Register for our webinar with Meric Bloch to learn how to handle and prevent retaliation claims after workplace incidents.

#Article

Lessons from FCPA Settlements: Investigations, Remediations, and Compliance Programs

by Thomas Fox, author and founder of the Compliance Podcast Network


Over the past 15 months the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear through three Foreign Corrupt Practices Act (FCPA) enforcement actions, their priorities in investigations, remediations, and best practices for compliance management systems. Every compliance professional should study each of these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about the priorities.

The three FCPA enforcement actions are ABB from December 2022; Albemarle from November 2023 and SAP from January 2024. Taken together they point a clear path for the company which finds itself in an investigation, using extensive remediation to avoid a monitor and insight for the compliance professional into what the DOJ expects in a best practices compliance program on an ongoing basis.

Book a Call

Is your compliance program optimized?

Book your call with one of our experts to learn how Case IQ's modern case management software can improve your compliance investigations and reduce your organization's risk of fines and penalties.

Request a Demo

ABB

In late 2022, ABB became first three-time convicted violator of the FCPA, having prior FCPA violations in 2004 and 2010. The bribery schemes were massive and went all the way into the corporate headquarters.

Yet, ABB obtained a relatively low fine and penalty, and, as a three-time FCPA violator, it avoided a monitor. How?

  1. Near Self-Disclosure. It all began with ABB’s attempt to self-disclose.
  2. Note that this attempt was not successful as the South African press broke the story of ABB’s bribery and corruption between the time ABB called to set up a meeting and actually sat down with the DOJ.
  3. True Extraordinary Cooperation. In the SEC Order, it stated, “ABB’s cooperation included real-time sharing of facts learned during its own internal investigation.” This meant ABB was sharing information with regulators as quickly as it found those facts, without necessarily knowing how such admissions might affect its overall case and settlement chances.
  4. Extensive Remediation. Next were the actions by ABB in their remediation. The Plea Agreement reported that ABB “engaged in extensive remedial measures, including extensive employee discipline.”

Albemarle

In November 2023, Albemarle agreed to pay more than $218 million to resolve violations of the FCPA stemming from Albemarle’s participation in corrupt schemes to pay bribes to government officials in multiple foreign countries.

How did the company obtain this positive result?

  1. Timely Self-Disclosure. There was a significant discussion in the NPA around Albemarle’s voluntary self-disclosure to the DOJ. It said the disclosure was not
  2. “reasonably prompt,” as it was made approximately 16 months to the DOJ after initial discovery by the company. This meant the self-disclosure “was not within a reasonably prompt time after becoming aware of the misconduct in Vietnam” and it means that Albemarle did not meet the standard for voluntary self-disclosure. While the DOJ “gave significant weight”, to the company’s voluntary, even if untimely, disclosure of the misconduct, it is certainly cautionary.
  3. Remediation. There were two noteworthy areas in remediation.  The first was the company completely discarded its sales model of using third-party agents and went to a direct sales model. The second was the company’s use of data analytics in two separate manners. The first was to monitor the company’s compliance program and the second was to measure the compliance program’s effectiveness. By using data analytics that Albemarle was able to satisfy the DOJ requirement for implementing controls and then effectively testing them throughout the pendency of the DOJ investigation, Albemarle was able to avoid a monitorship.
  4. Holdbacks. Albemarle engaged in holdbacks, as they did not pay bonuses to certain employees involved in the conduct or those who had oversight. The significance of this effort was important as it qualified Albemarle for an additional fine reduction of a dollar-for-dollar credit of the amount of the withheld bonuses under the Criminal Division’s March 2023 Compensation Incentives and Clawbacks Pilot Program.
Free Webinar

Learn more compliance insights for 2024

Watch our webinar to hear more about the compliance landscape for 2024, plus other workplace trends to prepare for.

Watch the Webinar

SAP

The final enforcement action in this trilogy is SAP, which resolved its FCPA enforcement action in January 2024. Perhaps the most noteworthy initial observations about the SAP matter are that the bribery schemes were truly worldwide in scope, encompassing South Africa, Malawi, Tanzania, Indonesia, and Azerbaijan. The company generated over $103 million in profits, and it was a recidivist as well.

Yet once again the company received a significant discount on its fine and penalty and was not required to have a monitor. How did it achieve this stunning result?

  1. Lack of Self-Disclosure. We must begin with a negative as the message from the DOJ could not be clearer. SAP’s failure to self-disclose cost it between $90 to $120 million in additional fines and penalties. The DOJ spent quite a bit of time talking about SAP’s failure to self-disclose to every compliance professional needs to understand what the DOJ is communicating. The DOJ values self-disclosure over everything else.
  2. Remediation. Here the key was that the remediation began with a root cause analysis. From there the company moved to a risk assessment and gap analysis. SAP conducted a root cause analysis of the underlying conduct then remediating those root causes, conducted a gap analysis of internal controls, remediating those found lacking, and then performed a comprehensive risk assessment focusing on high-risk areas and controls around payment processes, using the information obtained to enhance its compliance risk assessment process.
  3. Holdbacks. As with Albemarle, SAP withheld bonuses totaling $109,141 during the course of its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation, or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees. This qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.
  4. Data Analytics. The references to data analytics and data-driven compliance warrant additional consideration. SAP not only did incorporate data analytics into its third-party program but also expanded its data analytics capabilities to cover over 150 countries, including all high-risk countries globally. SAP had implemented data analytics to identify and review high-risk transactions and third-party controls. SAP follows the Albemarle settlement by noting that data analytics is now used by SAP to measure the compliance program’s effectiveness.

Conclusion

The DOJ and SEC could not have been clearer in these three enforcement actions. Two of the companies, ABB and SAP were recidivists and yet both obtained decidedly superior results. These lessons should be applied to any company which has any investigation ongoing as it can morph quickly to a very serious matter, which may well have to be self-disclosed. But equally importantly, these cases all point to what the DOJ and SEC expect in the way of remediation and provide clear guidance on your compliance program going forward.

Businesses and compliance professionals seeking a reliable, streamlined compliance management system can rely on Case IQ. Request a demo today

Important: This post is for informational and educational purposes only. This post should not be taken as legal advice or used as a substitute for such. You should always speak to your own lawyer.