By Baker & McKenzie | September 23rd, 2015

By John P. Cunningham and Jacob I. Chervinsky

A strategic, proportional, and comprehensive document review is one of the most critical components of an effective Foreign Corrupt Practices Act (“FCPA”) investigation. A company’s internal documents and data often contain the best evidence of potentially improper payments. It is not surprising, therefore, that U.S. enforcement authorities in FCPA matters place great emphasis on obtaining and analyzing relevant documents, data, and other reviewable information. For this reason, it is incumbent upon any company in a cooperative posture with the government to disclose as much relevant, non-privileged information as practicable.

When a document review is mishandled, the repercussions can be severe. Flaws in the document review process, for example, may cause enforcement officials to question the integrity of the investigation. This, in turn, can lead officials to dedicate more resources to their own search for evidence relating to alleged improprieties. Moreover, if a company fails to identify and disclose relevant documents that the government later obtains independently, the credibility of the investigation could be called into question, and the company may be forced to contemplate harsher penalties or sanctions.

Legal commentators have dedicated significant attention (in an FCPA context) to analyzing certain topics related to the document review process, including when to launch an internal investigation and how to handle issues such as e-discovery and disparate data privacy laws. In this article, we examine a less-explored but equally important topic: where should a company conduct document review during an FCPA investigation?

Some commentators have noted that documents pertaining to alleged bribery should be handled solely by U.S. lawyers in the United States, while others opine that potentially incriminating documents are best kept outside U.S. borders. Below, we analyze these and other important considerations to help shed light on how companies can select the best location to conduct document and data review in an FCPA investigation.

Read More

By Baker & McKenzie | September 15th, 2015

By Jessica Norrant-Eyme and Brian L. Whisler


On July 22, 2015, France’s Finance Minister, Michel Sapin, presented the framework of a bill which would create a new anti-corruption authority and introduce U.S.-style monitorships into French law.

This new legislation represents a reaction to international pressure brought to bear against the French government for its perceived laissez-faire enforcement of corruption, and a response to the severe sanctions imposed by the U.S. Department of Justice (“DOJ”) against French companies.

In view of the forthcoming legislation, French companies (and international companies doing business in France) would do well to prepare and implement an effective anti-corruption compliance program to mitigate enforcement risk and avoid sanctions.


Corruption is currently a criminal offense under French law.  However, unlike regimes in the U.S. and many other jurisdictions, there is currently no legal requirement for businesses to adopt internal measures to prevent corruption.

Moreover, France’s Central Service for the Prevention of Corruption (Service Central de Prévention de la Corruption, or “SCPC”), created in 1993, has a very limited enforcement role — it has no investigative or prosecutorial powers and can only make recommendations on matters involving alleged corruption.

International Pressure on France’s Anti-Corruption Enforcement Efforts

In October 2012, the Organisation for Economic Co-operation and Development (“OECD”) declared that France was not in compliance with the OECD Anti-Bribery Convention and expressed serious concerns with France’s enforcement approach.  In its 2014 follow-up report, the OECD reported that the situation had not materially improved and that France “still falls far short of … expectations,” having neglected or mishandled the implementation of the OECD’s prior recommendations.

Among other things, France has been the target of significant criticism from the international community for perceived weak and infrequent prosecutions resulting in a significant increase in acquittals, dismissals and case closures in recent years.

According to a new report from Transparency International published last month, which classifies member countries of the OECD Anti-Bribery Convention into four groups ranked by enforcement environment, only four of 41 member countries are considered to have made a robust commitment to actively investigate and prosecute companies that bribe foreign officials.  France has perennially ranked in the next-to-lowest tier, reserved for countries with “limited enforcement”; foremost among the reasons cited in the latest report is France’s execessive lenience in applying sanctions.

Read more

By Baker & McKenzie | June 24th, 2015

By John P. Cunningham and Crystal Roberts Jezierski

The question of where a compliance department should reside within the corporate configuration is getting significant attention by companies and commentators alike. Indeed, news reports over the past year have underscored the trend of elevating Chief Compliance Officers (“CCOs”) in the company hierarchy, creating separation between compliance and legal within the corporate infrastructure, and boosting spending on compliance resources. Moreover, because the aptitude of companies in detecting, preventing, and deterring unethical and/or criminal conduct through effective compliance is increasingly scrutinized by enforcement authorities worldwide, the need for a trained, dedicated, and independent corporate compliance function may be more important than ever.

This idea of an empowered CCO working collaboratively with a dedicated compliance department has fostered a robust public discussion about where exactly a compliance group should be housed in the corporate configuration, and whether it should be operated and maintained separately from the legal department. Many companies are opting for separation and independence, furthering a trend that has gained considerable support from relevant law enforcement and regulatory bodies. This article explores this trend and discusses the pertinent regulatory and practical considerations for companies seeking to make an informed decision on how best to structure and resource their compliance groups.

History and Evidence of the Trend

The dialogue over best practices with respect to a company’s compliance structure took on increased significance when, in 2010, the U.S. Sentencing Commission revised the definition of an “effective compliance program” in the U.S. Sentencing Guidelines (“Guidelines”) to require that the individual with operational responsibility for the program have direct reporting obligations to the organization’s governing authority (e.g., board of directors). The Guidelines explain that this individual must have authority to communicate personally and promptly to the governing authority on any matter involving criminal conduct (or potential criminal conduct) and at least annually on the implementation and effectiveness of the program.

Similarly, in 2012, in A Resource Guide to the U.S. Foreign Corrupt Practices Act, the U.S. Department of Justice (“DOJ”) and Securities and Exchange Commission (“SEC”) emphasized that the individual responsible for oversight and implementation of a company’s compliance program “must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources to ensure that the company’s compliance program is implemented effectively.” And outside of the United States, Brazil’s Clean Company Act, the new criminal code requirements in Spain, and the U.K. Bribery Act all incorporate the expectation that an effective compliance program will include a lead compliance officer with a certain level of seniority, autonomy, and independence vis-à-vis other corporate groups, such as legal.

Read more

By Baker & McKenzie | May 5th, 2015

By  and 

In February, yet another high-profile negotiated settlement between a company and a government agency was thrown into doubt after a judge refused to approve the terms reached by the parties. On Feb. 5, U.S. District Court for the District of Columbia Judge Richard Leon refused to approve a motion filed by the Department of Justice and Fokker Services B.V. (‘‘Fokker’’), thereby effectively rejecting the parties proposed deferred prosecution agreement (‘‘DPA’’), because he found the terms of the DPA to be ‘‘anemic.’’ The parties have appealed his decision and recently requested an expedited review by the U.S. Court of Appeals for the District of Columbia Circuit.

This is at least the fifth proposed settlement between the federal government and a corporation that a federal judge has questioned in the last four years. Judge Leon previously initially rejected a Foreign Corrupt Practices Act settlement between the Securities and Exchange Commission and IBM Corp. He approved another FCPA settlement between the SEC and Tyco Int’l Ltd., but only after a nine-month delay and the parties agreed to a stringent schedule of compliance reports to be filed directly with the court.

Judge Leon is not alone in his increasingly aggressive review of government settlement agreements. His Fokker opinion relied in part on a prior ruling by Judge John Gleeson of the U.S. District Court for the Eastern District of New York, which emphasized the courts’ supervisory power to decide whether to approve DPAs. In that case, Judge Gleeson delayed approval of a settlement agreement between the DOJ and HSBC relating to alleged money laundering violations. This newly assertive judicial role in reviewing these agreements arguably began in 2011, when U.S. District Court for the Southern District of New York Judge Jed Rakoff rejected an SEC settlement with Citigroup regarding alleged misrepresentations in structuring and marketing a billion-dollar fund through which investors lost millions of dollars. Although an appellate court ultimately reversed Judge Rakoff’s ruling as an abuse of discretion, other judges seem undeterred from following his lead.

Courts routinely approve parties’ proposed settlement agreements, whether they relate to a simple lawsuit between private parties, or a plea agreement or other negotiated resolution with the government. However, in the above-mentioned cases, judges have been concerned that the corporation was getting off too lightly for the alleged violations. Although each of these corporations were facing millions of dollars in penalties under the agreements they negotiated with the government, the courts wanted more. Judge Leon, for instance, noted that Fokker’s penalties only equaled the profits it allegedly obtained through the sanctions violations. Judge Rakoff objected that Citigroup was not required to admit the truth of the SEC’s allegations and that the affected investors were unlikely to benefit from the proposed settlement. Notably, in part as a result of Judge Rakoff’s criticism, the SEC has changed its policy and now frequently requires corporations to admit liability in settlement agreements, even though the appellate court reversed Judge Rakoff on this point.

Read more

By Baker & McKenzie | January 5th, 2015

By Barrie L. Brejcha

As Foreign Corrupt Practices Act (“FCPA”) enforcement efforts by the U.S. Department of Justice (“DOJ”) and the U.S. Securities and Exchange Commission (“SEC”) continue to increase, so too have shareholder lawsuits based upon the underlying bribery allegations. Indeed, the public announcement of the initiation or resolution of a government-led FCPA investigation almost invariably triggers a shareholder class action suit alleging issues with the company’s public disclosures, or a derivative action charging that directors and officers breached fiduciary duties by failing to implement necessary internal controls and policies to ensure compliance with relevant anti-corruption laws.

While many “follow-on” lawsuits do not survive a defense motion to dismiss – because they are often lacking specific facts to establish the requisite state-of-mind on the part of directors/officers or demonstrate that the company’s public statements were false or misleading — the costs of settling FCPA-related litigation can be substantial. A number of FCPA-related securities lawsuits have settled for amounts in excess of the penalty paid to resolve the DOJ or SEC charges. By way of example:

  • Nature’s Sunshine paid a civil penalty of $600,000 in 2009 to settle SEC bribery charges, subsequently settling the related securities fraud class action for $6 million.
  • FARO Technologies Inc. resolved its FCPA charges with the DOJ/SEC in 2008, paying a total of $2.95 million; the company settled the related securities class action lawsuit for $6.875 million.
  • Immucor, Inc. consented to entry of a cease-and-desist order with the SEC to resolve bribery allegations in 2007, and paid $2.5 million to settle the related class action lawsuit.

In addition to the settlement amount, the cost of defending civil litigation − often on multiple fronts − can be substantial (and not necessarily covered by directors and officers liability insurance).

Given the financial stakes and reputational costs of collateral civil litigation, companies with global operations need to think strategically while navigating an FCPA investigation to mitigate further risk and limit potential exposure. This article highlights the key questions each company should ask before and during an investigation, and spotlights the resulting best practices for limiting collateral litigation risk.

Read more

By Baker & McKenzie | November 19th, 2014

By Greg McNab and Marcus Hinkley

During the G8 conference held in Northern Ireland in June 2013, Canadian Prime Minister, Stephen Harper, announced that Canada would adopt tougher reporting standards to encourage greater transparency in the energy and mining sectors. On October 23, 2014, the Canadian government delivered on its promise and introduced legislation to enact the Extractive Sector Transparency Measures Act (the “Act”). The Act mandates mining and oil & gas companies to disclose public payments made for the purpose of commercial development of oil, gas and minerals, and takes positive steps towards tackling domestic and foreign corruption in line with international commitments.

As anticipated in our earlier alert, the Act incorporates ideas from foreign jurisdictions as well as recommendations from domestic stakeholders such as the Resource Revenue Transparency Working Group.

1.   Does the Act apply to my company?

In general, an entity that is engaged in the commercial development of oil, gas or minerals anywhere in the world is covered under the Act, if the entity is:

a.   listed on a Canadian stock exchange (such as the Toronto Stock Exchange); or

b.   has a place of business in Canada, does business in Canada or has assets in Canada, and meets at least two of the following conditions for at least one of its two most recent financial years:

i.    it has at least CAD$20 million in assets;

ii.    it has generated at least $40 million in revenue; or

iii.   it employs an average of at least 250 employees.

This also captures corporations, trusts, partnerships or other unincorporated entities that control entities that are engaged in the commercial development of oil, gas or minerals. It is important to note that foreign entities with significant Canadian operations will also be captured by the Act.

It has been reported that Canada is working closely with legislators in the EU and US in order to harmonize the requirements under the Act with upcoming legislation in those jurisdictions. This includes the prospect of a common reporting template and/or mutual recognition of compliance in order to minimize the burden of compliance across multiple jurisdictions - welcome news for domestic and foreign companies( “Companies”) listed or operating in more than one jurisdiction.

2.   What does the new Act require my company to disclose?

Companies will have 150 days after their financial year-end to file a report with the applicable Minister  that outlines any payments of at least CAD$100,000 (or such amount dictated by regulation) made directly or indirectly to a single public body (including domestic and foreign governments, or entity that performs a governmental function), whether monetary or in kind,  during the previous year. The definition of what constitutes a payment under the Act is broad, and includes taxes, royalties, licensing or regulatory fees, production entitlements, dividends (other than dividends paid to ordinary shareholders), infrastructure payments and any other prescribed type of payment.

Although the exact requirements in relation to the level of detail to be included in the report are unknown, it is expected that Companies will be required to provide detailed and thorough information within the reports. The report, and information included within it, must also be made available to the public in a manner to be specified by the Minister for a period of five years.

The Act also requires payments to aboriginal groups to be reported, but this aspect of the Act will be postponed for two years to allow for further refinement of the provisions.

3.   What consequences are there for non-compliance?

The Act provides powers for the Canadian government to request a wide variety of information from a Company for verification purposes, and to designate persons to enter a place in which there are reasonable grounds to believe there is anything to which the Act applies (similar to the audit powers enjoyed by the Canada Revenue Agency).

Non-compliance under the Act can result in a fine of up to CAD$250,000, and the Company as well as the officers, directors and agents can be found liable for any breaches of the reporting requirements, including providing false information. There is, however, a due-diligence defence to any potential breaches of the reporting requirements - highlighting the importance of having a robust compliance program in place that catches activities accurately in multiple jurisdictions.

4.   Practical tips to prepare

The Act builds upon the recent strengthening of anti-corruption law in Canada under the Corruption of Foreign Public Officials Act. While it is unclear exactly what level of disclosure the report will require, how the report is to be made public, and when exactly the provisions of the Act are to come into force, we do know that in his G8 address back in June 2013, Stephen Harper committed to having a reporting framework in place by June 2015. Therefore, entities covered by the Act have less than a year to prepare for the increased burdens implemented by the Act. and depending on when Companies have their financial year-end date, could result in having to provide a compliant report in a short period of time.

In order to ensure that you are prepared for the new disclosure regime your company may wish to:

  • review the compliance program currently in place in your organization to ensure that effective anti-corruption policies, procedures and reporting mechanisms are in place;
  • begin keeping records of payments that may trigger the CAD$100,000 threshold;
  • review current agreements and licenses to ensure that reporting under the Act will not violate contractual or statutory confidentiality requirements; and
  • become familiar with the requirements of the Act generally.

As global attitudes toward anti-corruption begin to change, and legislators introduce increasingly more stringent regimes to combat it, it is important to adopt a pro-active approach rather than a reactive one to increased regulatory scrutiny. Ensuring that an effective anti-corruption regime is in place within the organization, and more importantly, ensuring that an anti-corruption mind-set is prevalent at all levels of management throughout the organization (whether it be in the head office in Toronto or on the mine site in Africa), can aid the transition into the new reporting requirements in Canada and abroad and help mitigate for any issue that may arise.

Baker & McKenzie has experience in complying with anti-corruption laws in jurisdictions around the world and can help guide your company adapt to the new requirements. Feel free to reach out should you have any questions.

Read original alert

By Baker & McKenzie | October 24th, 2014

By John Cunningham and Trevor McFadden

Although the Financial Crimes Enforcement Network (“FinCEN”) is often perceived as the aggregator of Suspicious Activity Reports (“SARs”) and other federally-mandated financial forms and reports, its actual activities extend well beyond the information-gathering role suggested by its designation as a “Network.” FinCEN, in fact, makes proactive use of its regulatory and enforcement powers. Indeed, it was involved in 19 of the 20 largest anti-money laundering (“AML”) settlements with banks in the last decade.

FinCEN was created by Congress in 1990 as an information clearinghouse. It was not granted regulatory authority until four years later. The 2001 terrorist attacks brought a new emphasis to the importance of financial crimes investigations, and Congress again expanded FinCEN’s jurisdiction in the USA Patriot Act to enhance its AML and counter-terrorist financing focus.

Overview of Significant FinCEN Enforcement Actions

Today, FinCEN is a ubiquitous and influential participant in major AML enforcement actions against banks and other financial institutions. It has been involved in roughly twice as many of these actions as either the Justice Department or the Office of the Comptroller of the Currency (“OCC”), the other two most active enforcement authorities in this area.

With respect to its enforcement influence, FinCEN claimed a $461 million fine as part of the massive $2.05 billion JPMorgan settlement in January 2014. Similarly, it collected millions of dollars in fines relating to the TD Bank and Saddle River Valley Bank settlements in September 2013 and the 2012 settlements with HSBC and the First Bank of Delaware.

Although FinCEN handles investigations and settlements with other more traditional regulators and law enforcement agencies, it occasionally acts on its own and against enterprises other than banks. In April 2014, for example, FinCEN assessed a $10,000 civil monetary penalty (“CMP”) against New Millennium Cash Inc. This case was notable because the company was a money services business (“MSB”), not a bank, and the alleged violations related to New Millenium’s inadequate AML program and SAR filings. Also, as recently as August 2014, FinCEN imposed a CMP of $125,000 against BPI, Inc., another MSB, based on what FinCEN perceived as “willful and repeated” violations of the Bank Secrecy Act (“BSA”).Here again the violations involved AML program deficiencies, including controls, testing, and training lapses, along with the noted failure to file even a single SAR prior to 2011. FinCEN also assessed a $2 million CMP against The Foster Bank for purported AML-related failings in another solo enforcement action in 2006.

Information is Power, and FinCEN has Plenty of Both

FinCEN’s over-sized role in the AML arena is directly attributable to its multi-faceted duties as information aggregator, federal rule maker, and law enforcement agency. Thousands of businesses and individuals submit sensitive information to FinCEN each month pursuant to federally-mandated filing requirements. In addition to SARs, FinCEN receives Currency Transaction Reports (“CTRs”), reports from all U.S. persons with control or authority over foreign bank accounts (“FBARs”), and various other forms that demonstrate where money is flowing.  These reports not only include information on the filers, but other parties related to the transactions at issue.

Since last summer, FinCEN requires all of these reports to be filed electronically, which expedites the information-gathering process and greatly enhances FinCEN’s ability to aggregate the information and report it out to other regulators and federal, state, and local law enforcement agencies.

As a regulator, FinCEN also issues rules that carry significant implications for banks and other financial institutions alike, including with respect to high-profile, “hot button” regulatory areas soon after they surface. For instance, over the past year and a half, FinCEN has issued two letter rulings relating to Bitcoins and other virtual currency systems, declaring that the determination of whether an entity is a “money transmitter” for AML regulatory purposes depends on what activity is undertaken and for whose benefit, rather than whether the activity relies on virtual or traditional currency. Similarly, FinCEN made it easier for financial institutions to loan money to “marijuana businesses” in states that have legalized marijuana, but only after the institutions have conducted heightened due diligence of the business and filed a specialized SAR alerting FinCEN to the activities. In both situations, FinCEN has weighed in on cutting-edge issues in a way that enhances the agency’s power and knowledge within these new markets.

Read more

By Baker & McKenzie | October 16th, 2014

By Arlan W. Gates and Douglas M. Tween

Violation Means Compliance Program Was By Definition Ineffective

Stark Contrast With New Draft Canadian Guidance

In a pair of noteworthy and ultimately disappointing recent speeches, leading U.S. antitrust enforcers delivered the message that while they expect companies to invest substantially in antitrust compliance programs, they will not consider a company’s pre-existing compliance program as a basis for a reduction in punishment for a cartel offense. This stands in stark contrast with the position of other components of the U.S. Department of Justice (“DOJ”), and with recent draft guidance issued by Canada, where enforcers say they will consider a company’s pre-existing compliance program when recommending punishment.

It also contrasts with the approach taken (or being developed) to the benefits of competition law compliance in a number of other countries, including the UK and Brazil - see snapshot below.

The U.S. Antitrust Division Position

For two decades the DOJ Antitrust Division (the “Antitrust Division”) has steadfastly refused to consider a company’s pre-existing compliance efforts in mitigation when recommending punishment. U.S. antitrust enforcers take the position that the steep penalties for violations and the opportunity to take advantage of the Antitrust Division’s corporate leniency program, which offers amnesty from criminal prosecution to the first company to agree to cooperate, provide sufficient motivation to companies to invest in antitrust compliance programs. (Notably, the European Commission takes the same view.)

In a recent speech entitled “Prosecuting Antitrust Crimes,” available at, Bill Baer, the Assistant Attorney General in charge of the Antitrust Division, offered some significant observations regarding the administration of the Antitrust Division’s corporate leniency program:

  • An applicant seeking leniency must rapidly provide information to the Antitrust Division, by “conducting a thorough internal investigation, providing detailed proffers of the reported conduct, producing foreign- located documents, preparing translations, and making witnesses available for interviews.”
  • The mere existence of a compliance program will never be sufficient to avoid prosecution or dramatically reduce the penalties for an antitrust violation.
  • “[C]orporate compliance starts at the top. The board of directors and senior officers must set the tone for compliance to ensure that the company’s entire managerial workforce not only understand the compliance program but also has the incentive to actively participate in its enforcement.”
  • The Antitrust Division will take into account early acceptance of responsibility and meaningful cooperation. Companies that accept responsibility and cooperate will receive a lower fine range under the U.S. Sentencing Guidelines, but the cooperation must be meaningful and complete in order to receive credit from the Antitrust Division.
  • Baer expressed skepticism where companies continue to employ culpable senior executives who do not accept responsibility while at the same time claiming that their compliance programs are effective. He said that the Antitrust Division “will have serious doubts about that company’s commitment to implementing a new compliance program or invigorating an existing one.”

Read more

By Baker & McKenzie | June 20th, 2014

By Trevor McFadden

The U.S. Sentencing Guidelines (“Guidelines”) play an important, and often misunderstood, role in the final resolution of Foreign Corrupt Practices Act (“FCPA”) investigations involving the U.S. Justice Department (“DOJ”).  Those unfamiliar with the Guidelines often make two opposite, but equally significant, mistakes in interpreting them.

The first is to ignore the Guidelines when considering potential exposure and strategies relating to FCPA compliance, thereby underestimating the role the Guidelines play in settlement negotiations with the DOJ and the ultimate fine to be paid.  The second is to inflate the significance of the Guidelines, assuming their application is an inflexible process that will lead to a clear and pre-determined penalty.  Either interpretation can result in an uninformed negotiating position with the DOJ and missed opportunities to mitigate financial exposure in a potential settlement.  In truth, the Guidelines provide a reasonable framework that can significantly focus negotiations, while also allowing both sides considerable room to justify a settlement figure that they consider appropriate.

By way of background, the Guidelines apply to all federal criminal cases. The U.S. Sentencing Commission designed the Guidelines (under authority provided by Congress) to maximize uniformity and proportionality in federal sentencing. The Guidelines also aim to make federal sentencing more predictable, curtailing the sometimes arbitrary discretion that prosecutors, judges, and the parole commission have traditionally held in setting federal sentences. Importantly, however, after the 2005 United States v. Booker decision by the U.S. Supreme Court, the Guidelines no longer have binding authority on federal judges, but do representthe fundamental starting point for a sentencing judge.  In corporate plea agreements and deferred prosecution agreements, an agreed-upon Guidelines range and recommended sentence is typically adopted by the sentencing judge.

The Guidelines calculations for organizations (such as corporations) are determined through a multi-step process:

  • First, determine the correct offense guideline, based on the charges and conduct at issue.
  • Second, apply any appropriate offense adjustments, based on the victim, value of loss or other activity, role in the conduct, and obstruction of justice.  This calculation results in a total offense score and base fine.
  • Next, utilize the Guidelines applicable to the sentencing of organizations. This begins with a base culpability score.
  • Additional points are added according to various potential aggravating characteristics.  Points may also be subtracted based on potential mitigating characteristics, such as acceptance of responsibility.
  • The sum of this calculation provides a total score, which corresponds with a “multiplier” range.
  • The multiplier is applied to the base fine to result in a final penalty range.

Under a Guidelines calculation, points are awarded based on the severity of the offense and various other aggravating factors, while points are subtracted for certain mitigating factors. The higher the final score, the higher the ultimate fine range.

Read more

About Baker & McKenzie

ANALYSIS: To Find the Needle, Move the Haystack: Deciding Where Best to Conduct Document Review in FCPA Inves...

USDOJ: Criminal Division News  
An error has occurred, which probably means the feed is down. Try again later.