On Monday, the Securities and Exchange Commission (SEC) and Department of Justice (DOJ) announced settlement with Tyco International (Tyco) for books and records violation of the Foreign Corrupt Practices Act (FCPA). Tyco agreed to a fine of $26MM for “at least twelve different, post-injunction illicit payment schemes occurring at Tyco subsidiaries across the globe. The schemes frequently entailed illicit payments to foreign officials that were inaccurately recorded so as to conceal the nature of the payments” and failure “to devise and maintain internal controls sufficient to provide reasonable assurances that all transactions were properly recorded in the company’s books, records, and accounts”. $10,564,992 of the fine was paid in disgorgement and an additional $2,566,517 in prejudgment interest was paid to the SEC and the remainder of $13.68MM was paid as fine to the DOJ. All of this was discovered because Tyco was already a FCPA violator, having admitted to violations back in 2006 and these additional violations were discovered as a part of a companywide review required under its 2006 Deferred Prosecution Agreement (DPA). Tyco received a Non-Prosecution Agreement (NPA) from the DOJ for this post-DPA conduct and I will discuss the NPA in a subsequent post.
While a large portion of the FCPA commentaratti focused on the damning email which read “”Hell, everyone knows you have to bribe somebody to do business in Turkey. Nevertheless, I’ll play it dumb”; another portion of the commentaratti seemed somewhat amazed that hiding bribery and corruption in a company’s books and records is a stand-alone violation of the FCPA. As part of the 2006 settlement Tyco agreed to engage in a companywide review of its operations to determine if there was “anything else”. Not only did it turn out there was something else “rotten in Denmark” but this bribery and corruption continued after the first enforcement action. This companywide review determined that Tyco had engaged in “illicit payment schemes”; that these bribery schemes “were inaccurately recorded so as to conceal the nature of the payments” and Tyco “failed to devise and maintain internal controls sufficient to provide reasonable assurances that all transactions were properly recorded in the company’s books, records, and accounts.”
So with a nod to the final week of the baseball season we present the Tyco Bribery Box Score
Bribe Amount Paid
Inaccurate Books and Records Description
|Turkey||Not reported||Equipment sold at a mark-up over invoice price|
|China||$3700||Commission to sales team|
|Germany||Not reported||Commission to sales team|
|France||Not reported||Commissions to agents for ‘business introductions’|
|China-different sub||$483K||Commissions to agent|
|Malaysia||Not reported||Commissions to agents|
|Egypt||$282K||Disguised as inflated invoices from agent|
|Saudi Arabia||Not reported||Promotional expenses and sales development|
|Poland||Not reported||Bogus service contracts|
What I find so interesting about all of this is that it occurred, in large part, after the 2006 DPA. As Bill Clinton might say, “It takes some brass” to initiate or continue a bribery scheme while you are under a DPA for FCPA violations. With the above in mind I was intrigued by an article in the Navigant Quarterly, 2012 Volume 1, Issue 13, entitled “If You Think You Are Done Looking…Keep Looking”, by Eileen Felson and Nicole Wrigley. In their article, the authors note that “every fraud has to be hidden somewhere on a company’s books. Most financial statement frauds grow in size, scope and duration.” The authors also talk about “collusive fraud” which is the situation where “fraudsters work together to manipulate the balance sheet and actually launder the fraud through various accounts.” It sounds like a description of the machinations folks must go through to hide corrupt payments while under a FCPA DPA. Although the authors specifically address frauds, their concepts are certainly broad enough to include bribery and corruption.
The authors detail several types of corrupt practices and end their article with some tips on investigation. They note that the “logical start-off point in conducting a forensic investigation of how a fraud was committed includes a detailed review of revenue and expense account activity.” But more importantly, a forensic examiner must keep looking. The reason for this is simply because if evidence of bribery or corruption is found in one area the entire scheme is revealed. Therefore a forensic examiner needs to review unrelated accounts to see if there are other indicia of corruption.
What does all of this mean for a compliance program? There is some very clear guidance for the role of Internal Audit in detecting bribery and corruption in a best practices FCPA compliance program. First and foremost, if there are any types of commission payments being made, Internal Audit needs to review the documentation supporting why such payments are being made. A review of contracts or other legal requirements which may obligate a company to make such payments should be a basic undertaking in any internal audit. After an internal auditor has determined if commission payments are legally authorized, the internal auditor should review evidence that such commission payments have been earned. In other words, is there any evidence in the company’s books and records that the person or entity performed the services which might have entitled them to such commission payments? And do not forget that another role for Internal Audit is to correctly classify payments so that the books and records of the company accurately reflect them as expenses.
The Tyco SEC Compliant is chocked full of information regarding what an internal auditor needs to look for in reviewing expenses charged by employees; commissions paid to employees; invoices by agents and other third party representatives and over-inflated sales contracts; all used to disguise corrupt payments. The sad fact, as noted by authors Felson and Wrigley, is that many corruption schemes are not “committed for personal gain (such as stealing cash) but for other incentives, such as continued employment/advancement, fear of delivering bad news to investors or an intimidating supervisor, or a desire to increase the value of performance-based bonuses.” While it is not clear why it took Tyco so long to uncover these ongoing acts of bribery and corruption or why Tyco employees continued to engage in conduct violative of the FCPA while under a DPA; I think that the Tyco example speaks to the need for an overall, comprehensive robust compliance program that focuses on all factors which led to the continued bribery and corruption in the company which was reported in the SEC Complaint.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at email@example.com.
© Thomas R. Fox, 2012