Trump Halts FCPA Enforcement
OK, the inevitable has happened. President Trump has issued an executive order directing the Justice Department to halt all enforcement of the Foreign Corrupt Practices Act and devise new enforcement guidelines for future prosecution. Let’s all take a deep breath, and then move on to consider the implications for corporate compliance programs.
Is Trump’s anti-anti-corruption declaration a big deal? Of course. It sends a terrible signal to anti-corruption efforts worldwide, as the United States surrenders its two decades of leadership in the fight against corruption. It puts U.S. businesses in an awkward position I’m sure many would rather avoid. It will, in the fullness of time, expose businesses to more pressure from corrupt governments worldwide and more cost to do business around the world.
All that said, will Trump’s executive order decimate corporate ethics and compliance programs? I’m not so sure.
Let’s start with a close read of what the executive order actually says. Trump begins by saying enforcement of the FCPA has been “stretched beyond proper bounds and abused” in a manner that harms the interests of the United States. A president’s foreign policy authority “is inextricably linked with the global economic competitiveness of American companies,” he says, and since FCPA enforcement has made American companies less competitive, that endangers the president’s ability to achieve foreign policy goals.
That’s some pretzel-twisted logic about what the interests of the U.S. are and how those interests might be achieved, but anyway, that’s how Trump rationalizes the matter. From there, he orders new attorney general Pam Bondi to…
- Take at least six months, and possibly as long as one year, to review all guidelines and policies about FCPA investigations and enforcement;
- Not launch any new FCPA investigations “unless the attorney general determines that an individual exception should be made;”
- Review all existing FCPA investigations and enforcement actions and “take appropriate action with respect to such matters to restore proper bounds on FCPA enforcement and preserve presidential foreign policy prerogatives;”
- Issue updated guidelines or policies “to adequately promote the president’s Article II authority to conduct foreign affairs and prioritize American interests.”
And regardless of whatever those new FCPA enforcement guidelines might be, all future investigations will need specific authorization of the attorney general, rather than the discretion of the Justice Department’s FCPA unit or any local U.S. attorney.
What Does That Mean for FCPA Enforcement?
Right now nobody knows what the details of all this will mean for FCPA enforcement, but the broad thrust is pretty clear: Trump wants to create an FCPA enforcement regime that gives him sole discretion to use the FCPA as he sees fit. Hence the language framing the FCPA as a tool to support his Article II authority and naming the attorney general as the only one who can authorize an FCPA investigation.
Also notice that part about reviewing prior FCPA enforcement actions and “taking appropriate action with respect to such matters to restore proper bounds on FCPA enforcement.” Again, we can only speculate here; but my speculation is that this means Bondi will move to terminate deferred- or non-prosecution agreements early (an idea the Biden Administration had already floated last fall), which would in turn mean an end to any ongoing reporting requirements a company under an FCPA settlement might have.
At the same time, however, there is that line saying no new FCPA investigations unless the attorney general determines that an exception should be made. So clearly we could see more FCPA enforcement under the right circumstances — but those circumstances will only be decided by Bondi, who only takes her marching orders from Trump. Considering how transactional he is, it’s a safe bet to conclude that Trump wants FCPA enforcement at his disposal as an executive branch tool: weaponized enforcement, serving other interests Trump might have.
That brings us to the new enforcement guidance Bondi will issue sooner or later. Presumably the headline will be, “The president can do whatever he wants on FCPA enforcement.” Beyond that, we’re bound to see more leniency, such as fewer corporate penalties and more time to self-disclose misconduct; but the exact retreat from previous FCPA enforcement policies is anyone’s guess.
What Does It Mean for Compliance Programs?
Well, quite possibly not that much. Hear me out.
First, the Justice Department is voluntarily deciding not to enforce the FCPA — but that doesn’t erase the Foreign Corrupt Practices Act from the books. It’s still a statute that companies are legally required to obey. So sure, a company could take Trump’s executive order as a green light to engage in bribery and dismantle its corporate compliance program; but that company would then be breaking the law and racking up potential future enforcement actions.
This is essentially the same point I raised in a previous post about the Consumer Financial Protection Bureau, which also went into the enforcement deep-freeze over the weekend. Lack of enforcement does not erase the underlying compliance risk. Only a change in statute or regulation can do that.
Second, I’m hard-pressed to believe many large companies actually want to embrace corruption and bribery, even if their FCPA enforcement risk drops to zero. Contrary to what Trump believes, the ability to bribe foreign government officials does not bring any competitive advantage to U.S. businesses. Those foreign government officials will now hit you up for bribes more often, because they won’t believe you when you say, “Nope, sorry, we can’t do that.” The company paying the bribe is diverting cash from other useful purposes like product development; the competing companies that lose the contract thanks to corruption must now divert their cash to bribery too.
Corporate corruption is the business equivalent of heroin: it feels great the first time you do it; then you get addicted and that first-time, feel-good high fades away as you collapse into poor health. Corruption eats away at innovation, growth, price determination, capital allocation, and other fundamentals for business success. Corruption is the refuge of the flabby, weak, and unimaginative.
Third, the FCPA is no longer the only anti-corruption statute in town. You’ll still have other countries with their own version of the FCPA, and laws against bribing their own government officials; so if your company engages in overseas bribery, you still face potentially significant enforcement risks. Nor should we dismiss the possibility of other countries weaponizing their own anti-corruption statutes against U.S. companies, as leverage for some other beef with the Trump Administration.
Fourth, your FCPA compliance program is — or at least should be — only one part of a much larger ethics and compliance program that addresses a wide range of fraud, corruption, and misconduct issues. You’re not going to dismantle your internal hotline because employees still use that to report other possible compliance violations. You’re not going to end your third-party due diligence because there are 1,000 other ways a third party might bring risk to your organization, and management needs to know that. Risk assessment, control testing, audits — the need for all those things will remain.
Indeed, it’s even possible that this retreat on enforcement will leave compliance officers with more to do. Think about it: more employees and third parties probably will try to exploit this green light from Trump; which may well lead to more employees reporting those violations via the internal hotline; and you’ll need to investigate them to at least some degree. Even if your company decides not to self-report the violation (Why bother? The Justice Department won’t care), most management teams will still want you to clean up the mess.
So yes, Trump’s pause on FCPA enforcement is a step backwards in the fight against anti-corruption. It’s a big disappointment — but for the actual day-to-day routines of corporate compliance functions, this might not be the kick in the [expletive] it first felt like.