FCPA Guidance: Refined Compliance and Safe Harbors
With all the hype and bloviating behind us, it is now time to take a closer look at some of the more significant aspects of the FCPA Guidance. For those who continue to carp about the failure of the FCPA Guidance to contain any real “reforms,” I would suggest that your expectations were misguided. Those who anticipated significant changes to FCPA enforcement were way off the mark and misunderstood the purpose of the FCPA Guidance and the political circumstances surrounding the effort.
The Justice Department and the SEC have executed a perfect strategy designed to blunt criticism of FCPA enforcement by providing a lengthy explanation as to its enforcement approach. For practitioners, there are some important safe harbors.
In the next few posts, I will explore some of the more important issues raised by the FCPA Guidance.
The FCPA Guidance includes an important discussion of the terms “corruptly” and “willfully.” For compliance officers, this discussion is critical. As I have frequently written and advised, companies can solve important compliance questions by acting transparently and in good faith.
With respect to “corrupt” intent, the basic definition is keyed to the actor’s desire to “induce” the recipient to misuse his official position, or to act contrary to an official responsibility or function.
The term “willful” applies only to individual defendants and not to corporate actors. (This incongruity was one of the Chamber of Commerce’s suggested reform proposals). The Supreme Court has repeatedly criticized Congress for using this term which has varied meanings and interpretations depending on the specific statutory context.
The Supreme Court’s decision in US v. Bryan established an important definition for “willful” which arguably applies to the FCPA context – a “willful act” is one that is undertaken with a “bad purpose,” meaning that the actor does not need to know a specific law the actor is violating, only that the actor is doing something wrong.
With these explanations as guideposts, there are important safe harbors that companies can build to ensure compliance. When faced with any legal compliance issue, companies need to act in a manner which is inconsistent with criminal intent. What do I mean?
Criminal actions tend to be carried out secretly to avoid detection and without regard to internal controls which are designed to promote compliance. When a company takes actions in good faith, they act contrary to such intent. Companies that adhere to procedures and controls which are aimed at compliance are helping to build a safe harbor.
This approach does not mean that every action or issue considered requires lengthy and costly documentation. Rather, this approach is designed to prioritize risks and then build safe harbors around such risks. It is a refined and careful approach to compliance which is aimed at maximizing legal protections while minimizing use of compliance and legal resources.
Once risks are prioritized and systems are designed to address such risks, important protocols need to be developed to protect the company. Specifically, in the higher risk operations, companies should take steps to (1) document any decision or action; (2) explain the reason for its action (or inaction); and (3) provide a legal analysis which supports its action. Acting in this manner is inconsistent with “corrupt” and “willful” intent – and therefore negates any inference of criminal intent.