President Trump has already made some statements indicating that he’s going to relax regulations under the Foreign Corrupt Practices Act, but that doesn’t mean you should throw out your best practices book just yet. These investigations increased significantly over the past few years; consequently, we’re still living in a regulatory-heavy environment. This means that your global business could run the risk of unintentionally stumbling into an FCPA violation and the consequences could be quite severe.
Proactive vetting and leveraging certain FCPA options can limit your exposure. One thing that companies can take advantage of is a voluntary disclosure program. The FCPA will offer a reduction in fines and penalties when a company voluntarily discloses a violation. It’s not full amnesty, but it can be very useful. The key is knowing when to use this program and if you’ve even committed an FCPA violation in the first place.
The Consequences of an FCPA Violation
There are direct and indirect consequences to committing a violation under the Foreign Corrupt Practices Act. These consequences happen on an individual basis and an enterprise one, meaning that employees aren’t protected under the corporate umbrella. If an individual gets fined, the company cannot pay that fine for them. In addition, there are different consequences for violating bribery provisions versus covering up bribery through accounting fraud. The general consequences can be broken down as follows;
For Bribery Violations:
- A criminal penalty of up to $2,000,000 per violation for enterprises
- A criminal penalty of up to $250,000 per violation along with five years imprisonment for individuals
- A civil penalty of up to $16,000 per violation for both individuals and entities
For Accounting Violations:
- A criminal penalty of up to $25,000,000 per violation for enterprises
- A criminal penalty of up to $5,000,000 per violation and up to 20 years imprisonment for individuals
- A civil penalty of up to $750,000 per violation for enterprises
- A civil penalty of up to $150,000 per violation for individuals.
It should be noted that these are basic guidelines. In addition to fines, companies are required to forfeit all the profits gained from these violations. In certain extremely egregious cases, the court can instead order the violating entity to pay twice the profit gained from the violation as a fine.
Aside from basic monetary damages, companies can face other problems from FCPA violations. The federal government can bar them from bidding on government contracts. They can even essentially have their ability to do international business cut off by having export privileges revoked.
As you can see, the risks of violating the FCPA are significant, which is why your company needs to take proactive measures to prevent these violations. In some cases, you may even want to voluntarily disclose a violation to limit that exposure.
Limiting Your Exposure With Voluntary Disclosures and Vetting
To combat FCPA violations, the Department of Justice rolled out a new voluntary disclosure program which encourages companies to come forward. In exchange for voluntarily disclosing these violations, companies can significantly reduce the fines they will receive. To qualify, the company has to meet several criteria:
- The company isn’t making the disclosure because discovery of the violation has either already occurred, or is imminent.
- The company makes the disclosure within a “reasonable timeframe” after learning about it. The DOJ doesn’t lay out a specific timeframe and states that the burden is on the company to demonstrate this timeliness.
- The disclosure is complete, in that the company discloses the entire violation rather than just small portions of it, or discloses a small violation to cover up a larger one.
- The company must cooperate in the investigation, to include making involved individuals available for interviews and turning over internal investigation files.
- The company provides information on all involved individuals, as well as facilitates the gathering of information for involved third parties.
- The company voluntarily disgorges all profits gained from the violation.
These are just a few of the provisions that a company needs to meet to participate in this voluntary disclosure program. It’s a relatively new program, so the Department of Justice is still laying out all the specifics. That’s why any company who wants to participate is going to need to do their due diligence.
This means doing annual compliance reviews of employees to ensure that they aren’t at risk for FCPA violations. You can opt to use Remote Risk Assessment (RRA) to manage this. The employees can, on an annual basis, be assessed for compliance via a short, automated interview.
For example, the interview might include questions such as, “Have you ever bribed a foreign official?” Employees would answer with a “yes” or “no.” Responses are then measured using proprietary signals processes to assess for risk. Those individuals whose answers demonstrate high risk could come in for a more in-depth interview, allowing the company to locate and report FCPA violations as quickly as possible. That makes them more likely to qualify for the voluntary disclosure program. As a means of establishing a risk heat map for your organization, RRA is an essential tool.
AC Global Risk currently offers RRA as a means of assessing FCPA compliance. These tricky laws can cost companies big time, which is why our technology allows you to root out problems and voluntarily disclose violations to mitigate exposure.
RRA is also used in insurance and other industries to identify risk, reduce fraud and build trust.