You all may have been at a Zoom virtual happy hour on Friday afternoon, but not the folks at the SEC Division of Enforcement! They quietly settled an FCPA case with Italian energy firm ENI that nicked the company for $24.5 million.
In some ways the case is ho-hum. In the late 2000s an ENI subsidiary called Saipem wanted to win business with the state-run oil company in Algeria. Saipem executives “came to understand,” as the SEC settlement so politely phrases the matter, that if they wanted to win that business, they would need to hire an intermediary in Algeria with close ties to the country’s energy minister.
So Saipem hired the intermediary without performing any due diligence. In return, the intermediary performed no actual services other than to receive roughly €198 million in payments and then disburse some portion of that sum into Algerian energy officials’ pockets.
The scheme was orchestrated by Saipem’s long-time CFO, Alessandro Bernini, who first put the bribery plan into motion in 2006. When Bernini later became CFO of ENI itself in 2008, he continued to keep the payments rolling until others discovered the scam in 2012.
But, as always, the scam was discovered eventually. Bernini got fired, years of litigation ensued — and $19.75 million in disgorgement plus $4.75 million in interest later, here we are.
A tale such as this almost seems quaint these days — a throwback to FCPA misconduct of yore, where executives at a foreign company just refused to understand the long arm of U.S. anti-corruption law. Heck, there aren’t even any secret spreadsheets or cleverly corrupt accounting policies involved.
Regardless, compliance professionals do have some points to ponder here. Let’s take a look.
Management Override and FCPA
First consider Bernini’s role in getting this bribery scheme done. According to the SEC he was instrumental, circumventing numerous internal controls and procedures to get payments to the intermediary.
In other words, Bernini abused his power of management override.
For example, Bernini allowed incomplete due diligence on the intermediary (more on that later), negotiated the fees Saipem would pay, and bypassed standard contracting procedures at Saipem to get the intermediary hired and the improper payments going.
Bernini’s interventions continued once he became CFO of ENI. In 2009, an associate of the Algerian intermediary emailed Bernini to ask for help getting Saipem to pay an invoice. Bernini then sent a message (from ENI’s corporate email) to a Saipem accounting manager directing that person to pay the invoice. The invoice was paid.
Incomplete due diligence, bypassed procedures, directions to accelerate invoice payments — that’s management override.
Unto itself, management override isn’t necessarily a bad thing. Many times it’s actually a good thing, expediting some crucial action the company needs to take immediately that normal processes wouldn’t allow. That can even include the emergency onboarding of a vendor or processing of a payment.
As we see here, however, executives can also abuse their override power for nefarious ends. To reduce that risk, instances of management override should be plainly visible for anyone to see. Financial systems should have strong standard operating processes, where every override of internal control is documented. That creates an audit trail with the transparency that compliance and audit executives need — so they can see the fees, see the bypassed procedures, see the contract approvals.
This also reminds us yet again why companies need an independent compliance officer, with sufficient autonomy and power to act as a counter-weight to other senior executives (like a CFO) engaged in corruption.
It’s easy to have a senior compliance manager reporting into the general counsel or VP of regulatory affairs if all the company wants to do is bust line-of-business managers who forget to complete due diligence forms on time. That won’t cut it for a CFO bent on perverting the payment system to funnel millions in bribes out the door. You need a C-level executive who reports to the CEO or the board.
Lame Due Diligence
So how perfunctory was Saipem’s due diligence of the intermediary and the deals with the Algerian government? Get this: Saipem’s legal department conducted a pre-review of the sham contracts prior to anyone signing them, but those contracts had no names included — not even the name of the intermediary arranging the payments.
“Accordingly, Saipem’s legal department did not conduct any review of the intermediary’s business or reputation,” the SEC settlement said, again with its usual deadpan style.
Another excerpt from the SEC settlement:
The intermediary never rendered any legitimate services to Saipem. In fact, the intermediary was wholly unequipped to provide the contemplated consulting services in the technically complex energy design sector, having no employees or offices in Algeria and only a “virtual office” in Geneva, Switzerland staffed by one individual.
So again we’re back to due diligence, and again it’s all about demonstrating how the third party your business wants to use is in fact appropriate for the transaction you want to conduct. That is what regulators want to see. It requires a business rationale for using the third party, actual due diligence procedures performed, and documentation collected and preserved for future reference.
A Word About Subsidiary Oversight
Section 13(b)(6) of the Exchange Act gives parent companies a bit of wiggle room trying to oversee the conduct of their subsidiary. The parent company only needs “to proceed in good faith” to use its influence to assure the subsidiary has sound internal controls.
That’s a lower standard that what a company needs to meet for its own affairs, where Section 13(b)(6) says the company must “make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer.”
Why did that lower standard for a subsidiary not apply here? Two reasons.
First, Bernini was CFO at the parent company ENI while he was helping Saipem to keep the payments going. So ENI could not be proceeding in good faith when one of its senior executives was a participant in the misconduct.
Second, ENI reached a separate settlement with the SEC in 2010 related to a separate FCPA scheme in Nigeria. As part of that deal, ENI agreed not to violate the FCPA again. It also merged the errant subsidiary in that case — into Saipem, which had already begun its bribery scheme in Algeria. So no wiggle room for ENI in this case now.
And what happened to Bernini? An Italian court found him guilty of corruption charges in 2018 and sentenced him to four years in prison. Three months ago an appeals court overturned that conviction and acquitted Bernini of all charges. That appellate ruling may be further appealed to the Supreme Court of Italy.
Meanwhile, Bernini these days is CFO of Maire Tecnimont, an energy firm in Rome that dabbles in natural gas and renewables.