Private-to-Private – How Business is Driving FCPA Compliance

Private-to-Private – How Business is Driving FCPA Compliance

 Today we celebrate greatness. On this day in 1950, Texan Ben Hogan fully returned to the world of professional golf by winning the US Open, just 16 months after sustaining near fatal injuries in a car crash. His injuries were indeed horrific. Hogan suffered a broken collarbone, ankle, ribs and a double fracture to his pelvis. While in the hospital, a blood clot appeared in his leg, forcing doctors to tie off the surrounding veins to keep the clot from reaching his heart. Hogan’s legs atrophied, and doctors worried he would never walk again, let alone play golf at a professional level. Yet Hogan was able to walk 36 holes on the final day of regulation play and win the tournament the next day in an 18-hole playoff. Hogan is one of two golfers to win three of golf’s major championships in one year, won after his 1949 automobile accident.

A few weeks ago I wrote and put out a podcast about how the Houston energy community had developed a business solution to Foreign Corrupt Practices Act (FCPA) compliance. In the energy industry, the exploration and production companies (E&P) are usually thought of as existing at the top of the food chain (i.e. Mega-Big). Below them are the service companies, which actually do the work of exploration (i.e. Very-Big). The next level down are companies who work with the service companies, from the multi-billion chemical production firm down to the $15MM company which has a piece of software which does something useful. All of these companies down the chain are required to have a compliance program.

In practice it works something like this. A service company needs a product or service. As part of the regular contracting process, the service company will inquire into the contractor’s compliance function and policy. If the contractor provides a service which deals with a foreign government in any way or has foreign government touch points, the service company may well come and audit the contractor’s compliance program prior to executing the contract. Thereafter the contractor is subject to being audited for not only the execution of the contract but also the continued maintenance of its compliance program. All of this is done for business reasons. It is a business response to a legal issue, that being compliance with the FCPA.

Last week I received a copy of a paper by Scott Killingsworth, one of the true great practitioners in the field of compliance. Last year, he was listed by Ethisphere as one of its “Attorneys Who Matter” in ethics and compliance. His 2013 paper, “article, “Modeling the Message: Communicating Compliance through Organizational Values and Culture”” received a 2013 Burton Award for Distinguished Legal Writing. Killingsworth’s latest article is entitled “The Privatization of Compliance” and in it he sets out the legal and theoretical underpinnings for what I call the business solution to FCPA compliance. In his introduction he stated, “Embodied in contract clauses and codes of conduct for business partners, these obligations often go beyond mere compliance with law and address the methods by which compliance is assured. They create new compliance obligations and enforcement mechanisms and touch upon the structure, design, priorities, functions and administration of corporate ethics and compliance programs. And these obligations are contagious: increasingly accountable not only for their own compliance but also that of their supply chains, companies must seek corresponding contractual assurances upstream. Compliance is becoming privatized, and privatization is going viral.” And he calls this “private-to-private or P2P compliance.”

Killingsworth says this is a change from a “vertical, state-imposed” mandate to “an integral adoption of best practices both as a cultural norm and critically, as a path to profit”. [Italics mine] He notes that when such obligations come from a business partner, “This message has the potential to re-orient some attitudes and remove some ethical blinders. As more businesses are forced by their counterparties to examine their compliance processes and routinely accept business and legal consequences for them, we can expect increases in overall investment in compliance, in the scope and robustness of the average compliance program, and in ambient awareness of compliance issues outside the compliance, audit, and legal staffs. The viral nature of the process, in which each participant can exert pressure on a large number of direct and indirect upstream or downstream parties, while simultaneously fielding demands from other members of its value chain, suggests that the trend will continue and its influence will grow.”

Specifically in the area of anti-bribery/anti-corruption compliance programs, he writes “The debates about best practices are settled, save for skirmishes over when they can be practically applied.” Such best practices can be seen in the area of third-party due diligence and anti-bribery provisions, which are written into contracts with “domino-style flow-down requirements.” These obligations can arise through directly incorporating anti-corruption compliance obligations or by reference to one party’s compliance regime, or both. Such contractual provisions can cover a variety of issues, such as “ethical rules governing relationship issues such as conflicts of interest and gifts and entertainment; requirements to obey specific laws of concern and laws generally; and procedural rules such as the right to audit the partner’s records or train its personnel. Process and structural rules may be imposed on the partner’s compliance activities, such as requirements to establish management accountability, develop appropriate policies and procedures, maintain an anonymous reporting system and an anti-retaliation policy, train employees, conduct periodic audits, risk assessments and remediation, and of course, sometimes to cascade these program elements to downstream associates.”

Killingsworth details several areas that compliance professionals and contract lawyers should look for when confronted with P2P clauses and he does warn that some negotiators “will always be zero-sum business partners whose prime goal is risk transfer and who will do everything within their power to achieve it through contracts and P2P Codes.” However, he ends his paper with an upbeat note that he believes P2P codes and contract clauses can further the goals of greater compliance with anti-corruption laws.

I found his paper to be a ‘must read’ for anyone in the compliance field. He lays out a theoretical framework, coupled with some of the practical issues which need to be addressed moving forward for what I believe is a business solution to a legal problem. Kudos to Killingsworth for his continued contributions to the field of compliance and ethics where he is truly one of the greats.

 Visit the FCPA Compliance and Ethics Blog, hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

For more information about LexisNexis products and solutions, please connect with us through our corporate site.