FCPA Update — The Compliance Defense
In the recent blog post titled FCPA Reform Effort in Light of the Walmart Mexico Bribery Case, I mentioned that, particularly with respect to the addition of a compliance defense, “[t]he Walmart matter will likely spell the end of any serious efforts at reforming the FCPA in 2012.” Interestingly, however, at the same time, informal recognition of a compliance defense by the Department of Justice (DOJ) took center stage in the second quarter of 2012, with the DOJ relying very specifically on the existence of an employer’s robust compliance program, and an employee/defendant’s clear efforts to circumvent the same in the course of violating the FCPA, in declining to prosecute the employer in connection with such violations.
The matter in question involved Garth Peterson, a former managing director for Morgan Stanley’s real estate business in China. On April 25, 2012, Mr. Peterson pled guilty for his role in a conspiracy to evade internal accounting controls that Morgan Stanley was required to maintain under the FCPA (the conduct in question involved bribing a Chinese governmental official to steer business to Morgan Stanley). However, as to Morgan Stanley’s culpability, the DOJ noted in its press release that Morgan Stanley maintained a robust FCPA compliance program:
“Morgan Stanley maintained a system of internal controls meant to ensure accountability for its assets and to prevent employees from offering, promising or paying anything of value to foreign government officials. Morgan Stanley’s internal policies, which were updated regularly to reflect regulatory developments and specific risks, prohibited bribery and addressed corruption risks associated with the giving of gifts, business entertainment, travel, lodging, meals, charitable contributions and employment. Morgan Stanley frequently trained its employees on its internal policies, the FCPA and other anti-corruption laws. Between 2002 and 2008, Morgan Stanley trained various groups of Asia-based personnel on anti-corruption policies 54 times. During the same period, Morgan Stanley trained Peterson on the FCPA seven times and reminded him to comply with the FCPA at least 35 times. Morgan Stanley’s compliance personnel regularly monitored transactions, randomly audited particular employees, transactions and business units, and tested to identify illicit payments.”
The DOJ’s press release then went on to note:
“After considering all the available facts and circumstances, including that Morgan Stanley constructed and maintained a system of internal controls, which provided reasonable assurances that its employees were not bribing government officials, the Department of Justice declined to bring any enforcement action against Morgan Stanley related to Peterson’s conduct.”
While this is not the first time that the DOJ has informally recognized a compliance defense in declining to prosecute an employer for FCPA violations of an employee, it is perhaps the most explicit example of such recognition, and is especially noteworthy in light of the DOJ’s recent stance of aggressive prosecution of FCPA violations. Of course, it’s impossible to determine whether this instance is an outlier – perhaps the egregiousness of Mr. Peterson’s conduct, or the fact that he also defrauded Morgan Stanley, played a role in the declination of prosecution of Morgan Stanley – but for the proponents of a formal compliance defense, this matter at least provides an argument that a compliance defense could be added to the mix without substantially undermining the effectiveness of the FCPA. And finally, this matter emphasizes once again the value to an employer of implementing and maintaining a strong FCPA compliance program, which cannot be understated.