The Foreign Corrupt Practices Act (FCPA) prohibits U.S. corporations and individuals from providing a foreign government or official with anything of value in exchange for favorable action, including business or competitive advantages. Both the Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) are responsible for enforcing the FCPA. In 2019, 47 enforcement actions were taken by either the SEC or DOJ, the third-highest total since the act came into force in 1977.
Enforcement trends continue to show the DOJ and SEC are focused on third-party due diligence. In 2020, Goldman Sachs Group Inc. was assessed a $3.3 billion USD fine for allegedly bribing officials in Malaysia and Abu Dhabi. The fine was the largest ever assessed under the FCPA, eclipsing the multi-billion dollar fine assessed earlier in the year to Airbus SE. The Goldman Sachs ruling against the New York City-based company is also notable as it is the only fine amongst the top 10 largest penalties to be assessed against a U.S. domestic company.
FCPA Compliance Requirements
To ensure FCPA compliance, companies must exercise due diligence of both internal behavior and the actions of third parties in the supply chain. Stanford Law School estimates nearly 90 percent of FCPA matters alleging bribery involve the use of third-party intermediaries.
Companies should make efforts to ascertain the risks third parties may present by investigating red flags such as unreasonable commissions to consultants, large discounts to distributors or close relations with a government official. The law is structured so companies that do not make such efforts may be found to have created a willfully blind approach to compliance and may be charged.
A supply chain may have thousands of suppliers or third parties requiring a strong due diligence program to adequately identify and address the risks these parties may present. The DOJ and SEC jointly published a guide with several recommendations for enacting effective due diligence programs. They proposed three principles companies should consider when managing third-party relationships with regards to FCPA:
- Companies should be aware of the qualifications, associations and reputation of third parties with respect to foreign officials.
- Companies should confirm and document that payment to suppliers is commensurate with the work being performed.
- Companies should continuously monitor third parties, including periodic audits and requests for annual compliance certifications.
Mitigate your reputational risk with enhanced anti-bribery practices. Learn more in our whitepaper, Combating Bribery & Corruption in the Supply Chain.
FCPA Risks for Non-Compliance
Investigations related to FCPA compliance may take months to resolve and result in reputational damage for companies when findings are released publicly. To avoid these risks, companies generally choose to settle with the enforcement agencies. Over 90 percent of publicly-traded companies investigated by the SEC chose this option.
Since 1977, billions of dollars have been paid to resolve FCPA violations. Companies can prevent non-compliance with the act by exercising ethical business practices and due diligence when entering into business relationships.
The strength of a due diligence program can be a mitigating factor in the event a company is found to be non-compliant. Another factor enforcement agencies may consider is whether a company’s supply chain has been informed of its unethical business practices.
Engaging a supply chain can be an onerous task when relying on outdated methods. However, a supply chain data management platform can automate many of the third-party due diligence best practices the government recommends.
The Assent Compliance Platform enables efficient engagement with thousands of suppliers, which companies can leverage to inform third parties of unethical practices, retrieve compliance certificates from suppliers, mitigate reputational risk presented by third-party bribes and avoid enforcement action. To learn more, contact our experts.