Mondelez FCPA Enforcement Action — An Abuse of Prosecutorial Discretion?
The first FCPA enforcement action for 2017 landed with very little fanfare. The SEC reached a settlement with Mondelez International for $13 million. The facts surround the hiring of an agent in India and the failure of Mondelez to monitor and conduct basic due diligence on the third-party agent.
Kraft Foods acquired Cadbury, a UK candy and beverage company. Kraft Foods renamed itself Mondelez after spinning off its US foods business. When it acquired Cadbury, Mondelez did not conduct adequate due diligence to identify and resolve the corruption risk associated with Cadbury’s hiring of a third-party agent to obtain licenses and permits for a second manufacturing facility in India.
Cadbury did not conduct adequate due diligence of the agent and failed to monitor the agent’s activities to ensure that it did not engage in bribery. As a result, the agent was paid over $100,000 that could have been used for unauthorized purposes. Additionally, Cadbury did not accurately record the expenditures in its books and records.
Interestingly, the SEC cited no evidence that the funds were used to pay any bribes but that the funds may have been used to pay bribes. Cadbury’s failure to conduct due diligence and monitor the expenditure of funds thereby created a risk that bribery could have been paid by Cadbury India’s agent.
At first blush it is hard to understand why Cadbury failed to undertake any due diligence or monitor its agent’s activities. The SEC did not delve into the facts to even flag potential risks and specific interactions that may have occurred to establish the risk of bribery.
The SEC’s Order lacks any explanation of the bribery risk other than to note the lack of controls and the agent’s obligation to secure a number of licenses and permits to open a second manufacturing facility. It is hard to understand why this risk and this specific conduct resulted in a $13 million penalty.
The SEC’s authority under the FCPA statute to exact punishments for internal controls and books and records violations is expansive and this case is a stark reminder of its vast authority. In the last few years, the SEC is exerting greater authority to enforce internal controls focusing on relatively less significant authorities.
For example, in the United Airlines case, the SEC enforced a “code of conduct” violation under its vast internal controls authority. Here, in this case, the SEC relied on basic due diligence and monitoring omissions that created a risk of bribery but did not result in actual bribery.
I am reminded of Judge Sporkin’s admonition that he never wanted the FCPA to include a bribery violation but was content, as the SEC enforcement director, to have an internal controls and books and records prohibition. Judge Sporkin understood the power of such a provision and the ability of the SEC to exert vast authority over public companies in the implementation of internal controls and the keeping of accurate books and records.
The Mondelez case is yet another reminder of just how broad the SEC’s net can sweep. No bribery. No proof that a government official received any benefit. Mondelez is on the hook for Cadbury’s failure to account for approximately $100,000 paid to a third-party agent. That is a significant risk, one that is clearly covered by the internal controls and books and records provisions. But did the SEC properly exercise its discretion in extracting a $13 million settlement for this so-called “violation.”
That is a question that will have to be answered on another day as we stack up and review the SEC’s FCPA enforcement record. For now, let’s leave an asterisk by this case and reexamine it when the record for 2017 is a little more fulsome.