In general, when a company acquires another company, the successor company can be liable for the acquired company’s activities before acquisition. The U.S. Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) have administered Foreign Corrupt Practices Act (“FCPA”) enforcement actions against successor companies in cases involving egregious and sustained violations, where the successor company directly participated in the violations, or where the successor company failed to stop the misconduct from continuing after the acquisition.
To avoid potential FCPA liability for pre-acquisition and post-acquisition conduct, the DOJ and SEC have instructed companies that engage in mergers and acquisition to: (1) Conduct thorough risk-based FCPA and anti-corruption due diligence on potential business acquisitions; (2) Ensure that the acquiring company’s code of conduct and compliance policies and procedures apply as quickly as is practicable to newly acquired businesses or merged entities; (3) Train the directors, officers, and employees of newly acquired businesses and, when appropriate, train agents and business partners on the FCPA and other applicable anti-corruption laws and the company’s code of conduct and compliance policies and procedures; (4) Conduct an FCPA-specific audit of newly acquired businesses as quickly as practicable; and (5) Disclose any corrupt payments discovered as part of its due diligence of newly acquired businesses.
Recently, Michael Volkov, and Jonathan T. Marks, Partner, Baker Tilly US LLP, discussed best practices for integration and audits to ensure a smooth application of compliance policies to the successor company and the conduct of effective audits to confirm the absence of FCPA violations.
This writing outlines some of the key pre and post procedures that should be considered when contemplating or executing on a merger or acquisition.
These procedures are not all-inclusive and must be tailored for your particular situation.
Target Screening for Deal Killers
- Background and negative media searches for previous violations or allegations of corrupt activity involving target, shareholders, or key employees.
Pre-announcement/Pre-close FCPA Due Diligence:
- Review of available documents in data or e-room for FCPA risk factors
- Interviews with key Target management regarding FCPA compliance
- Analysis of country and industry-specific risk factors
- Targeted testing of high-risk transactions, agents or employees
Post-closing remediation and controls implementation
- Development and strengthening existing FCPA controls, policies, and procedures
- Employee, agent, and other third-party training
- Monitoring for potential FCPA violations or control weaknesses
Pre-announcement Controls and Risk Assessment
Phase One – Key Procedures
- Learn the business!
- Gain an understanding of the current organizational structure of entities and assets being acquired, including all domestic foreign holdings and related impact on FCPA risks.
- Research the location of business units and the level of corruption risks in those areas.
- Attempt to identify any government links and political connections; corporate affiliations; civil litigation; regulatory issues; and potentially adverse media reports of previous FCPA violations or allegations through online searches of publicly available resources.
- Evaluate the concentration of governmental sales at each business unit of the country in which the target operates.
- Identify business activities/magnitude/locations associated with governmental clients, vendors, and other governmental relationships.
- Obtain and analyze anti-corruption related policies such as gifts, travel & entertainment, charitable contributions and analyze related procedures and controls and management’s level of understanding and enforcement of those policies and controls.
- Assess any anti-corruption compliance training programs including any related training certification protocols.
- Evaluate procedures and controls regarding due diligence of business partners, agents, consultants, etc. and adequacy of anti-corruption provisions in contracts with these third parties.
- Perform initial information-seeking interviews with key target management to obtain clarity on FCPA policies, procedures, and controls to further define the culture and risk profile.
Post-announcement/Pre Close Field Work and Transaction Testing
Phase Two – Key Procedures
- Complete anything not started in Phase One, or follow-up on open questions or concerns.
- Analysis of foreign bank accounts and bank reconciliations.
- Data interrogation (e.g., keyword searches, searches for Politically Exposed Persons ( PEP ) references) based on specific criteria and attributes of transactions to assist in identifying possible anti-corruption compliance risks.
- Analysis of third-party intermediary, agent, and representative. agreements including payment and commission structure.
- Analysis of payments (accounts payable and ‘general ledger’ type activity) to third-party intermediaries, agents, and possible foreign government agencies/officials.
- Analysis of travel, meals, gifts, and entertainment reimbursement account activity and related payments for higher-risk employees (including any type of gifts) Additional interviews of lower-level employees that were not previously aware of the transactions.
- Review of charitable contributions.
Paradigm B.V., a Houston-based oil and gas services provider, entered into a non-prosecution agreement with the U.S. Department of Justice to resolve payments that violated the Foreign Corrupt Practices Act. Paradigm made prohibited payments to foreign officials in China, Indonesia, Kazakhstan, Mexico and Nigeria. It will “pay a $1 million penalty, implement rigorous internal controls, retain outside compliance counsel, and cooperate fully with the Department of Justice,” according to the DOJ’s September 24, 2007 announcement.
Paradigm’s parent company, Paradigm Ltd., which is controlled by private equity fund Fox Paine, discovered the corrupt payments during due diligence for its planned NASDAQ IPO and self-disclosed them to prosecutors. The conduct at issue did not involve current senior management, according to the company. The DOJ said, “Paradigm’s actions in this matter, including voluntary disclosure and remedial efforts, are consistent with our view of responsible corporate conduct when FCPA violations are uncovered. Accordingly, the Department has resolved this case to permit the company to move forward on sound footing, governed by ethical business practices.”
I welcome your thoughts, comments, and suggestions.
Stay safe, and be well!
Jonathan T. Marks, CPA, CFF, CFE