Knowing the unknown: Avoiding the threat of FCPA successor liability

September 1, 2015

Westlaw Journals Commentary thumbWe all worry about the unknown.

When acquiring a business with operations outside the United States, there is perhaps no riskier “unknown” than the threat of Foreign Corrupt Practices Act successor liability and the federal government’s enforcement response.

In 2009, as successor to the then-insolvent Latin Node, eLandia International Inc. paid a $2 million criminal penalty for FCPA violations committed before the acquisition.  Unbeknownst to eLandia, Latin Node had for years used bribes to acquire and retain business in Honduras and Yemen.

ELandia discovered the violations shortly after acquiring Latin Node.  It “promptly” disclosed the violations to the U.S. Department of Justice, agreed to cooperate with the DOJ, and fired Latin Node’s senior managers.  Nevertheless, eLandia was held accountable for the criminal penalty and lost over $20 million in value from its acquisition.

Only four years later, Agilent Technologies Inc. disclosed that outside counsel had investigated whether employees of the company’s Chinese subsidiary violated the FCPA’s anti-bribery provisions.  In a Form 10-Q filed with the Securities and Exchange Commission on March 5, 2013, Agilent noted that the “duration, scope, cost [and] result” of its internal investigation were unpredictable and that the company did not know “whether the government [would] commence any legal action.”  This statement underscored the significant threat of FCPA successor liability it faced.

Like eLandia, Agilent made a voluntary disclosure to the DOJ and pledged cooperation.  But unlike eLandia, it was able to announce that the DOJ had closed its inquiry without taking enforcement action.

Though Agilent and eLandia responded similarly, their responses led to starkly contrasting outcomes.  These highly disparate outcomes leave observers in the dark about the actual threat of criminal prosecution and the true costs associated with FCPA successor liability.

A review of criminal successor liability case law, reference to published DOJ guidance and examination of past FCPA successor liability cases suggest reliable answers to this lingering unknown.

Successor liability in criminal law

The threat of successor liability is very real in the criminal context.  After a merger, for example, successor companies may be punished for the pre-merger misconduct of one or more predecessors.

In the seminal U.S. Supreme Court case of United States v. Melrose Distillers, 359 U.S. 271 (1959), two corporations merged after being indicted under the Sherman Antitrust Act, 15 U.S.C. § 1, for antitrust violations.  The successor company was then prosecuted and ultimately convicted for the crimes of its predecessors.  The Supreme Court held that, under the relevant state laws, the corporate lives of the two offenders “continued” for purposes of imposing criminal liability.

A post-merger successor can also face criminal liability under the anti-bribery provisions of the FCPA.  In United States v. Alliance One International, No. 10-cr-00017-jlk (W.D. Va. Aug. 6, 2010), two predecessor companies merged to form Alliance One International Inc.  The companies also merged certain wholly owned subsidiaries as separate successor subsidiaries under the ownership of Alliance One.

After discovering that the successor subsidiaries had paid dozens of foreign bribes prior to the creation of Alliance One, the DOJ charged the successors with FCPA violations.  A stream of guilty pleas followed.

DOJ guidance about criminal successor liability

A company seeking to acquire a target that has either an actual history or a significant risk of bribery or corruption must ensure that its intent to comply with the FCPA is absolutely clear.  The DOJ understands the legal importance of intent, and it has provided three sources of guidance for acquirers seeking to avoid FCPA successor liability.

DOJ principles of prosecution

First, the department has summarized its policies regarding the unique issues involved in criminal prosecution of corporations in the U.S. Attorneys’ Manual.  As noted in Section 9-28.300, DOJ principles direct federal prosecutors to “ensure that the general purposes of the criminal law … are adequately met, taking into account the special nature of the corporate ‘person.’”

While not legally binding, the DOJ principles present important issues the department expects prosecutors to consider.

The importance of a corporation’s intent is made clear throughout the DOJ principles. Section 9-28.500 counsels that “it may not be appropriate to impose liability upon a corporation, particularly one with a robust compliance program in place, under a strict respondeat superior theory.”

Section 9-28.400 states that it is “entirely proper in many investigations for a prosecutor to consider the corporation’s pre-indictment conduct, e.g., voluntary disclosure, cooperation, remediation, or restitution,” while Section 9-28.900 adds that “[a] corporation’s response to misconduct says much about its willingness to ensure that such misconduct does not recur.”

In other words, as a matter of principle, it is inappropriate to charge a parent company criminally if the company has demonstrated an intent — through its “robust compliance program,” “its pre-indictment conduct,” or its “response to misconduct” — to abide by the law.

DOJ/SEC FCPA guide

Second, the DOJ provides FCPA-specific guidance in “FCPA: A Resource Guide to the U.S. Foreign Corrupt Practices Act.” In a chapter devoted to the FCPA’s criminal anti-bribery provisions, the guide explains the DOJ’s interpretation of the law, its enforcement-related policies and its views regarding successor liability.  It also includes several hypothetical fact scenarios that reveal not only what the DOJ considers punishable conduct but also what the department expects to see from a company trying to avoid “buying a violation.”

Consistently, the scenarios provide examples where the DOJ declines prosecution because of meaningful pre- or post-acquisition actions by an acquiring company.

In Scenario 1, Company A considers acquiring a foreign company not previously subject to the FCPA.  During pre-acquisition due diligence, it learns of potentially improper payments in connection with a government contract.  It discloses its findings to the DOJ, suspends and terminates the responsible employees, ensures the payments have stopped and integrates the target into its own compliance program.

In addition, it requires its target’s third-party distributors and other agents to sign anti-corruption certifications, complete training and sign new contracts incorporating FCPA representations and warranties and audit rights.

The guide points out that, while Company A could not have been prosecuted for the target’s pre-acquisition misconduct because the target was not subject to the FCPA, it was important that Company A identified and stopped the corrupt activity.  By doing so, it prevented any post-acquisition misconduct that may have violated the FCPA.

In Scenario 4, a similar fact pattern is described, except the target company was subject to the FCPA when the misconduct occurred.  Company A requires its target to disclose the improper payments before completing the transaction, and Company A again stops the misconduct and takes meaningful steps to integrate the target and its employees into its compliance program.

Not only does the FCPA guide indicate that Company A would not be prosecuted; it also suggests that the DOJ might not prosecute the previous misconduct of the target because doing so could impose reputational damage and additional costs on Company A.  By taking action to discover, report and prevent FCPA offenses, Company A protected itself — and possibly its investment — from criminal prosecution.

In Scenario 2, Company A fails to perform adequate due diligence before acquiring a foreign target with a history of misconduct.  As a result, the misconduct continues for two years after the transaction.  The guide warns that the DOJ would likely charge Company A under the FCPA, though not under a successor liability theory.  Instead, it indicates that Company A is liable as a principal because it failed to identify or stop the misconduct after taking control of the foreign target.

Failing to act decisively to prevent FCPA violations through adequate due diligence is akin to “willful blindness,” which is routinely considered in criminal cases as evidence of corrupt intent.  In this scenario, Company A’s inaction could be interpreted as corrupt intent, and it was held responsible for its target’s post-acquisition bribe payments.

In Scenario 3, Company A has only a limited ability to conduct pre-acquisition due diligence of its foreign target due to the constraints of local law.  Finding no red flags based on the due diligence it can conduct, Company A completes the transaction.  After taking control of the foreign target, Company A conducts extensive due diligence and uncovers a number of bribe payments to foreign officials.  With the right response — disclosure to the DOJ, stopping the bribes, taking remedial actions against those involved in the corruption, and incorporating the target into its compliance program — Company A avoids prosecution.

In Scenario 5, Company A is able to perform extensive pre-acquisition due diligence but doesn’t discover the bribery until after the transaction is completed.  Company A then takes action.  It stops the illegal payments, discloses the misconduct and integrates the target and its employees into Company A’s compliance program.  It also requires all third-party distributors and other agents to sign anti-corruption certifications, complete training and sign new contracts incorporating FCPA representations and warranties and audit rights.

While stressing that the liability for the corruption has not been eliminated, the FCPA guide notes that a decision to prosecute the target or, “in unusual circumstances,” Company A, will depend on application of the DOJ principles.  This scenario again emphasizes that by proactively demonstrating its intent to avoid and prevent criminal violations, an acquirer can protect itself from FCPA prosecution.

DOJ opinion procedure releases

Finally, in addition to the DOJ principles and the FCPA guide, there is a feature of the FCPA that allows potential acquirers to get transaction-specific guidance from the DOJ prior to an acquisition: the opinion procedures release.  As explained at 28 C.F.R. § 80.1, an OPR allows companies to learn “whether certain specified, prospective — not hypothetical — conduct conforms with the department’s present enforcement policy regarding the anti-bribery provisions of the Foreign Corrupt Practices Act.”

There is some question as to whether the OPR mechanism is a practical resource.  The process seems to be used only rarely.  Over the 40-year history of the FCPA, only four OPRs have specifically addressed FCPA successor liability.

In OPR 03-01, the DOJ signaled that there would be no criminal enforcement where an acquirer discovered misconduct during pre-acquisition due diligence and encouraged its target to take appropriate remedial measures.  The measures included disclosure to the government and the investing public, instructions to stop all prohibited conduct and remedial action against the employees responsible for the misconduct.

Similarly, in OPR 04-02, the DOJ said it would not bring an enforcement action against an acquirer whose robust pre-acquisition due diligence ferreted out misconduct, resulting in two pre-acquisition guilty pleas by its target.  Citing promised precautions to avoid future FCPA violations, the DOJ declined to take action against the acquirer or its recently acquired subsidiaries.

In OPR 08-02, an acquirer was prevented by applicable foreign laws from performing adequate due diligence on its target company.  Based on the acquirer’s promises to conduct extensive and timely post-acquisition due diligence, the DOJ gave the acquirer a 180-day window to identify, stop and disclose any misconduct safe from the threat of prosecution.

In each of those three instances, the DOJ declined to pursue enforcement action on a successor liability theory after the companies used the OPR process to signal their intent to comply with the FCPA.

The most recent OPR issued last year to address FCPA successor liability, OPR 14-02, involved the acquisition by “Requestor” of 100 percent of “Target’s” shares.  During pre-acquisition due diligence, Requestor discovered that Target — a foreign company outside the jurisdiction of the FCPA — had a significant history of improper payments to government officials, questionable charitable contributions and sponsorships, and improper payments to state-controlled media.

In its analysis of the facts presented by Requestor, the DOJ noted that Scenario 1 in the FCPA guide “squarely addresse[d]” the situation and that the department would lack jurisdiction to prosecute Requestor for the pre-acquisition misconduct.  However, the OPR encouraged companies engaging in mergers and acquisitions to take proactive steps, consistent with the FCPA guide, to avoid FCPA successor liability.

Criminal successor liability in past FCPA cases

The DOJ has repeatedly demonstrated a willingness to decline prosecution of companies that take meaningful, proactive steps to avoid FCPA violations.

In 2004, the DOJ entered into a non-prosecution agreement with General Electric, which at the time sought to merge with InVision.  Prior to the merger, GE discovered that InVision was responsible for bribes of foreign officials in Thailand, China and the Philippines.

Although InVision had to pay an $800,000 penalty to the DOJ and submit to corporate monitoring, both GE and InVision escaped prosecution because they disclosed the misconduct and promised full cooperation in any ongoing investigation.  GE also agreed to maintain InVision as a separate entity — punishable in the event their non-prosecution agreement was breached — and to retain a consultant to evaluate the integration of InVision into GE’s FCPA compliance program.

Importantly, GE was able to complete its merger with InVision without subjecting itself to FCPA successor liability.

The Pfizer case provides yet another example of a deferred prosecution for a proactive parent despite misconduct by its subsidiary.  See United States v. Pfizer H.C.P. Corp., deferred prosecution agreement entered (D.D.C. Aug. 7, 2012).  After discovering that its wholly owned subsidiary Pfizer H.C.P. had paid bribes in Bulgaria, Croatia, Kazakhstan and Russia, Pfizer voluntarily disclosed its discovery to the DOJ and conducted a thorough internal investigation.

Notwithstanding Pfizer’s liability as the parent of Pfizer H.C.P., the company was spared from FCPA liability.  Citing Pfizer’s “early and extensive” remedial efforts, including establishment of a robust compliance program, the DOJ did not prosecute Pfizer.  Pfizer H.C.P. was required to pay a $15 million penalty for its previous misconduct, but it avoided prosecution as well.

Avoiding criminal FCPA successor liability

To be sure, avoiding prosecution based on FCPA successor liability is never guaranteed. Criminal successor liability case law, the DOJ’s principles and guide, and lessons from past cases all counsel acquirers toward three key steps to avoiding FCPA successor liability.

First, a strong compliance program signals to the DOJ a company’s intent to abide by the FCPA.  Investing in a compliance program before misconduct arises, including by ensuring that current employees and employees of newly acquired subsidiaries receive proper FCPA compliance training, is critical to demonstrating intent to comply with the law and prevent criminal misconduct.  A company should not only develop and implement a program among its own employees and subsidiaries but also insist that its third-party distributors and other agents sign anti-corruption certifications, complete training and sign contracts that incorporate FCPA compliance representations as well as warranties and audit rights.

Second, acquirers must conduct appropriate due diligence both before and after an acquisition.  Robust due diligence is particularly important in the merger or consolidation context, where the continuing existence of a predecessor company within the surviving successor will almost certainly mean prosecution or penalty for pre-merger misconduct.  The case law, the FCPA guide and the DOJ’s FCPA enforcement history suggest that a company will receive little benefit of the doubt if it fails to conduct sufficient due diligence.

Third, a company’s response to discovering an FCPA violation is of paramount importance in demonstrating a lack of criminal intent.  Disclosure of such violations should be made voluntarily and should be reasonably prompt, after an opportunity to conduct some internal investigation.  A company should thereafter cooperate fully with any government investigation. In addition, it should be prepared to take meaningful and lasting steps to remediate the violation.  Ultimately, a company’s response should demonstrate its intent to comply with the FCPA and its willingness to ensure that misconduct does not recur.