean government official. RTP paid a $15 million civil penalty to resolve the SEC charges.

In 2022:

• A publicly traded American company violated the FCPA’s books and records and internal accounting control provisions through bribery schemes in Brazil and Algeria. In 2010, the company offered a Brazilian government official over $4 million in bribes for contracts with Brazil’s state-owned oil company. In 2011, the company’s Belgian subsidiary bribed an Algerian government official to obtain and retain business with their state-owned entity. The company agreed to pay more than $81 million to settle the SEC’s charges.
• A NYSE listed, Swiss-based global technology company, paid a massive criminal penalty of $315 million when it violated the FCPA by bribing a high-ranking South African official to win substantial financial contracts. The fine was determined together with Swiss and South African authorities and was based on the severity of the violation.

It's not only the American government cracking down. Countries across the globe are creating legislation to counter bribery and corruption, such as the recently enforced German Supply Chain Due Diligence Act. Enforcement fortifies public trust and secures free-trade and fair enterprise thus strengthening our democracies.

Best practices for effective due diligence for the FCPA

Keeping compliant with FCPA due diligence can be overwhelming. Start by considering the following:

• Where do I start implementing my process? Do a risk assessment to find exposure, keeping in mind long-term factors to make your process flexible and easily implemented.
• What information legally counts as due diligence for third parties and where do I find it? Use multiple resources to determine which source is in-depth enough to cover your business needs. Information can be found through internal and external research.
• What are common internal and external risks to consider in business relationships? It is important to acknowledge that certain industries have a perceived higher risk of corruption. There’s also increased risk with both charitable and political donations. You should consider the regulations in each country where your business operates and address all due diligence with a mind toward each company and its employees.
• How do I figure out which type of due diligence solution is right for my business? Your due diligence solution choice is best guided by the amount of potential risk to which your business might be exposed: higher risk requires more aggressive due diligence.

Once your system is in order, regulators recommend a periodic refresh of all due diligence. This ensures all information on regulations and relationships is up to date and all parties remain in compliance.

To further ensure all your business dealings remain FCPA compliant, check out our 2023 Due Diligence Checklist for a complete breakdown of how to remain above board.