Compliance professionals have quite the FCPA case to consider this week, courtesy of the Securities and Exchange Commission hitting Korea’s largest telecommunications carrier with $6.3 million in penalties and disgorgement for all manner of corrupt practices in the 2010s.
The company, KT Corp., has a long history of corruption. KT agreed to settle the SEC charges late last week, coughing up $2.8 million in disgorgement of ill-gotten gains and paying a $3.5 million penalty. KT also agreed to two years of a quasi-probationary period, where every six months the company will update the SEC on the progress of various compliance improvements KT has promised to make.
The SEC settlement order describes multiple corruption schemes, happening both inside Korea and in Vietnam where KT was bidding on several government spending projects. We’ll take each one in turn. (For the record, KT consented to the SEC’s order without admitting or denying the findings.)
The first scheme happened from 2009 through 2013, when senior executives arranged to pay inflated bonuses to other KT executives, who then gave the surplus back to those senior executives as cash. That generated a slush fund of roughly $1 million, some of which was held in the senior executive’s personal bank account and the rest stored in a safe at KT headquarters. The slush fund was used to pay for gifts to Korean lawmakers who could influence KT’s business environment. Nobody at KT maintained records of the recipients of the gifts, although other KT executives knew about the scheme itself.
The SEC order never names the “KT then-executive officer” who masterminded this effort. Let the record show, however, that then-CEO Lee Suk-Chae resigned in November 2013 when the bribery scandal first became public. Lee was later indicted and sentenced to one year in prison for other bribery schemes that involved hiring family members of Korean lawmakers.
And More KT Corruption!
The second corruption scheme happened from 2014 through 2017 because, as the SEC phrased it, “rather than cease the misconduct and institute improved internal accounting controls to detect and prevent such schemes in the future, KT officials instead devised a new method to continue generating a slush fund.”
In this scheme, henchmen in KT’s corporate relations department arranged to purchase gift cards from one of KT’s vendors and then convert those gift cards into cash. A corporate relations manager would meet the vendor in a van in a parking lot next to KT headquarters, where the vendor gave the manager a manila envelope stuffed with cash equivalent to the value of the purchased gift cards (minus a fee to the vendor). KT executives then kept the cash in a double-locked cabinet until the money was disbursed to other KT employees, who then transferred the funds to Korean lawmakers disguised as political donations.
A third scheme happened in 2015 and 2016. KT made payments of more than $1.6 million to three civic organizations at the request of high-level government officials. Despite those sketchy circumstances, KT took no steps to determine whether the payments were legitimate donations, rather than illicit payments. Even better: two of the three organizations hadn’t even been legally established yet when the donation request was made or when KT executives agreed to make the payments.
We also have a princeling scandal, where KT agreed to hire two advertising executives and an outside advertising agency that all had connections to the “Blue House” (Korea’s equivalent to the White House, then occupied by former president Park Geun-hye). KT performed no due diligence on these hires, and ultimately paid the employees $454,000 in salaries and the agency $5.88 million. There was also bribery in Vietnam, where KT employees and third parties bribed government officials to win contracts on a solar power project and on IT services provided to several vocational colleges.
All of this eventually blew up in KT’s face. In November 2021 South Korean authorities indicted KT Corp. and 14 executives for criminal violations related to illegal political contributions from the slush funds. Really, there’s such a long history of high-level corruption here that we’d need a flow chart to do it all justice.
Internal Control Lessons
Clearly the biggest problems at KT are its tone at the top and control environment. The company has seen multiple CEOs resign in corruption scandals dating back to the 2000s, and the most recent wave of indictments by Korean law enforcement happened only three months ago. So to a certain extent, the rest of our analysis is academic; if you have senior leadership so endemically corrupt, no amount of internal control will save you.
That said, we can still glean some lessons from the mechanics of how KT’s corruption unfolded over the years.
First is the importance of accounting controls to govern the flow of cash or anything that can be converted into cash. The gift cards are a prime example of this. They weren’t cash per se, but they were functionally equivalent to cash — and therefore they could be subject to abuse. So a company could, for example, implement policies that all purchased gift cards must be held by the accounting department in that physical form; or logged with unique numeric identifiers so the company can track each card to its ultimate recipient.
True, when your corporate culture is as rotten as what the SEC describes, those policies won’t be worth squat. But when your culture isn’t that bad, and you are making a sincere effort to police against corrupt payments — policies and procedures to govern things that can be converted into cash are critical.
Indeed, when I read about KT’s gift card scam, my mind recalled the SEC’s enforcement against Sanofi in 2018. In that case, Sanofi extended credit notes (essentially, IOUs) to vendors, and Sanofi’s accounting policies allowed those vendors to exchange their credit notes for cash. You have one guess what that cash was later used for.
Second lesson: the need to consider employees’ personal financial transactions as conduits for bribery. We rarely see this in FCPA enforcement actions, and the risk mostly applies to foreign private issuers. But appreciate the quirk here: when KT employees made political donations to Korean lawmakers, those transactions violated Korean law against corporate political donations and U.S. law against bribing foreign government officials at the same time — even though the government officials weren’t foreign to the Korean employees making the donation. It would be akin to a British investment fund directing its employees at a U.S. subsidiary to make donations to your local state rep: you could violate both pay-to-play rules in the United States and the U.K. Bribery Act, all at once.
If your company might face such a predicament, then you’d need to think about policies and procedures to track employee political donations. Radical Compliance has written about campaign finance compliance, mostly as it relates to money management firms bidding to run state investment funds. Interesting to see that under certain circumstances, those same activities in another country might be an FCPA violation here.
The SEC Resolution
We also have two observations about the SEC settlement. First, notice that the penalty against KT ($3.5 million) is larger than the disgorgement of ill-gotten gains ($2.8 million). That is right in step with what SEC officials have said about their readiness to be more aggressive with penalties, both as punishment for egregious misconduct (which KT’s misconduct most certainly was) and to deter other companies from engaging in similar misconduct. The SEC is putting that penalty philosophy into action.
Second is this quasi-probationary period of two years, where KT must report “the status of its remediation and implementation of compliance measures” to the SEC every six months. If KT discovers any new evidence of FCPA violations during that time, it must report those findings to the SEC immediately.
What’s interesting here is that from the language of the SEC settlement order, it seems that KT does not yet have a full and effective compliance program in place. Yes, KT has taken the usual steps such as firing employees and improving controls, but the SEC settlement also says:
Nonetheless, KT continues to remediate its process around anti corruption risk-assessments, the effectiveness of its audit program, and other internal accounting controls relating to third parties and procedures for regular testing of its internal accounting controls.
Perhaps KT and the SEC just want to get this matter resolved, especially since the company still has serious criminal issues swirling around it back in Seoul. Then again, this settlement doesn’t include any sort of compliance monitor, like we saw when the SEC settled with JP Morgan in December for sloppy recordkeeping.
So what happens if KT somehow mishandles these compliance improvements? The SEC settlement doesn’t say. But I don’t recall seeing an FCPA settlement where the company is still working to bring its compliance program up to standards. I’m also hard-pressed to believe the Justice Department would ever agree to that in a criminal settlement; but here we are. Weird.