As a general legal matter, when a company acquires another company, the successor company cannot be liable for the acquired company’s activities prior to acquisition. In FCPA jurisprudence, there is no case law precedent directly on point. However, the DOJ and SEC have commented extensively on successor liability. Opinion Release 03-01, from the DOJ first suggested that an acquiring company could be liable for pre-acquisition FCPA violations. In that case, an acquiring company determined a target had engaged in conduct which potentially violated the FCPA. The DOJ opined that if the acquirer halted the illegal conduct, extensively remediated, disciplined the offending officers and employees of the target and continued to provide information and cooperate with the government, the DOJ would not prosecute under the FCPA.

In addition to 03-01, there are a few FCPA enforcement actions which suggest that if a company makes good faith efforts to conduct due diligence, integrate compliance programs and take extensive remedial actions by and if all that is done on a quick basis, the DOJ will give the acquiring entity strong credit. One of the best examples of this approach was the 2009 purchase by Pfizer of Wyeth. Pfizer could do limited due diligence before the acquisition but because both were massive organizations it was not possible to do complete due diligence prior to acquisition. After the acquisition, but within 180 days, Pfizer had identified much of the wrongdoing at Wyeth and halted it. Pfizer was not held criminally liable for any of the conduct at Wyeth.

Most of what Pfizer was held responsible for in its DPA was because of a previous acquisition of Pharmacia, which they acquired in 2002 and 2003. At the time of the Pharmacia acquisition, purchasers did not typically conduct pre-acquisition due diligence on acquisition targets. And during the investigation most of the violations of FCPA for which Pfizer was held criminally liable; began prior to the acquisition of Pharmacia. Pfizer was held responsible for the misconduct at Pharmacia both before and afterwards. The Pfizer case is interesting because it shows both the sides of the equation.

In 2008, DOJ Opinion Release No. 08-02 provided additional information for a safe harbor for successor liability based upon a very specific fact scenario. The Opinion Release is known as the “the Halliburton Opinion Release.” In the Halliburton Opinion Release, the DOJ indicated that it would not take enforcement action based on specific circumstances that allowed for limited pre-acquisitions due diligence and aggressive post-acquisition schedule for a risk audit and disclosures to the government. Thereafter in the Johnson and Johnson and DSS DPAs, the DOJ further refined the requirements and time frames to obtain this safe harbor.

The 2012 FCPA Guidance advanced the information for the compliance professional. It provided the clearest argument for a safe harbor to companies if companies invest reasonable effort in due diligence and post-acquisition compliance; they may well be able to avoid major liability. The DOJ and SEC noted, “in a significant number of instances, DOJ and SEC have declined to take action against companies that voluntarily disclosed and remediated conduct and cooperated with DOJ and SEC in the merger and acquisitions context.” Furthermore, DOJ and SEC provided that “a successor company’s voluntary disclosure, appropriate due diligence, and implementation of an effective compliance program may also decrease the likelihood of an enforcement action regarding an acquired company’s post-acquisition conduct when pre-acquisition due diligence is not possible.”

The 2012 FCPA Guidance provided literally a roadmap for a Buyer to limit compliance risk in the mergers and acquisition context. It emphasized the importance of pre-acquisition due diligence and post-acquisition integration of compliance programs and internal controls. This type of integrated approach would reduce risk of future bribes and allow the purchaser and target to address potential violation(s) through negotiation of costs and responsibilities for investigation/remediation. Finally, and as with all effective compliance, it will assist the purchaser to accurately value the target company.

In 2014, the DOJ issued Opinion Procedure Release 14-02 which provided further guidance on successor liability. This release reiterated the DOJ’s willingness to recognize a safe harbor where the acquiring company makes sufficient efforts to conduct due diligence and post-acquisition integration and concluded that acquisition of a company does not create FCPA liability where it did not exist before, such as for jurisdictional reasons. In the Release, the requesting company had acquired a company with significant anti-corruption compliance program deficiencies, including: lack of documentary records to support gifts to government officials or charitable donation, incomplete and inaccurate records for expenses, and lack of written compliance policies and procedures. 

Three Key Takeaways

  1. Opinion Release 03-01 was the first to provide a safe harbor concept in the M&A context.
  2. The Halliburton Opinion Release expanded the safe harbor concept to the situation where a company could not engage in substantive pre-acquisition due diligence.
  3. The 2012 FCPA Guidance brought together the various strands of a safe harbor position.

This month’s podcast series is sponsored by Michael Volkov and The Volkov Law Group.  The Volkov Law Group is a premier law firm specializing in corporate ethics and compliance, internal investigations and white collar defense.  For more information and to discuss practical solutions to compliance and enforcement issues, email Michael Volkov at or check out