The Foreign Corrupt Practices Act in Transactions: Plan Ahead or Pay Later

The Foreign Corrupt Practices Act in Transactions: Plan Ahead or Pay Later Gary DiBianco and Charles F. Smith 1 Skadden, Arps, Slate, Meagher & Flom LLP I. Introduction As U.S. based companies and foreign private issuers expand their operations into new markets, they face increasing levels of scrutiny from U.S. regulators with regard to their anti-corruption efforts. After a relative lull in activity during the 1990 s, the United States Securities and Exchange Commission ( SEC ) and Department of Justice ( DOJ ) have renewed their efforts to detect and prosecute violations of the Foreign Corrupt Practices Act ( FCPA ). Indeed, Deputy Attorney General Paul McNulty recently emphasized the DOJ s commitment to root out corruption in its continued efforts to secure a level playing field for businesses operating abroad. 2 The DOJ s enforcement efforts apply not only to U.S. based companies but also to foreign private issuers, where the company s stock trades on American exchanges. 3 Moreover, non-u.s. regulators have increased their efforts to enforce local anti-corruption laws, as is evident from public reports of investigations of Siemens AG in Germany, Total S.A. in France and Volvo AB in Sweden. This regulatory environment means increased scrutiny of compliance in due diligence in the merger and acquisition context. The actions taken before an issue is discovered or immediately upon discovery can profoundly affect the government s reaction and can mean the difference between completing a deal and not completing one. In 2004, Lockheed Martin bowed out of an attempted $2.2 billion acquisition of Titan Corp. after Titan failed to resolve FCPA issues that arose during due diligence investigations. 4 Lockheed Martin, as a government defense contractor, simply did not want to inherit the risk of successor liability arising from potential FCPA violations at Titan. 5 Nearly one year after the failed merger, the SEC and DOJ announced that Titan had settled, agreeing to pay $15.5 million in civil penalties and $13 million in criminal penalties. 6 But, by then Titan s FCPA issues had already forestalled the deal with Lockheed Martin. Contrast Titan s situation with Cardinal Health Inc. s acquisition of Syncor International Corp., which was salvaged after Syncor quickly resolved FCPA issues uncovered during post-signing due diligence. Roughly five months after announcing its intention to acquire Syncor, Cardinal Health disclosed evidence of improper payments to doctors at stateowned hospitals made by Syncor s foreign subsidiaries. 7 Syncor s investigation of the issues and real-time disclosures led to a resolution that preserved the transaction. Ultimately, Syncor consented to a civil penalty of $500,000 and engaged an independent consultant to review and make recommendations concerning the company s FCPA compliance policies. 8 In addition, Syncor s Taiwan subsidiary pleaded guilty to a criminal violation of the FCPA and paid a $2 million fine. 9 Similarly, identification of FCPA issues during pre-closing due diligence in GE s acquisition of InVision Technologies led to a deferred prosecution agreement and an $800,000 fine, but allowed GE to avoid successor liability for InVision s conduct and to conclude the deal. 10 The investigation of subsidiaries of Vetco International provides yet another example. In 2004 in connection with a sale to a consortium of private equity investors Vetco Gray UK pled guilty to FCPA violations based on payments to Nigerian customs officials. According to the DOJ, the payments continued even after the plea, and resulted in a

follow-on investigation that was resolved with additional pleas of guilty when Vetco Gray was sold in January 2007 to GE. 11 Vetco International described the DOJ settlement as a closing condition of the 2007 sale. 12 The experiences of Vetco, Lockheed Martin, Titan, Cardinal Heath, Syncor, GE, and InVision demonstrate the need for companies to anticipate FCPA issues that may arise during mergers involving high-risk, emerging markets and industries that rely on government sales. This article will discuss measures that parties to transactions can take in shaping the deal and structuring due diligence to protect themselves in the event that FCPA issues do arise. II. The FCPA Congress enacted the FCPA in 1977 to address a public perception that there was widespread use of bribery by U.S. companies doing business abroad. The FCPA contains two components an anti-bribery provision and a books and records provision. Each is enforced civilly by the SEC and criminally by the DOJ. Although the SEC and DOJ frequently cooperate with each other and share information, they operate separately and may have different views and goals in an investigation or transaction situation. Conceptually, the anti-bribery provision is simple it prohibits bribery of foreign government officials. The FCPA makes it unlawful for U.S. companies and foreign private issuers and their employees, officers, directors, stockholders, and agents to offer anything of value to a foreign government official in a corrupt effort to obtain or retain business. An issuer is any company whose securities are registered under the Securities Exchange Act of 1934, and a government official is any government employee who has discretionary authority over government purchasing decisions, including employees of state owned enterprises. Where an issuer holds less than a 50% stake in an affiliate or subsidiary, the FCPA requires that the issuer make good faith efforts to use its influence to bring the subsidiary or affiliate into compliance with the FCPA. The books and records provision works in tandem with the anti-bribery provision and requires companies maintain accurate books and records and systems of internal controls designed to prevent illegal activity. Notably, the books and records provision does not contain a materiality threshold requiring the government to prove that misstatements due, for example, to the improper classification of a bribe are material to the issuer s financial statements. Although the FCPA applies to any act of bribery undertaken by U.S. issuers, regardless of geographical location, the FCPA does have some jurisdictional limitations with respect to foreign private issuers. To establish a violation of the anti-bribery provisions of the FCPA by a U.S.-registered foreign private issuer, the government must identify the use of an instrumentality of interstate commerce within the U.S. In a practical sense, the government treats this as setting a low threshold and argues it is satisfied by evidence of travel into the U.S. or between states, use of the U.S. mail or telephone services, bank transfers to or from the U.S., or even email that passes through U.S. servers. In one recent case, the fact that a single payment from a foreign private issuer to a foreign government official passed through a bank account in the U.S. was deemed by the government as sufficient nexus to establish jurisdiction for an alleged violation of the FCPA s anti-bribery provision. 13 In another case, the DOJ secured a guilty plea from a former executive of a French foreign private issuer based on allegations that the individual made wire transfers to and through the U.S. in connection with securing a telecommunications contract in Costa Rica. 14 The SEC and DOJ take the position that a foreign private issuer s U.S. securities filings alone provide sufficient connection to establish jurisdiction under the internal business controls and books and records provisions of the statute. It is important to note that the SEC and DOJ often employ the books and records provision strategically. Where there may not be enough evidence to establish a violation of the anti-bribery provision or where there is no connection to the U.S., the SEC and DOJ may allege that the misclassification of a commission led to an FCPA violation via the books and records provision. In the same way, the SEC and DOJ may also allege an FCPA violation arising from lack of adequate controls to prevent bribery at a non-u.s. affiliate or subsidiary. III. Mergers & Aquisitions

U.S. authorities have come to expect that anti-corruption due diligence will be a standard component of any transaction in which a party s business involves FCPA risk. Where a company has a strong base of public customers, like those specializing in healthcare or defense, regulators expect to see robust compliance programs, and expect this as acquirer will apply high standards when assessing FCPA compliance of a transactional counterparty. Where the transaction involves emerging markets or high risk countries, the U.S. authorities will expect focused anti-corruption due diligence. FCPA issues should be considered early in the transaction process, both from the acquirer s and the target s perspective. In particular, each party should think strategically about (1) its own FCPA risk relative to the transaction; (2) its strategy for handling due diligence and any FCPA issues that may arise; and (3) post-closing compliance requirements. 1. IDENTIFYING FCPA RISK FCPA risks, such as those associated with ongoing FCPA investigations or business activity in high-risk markets, will vary with the circumstances of each transaction. For companies with significant U.S. government related business, the consequences arising from an FCPA violation may be severe. A criminal conviction or judgment of civil fraud, for example, could severely impair a company s ability to bid on and receive government contracts. In the case of a defense contractor, like Lockheed Martin, it is easy to see how these risks could have outweighed the benefits of an impending acquisition. As parties initiate transactions, both the acquirer and the target should carefully consider the effect that FCPA scrutiny could have on their respective businesses and proceed accordingly. When both parties to the transactions are U.S. registrants or foreign private issuers, U.S. authorities will expect the parties to have existing FCPA policies and compliance functions in place and to conduct specific FCPA due diligence in connection with the transactions. In a multinational transaction, the parties will likely want to focus their FCPA scrutiny and perform a heightened level of due diligence on affiliates and subsidiaries operating in countries where corruption risk is high. 15 Thus, to the extent a company is contemplating a transaction that has a flexible time table, it may want to shore-up its anti-corruption policies and compliance before due diligence begins. Additionally, if either of the parties to the transaction is already under investigation or has recently been under investigation for possible anti-corruption violations either in the U.S. or elsewhere the authorities will expect heightened attention to corruption due diligence. When a U.S. registrant acquires a non-u.s. registered public company or a private company, due diligence should focus on the company s compliance with its own local anti-corruption laws, as the target may not have been previously subjected to the requirements of the FCPA. In these transactions, a key strategic issue for the acquirer is whether enforcing anti-corruption compliance at the target will affect the target s business model or operation. Once the transaction is completed, U.S. regulators will expect the newly acquired business to be brought into full FCPA compliance. It is important to plan for these compliance efforts before closing on the deal. 2. DUE DILIGENCE Assistant Attorney General Alice Fisher has recently emphasized that [t]ransactional due diligence in the FCPA context is good for business. 16 Although FCPA due diligence should be tailored to transaction specific risks, there are certain common base-line practices, arising from the expectations of government regulators, that companies should follow. In the current regulatory environment, the SEC and DOJ generally expect the transactional due diligence to include specific assessments of bribery, books and records, and internal control risks. The breadth and depth of these assessments in a specific transaction will depend on (1) the nature of the company s business; (2) the location of the company s operations or business interactions; and (3) the company s corporate compliance history. Where red flags or identified FCPA issues are present, the authorities will expect more due diligence. Some features of common due diligence include: Assessment of the controls environment policies, employee training, audit environment, and whistleblower issues. Evaluation of the risks associated with the use of third party agents and consultants. Agents and consultants have many legitimate purposes, but may

also be used to facilitate improper payments. Assessment of the risk of improper payments, such as commissions, side agreements, cash payments, and kickbacks, made in connections with government sales. Review of historical practices with respect to the provision of travel, gifts, entertainment, or educational expenses to government officials. The business environment at a given company may also suggest that a review of political contributions and lobbying activities, payments to tax authorities, and payments to customs agents, customs brokers, or logistics agents should be undertaken. Conducting FCPA due diligence raises strategic considerations for both an acquirer and target. At the outset, the parties should establish a leader in the due diligence process. The party that controls the due diligence will have first access to and control over information arising from the due diligence, which may prove advantageous. For the acquirer, controlling the due diligence will ensure maximum access to information concerning the FCPA issues identified and will provide the best basis from which to plan responsive action. By the same token, a target may not want to relinquish control over the process too readily, as this may allow the acquirer to use the information to lower the bid price or to abandon the deal prematurely. A lack of clarity on this point may lead to a gap in the due diligence on anti-bribery issues. Each party also should consider its regulatory strategy and assess the parameters for voluntary disclosure and dealing with government regulators. When sensitive FCPA issues arise in a transaction, the parties may have conflicting motives in dealing with regulators, each other, and the public. Moreover, the parties may need to negotiate whether and what to extent changes in pre-existing anti-corruption investigations or in issues identified during due diligence could constitute a material adverse effect or material adverse change under the transaction documents. Increasingly, parties choose to conduct or continue anti-corruption specific due diligence after they sign the transaction agreement. For the acquirer, this increased diligence may demonstrate its commitment to compliance and may help to avoid successor liability if an issue is identified. However, such procedures also require additional planning. When parties choose post-signing due diligence, they may consider having a written, reciprocal work plan so that the scope of the due diligence and any liability arising from it are clear. If an issue is identified during the procedures, the government or shareholders may seek access to the due diligence work plan and investigation materials. Thus, the parties should carefully consider how they document their work plan and due diligence results. Where the parties have entered into a merger or acquisition agreement and the purpose of the due diligence is to provide legal advice, it may be possible to structure the due diligence in a way that protects the attorney-client privilege over planning documents and information obtained during post-signing due diligence. 3. POST-CLOSING COMPLIANCE STRATEGIES Regardless of pre-transactional levels of compliance, the SEC and DOJ will expect the post-transactional organization to be in full compliance with the FCPA and other anticorruption laws. For example, in announcing the 2007 plea agreement reached with Vetco Gray UK, the DOJ made a point of noting that improper conduct continued after the same company pled to FCPA violations and was sold in 2004. 17 In a similar vein, the government s recent FCPA settlements with El Paso Corporation relate to conduct by Coastal Corporation, which El Paso acquired in January 2001. The SEC complaint settling the matter describes conduct both before and after the acquisition, and alleges that El Paso either knew or was reckless in not knowing about improper payments after the acquisition. 18 In addition to the legal risk, the parties should also consider the business risk associated with bringing a company into compliance with the FCPA, especially where historic corruption controls have been limited. This issue commonly arises where one party to the transaction was not previously subject to the FCPA or similarly stringent anti-bribery laws. To the extent permitted by antitrust laws, the parties may want to begin work immediately after signing a letter of intent on outlining a post-closing compliance policy framework and organizational structure. Key elements of such a program include: (1) written policies that address U.S. and other governing anti-corruption laws; (2) revised

reporting structures; (3) compliance resources for sales personnel and other relevant employees; (4) training; and (5) an audit function to review compliance. Because of differing legal requirements and cultures, standard U.S. compliance policies and procedures may require significant adaptation in connection with a cross-border transaction. IV. Conclusion In summary, FCPA due diligence has become a critical component of many corporate control transactions. Well handled, it can strengthen the overall compliance and business integration of the companies involved. Without thought and planning, however, FCPA issues can lead to large, unforeseen liabilities that can derail an otherwise valueenhancing transaction. Investments up front in addressing these issues will save companies time, money, and headaches. Notes 1 Skadden, Arps, Slate, Meagher & Flom LLP. Amanda S. Williamson provided invaluable assistance to the authors. 2 Press Release, U.S. DOJ, Three Vetco International Subsidiaries Plead Guilty to Foreign Bribery and Agree to Pay $26 Million in Criminal Fines (Feb. 6, 2007), http://www.usdoj.gov/opa/pr/2007/february/07_crm_075.html 3 Press Release, U.S. Att y, S.D.N.Y., U.S. Resolves Probe Against Oil Company That Bribed Iranian Official (Oct. 13, 2006). 4 Renae Merle, Lockheed Martin Scuttles Titan Acquisition, Wash. Post, June 27, 2004 at A09, available at http://www.washingtonpost.com/wp-dyn/articles/a8745-2004jun26.html. 5 Id. 6 The Titan Corporation and the Foreign Corrupt Practices Act ( FCPA ), http://www.oppenheimer.com/news/detail.asp?id=b22. 7 Press Release, Cardinal Health, Inc. Cardinal Health Responds To Syncor Announcement (Nov. 6, 2002), http://www.cardinal.com/pts/content/news/news1106.asp. 8 Press Release, Cardinal Health, Inc., Cardinal Health and Syncor Announce Amended Merger Agreement (Dec. 4, 2002), http://www.cardinal.com/content/news/1262002_73434.asp. 9 Id. 10 Alice S. Fisher, Assistant Att y Gen., U.S. Dep t of Justice, American Bar Association, Prepared Remarks at the National Institute on the Foreign Corrupt Practices Act (Oct. 16, 2006), at 8. 11 U.S. DOJ Press release, supra note 2. 12 Vetco International Announcement (Feb. 6, 2007). 13 United States v. Statoil, No. 1:06-cr-00960-RJH (S.D.N.Y. filed Oct. 13, 2006) (Cr. Information at 8-9). 14 United States v. Christian Sapsizian, No. 06-20797-cr (S.D. Fla. filed June 6, 2007) (Plea Agreement); (March 20, 2007) (Superseding Indictment).

15 See Transparency International, Corruption Perceptions Index, http://www.transparency.org/policy_research/surveys_indices/cpi. 16 Fisher, supra note 1, at 8. 17 U.S. DOJ Press Release, supra note 2. 18 United States Securities and Exchange Commission v. El Paso Corporation, No. 1:07- cv-00899-lap (S.D.N.Y Feb. 7, 2007).