The good news for compliance officers, as you may have already heard, is that we have another FCPA enforcement action under the Trump Administration— and yet again it’s a decision not to prosecute, because the company in question met all the criteria of the FCPA Pilot Program.
The company is CDM Smith, a privately held construction firm in Boston. According to the Justice Department’s declination letter, from 2011 into 2015 CDM paid $1.18 million in bribes to government officials in India to win highway construction contracts in India. Those bribes netted CDM roughly $4 million in profits.
The bribes were hidden as payments to subcontractors, typically worth 2 to 4 percent of the total contract value. In reality those subcontractors either didn’t exist or did no work, and the money went to the government officials scratching CDM’s back. Apparently all CDM’s senior executives in India knew about and participated in the scam.
That’s the top half of the Justice Department’s declination letter, outlining the facts that both parties have agreed to disclose. Then comes the bottom half of the declination letter, where the department spells out why it decided not to prosecute.
This is where things start to get more frustrating for us in the compliance community.
CDM received a declination because it fulfilled all the criteria of the FCPA Pilot Program, and the letter outlines what those actions were. To wit: the company disclosed the FCPA violation to the Justice Department voluntarily. It conducted a thorough investigation and cooperated fully with prosecutors. It agreed to disgorge all ill-gotten profits from the bribes, which totaled $4.04 million. It improved internal accounting controls and strengthened its compliance program. And lastly, CDM fired all the executives and employees involved in the misconduct.
That’s a good outcome for CDM. For everyone else: the wording of that explanation is substantively identical to the Justice Department’s prior FCPA declination several weeks ago—even though the cases differ in important ways. All we have to digest is boilerplate. That doesn’t do much to illuminate how the Trump Administration will enforce the Foreign Corrupt Practices Act.
What Boilerplate Looks Like
The first FCPA declination of the Trump Era was announced on June 16 against Linde Corp., a chemical company in Germany. In that case, the bribery misconduct happened much earlier (2006 to 2010), and was concocted by several executives in a U.S.-based Linde subsidiary before Linde had even acquired that business. Linde agreed to forfeit more cash ($11.2 million) because the scheme had netted more money, but the outcome was essentially the same: declination to prosecute because the company met the criteria of the FCPA Pilot Program.
What’s frustrating is that we don’t really know how Linde or CDM Smith met the criteria of the Pilot Program; or why meeting the criteria resulted in no prosecution, when under the Obama Administration a company might have received a deferred-prosecution agreement or some amount of penalties. Did these companies handle their FCPA violations in some fundamentally better way? Or have prosecutors in the Trump Administration fundamentally changed their tune, in favor of no corporate prosecutions?
Don’t take my word for it; read the two declination letters side by side. In those bottom portions describing how Linde and CDM fulfilled the Pilot Program requirements, long passages are nearly identical. (Enthusiasts can verify this by entering the text into www.TextDiff.com if you like.) What is “timely, voluntary self-disclosure of the matter” when one case happened years ago and the other was ongoing into 2015? What are the “steps the company has taken and continues to take to enhance its compliance program,” beyond firing the offending employees?
This is no esoteric point for compliance officers. If we can’t identify what these companies did right, we can’t determine how to emulate that behavior—or whether we can adopt the cynical view that the Trump Administration just isn’t interested in prosecuting corporations any more, so let’s not try too hard at building a rigorous FCPA compliance program. At least some employees and third parties in your extended enterprise have that cynical view already. Compliance officers need a compelling argument, with tangible evidence, to thwart it. Right now, you don’t have much.
Linde might have a defensible argument that in the mid- to late 2000s (when its misconduct was happening), vigorous FCPA enforcement was still new and “effective” compliance programs weren’t nearly as well-defined as they are today. CDM, on the other hand, had misconduct happening into 2015. It seems to be saying and doing all the right things for strong business integrity today (check out the compliance section on its website), but what was the state of its compliance program in 2013 or 2014 when the misconduct was ongoing? We don’t know.
What We Need
I’m not arguing that the Trump Administration needs to punish all FCPA violations at the more severe levels we saw during the Obama Administration. It doesn’t. There are plenty of good arguments for declinations. But we don’t have any arguments right now; just declination letters with generic language that the company met the criteria of the FCPA Pilot Program. That’s not enough if compliance officers want to understand the proper amount of resources they need to manage compliance in the Trump Era.
In a perfect world, declination letters would be much more specific about what the company in question did for investigations and compliance improvements. Here in the real world, a speech or two from someone in the Fraud Section or the Criminal Division about FCPA enforcement and corporate misconduct would help. Except we still still don’t have an assistant attorney general to oversee the Criminal Division, and the acting deputy overseeing the Fraud Section has been nominated to the dream job of serving on the federal bench. And the speeches we did hear earlier this year weren’t anything more than the usual boilerplate, either.
So we in the compliance community—we wait. We wait for an example of serious FCPA misconduct that might garner a DPA or a compliance monitor. We wait for the Walmart settlement (where the question of a monitor will be much more telling than any monetary penalties). We wait for more prosecutions against individuals, perhaps to glean hints of what their employers provided as cooperation.
At least we know that an ability to meet the requirements of the FCPA Pilot Program is important. What exactly does that mean in the Time of Trump? Stay tuned.