Laws to combat bribery and corruption worldwide have been in place for decades. Increasingly common, though, are revelations of complex bribery schemes conducted across multiple jurisdictions, and global corporations paying significant penalties to a variety of prosecution authorities.
The U.S. Department of Justice has led the way as the major enforcer of bribery laws worldwide since the introduction of the Foreign Corrupt Practices Act (FCPA) in 1977. The high-value settlements American regulators have secured are no doubt spurring their global counterparts to action: The Organisation for Economic Cooperation and Development’s Working Group on Bribery, for example, regularly reports on member countries’ progress in enforcing the 1997 Convention on Combating Bribery of Foreign Public Officials in International Business Transactions.
How are regulators and authorities responding to this recent increased emphasis on enforcement? Several themes emerge:
• Although investigations of individuals certainly continue, there’s renewed focus on prosecuting corporations as well. In the United States, as of this March, nine of the 10 largest fines issued by regulators were levied against non-U.S. entities. Penalties are also getting bigger, measured in billions of dollars instead of hundreds of millions. What steps are firms’ management and boards taking to mitigate the risk of bad actors under their roof?
• Bribery and corruption laws worldwide also have extended jurisdictional reach, which means that a company with operations outside its country of incorporation will be subject to a multitude of foreign laws. Australian regulators, for instance, have jurisdiction when conduct occurs wholly or partly in Australia—or when the relevant conduct is by a company incorporated in Australia by an Australian resident or citizen.
Stateside, any company listed on an American exchange, using an American bank account, telecommunications, or postal services as part of the criminal conduct; or any person or corporation committing “an act of furtherance” of an improper payment while “in the territory of the U.S.” is exposed under the U.S. FCPA. Under the U.K.’s Bribery Act, meanwhile, companies doing any “part” of their business in Britain may be liable regardless of whether the offense was committed within the United Kingdom.
• These laws’ broad reach has led international regulators to formalize their cooperation in multi-jurisdictional investigations and settlements. Australia has highlighted its comprehensive framework for the increasing number of “mutual assistance requests” it receives relating to foreign bribery investigations. Settlements, too, have gone global, with companies paying penalties of varying amounts to different regulators for the same criminal act.
• To encourage individuals and businesses alike to self-report potential bribery and corruption, countries have come to recognize the value of whistleblower-protection laws and “deferred prosecution agreements.” DPAs, in essence, are agreements between a prosecutor and a company liable for prosecution under which, in exchange for having the case suspended or dropped, the company agrees to some action: paying financial penalties, say, or implementing a corporate compliance program, or both.
Looking again to Australia, regulators there recently proposed a DPA regime in recognition of the fact that the absence of incentives for corporations to self-report legal breaches might be contributing to the country’s comparatively low prosecution rate. (It did not ultimately adopt such a program.)
"It's crucial for a company to adapt its policies and processes to suit the risks it faces across different business units and jurisdictions."
Corporations’ Key Takeaways
Set aside, for the moment, the substantial financial penalties a company will face for breaking foreign bribery laws. Other consequences will naturally follow an investigation, plea, or conviction that makes a serious impact: a reputational hit; decreasing share price, asset values, and returns; potential indirect losses should a company be placed on a “blacklist” by government or commercial panels; and management that’s distracted for a time because of a lengthy, expensive investigation.
To mitigate these risks, companies that operate globally must ensure that they can demonstrate they’ve taken “adequate measures” to combat lawbreaking. That’s the cornerstone of many companies’ only defense against a court action or when seeking a reduced penalty.
Broadly speaking, “adequate measures” entail having a comprehensive compliance framework to identify, mitigate, and remedy corrupt behavior. Simply having a code of conduct—or even a policy specific to bribery and corruption—is a start, but it’s not enough. Every company recently embroiled in a bribery or corruption scandal could point to some code or policy it had in place. What a business should do instead:
• Impose clear, unambiguous policies that set distinct behavior expectations—policies supported with follow-on procedures applied consistently across the corporation.
• Ensure that the board and management are able to demonstrate a “culture of compliance” via a zero-tolerance approach to any violation of laws or internal company policies. Recently updated guidelines for companies listed on the Australian Securities Exchange, for example, recommend precisely such board oversight to combat bribery and corruption.
• Establish a legal and compliance support system that works closely with a global corporation’s various business units on three things: first, implementing risk-based education and training programs across the company; second, ensuring that the business is detecting unlawful conduct, whether through audits, surveillance, strong whistleblower protections, or others; and third, responding quickly to any potential misconduct as soon as it’s discovered.
It’s crucial for a company to adapt its policies and processes to suit the risks it faces across different business units and jurisdictions. What constitutes a reasonable and adequate compliance, education, and training program in one, after all, might not be so in another.
In particular, a company’s compliance programs will need to adjust for the increased risk incurred by a business unit operating in a place with a traditionally higher incidence of bribery and corruption, or simply more significant day-to-day dealings with public officials. In the case of the latter, a company must take steps to ensure that employees are properly trained—via multilingual or face-to-face training, for example—and that oversight and audit systems are in place to monitor compliance with company policies.
Compliance, education, and training programs should be, so to speak, living organisms. Following their initial implementation, a company’s board and management need to ensure ongoing emphasis on building and communicating a compliance culture by continually reviewing policies, processes, and systems, and by enforcing an approach that sends a clear message: Unlawful conduct will not be tolerated.
Finally, it’s vitally important that if and when allegations of such conduct arise, the company take immediate steps to investigate the allegations and the root cause of the conduct, and determine whether it should be reported to any regulator with a potential interest in the issue. Within companies that operate globally, any suspected instance of bribery or corruption must be examined at once by the board and management. Self-reporting can bring great potential benefits. Ignoring potential problems surely will not.
Stephanie Wee is a special counsel in Gilbert + Tobin’s Disputes + Investigations group. Her practice spans all aspects of disputes and investigations with a focus on complex disputes, regulatory investigations, public inquiries and internal investigations. Stephanie specializes in advising and representing clients involved in regulatory investigations by Australian. She is a ranked individual in Anti-Bribery & Corruption by Chambers 2019, is recognized in Best Lawyers 2020 for Alternative Dispute Resolution and Criminal Defense Law and was also recognized as a “Next Generation Lawyer” by Legal 500 Asia Pacific 2018 for Regulatory Compliance and Investigations.
