What is the Foreign Corrupt Practices Act (FCPA)?

The US Foreign Corrupt Practices Act (FCPA) is a federal law intended to prevent US citizens from bribing the government officials of foreign countries. The FCPA was enacted by Congress in 1977 in response to revelations by the Securities and Exchange Commission (SEC) that US companies had made over $300 million in illegal payments to foreign politicians and foreign governments in exchange for favorable treatment. The FCPA was introduced to restore public confidence in the integrity of US businesses and was passed into law on the 19th December, 1977, by President Carter as an amendment to the Securities Exchange Act (1934).

Since its introduction, the FCPA has become one of the most significant pieces of anti-bribery legislation in the world and has influenced similar anti-corruption legislation, such as the UK’s Bribery Act (2010).  

Understanding the Foreign Corrupt Practices Act

Enforced jointly by the Department of Justice (DOJ) and the SEC, the FCPA applies on a global scale to ‘publicly traded companies and their officers, directors, employees, stockholders, and agents’ and includes non-US persons that operate in US capital markets or use US financial services. The FCPA’s extra-territorial jurisdiction means that overseas firms must consider their compliance responsibilities even if they appear to be beyond the US’ regulatory reach.

Key FCPA Legislative Components

There are two key legislative components to the FCPA:

Anti-Bribery provisions: The FCPA’s anti-bribery provisions prohibit firms from paying or offering to pay, or offering ‘anything of value’ to foreign officials in order to ‘secure improper advantage’ when retaining or obtaining business.  

Accounting provisions: The FCPA includes requirements for firms to maintain adequate payment records and internal controls over their transactions in order to demonstrate that illegal financial activity is not taking place and to contribute to audits and investigations. 

When considering FCPA compliance, the SEC defines ‘anything of value’ broadly: the term may include payments or transfers of cash, along with the provision of computer equipment, medical equipment, and vehicles. Similarly, the term ‘foreign official’ includes ‘any officer or employee of a foreign government’ or persons that act on behalf of foreign governments such as foreign military officials that handle procurement contracts or employees of foreign government controlled entities. 

Firms do not need to have bribed foreign officials to be in violation of the FCPA. Offers and promises of payment or a failure to maintain adequate records would constitute FCPA violations and expose offending firms and individuals to enforcement action by the SEC or DOJ. 

FCPA Penalties: Foreign Corrupt Practice Act violations carry potentially severe penalties, including both fines and prison sentences. The penalties depend on the nature of the violation.

• Violations of anti-bribery provisions may result in fines of up to $2 million for firms (or up to twice the financial benefit gained by the violation). For individuals, anti-bribery violations may result in a fine of up to $250,000 or a prison sentence of up to 5 years (or both). 
• Violations of the Act’s accounting provisions may result in fines of up to $25 million for firms (or up to twice the financial benefit gained by the violation). Individuals that breach accounting provisions may be fined up to $5 million or receive prison sentences of up to 20 years (or both).

Foreign Corrupt Practices Act Compliance Considerations

Given the potential penalties, firms should be aware of their FCPA risk exposure. Any company that has dealings with foreign officials must consider FCPA compliance as a priority and take steps to ensure that their employees operate in accordance with the legislation. Certain industries and sectors, and certain types of business activity carry a higher risk of FCPA violations.

High risk industries include:

• Oil, gas, and mining (and other resource extraction industries)
• The IT industry (and other high technology sectors)
• Pharmaceuticals
• Medical Equipment
• Construction 
• Energy
• Aerospace and defense

High risk business activities include:

• Any sales made to government officials, or government business dealings such as tax settlement, planning consent, and licensing and certifications 
• Entertaining government officials or reimbursing government officials’ travel expenses. 
• Government lobbying
• Donations to, or sponsorship of, government sanctioned programs
• The use of agents to act as intermediaries with government officials 
• Customs processes (imports and exports)

Companies should also consider the risk associated with certain areas of the world, and with countries and governments that have particularly poor records of corruption. Resources are available to help gauge the geographic risk factors: many firms use the ratings provided by the Corruptions Perceptions Index which is maintained by Transparency International and updated annually.

Managing FCPA Risk

FCPA violations may involve both a firm’s employees and third-parties with which they do business. Accordingly, firms may manage or mitigate FCPA risk by developing an internal company culture of accountability and putting appropriate due diligence processes in place for dealing with third-party customers or business partners. The FCPA compliance process should be backed by codified standards and may include the following measures and controls:

• Anti-bribery policy: Firms should develop and implement an anti-bribery policy suitable for their industry and the locations in which they do business. Employees at every level of authority should be familiar with the policy.
• Due diligence: Firms must perform suitable due diligence on their employees and on relevant third parties in order to build accurate FCPA risk assessments. The due diligence process should capture key information including names, addresses, and dates of birth, and include criminal background checks. 
• Record-keeping: In order to manage and analyze the information collected during the due diligence process, and to contribute to external audits, firms should develop a suitable FCPA record-keeping system. 
• Ongoing risk assessment: Firms should re-assess the level of FCPA risk they face on an ongoing basis. The assessment should be able to capture significant risk factors such as geographic location and business activities involved.  
• Sanctions screening: To capture external risk factors presented by both individuals and governments, firms should screen their third parties against international sanctions and watch lists. 
• PEP screening: Foreign officials often qualify as politically exposed persons (PEP) (along with their family members and close associates), and so pose a greater corruption risk. Firms should screen regularly for PEP status in order to inform their FCPA risk profile.
• Adverse media monitoring: Adverse or negative media stories may indicate involvement in criminality or corruption. Accordingly, firms should monitor news media for negative stories that might affect their FCPA risk assessment.