By Greg Wolski and Virginia Adams
Allow me to introduce one of my colleagues, Virginia Adams. Over the years, Virginia and I have worked closely on a number of anti-corruption due diligence matters spanning various industries and geographies. The majority of these matters have involved contemplated acquisitions or investments in emerging markets, both by corporate acquirers and private equity firms. Our proactive due diligence efforts have surfaced many interesting scenarios — from flat-out bribe-paying admissions and uncovering payments to agents with mysterious ties to government officials in highly corrupt countries, to analyzing compliance programs requiring only a few tweaks to bring up to minimum standards—all assisting our clients in assessing potential risks that could cause trouble down the road.
Virginia is a senior manager based in our New York office who focuses her practice around various anti-corruption services, including investigations, compliance monitoring and risk assessments, in addition to proactive due diligence. She brings many years of field experience working in emerging markets and identifying firsthand what potential corruption risks could be lurking.
This week’s post relates to a recent trend we are seeing emerge in FCPA settlement agreements with the U.S. Department of Justice (DOJ). During the first half of 2012, four companies reached agreements with the DOJ, which laid out requirements for anti-corruption due diligence, monitoring and reporting in the context of mergers and acquisitions (M&A). Specifically, the four companies are required to:
- Conduct FCPA due diligence on potential acquisitions
- Report to the DOJ evidence of corrupt payments or weak internal controls in any company they acquire or merge with
- Apply “as quickly as is practicable” their anti-corruption policies and procedures to the new entity once acquired
- Conduct an “FCPA-specific audit” of new merged or acquired entities
These settlement agreements reiterate the DOJ’s view on an increasingly important aspect of anti-corruption compliance and emphasize that any organization that wants to keep up to speed with evolving best practices should integrate these components into their compliance programs. As these minimum anti-corruption compliance requirements are better defined by U.S. regulators, there appear to be many similarities to the minimum standards laid out by the U.K. Ministry of Justice in the 2010 U.K. Bribery Act guidance, including proportionate procedures, top-level commitment, risk assessment, due diligence, communication and monitoring.
As it relates to conducting due diligence on potential acquisitions, many questions often arise regarding what is enough. We often suggest a phased approach, beginning with high-level procedures, which can help to determine if additional digging is warranted. Typically, the first phase includes performing background checks on target companies, including key individuals at the target such as owners and executives, and may extend to identified third parties and agents acting on the target company’s behalf. This phase also includes interviewing key executives (e.g., legal, compliance, ethics, business development and finance), reviewing anti-corruption policies and procedures, and performing a high-level risk assessment. Any identified potential red flags could highlight the need for a second phase, which could include transaction testing, electronic document review, site visits and additional interviews. A third potential phase relates to assisting with the implementation and monitoring of a post-closing anti-corruption compliance program, including assisting in the development or enhancement of existing anti-corruption policies and training.
Some acquirers approach transactions assuming that any issue can always be fixed post-closing and take more of a check-the-box approach to pre-acquisition anti-corruption due diligence. Such an approach may not only result in failing to appropriately assess anti-corruption risks based on the information that they have been provided, but also put the acquirer in the uncomfortable position of potentially engaging in criminal behavior themselves. Just digging a little deeper or talking to the right target employees often results in the identification of information that could have a potentially significant detrimental effect on deal value.
Future posts will discuss the remaining requirements laid out by the DOJ, including procedures to put policies and procedures in place in newly acquired entities and to monitor these entities through FCPA-specific audits on a go-forward basis.
The views expressed herein are those of the authors and do not necessarily reflect the views of Ernst & Young LLP.