I continue my multipart (not quite sure how long it will go) exploration of last week’s announcement of the Fresenius Medical Care AG & Co. KGaA (FMC) Foreign Corrupt Practices Act (FCPA) enforcement action. It involved massive multi-year and multi bribery schemes by the company in multiple countries. The company agreed to pay a total criminal penalty of $84,715,273 to the Department of Justice (DOJ). FMC settled a related FCPA matter with the  Securities and Exchange Commission (SEC) and paid $147 million in disgorgement and prejudgment interest to the SEC, which the DOJ credited in its resolution, bringing the total amount paid by FMC to over $231 million. Yesterday, I considered the numerous and varying bribery schemes used by the company to make corrupt payments and to cover its collective tracks.

It was clear from that deep dive there was massive corruption. Yet in spite of the colossal amount of corruption involved, the company was able to garner a Non-Prosecution Agreement (NPA). The SEC settled its portion of this matter with a Cease and Desist Order (Order). Today I want to explore how the company was able to garner not only an NPA but also receive a discount of 40% off the minimum range suggested under the US Sentencing Guidelines. While the NPA did not detail the full calculations which led to the range of the fine under the Sentencing Guidelines, it did state, “The monetary penalty is based upon profits of approximately $141,192,121 as a result of the offense conduct, and reflects a discount of 40% off of the bottom of the U.S. Sentencing Guidelines fine range.”

Under the FCPA Corporate Enforcement Policy (Policy), a company which does not qualify for the presumption of a Declination can receive a discount of up to 50% off the minimum range of the Sentencing Guidelines. FMC did not self-disclose (“voluntarily and timely disclose”) this matter to either the DOJ or the SEC so a Declination was never in the cards. Further, FMC did not receive the full 50% available to them as it the Company did not receive full cooperation credit because it “did not timely respond to requests by the Department and, at times, did not provide fulsome responses to requests for information” so it did not meet the requirement for extraordinary cooperation with the DOJ (and SEC) during the pendency of the investigation. Finally, to the extent the Yates Memo is still in the mix, the NPA noted the company provided to the DOJ “all relevant facts known to it, including information about the individuals involved in the conduct described in the attached Statement of Facts and conduct disclosed to the” DOJ prior to the resolution of the matter.

However, according to the NPA Fresenius did meet other mandates under the Policy, including:

  • conducting a thorough internal investigation;
  • making regular factual presentations to the DOJ;
  • providing facts learned during witness interviews;
  • voluntarily making foreign-based employees available for interviews in the US;
  • producing documents to the DOJ from foreign countries in ways that did not implicate foreign data privacy laws;
  • collecting, analyzing, and organizing voluminous evidence and information from multiple jurisdictions for the DOJ, including translating key documents; and
  • disclosing conduct to the Department that was outside the scope of its initial voluntary self-disclosure.

The SEC Order had other information about the company’s conduct which did not appear in the NPA. FMC self-reported “certain misconduct and voluntarily provided facts developed during its internal investigation.” The company cooperation with the SEC, which was somewhat enigmatically “varied at times.” It was specifically noted that the company “produced documents, including key document binders and translations as needed, and made current or former employees available to the Commission staff, including those who needed to travel to the United States.”

It did appear that the company met its obligation for extensive remediation after the illegal acts were uncovered. The NPA noted the company engaged in the following remediation steps:

  • At least ten employees who were involved in or failed to detect the left the company, either through termination, resignation upon after being asked to leave, or they voluntarily departure once the Company’s internal investigation began;
  • The company enhanced its compliance program, controls, and anti-corruption training;
  • The company terminated its business relationships with the third party agents and distributors who participated in the illegal acts;
  • Fresenius adopted heightened controls on the selection and use of third parties, to include third party due diligence; and
  • The company voluntarily withdrew from participation in pending public contracts potentially related to its illegal acts;
  • The Company enhanced, and has committed to continuing to enhance, its compliance program and internal controls, including by taking steps to ensure that its compliance program satisfies the minimum elements set forth in Attachment B to the NPA.

In addition to the foregoing, the Order noted that the company beefed up its compliance function through “enhancements to its internal accounting controls. FMC strengthened its global compliance organization; enhanced its policies and procedures regarding the due diligence process and the use of third parties; created positions to address potential risks; and increased training of employees on anti-bribery issues.”

Yet even with all of these steps the company still allowed the illegal conduct to continue during the pendency of the internal investigation, into 2016. Apparently, this last point troubled the DOJ who required a monitor be put in place. The NPA stated, “misconduct continued to occur at the Company until 2016, thus the parties have agreed that to ensure and test the effectiveness of the Company’s enhanced compliance program and to prevent a reoccurrence of the conduct outlined in the Statement of Facts, an independent compliance monitor shall be appointed for a term of two years”. Clearly the company did not meet the mandates of the Benczkowski Memo which changed the DOJ default position to one where no monitor would be assigned unless “a corporation’s compliance program and controls are demonstrated to be effective and appropriately resourced at the time of resolution, a monitor will not be necessary.”

In mining the FMC FCPA enforcement action, there are many nuggets for the compliance practitioner to study. The actions which allowed FMC to obtain an NPA included both assistance in the investigation and remedial actions to stop the conduct and prevent it from happening in the future. You should study these for your own compliance program. I hope you will join me next Monday, when I continue this deep dive exploration when I consider some of the lessons learned from the matter.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2019