Winston & Strawn hosted a webinar titled “Best Practices for Anti-Bribery and Anti-Corruption (ABAC) Compliance.”
The interactive webinar focused on the following ABAC compliance topics:
- Anti-bribery and anti-corruption authorities
- Essential elements of a comprehensive and effective compliance program
- Implementing your compliance program in real-world scenarios
- Problem management and escalation protocol
2. Agenda
• Introduction
• Overview of Anti-Bribery Laws
• Hallmarks of an Effective ABAC Compliance Program
• Key Compliance Flashpoints
2
3. Poll - Who’s Here?
How much of your day-to-day work involves anti-bribery
or anti-corruption compliance?
3
Every day From time to time
Very little Almost none (but I have a general interest)
4. FCPA Anti-Bribery Provisions
Prohibits offering, making, or authorizing
a payment of
Anything of value
Knowing that it will be offered or given to a foreign official
(Includes willful ignorance)
To obtain or retain business
And made corruptly (i.e. with corrupt intent)
Applies to
1) U.S. citizens, nationals, or residents
2) Entities that are either located in the U.S. or registered
under U.S. law (including all employees working for these
entities, regardless of the employees’ nationality)
3) Actions that involve a US nexus 4
5. FCPA Accounting Provisions
Publicly held U.S. companies are
required to:
• Maintain books and records that accurately
reflect transactions and dispositions of assets.
• Devise and maintain reasonable internal
accounting controls to prevent and detect
FCPA violations.
5
Even if the company is not a public company, best practices
suggest that employees should accurately report all business
transactions and information.
6. Poll - Global Concerns
Which of the following is addressed by
your company's compliance policy?
6
The FCPA
The FCPA and the UK Bribery Act
The FCPA, UK Bribery Act, and other local
anti-bribery/anti-corruption statutes
No specific statute
7. UK Bribery Act
Four Major Offenses
7
Promising of or giving of an advantage to another person
to reward improper performance1
Requesting, agreeing, or accepting an advantage that
itself constitutes improper performance2
Bribery of a foreign public official
3
Failure of commercial organization to prevent bribe being
paid to obtain/retain business or business advantage4
8. UK Bribery Act
Key Differences from the FCPA
8
Facilitation (“grease”) payments are permitted by the
FCPA but not under the UK Bribery Act
Both bribers and bribees may be penalized
Also covers commercial bribery
9. China’s Anti-Unfair Competition Law
A business operator commits an act of bribery if
it provides assets or other means merely to
obtain a transaction opportunity or
competitive advantage.
The scope of bribe recipients includes
employees of counterparties as well as third
parties.
Employers are liable for misconduct committed
by employees.
9
10. Hallmarks of an Effective ABAC
Compliance Program
10
Commitment from senior management and a clearly articulated policy against corruption;
oftentimes referred to as “Tone at the Top.”1 Implementation of code of conduct and compliance policies and procedures.
(More than a paper policy)2
Oversight, autonomy, and resources.
3
Risk assessment.
4
Training and continuing advice.
5
Incentives and disciplinary measures.
6
Third-party due diligence and payments.
7
Confidential reporting and internal investigation.
8
Continuous improvement: periodic testing and review.
9
M&As: Pre-acquisition due diligence and post-acquisition integration.
10
11. Morgan Stanley (2012)
SEC found that Morgan Stanley’s FCPA compliance
program was adequate
• Penalty limited to individual employee, Garth Peterson
Key features of their compliance program:
• Trained Peterson on anti-corruption policies at least seven
times between 2002 and 2008
• Distributed written materials to employee
• Received at least 35 FCPA compliance reminders
• Multiple written certifications from employee on compliance
with FCPA
• Code of Conduct included a portion referencing corruption
risks
• Employees required to annually disclose outside business
interests
• Policies to conduct due diligence on foreign business partners 11
12. Roundtable Discussion – Risk
Assessments
How does your Company utilize risk assessments?
Is there anything you’ve learned from doing risk
assessments that you want to share?
Do you typically do risk assessments internally or
through the assistance of outside advisors?
12
13. Key Compliance Flashpoints
Drawing the Line Between Reasonable
and Excessive Benefits
13
Meals & Entertainment
Gratuities, Gifts, and Favors
Travel/Delegation Visits
Third Parties
Appropriate Reporting and Escalation
How much due diligence is enough?
How to resolve red flags
When they cannot be resolved
14. Poll - Meals & Entertainment
Does your company’s compliance policy place a cap on
the amount of money that is acceptable for meals and
entertainment?
14
$0-$25
$25-$50
$50-$75
$75-$100
No Specific Cap
15. Meals & Entertainment –
Best Practices
The level of meals & entertainment should be in accordance with
generally accepted business standards. They should not be lavish.
The company should retain control over entertainment events.
Specific caps or approval thresholds can be useful at setting
expectations and focusing compliance resources.
15
16. Gratuities & Gifts – Best Practices
Indicators that a gift is acceptable
Multiple small gifts that take on the pattern
of bribes can run afoul of ABAC laws.
As with hospitality, approval thresholds
can set expectations and allow compliance
personnel to focus resources.
16
(1) small gift or token
(2) given openly and transparently
(3) provided to reflect esteem or gratitude
(4) permitted under local law
17. Case Study: JP Morgan Chase (2016)
JP Morgan influenced government officials in the Asia-Pacific
region by giving jobs and internships to their relatives and
friends.
17
Client referral hiring program that bypassed normal hiring process
Hired approximately 100 interns and full-time employees at the request of
foreign-government officials
Referral hires typically did not meet minimum educational or background
qualifications that JP Morgan looked for in its non-referral hiring programs
Paid $72 million to the Justice Department; $61.9 million to
the Federal Reserve Board of Governors; and more than
$130 million to settle SEC charges.
18. Roundtable Discussion – Jobs and
Favors
What sort of facts and circumstances would make it acceptable for
your Company to hire the friend or family member of a client or
government official?
What steps should you take on a go-forward basis to ensure the
employment relationship is legitimate?
What similar favors or benefits could your Company provide that
might lead to trouble like JP Morgan’s?
18
19. Travel/Delegation Visits
Travel expenses allowed by the FCPA
• “Reasonable and bona fide” expenses for foreign officials that are conducting
business with the company
• Primary purpose is business, not pleasure
• DOJ evaluates dual purpose trips using “reasonableness standard”
Department of Justice Guidance:
• Do not select particular officials that will attend the trip
• Pay costs directly to the travel and lodging vendors, or reimburse upon
production of receipt
• All stipends should be a reasonable approximation of future cost
• Ensure all expenditures are transparent
• Obtain written confirmation that the payment does not contradict local law 19
20. Scenario 1
Stillwater is a company that produces machinery used in the drilling of oil wells. They see a
business opportunity to provide equipment for use in upcoming projects in Country X. Oil
production in Country X is all conducted in coordination with the state oil agency (MinOil),
but the actual development and production is always carried out by commercial businesses.
The Stillwater international sales team wants to bring a group of MinOil officials to its
headquarters in Dallas. Even though the MinOil officials will not purchase equipment from
Stillwater, the sales team thinks they might be open to specifying that their commercial
partners use Stillwater products.
The sales team arranges for the MinOil officials to spend 3 days in Houston.
• The first morning is spent at the HQ meeting Stillwater executives, while the second day is spent
touring the production facility outside Houston. The remainder of the time in Houston is free time for
the MinOil officials.
• Stillwater pays for airfare and hotel costs for the officials. Stillwater provides lunch and dinner each of
the days.
• Some of the officials arrange to prolong their trip to fill out the week. Stillwater does not pay for these
additional hotel days.
• Stillwater’s CEO takes the officials out to the Gulf for a full day on his yacht. That evening they go out
to a nice restaurant and the CEO ends up paying a bill about $200/person. 20
21. Scenario 1 - Discussion
Are you concerned about Stillwater arranging this trip for the MinOil
officials and paying airfare and hotel?
Are there any steps Stillwater should take to mitigate any concerns
you have?
Do you have concerns or see any red flags in the 3-day Houston
itinerary? Are there any steps that would mitigate those?
Is the boat trip and dinner excessive? If so, what steps, if any, can
the Company take to address this?
21
22. Third Party Risks
Under the FCPA, the UK Bribery Act, and many other anti-bribery
and anti-corruption regimes, a company may be held liable not only
for the corrupt actions of its employees, but also for the corrupt
actions of a third party if the third party was acting on the company’s
behalf.
22
90% of reported FCPA cases involve third parties.
Third parties can include local sales agents,
consultants, distributors, joint venture partners,
customs agents, brokers, or freight forwarders.
23. Third Party Risks
Companies can be held liable for third party acts when they
• Directly participated in or authorized the third-party’s misconduct, or
• Knew of the corrupt acts, including when they showed willful blindness
toward, deliberately ignored, or consciously disregarded suspicious actions or
circumstances.
If you deliberately ignore warning signs of illegal activity, you
may be violating the law (and causing the Company to violate
the law, too).
Companies mitigate third party risk by:
• Vetting third parties to determine whether there is a likelihood they will take a
corrupt action
• Monitoring third parties for red flags
23
24. Poll - Due Diligence
On whom does your company conduct due diligence
background checks?
24
No one
Third parties engaged in higher risk activity
Third parties active in higher risk countries
Based on a combination of activity and country
We use a risk-based approach to conduct differing
levels of diligence on all third parties
25. Poll - Due Diligence
How do you conduct due diligence background checks?
25
Conduct due diligence internally (internet checks,
questionnaires, etc. all handled by Company staff
even if you use software screening)
Outside vendor or investigator
Law firm
Some combination of the above
26. Mitigating the Risk: Conducting Third-
Party Due Diligence and Monitoring
Companies should:
• Understand the qualifications and associations of third-party partners
• Understand the business rationale for working with the third party in the
transaction
• Confirm and document that the third party is actually performing the work
• Implement an ongoing monitoring system of third parties
• Inform third parties about the company’s compliance programs
• Conduct background and reference checks
• Ensure that the third parties are being paid fairly, but not overpaid (e.g., that
commissions are commensurate with work performed)
26
27. Roundtable Discussion –
Third Party Engagement
How does your Company determine what sort and degree of
background reviews and business justification are required in order
to approve a third party engagement?
Are there any steps you take during some or all third party reviews
that you think are particularly helpful?
Can you share any examples of third parties that your Company did
not engage after review because of bribery concerns?
27
28. Third Party Red Flags
28
Excessive commissions to agents or consultants
Unreasonably large discounts to distributors
Consulting agreements with only vaguely-described services
Consultant is in a different business than what he has been retained for
Third party is related to or closely associated with a foreign official
Third party becomes part of the transaction at the request or insistence of a
foreign official
Third party is merely a shell company incorporated in an offshore
jurisdiction
Third party requests payment to offshore bank accounts
29. Scenario 2
MiracleDevices, is a U.S.-based company that produces medical devices used by
individuals to monitor the state of various medical conditions. Its products
generally acquire approval from FDA-equivalent agencies prior to sales in a given
country. MiracleDevices decides to hire a consultant to assist it in getting its
product registered in a Middle-Eastern country. As per standard procedure,
MiracleDevices orders a Level 2 background report on the two proposed
consultants.
The report comes back and indicates that Consultant A has been operating in this
business field for more than 15 years. The report includes favorable references
from other medical device manufacturers. The report also indicates that the
consultant is a cousin by marriage to some of the princes of the M-E country.
The report on Consultant B indicates that they have been in the business field for
less than 2 years. The report includes favorable references, but they are a little
dated and for a prior line of business in a neighboring country. Consultant B has
requested that payment for services provided be made to his account in this
neighboring country. 29
30. Scenario 2 – Discussion
What red flags, if any, do you see with respect to Consultant A?
• What steps could MiracleDevices take to further investigate these red flags?
• What additional measures could MiracleDevices take to mitigate some of these
risks?
What red flags, if any, do you see with respect to Consultant B?
• What steps could MiracleDevices take to further investigate these red flags?
• What additional measures could MiracleDevices take to mitigate some of these
risks?
30
31. Escalation Protocols
Companies should encourage employees and third parties to
report any concerns, questions, or red flags
• This must include a mechanism for confidential reporting
• Employees should not fear retaliation
Employees can be unsure whether an issue merits reporting to
management or escalation to compliance or ABAC leads
• Management should be trained in identifying when problems should be
escalated
• Employees should feel free to speak to persons other than their managers
when in doubt
A system should be in place to conduct follow-up reports, and
take remedial steps for concerns 31
32. Scenario 3
Molly G works in ConsumerDream’s Illinois HQ, but one of her tasks is approving
payment to logistics services providers moving goods between China and
Malaysia. She notices that an invoice from Quickly Deliver for a shipment includes
an expediting fee of $100 that she hasn’t seen before and isn’t on the rate sheet.
Molly G decides to hold off on paying the invoice until she has an explanation. She
emails Quickly Deliver to enquire. They tell her it was a mistake and issue a new
invoice without that fee. She pays the new invoice.
Six months later, the corporate audit department is auditing Quickly Deliver. It is on
the audit plan because it has become the lead logistics provider in the past year
due to its ability to more quickly clear its shipments and deliver to the factories.
The audit team finds that Quickly Deliver has a substantial petty cash account for
which they don’t require receipts. The audit team also finds that Quickly Deliver
has a relationship with a customs consultant, but the services provided are not
clearly defined.
32
33. Scenario 3 - Discussion
• First – go corporate audit!
• Do you think that Molly G should have reported the suspicious
expediting fee to anyone? If so, who?
• If Molly G had reported the fee, what steps should, or could, the
person receiving that report have taken to investigate?
• What steps do you think ConsumerDream should take after
receiving the report from corporate audit?
• Do you think the situation indicates that any additional training is
needed for third parties or employees? If so, what training do you
recommend?
33
35. Staci Yablon
Partner
Litigation
+1 212-294-4703
syablon@winston.com
Staci focuses her practice on white collar and internal investigations, FCPA, sanctions, and regulatory
defense. An experienced investigator, she regularly handles matters for diverse clients including
international banks and Fortune 500 companies.
Staci is a member of the firm’s White Collar, Regulatory Defense & Investigations Practice and her
clients include financial institutions, public and private companies, corporate executives and other
individuals in all aspects of white collar criminal and regulatory matters, government and internal
investigations and complex commercial litigation. Her matters involve a wide range of issues including
alleged violations of the Foreign Corrupt Practices Act (FCPA), economic and trade sanctions as well
collusion/antitrust cases.
Staci regularly represents clients undergoing investigations conducted by the U.S. Securities and
Exchange Commission, the United States Department of Justice, the Commodity Futures Trading
Commission and the United States Department of Treasury, Office of Foreign Asset Control.
Staci also focuses her practice on compliance counseling, recommending enhancements to clients’
compliance programs to avoid government investigations or remediate after any such investigations.
In addition, she regularly advises companies in regard to potential acquisitions, serving as the FCPA
and sanctions/trade control expert for potential deals, assisting both in the diligence as well as the
creation of new comprehensive compliance policies.
Staci regularly writes and publishes thought leadership on topics including compliance programs.
Practice
Banking Litigation
Compliance Programs
Corporate & Finance
Federal Tax Controversy
Financial Services
Financial Services Regulatory /
Compliance
Litigation
Tax
White Collar, Regulatory
Defense & Investigations
Education
University of Pennsylvania, JD
2005
Bar Admissions
New York
36. Francesca Guerrero
Of Counsel
Corporate
+1 202-282-5647
fguerrero@winston.com
Francesca concentrates her practice on international trade and anti-bribery compliance and national
security.
Francesca regularly counsels clients on compliance with export controls such as The International
Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR), sanctions
administered by the Office of Foreign Assets Control (OFAC) and other agencies, import regulations
administered by Customs, including NAFTA, and anti-boycott compliance requirements. She assists
clients in developing internal procedures and compliance manuals, as well as in applying for licenses
and regulatory rulings. Her experience also includes conducting internal investigations and audits and
assisting clients through the voluntary disclosure of violations.
She regularly advises clients on compliance with the U.S. Foreign Corrupt Practices Act (FCPA). Her
experience includes: performing due diligence on agents, consultants, and distributors; advising
clients regarding gifts and hospitalities; reviewing potential acquisitions and joint venture partners; and
conducting internal investigations of potential FCPA violations and advising clients regarding voluntary
disclosure.
Francesca also counsels clients regarding national security issues relevant to acquisitions of U.S.
businesses by foreign acquirers. In particular, she advises clients on the Exon-Florio provisions and
related filings before the Committee on Foreign Investment in the United States (CFIUS). She has
represented both U.S. businesses and foreign acquirers before CFIUS.
Her experience includes advising clients on cross-border investments, joint-ventures, mergers and
acquisitions, private equity transactions, overseas business registration and reporting requirements,
and commercial transactions.
Practice
Compliance Programs
Mergers & Acquisitions
White Collar, Regulatory
Defense & Investigations
Education
Harvard University, JD 2006
Bar Admissions
Virginia
District of Columbia