The U.S. Foreign Corrupt Practices Act – What Canadian Directors Need to Know

This January, Niko Resources, a TSX-registered company involved in petroleum exploration and development in Asia, issued a press release confirming that Canadian authorities are engaged in a formal investigation into allegations of improper payments to government authorities in Bangladesh. This announcement is the first formal investigation launched by Canadian authorities under the Corruption of Foreign Public Officials Act (CFPOA). However, if recent international trends in the enforcement of anti-corruption legislation are followed here, there may be other investigations launched.

While the Canadian legislation is still untested, in the United States there has been increasing discussion at directors' meetings about the Foreign Corrupt Practices Act (FCPA). In boardrooms in Canada, you may have heard FCPA compliance raised as another risk for directors to monitor. The recent Siemens AG settlement announced in November 2008, where Siemens agreed to pay fines totalling $1.6 billion (US$), is evidence that even non-U.S. companies need to pay attention to the risks of running afoul of the FCPA and similar legislation.

As a Canadian director, you may be wondering what anti-corruption legislation, such as the CFPOA and FCPA, requires of Canadian companies, and whether this legislation is relevant to the corporations that you serve. This article provides some background to the FCPA, recent trends in enforcement and some points to consider when assessing your FCPA exposures.

What is the FCPA?

The FCPA has two main provisions:

  • The Anti-Bribery Provisions, which prohibit companies, or their intermediaries, from making payments or offering anything of value to a "government official" for the purpose of influencing that official, or deriving an "improper advantage". Note that the scope of who is considered to be a government official under the FCPA is quite broad and can include, for example, health care workers in countries where the government oversees the provision of health care. In addition, there is no materiality concept in assessing whether the amount offered or spent constitutes a bribe.
  • The Accounting Provisions, which require companies to maintain accurate books and records to reflect transactions with government officials, and to maintain an adequate system of internal controls over such transactions.

Many executives likely believe that their company does not bribe government officials to win business; as a result, they think that the FCPA is not something they need to monitor as a part of their risk management responsibilities. They may believe that entertaining government officials, or providing them with small gifts, is part of a well-accepted culture of doing business abroad, and enables their company to "develop relationships". However, when the company is engaged in such activities, there are risks under the FCPA and similar legislation in Canada and elsewhere.

Who must comply?

The FCPA is applicable to any U.S. company, citizen or legal resident who commits a violation in the U.S., or its territories, as well as to foreign companies with securities registered in the U.S. In addition, the FCPA applies to any company that has payments made directly, or via third parties, through U.S. institutions. This provision could catch, for example, a Canadian private company that makes improper payments through a U.S. bank account, or a Canadian company with a U.S. officer that offers an improper payment to a government official.

Increased enforcement

The United States passed the FCPA into law in 1977. However, enforcement of the legislation by the Department of Justice (DoJ) and the Securities and Exchange Commission (SEC) has escalated in the last few years. The number of open investigations increased from nine in 2003, to 91 in 2008. Mark Mendelsohn, the DoJ's Deputy Chief Prosecutor responsible for FCPA enforcement, has said that the trend of more FCPA prosecutions is going to continue, as the globalization of business shows no signs of slowing down, even in challenging economic times.

There has been an exponential increase in the number of companies investigated and penalized under the provisions of the FCPA during the past five years. At an international conference in Frankfurt, Germany in January 2009, Mr. Mendelsohn indicated that enforcement of the FCPA is at an all-time high, and will remain there. This tough stance on FCPA compliance does not just mean more scrutiny for U.S. companies; Mr. Mendelsohn also indicated that the DoJ will investigate foreign and U.S. issuers equally, as well as companies operating within U.S. territories. Other enforcement trends noted by Mr. Mendelsohn included improved international cooperation in the investigation of companies, and the commitment of additional resources in the U.S. to investigate and prosecute companies violating the FCPA.

The costs of running afoul of the FCPA are significant — in addition to fines and penalties, U.S. regulators can require companies to disgorge profits derived from inappropriate activities. Regulators can also require the company to appoint a monitor to report on its compliance, adding cost and taking management time from other important activities. Further, the FCPA provides for prosecution of individuals — including officers and directors. These individual prosecutions do not just involve those responsible for authorizing the inappropriate transactions, but also executives who failed to establish internal controls to prevent or detect the illegal conduct. Mr. Mendelsohn stated that more prosecutions of individuals is no accident — in order for there to be a credible deterrent, violators have to be prosecuted.

The statistics noted above for the U.S. indicate that the risks of violating the FCPA have risen, as compliance with this legislation is more closely monitored by regulators than ever before. As well, the cost of non-compliance for the company, its officers and directors has increased significantly.

Key risk factors

As a director, here are some questions to consider in assessing a company's FCPA risks:

  • Does the company do business in the developing world, where there is a higher corruption risk?
  • Do the company's business activities involve interaction with "government officials"?
  • Does the company do business with government officials directly, or use third-party agents or business partners?

If you answered yes to any of these questions, as a director, you should question management about how FCPA risks are identified, evaluated and addressed. You should also question management about what controls are in place to track, approve, record and summarize transactions with government officials.

The increased pursuit of companies running afoul of the FCPA may result in increased pressure on other countries to crack down on improper dealings with government officials. Following the Organization for Economic Co-operation and Development (OECD) Anti-Bribery Convention in 1997, Canada enacted the CFPOA in 1999. The investigation of Niko Resources was launched following the recent dedication by the RCMP of full-time resources to look into alleged CFPOA violations. Note though, that U.S. regulators will not necessarily defer to a foreign jurisdiction — Mr. Mendelsohn indicated that the DoJ will continue with its increased enforcement to, in his words, "level the playing field for companies doing business globally."