Harry Cassin Publisher and Editor

Andy Spalding Senior Editor

Jessica Tillipman Senior Editor

Richard L. Cassin Editor at Large

Elizabeth K. Spahn Editor Emeritus 

Cody Worthington Contributing Editor

Julie DiMauro Contributing Editor

Thomas Fox Contributing Editor

Marc Alain Bohn Contributing Editor

Bill Waite Contributing Editor

Shruti J. Shah Contributing Editor

Russell A. Stamets Contributing Editor

Richard Bistrong Contributing Editor 

Eric Carlson Contributing Editor

Bill Steinman Contributing Editor

Aarti Maharaj Contributing Editor

FCPA Blog Daily News

« Trouble For BAE's U.K. Plea Deal | Main | The Alba Files »

Compliance 'Half Measures' and the Ghost of Christmas Yet to Come

By Jeffrey M. Kaplan

For FCPA practitioners and the companies they advise, one of the good news stories of 2010 is that the Justice Department has finally begun to take a more public approach to providing credit in enforcement decisions for companies that had a good compliance program at the time of their offense, i.e., a good “pre-existing” program.

Looking out at 2011 and beyond, it seems likely that compliance programs will play an increasingly greater role in enforcement decisions. But that does not mean we have entered an era of easy leniency. To the contrary, if compliance programs start to count for more it seems inevitable that prosecutors will review them in a more informed – and thus more demanding – way.

This brings me to the recent case involving RAE Systems in which, according to the non-prosecution agreement, the company learned of a practice of FCPA violations in a joint venture it had in China but also concluded that “implementing an effective compliance program could hurt sales,” and so did not take meaningful steps to prevent the wrongdoing.  Some of its personnel did, however, want to “evidence” that they were trying to stop bribery and so they provided “some FCPA training to [the at-risk personnel] and did tell [them] to stop paying bribes and providing other improper benefits,…” But, as the non-prosecution agreement notes, “such steps were half-measures. RAE Systems did not impose sufficient internal controls or make sufficient changes to high-risk practices.”

An obvious lesson here is that for an organization with any real FCPA risk, training – while necessary – is not by itself sufficient. Rather, the “harder edges” of compliance – controls, auditing and real enforcement – are also indispensable to program efficacy. This has always been the case as a matter of fact (as well as of law, given the internal controls requirements of the FCPA); but I imagine that we will hear more about it as a matter of future enforcement decision making.

RAE Systems – and particularly some of the above-quoted language from the non-prosecution agreement – is also worth considering vis-à-vis potential individual accountability for taking compliance “half-measures,” at least in cases involving a wrongful intent (which I am not suggesting was present there).  Perhaps this occurred to me because I once represented two lawyers who were suspected by a federal prosecutor of having deliberately conducted a half-measure internal investigation for deceptive purposes. No charges were brought (and, from my perspective, none were even close to being warranted).  But with the wrong set of facts the result could be different in a case involving compliance program half-measures – especially if, as I believe will happen, there is a generally decreasing tolerance by prosecutors for Potemkin programs.

Finally, I should emphasize that I am being entirely speculative here, and know of no FCPA cases where a prosecution of this sort has been brought.  But, in the spirit of the Ghost of Christmas Yet to Come, I offer the “shadows” of some unhappy possibilities so that they never might come to pass.

Jeffrey M. Kaplan, a partner in the Princeton, New Jersey office of Kaplan & Walker LLP, has practiced in the compliance law field since the early 1990’s. He can be contacted here.

Reader Comments (1)

Jeff - Good observations. And I suspect many compliance programs are not as good as the company managers think they are. Training, codes of conduct, and CEO letters are nothing more than a starting level. Companies who think this will get them a pass from the government are setting themselves up for a sharp disappointment. Joe
December 20, 2010 | Unregistered CommenterJoe Murphy

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
All HTML will be escaped. Hyperlinks will be created for URLs automatically.