Recent developments in respect of the Foreign Corrupt Practices Act (FCPA) and its enforcement have given tech companies more cause for concern in M&A due diligence than ever before. Once a prominent consideration for companies operating in the defense, pharmaceuticals, and financial services sectors, targeted enforcement of the FCPA by the United States Department of Justice (DoJ) and the Securities and Exchange Commission (SEC) in unconventional industries like private equity, insurance, retail, and technology, have prompted such companies to subject themselves to greater internal scrutiny and create risk management strategies that account for the prevailing FCPA-enforcement climate.
Tech-sector businesses are particularly vulnerable to the enforcement drive, ostensibly because of the excessive reliance they place on third-party resellers, distributors, agents and consultants to transact on their behalf in foreign markets. Indeed, the mere existence of clauses in third-party agreements that include “vaguely described services,” or engaging with a third party “closely associated with a foreign official” may attract the application of the FCPA. After Microsoft and IBM, Hewlett-Packard (specifically its Polish division) is the latest big name in the tech industry to be investigated by the DoJ and SEC, as well as the Polish Central Anti-Corruption Bureau, for alleged bribes paid to officials for public sector transactions in Poland, in addition to various other Eastern European countries since 2010.
Since its enactment in 1977 in the wake of the Lockheed and Bananagate bribery scandals, the FCPA has served as a means of regulating the conduct of (1) companies incorporated in the Unites States, (2) companies (including foreign companies) listed on a United States stock exchange, and (3) United States citizens and residents, regardless of their physical presence in the United States – prohibiting the bribing (ambiguously defined as “paying or offering to pay anything of value”) of foreign officials, candidates, and political parties (or any other recipient who can be traced to one of the aforementioned types of entities) with a view to gaining a competitive advantage in foreign markets.
At the same time however, the Act affords little by way of certainty and predictability as to its application, and the issuance of A Resource Guide to the U.S. Foreign Corrupt Practices Act by the DoJ and SEC in late 2012 has done little to remedy the situation at hand. Indeed, clarity on basic concepts such as the scope of the term “foreign official” and more intricate ones such as the recognition of a category of legal “grease payments” specifically designed to expedite the performance of an official’s duties is crucial to avoiding the consequences of a violation, which, once proved, can be crippling – note that the DoJ has, in the past, imposed penalties of up to $450 million for a single violation of the FCPA, and collected over $1 billion in 2010 in FCPA fines and penalties alone.
Moreover, while the FCPA does not envisage private claims, it is not difficult to envision the myriad causes of action that may arise on account of a violation of this enactment – by competitors who have suffered harm as a result of corrupt practices of the company or shareholders who may bring a derivative claim against the management. Indeed, the shift in surveillance and enforcement policy of the authorities responsible for the implementation of the FCPA is understandable, given that despite operating in the same corrupt markets, tech-sector businesses have thus far failed to be held accountable for FCPA violations. Understanding the policy and scheme of the Act, as well as international legal instruments such as the OECD’s Anti-Bribery Convention, coupled with greater due diligence on third-party agents is thus vital for such companies to reduce exposure and remain compliant with anti-bribery legislation in a stagnating global market.