This Wisdom of the Crowd, compiled from responses posted on various ACC Committee eGroups,* addresses issues of conducting due diligence background investigations under the Foreign Corrupt Practices Act (FCPA) and similar international legislation. The issues discussed include:
I. Selecting a Third Party Firm to Conduct Due Diligence Investigations
II. How Much Due Diligence Is Required in Conducting Background Investigations of Potential International Partners
III. Developing an Internal Due Diligence Program
IV. Incorporating Protections into Contracts
Rate this Wisdom of the Crowd
*(Permission was received from the ACC members quoted below prior to publishing their eGroup comments in this Wisdom of the Crowd resource.)
I. SELECTING A THIRD PARTY FIRM TO CONDUCT DUE DILIGENCE INVESTIGATIONS
Question:
What factors should a company consider in selecting firms to conduct due diligence on potential international partners?
Wisdom of the Crowd:
Response:
It is difficult to give advice on this without knowing the type and number of international business partners the writer needs to investigate, where they are and what kind of services they are going to do. … If you have thousands of partners and an organization which is spread out around the planet, you should choose an investigation company with a good software solution for automating the due diligence process and record keeping. The company or companies you select to do your investigations depend on why your company is investigating and the amount of information you need or want on the particular partner, the amount of work you are able to do in house, and of course, on how much your company is willing to pay. The first step is to understand your company's risk, why you are doing the background investigations and how the background investigation fits into your company's program. The second step is usually determining how many "partners" you actually have (most companies do not know this) and assessing the risk each partner or type of partner represents. Are you going to do due diligence on all third parties or only on a few types? - and how did you determine which types to investigate and which types did not need to be investigated? That will help you determine if your budget is realistic. After that you can determine the type of investigations you want and approach companies who are able to do the work you need for bids or run an RFP process.1
II. HOW MUCH DUE DILIGENCE IS REQUIRED IN CONDUCTING BACKGROUND INVESTIGATIONS OF POTENTIAL INTERNATIONAL PARTNERS
Question:
I've followed with interest the responses to the solicitation of recommendations of firms that do due diligence on potential international partners, and would very much like to hear others' opinions on how much diligence is "due" in this area.
Wisdom of the Crowd:
Response #1:
[I]f we have our business people ascertain with the prospective business partner that they have read and understood the anti-corruption policies of our company, and that they are prepared to comply and sign an agreement where they undertake to comply, and in the absence of other red flags, this should be enough to shelter the company from any liability in theory. 2
Response #2:
Reading between the lines I have a feeling that the key compliance tool once appropriate due diligence has been carried out will be documentation. The UK enforcement agency the Serious Fraud Office ("SFO") has acknowledged in various seminar meetings that companies will be expected to self investigate and report. My hunch is that where documentation is available that demonstrates a clear use of a compliance policy and programme the SFO will hesitate to prosecute even if wrong decisions have been made. Whether a company has adequate procedures to prevent bribery is massively subjective and being able to document a programme gets any organisation most of the way to achieving the defence.... In some respects this is a brave new world for Europe and until there is a body of case law it will be for people like us to justify why compliance programmes are adequate. Without documentation we lose before we start. 3
Response #3:
It is pretty clear from the cases that companies with no due diligence program and poor record keeping are treated harshly. What is not clear is how extensive a due diligence program needs to be to be considered adequate. Your senior management needs to decide: Is your company running a compliance program which has as its goal being effective at keeping your company free from corruption, kickbacks, collusion and illegal activity by the third parties you engage to work for you? Or are you running a compliance program to be able to make a credible presentation to the authorities that your company met its legal obligation to have a minimally adequate program? The regulator's expectation as to what is reasonable third party due diligence has been rising steadily over the past 5-6 years, and will probably be even higher in another 2-3 years. An adequate third party due diligence program is an essential element of an anti-corruption compliance program in the US and the UK. … If your company is going to do all of your investigations in house, train employees to conduct them properly, make the process uniform and objective, and create great records - which you will need to keep for the life of the contract plus 7 years. You need to have the budget and headcount to do all this consistently. 4
Question:
Suppose a potential international partner has cleared a third-party firm's search of all of the relevant international "bad-guy" databases without a hit, and has agreed in writing to comply with the company's written anti-bribery policy (which requires strict compliance with the FCPA and UK Bribery Act). Absent any other red flags, is that enough advance due diligence? Is a deeper, and significantly more expensive, in-country investigation and site visit by the third-party investigation firm called for, or would ongoing monitoring and annual re-certification of compliance be sufficient?
Wisdom of the Crowd:
Response #1:
My only addition would be to recommend an additional step, which is to rigorously document relationships with agents. This would include written agreements subject to frequent renewal (and new due diligence checks), activity reports (what business have they brought in, how much commission has been paid and have any issues been flagged internally/externally) and simple checks to monitor whether that agent is providing services to any other part of your organization (and therefore has a higher income or closer relationship than you first thought). 5
Response #2:
One problem in doing a quick check of all the "international bad guy databases" is that it might turn up a few convicted criminals, money launderers and known terrorists, but it is unlikely to shed light on the distributors and agents who are evading taxes, paying your employees kickbacks and bribing employees of other businesses and governments. It is better than nothing. Consider a country like Russia where commercial and government bribery are epidemic - how many business managers in Russian companies are convicted of bribery each year - and even if they were charged or convicted - would they show up on the bad guy databases? The kind of outside investigation you can get for $350-400 from a number of providers is certainly better. The level of investigation needs to be based on the risk and the business opportunity - and your company presumably has already evaluated its risk and opportunity and decided to do business in countries with high levels of corruption. Taking reasonable measures to ensure your company is complying with the law when doing international business is a legitimate cost of doing business that varies from country to country, industry to industry and by type of third party. 6
III. DEVELOPING AN INTERNAL DUE DILIGENCE PROGRAM
Question:
What steps should a company consider taking in conducting an investigation of potential international partners?
Wisdom of the Crowd:
Response:
Try a layered approach to on-boarding new partners: Always begin with training your own employees. Many of your company's foreign sales employees will only have a vague idea about US or UK anti-corruption laws and why they are important to your company - and a 30 minute on-line course is unlikely to change their long held prejudices. The company should have a clear business need for each new partner which is stated in writing by the employee accountable for the on-boarding. Once that has been done, the due diligence investigation/process can be built into the application process. Even in difficult countries this should take no longer than 2-3 weeks unless red flags are discovered.
-
A clear statement in your on-boarding application about the company's commitment to anti-corruption.
A reasonably complete questionnaire to get the information you need on the prospective partner, for example understanding who owns the partner is important. The answers should be certified by someone with authority. The answers should be incorporated into the contract by reference and omission or falsehood need to be grounds for remedial action or termination.
A minimal outside background investigation of checking databases and publications - making sure the company actually exists is a reasonable part of this in places like China. More is better, but you have to make an educated determination as to how much is enough. The risk of corruption/illegal activity by third parties does depend on where you are doing business and the type of business you are doing with different partners, so you will probably find it prudent to have at least 2 and probably 3 tiers of investigation.
Properly worded, nonnegotiable anti-corruption terms in your contracts.
A certification by the partner's senior management/owner that the partner understands your anti-corruption program and will comply with it and the laws.
Certifications by the executives (e.g., Head of Sales, Head of Legal, Head of Finance for the country/region) in your company who are responsible for the on-boarding of the specific partner that they have reviewed all of the above, asked any needed follow-up questions and based on that they believe that the prospective partner is of good reputation and no red flags of corruption exist - and clearly stating that they are accountable for the decision to on-board the partner.
Then execute the contract.
Have a process for following up - annual repeat of written certification of compliance, review annually or at renewals, repeat of process every 3 years. It is good to also get Certifications by your own employees that they have not seen any suspicious activity at that time. Sending the partners some reminders or including them in training and updates on your program and events in anti-corruption compliance would be nice to do as well. Having your Vice president of Sales or country manager mentioning the importance of anti-corruption compliance for 2-3 minutes (and mean it) at a meeting of partners is more effective than having a lawyer "train" them for 45 minutes.
Keep great records. FCPA investigations come up 1-5 years after the activity took place. The government's expectation is you are keeping good records - and if you get in trouble they may want to see them. 7
IV. INCORPORATING PROTECTIONS INTO CONTRACTS
Question:
Our company has incorporated anti-corruption provisions into our contracts with foreign distributors and sales agents, and I will also have them complete a due diligence questionnaire. The question is - what about our foreign customers? Should we have them sign the FCPA certifications and complete the diligence questionnaire? What if one of these customers without our knowledge bribed their local government in order to obtain some permit for the plant they are building - would we be on the hook?
Wisdom of the Crowd:
Response:
For the reasons you cite, I would suggest that it would be good to include language in your contract with the client/owner, regarding their obligations under FCPA and local law, and obtain a rep and cert and indemnity. 8
Question:
I am looking to improve my company's standard international rep/dealer agreement by adding a clause that gives us the right to audit for FCPA compliance. Does anyone have a sample clause they are willing to share?
Wisdom of the Crowd:
Response #1:
We do not have an FCPA-specific audit clause, but this is the clause we use in our Agency Agreements9:
AUDIT. Consultant shall keep and maintain current records accurately reflecting all actions of Consultant taken under this agreement.
A. "Records" include all invoices, purchase orders, letters, e-mails, telephone logs, customer information, contracts, bids, quotes, Product lists, bills of lading, permits, licenses, and other documents pertaining to Consultant's work on behalf of the Company. The records, together with all documents, papers and all other information pertaining to or arising from any transaction under this agreement, shall be kept and maintained in the offices of Consultant and the address for Consultant appearing hereinabove for a period of three years from and after the date on which such records, documents, papers, and other information were generated.
B. The Company shall have, and Consultant hereby grants to the Company, free and unhindered access during the business hours of Consultant to all records, documents, papers, and other information belonging to and/or in the possession of Consultant that directly or indirectly concern or relate to any actions taken by Consultant under, pursuant to, or as a result of this Commission Agreement, or otherwise for or on behalf of the Company. The Company shall be permitted (i) to copy any of said records, documents, papers, and other information at its own expense and (ii) to audit Consultants records, at its own expense, for compliance with the terms of this Agreement. The Company may appoint a third party to review Consultant's records. Consultant shall provide that third party with the same access to its records as Consultant granted to the Company.
Response #2:
We take strict compliance with the FCPA very seriously. Below is from our foreign sales rep agreement form. See audit rights in Section 9.2(v). It's somewhat long but it's very important to spell out the sales representative's FCPA obligations in detail to justify being able to conduct a full audit (versus being entitled to only a cursory one) if compliance needs to be verified. We also framed these obligations as reps, warranties and covenants of the sales representative. 10
9 REPRESENTATIONS AND WARRANTIES
9.1. The U.S. Foreign Corrupt Practices Act (the "FCPA") makes it unlawful to offer, pay, promise or authorize to pay any money, gift or anything of value, including to offer, pay, promise or authorize to pay any money, gift or anything of value, including but not limited to bribes, entertainment, kickbacks or any benefit, directly or indirectly, (i) to any foreign official or any foreign political party or (ii) to any person while knowing or suspecting that the payment or gift will be passed on to a foreign official, in connection with any business activity of The Company. For the purpose of this Agreement, a "foreign official" means any employee or officer of a government of a foreign country (i.e., a country other than the United States of America), including any federal, regional or local department, agency, enterprise owned or controlled by the foreign government, any official of a foreign political party, any official or employee of a public international organization, any person acting in an official capacity for, or on behalf of, such entities, and any candidate for foreign political office.
9.2. Representative makes the following representations and warrants to The Company, and covenants and agrees as follows:
(i) Representative hereby represents, warrants and covenants to The Company that Representative has not, and covenants and agrees that it will not, in connection with the transactions contemplated by this Agreement or in connection with any other business transactions involving The Company, make, promise or offer to make any payment or transfer of anything of value, directly or indirectly: (A) to any foreign official (as defined above) or to an intermediary for payment to any foreign official; or (B) to any political party. It is the intent of the parties that no payments or transfers of value shall be made which have the purpose or effect of public or commercial bribery, acceptance of or acquiescence in extortion, kickbacks or other unlawful or improper means of obtaining business. This subsection shall not, however, prohibit normal and customary business entertainment or the giving of business momentos of nominal value in connection with Representative's performance under this Agreement.
(ii) Representative agrees that it will, and will cause each of its directors, officers, employees, agents or other representatives who have any direct involvement with any of the management or operations of the business of Representative under this Agreement, at the request of The Company, and at least annually, provide The Company with a certification in the form hereto attached and incorporated by reference as Annex 2.
(iii) Representative agrees that should it learn or have reason to know of: (A) any payment, offer, or agreement to make a payment to a foreign official or political party for the purpose of obtaining or retaining business or securing any improper advantage for The Company under this Agreement or otherwise, or (B) any other development during the term of this Agrement that in any way makes inaccurate or incomplete the representations, warranties and certifications of Representative hereunder given or made as of the date hereof or at any time during the term of this Agreement, relating to the FCPA or The Company's FCPA Policy, Representative will immediately advise the The Company General Counsel in writing of such knowledge or suspicion and the entire basis known to Representative therefor.
(iv) Representative hereby represents and warrants to The Company that no ownership interest, direct or indirect, in Representative or in the contractual relationship established by this Agreement, is held or controlled by or for the benefit of any foreign official or foreign political party, and that it will notify The Company in the event of a change in the foregoing.
(v) Representative agrees that The Company shall have the right, from time to time, upon written notice to Representative, to conduct an investigation and audit of Representative to verify compliance with the provisions of this section. Representative agrees to cooperate fully with such investigation, the scope, method, nature and duration of which shall be at the sole reasonable discretion of The Company.
(vi) In the event that The Company believes, in good faith, that Representative has acted in any way that may subject The Company to liability under the FCPA, The Company shall have the unilateral right, exercisable immediately upon written notice to Representative, to terminate this Agreement, subject to the provisions of Section 17.2 of this Agreement.
(vii) Representative agrees that full disclosure of information relating to a possible violation of The Company's FCPA Policy or the existence and terms of this Agreement, including the compensation provisions, may be made at any time and for any reason to the U.S. government and its agencies, and to whomsoever The Company's General Counsel determines has a legitimate need to know.
9.3. Representative hereby represents and warrants to The Company that in connection with its efforts hereunder, it has not employed or compensated and will not employ or compensate any person who, during the two-year period immediately preceding such employment or compensation, was either employed by the United States Department of Defense or was a member of the United States Armed Forces and who served in a procurement function.
9.4. Any breach of this Article shall entitle The Company to terminate this Agreement effective immediately upon notice to Representative. Said notice shall be pursuant to Article 19 hereof ("Notices") and shall state the basis for the termination.
1 Response from: Stephen Clayton, Esq. (Dec. 3, 2011).
2 Response from: Francois Gacougnolle, General Counsel, Superior Essex Inc. (Dec. 6, 2011).
3 Response from: Mark Collins, UK Counsel, GEA Heat Exchangers (Dec. 7, 2011).
4 Response from: Stephen Clayton, Esq. (Dec. 7, 2011).
5 Response from: Mark Collins, UK Counsel, GEA Heat Exchangers (Dec. 7, 2011).
6 Response from: Stephen Clayton, Esq. (Dec. 7, 2011).
7 Response from: Stephen Clayton, Esq. (Dec. 7, 2011).
8 Response from: Anonymous (Jun. 2012).
9 Response from: Daniel Pickelner, Chief Regional Counsel, Americas Division, Commercial Metals Company (Nov. 10, 2010).
10 Response from: Carlton S. Chen, Vice President, General Counsel & Secretary, Colt's Manufacturing Company LLC (Nov. 10, 2010).