Yesterday, I considered five Department of Justice (DOJ) Foreign Corrupt Practices Act (FCPA) enforcement actions. Today, I want to look at key FCPA enforcement actions by the Securities and Exchange Commission (SEC). In many ways, the SEC enforcement actions provide more information to the compliance professional about not only internal controls but also best practices compliance programs.
Quad/Graphics – Over Expansion
The first involved Quad/Graphics Inc., (Quad) a Wisconsin-based digital and print marketing provider and its Peruvian subsidiary, Quad/Graphics Peru S.A. The matter was resolved via a Cease and Desist Order (Order). In it, the company agreed to pay $6,936,174 in disgorgement, $959,160 in prejudgment interest, and a $2 million civil penalty, for total monetary relief of nearly $10 million.
This matter is a prime example of a company which expanded through merger and found itself in a foreign market which significantly increased its risk profile, all the while with the corporate office blissfully unaware of the increased corruption risk the company had bitten off. Quad was a privately held printing company headquartered in Sussex, Wisconsin, with a focus on domestic sales. In 2010, it acquired World Color Press, Inc. and became a public company with a major international presence.
Unfortunately, the company did not take steps to either assess or address its new risk profile. While the company’s compliance program was “almost non-existent in 2010”; after the merger it did no better with the company appointing its first Director of Compliance, only in 2011. Even this appointment did nothing to help ameliorate the problem as the company hired an “individual with no compliance experience or training and an information technology background”. Moreover, the company also “failed to implement sufficient internal accounting controls or anti-corruption policies and procedures and failed to conduct meaningful due diligence on third parties. Likewise, internal audit had no visible role in anti-corruption testing and the company failed to conduct broad FCPA or ethics training until approximately 2012.”
Barclays – Gatekeepers
Next consider the enforcement actions of Barclays PLC (Barclays). The matter was resolved via a Cease and Desist Order (Order). In it, the company agreed to pay disgorgement of $3,824,686, prejudgment interest of $984,040, and a civil money penalty in the amount of $1,500,000, for a total payment of $6,308,726 to the SEC. Here there was a major stumble by Barclay’s gatekeepers of compliance as the Asia-Pacific region compliance function seemed blissfully unaware of their role in oversight as gatekeepers for the hiring of high-risk individuals under the FCPA. The compliance function only reviewed such hiring’s for potential conflicts of interest. The Order noted, “APAC compliance officers stated that they were unaware of this aspect of the policy.” Rather amazingly one “senior APAC compliance executive said that he had never read the 2009 anti-bribery and corruption policy.”
This led to the anomalous situation that the “senior compliance officer responsible for reviewing referral hires, acknowledged that, in evaluating hiring requests, he never reviewed information relating to pending business with Barclays’ clients even though he had access to that information.” Moreover, even though Barclays’ policy required “compliance monitoring” in the hiring process, the same compliance officer could not explain what that requirement was or how it was conducted.” [emphasis supplied] When gatekeepers do not bother to read the gate requirements they are charged to enforce, you have very large recipe for illegal actions moving through the gate. At Barclays, this is what occurred. When the compliance function operates as a gatekeeper, it must understand its role and exercise that role.
Westport Fuel Systems – CEO Control Override
According to the SEC Cease and Desist Order (Order), Westport Fuel Systems Inc. (Westport), acting through its Chief Executive Officer (CEO), Nancy Gougarty, and others engaged in a scheme to bribe a Chinese government official to obtain business and a cash dividend payment by transferring shares of stock in Westport’s Chinese joint venture (JV) to a Chinese private equity fund in which the government official held a financial interest. Westport also agreed to pay $2,546,000 in disgorgement and prejudgment interest and a civil penalty of $1,500,000, and Gougarty individually agreed to pay a civil penalty of $120,000.
One of the unusual features of this corruption scheme was that Gougarty did not disclose to the Board that the Asia-Pacific General Manager had told her about the Chinese government officials’ “personal financial interest in the private equity fund or that the Government Official had requested a discount in the share transfer price.” The first time was some nine months prior to this approval when Gougarty deleted this information in a letter to the Board from the APAC GEM. As the Order dryly noted, “If Gougarty had not redacted the sentence, it would have reported to the Board that the Government Official had a financial interest in the Chinese private equity fund.” This action acted as a control override of the Board’s role in oversight of the company’s compliance program.
Juniper Networks – Follow the Money
Juniper Networks, Inc. (JNPR) resolved their long-standing FCPA enforcement action by settling with the SEC via a Cease and Desist Order (Order). The fine paid by JNPR was $4,000,000 in disgorgement, $1,245,018 prejudgment interest, and a civil penalty of $6,500,000, for a total payment of $11,745,018. This matter involved bribery schemes in Russia and China.
It also points to a critical issue in compliance – follow the money. But it is more than simply following the money internally; in the case of JNPR, that would mean successfully auditing the various funds of the company’s subsidiaries. This enforcement action reinforced the question of what controls does your organization have in place to ascertain that discounts provided to customers actually are rebated to those customers? This is the where post contract-execution management comes into play. Compliance does not end when a contract is signed but compliance oversight must continue during the entire contract lifecycle.
These SEC enforcement actions involving the FCPA provided many important lessons to be garnered by a compliance professional. Study them and use the bribery schemes identified and internal controls failures to pressure test your compliance program.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2020