Remi Moncel, Assistant Contributor
The story broke on April 21, 2012. The New York Times reported after an extensive investigation that Wal-Mart’s Mexican subsidiary had given out over $24 million in bribes to Mexican government officials in order to secure construction permits for many of its stores in the country. These incidents were reported by a whistleblower to Wal-Mart headquarters, but the retailer allegedly shut down a subsequent internal investigation and failed to notify Mexican and American authorities.
This is obviously a major financial and public relations issue for Wal-Mart. But this story is also more generally about the rise of bribery awareness and enforcement in the corporate context. In Wal-Mart’s case, many questions remain, including the scope of Wal-Mart’s violations, the size of possible fines, and the scandal’s impact on the company’s operations. In addition, this case could have broad implications for the enforcement of anti-corruption laws and business practices worldwide.
What happened in the Wal-Mart case?
The alleged wrongdoing concerns the operation of 19 stores in Mexico, where Wal-Mart is the largest private sector employer. Among the allegations against Wal-Mart, The Times reported that Wal-Mart de Mexico approved over $200,000 in bribes to local government officials to circumvent zoning restrictions and archeological surveys in order to build a store next to one of Mexico’s cultural landmarks: the Aztec pyramid of Teotihuacan. In addition, nine bribes totaling $765,000 enabled the construction of a refrigerated distribution center in an environmentally fragile basin North of Mexico City. Internal Wal-Mart investigations also suggest that possible wrongdoing extends beyond Mexico to China, Brazil, and India.
Mexican authorities, the U.S. Justice Department, the Securities and Exchange Commission, members of the U.S. Congress, and Wal-Mart itself have all launched investigations into the matter. The company recently announced that it has already spent more than $150 million on investigation costs. Under U.S. law, Wal-Mart could face significant fines if it violated the Foreign Corrupt Practices Act, which prohibits the bribery of foreign officials to gain a business benefit. Shareholders from several pension funds have also initiated lawsuits against Wal-Mart. In addition, Wal-Mart may have contravened Mexican law. Not surprisingly, Wal-Mart has since restructured its compliance department and updated its anti-corruption program.
How is bribery defined and how does the Foreign Corrupt Practices Act work?
The Foreign Corrupt Practices Act (FCPA) bans payments by individuals and businesses to foreign government officials or political parties in order to secure any improper advantage or to obtain or retain business. It also imposes on companies record-keeping requirements and internal controls. The Act contains an exception for facilitating payments made for the “performance of a routine governmental action,” such as to get a visa, process work orders or obtain phone or power service. But some, including the OECD, believe the U.S. should do more to discourage those types of payments as well. Examples of illicit activity under the FCPA include bribes to obtain government contracts, procure favorable tax treatment or prevent the entry of competitors in the marketplace.
The FCPA was enacted in 1977 and amended in 1998. However, until this past decade, the law was rarely enforced, primarily because of concerns that doing so would impose an unfair burden on U.S. companies whose foreign competitors were not subject to similar regulations. But enforcement has steadily increased from five enforcement actions in 2004 to twenty-three actions in 2012 (with a peak of seventy-four in 2010). The New York Times reported that there are currently at least 100 open investigations.
The Justice Department may assess fines against Wal-Mart on a per-violation basis or in relation to the profits the company acquired as a result of the bribes. Notable recent FCPA cases include a record $800 million payment by Siemens to settle charges that the company paid bribes to win business contracts in a range of countries, including metro transit lines in Venezuela, power plants in Israel, and refineries in Mexico. In 2009, Halliburton and KBR paid $579 million to settle charges of bribing Nigerian officials in order to obtain construction contracts. However, these sums are larger than average. The law firm Shearman & Sterling reports that in 2011, the average FCPA sanction was $33.8 million.
The Wal-Mart case comes amidst a debate over a possible reform of the FCPA. The U.S. Chamber of Commerce and other commentators contend that the law does not provide enough clarity to businesses and gives too much discretion to federal prosecutors charged with its enforcement. Nevertheless, anti-corruption advocates point to the Wal-Mart scandal as evidence that the law is as needed as ever and that altering it would send the wrong signal to the business community.
What laws and regulations exist in countries besides the U.S. and at the international level to address corruption?
In the early years of the FCPA, opponents of the Act criticized it for imposing an unfair burden on American companies because their international competitors were not subject to similar restrictions. But the legal environment has changed. Today, similar rules and guidelines exist in many foreign jurisdictions, as well as at the international level.
Several international instruments seek to combat bribery in international business transactions. For example:
- The Organisation for Economic Co-operation and Development’s Anti-Bribery Convention was signed in 1997 and entered into force in 1999 when the 30th country became a signatory. In January 2013, Colombia became the 40th party to the Convention, alongside thirty-four OECD members and Argentina, Brazil, Bulgaria, Russia and South Africa. All parties are required to criminalize foreign bribery under domestic law. Parties take part in a peer-review process to monitor each other’s implementation of the Convention.
- The U.N. Convention Against Corruption, adopted in 2003, requires its 165 parties to criminalize bribery. The Convention places an emphasis on prevention and international cooperation, including by promoting guidelines and the sharing of best practice relating to: the conduct of public officials, government procurement, and private sector auditing. The Convention also contains a peer-review mechanism.
- African Union members adopted, in 2003, the African Convention on Preventing and Combating Corruption. Its thirty-one parties undertake to adopt legislative and other measures to combat bribery. An Advisory Board tracks the performance of parties, documents the behavior of multinational corporations operating in Africa, and develops and harmonizes codes of conduct for public officials.
Ultimately, these conventions rely on individual state parties to implement domestic legislation criminalizing bribery. The U.N. Office on Drugs and Crime, through a program called TRACK, compiles a list of national laws that implement countries’ commitments under the U.N. Convention Against Corruption. The OECD and a consortium of EU countries have also created similar country profiles.
The U.K. and Mexico are two examples where domestic anti-corruption legislation was recently adopted. The U.K. passed the Anti Bribery Act in 2010, which replaced a suite of fragmented anti-corruption statutes and common law offenses. Many have called it “the toughest anti-corruption legislation in the world.” The Act applies to the activities of U.K. individuals or corporate bodies, whether such activities are conducted in the U.K. or overseas. It also applies to foreign companies for acts of bribery committed in the U.K.. Unlike the FCPA, the U.K. statute contains no exception for facilitation payments. However, bona fide hospitality and promotional expenses are acceptable. The U.K. Government says it will gauge whether or not such expenses were intended as bribes. As an example, “an invitation to foreign clients to attend a Six Nations [rugby] match at Twickenham as part of a public relations exercise designed to cement good relations or enhance knowledge in the organisation’s field is extremely unlikely to [violate the Act].”
The U.K. Act also goes further than the FCPA by imposing strict liability on businesses that fail to prevent an actor “associated” with the company from engaging in bribery on its behalf, regardless of the company’s knowledge of such conduct. However, as a defense for such charges, the U.K. Bribery Act allows companies to show that they had in place “adequate procedures” to avoid bribery in the first place—in others words, even if they failed to prevent bribery, they should be immune from liability because they tried their best to do so.
In the Wal-Mart case, Mexican domestic law is particularly relevant. According to the World Economic Forum’s Global Competitiveness Report, the top two impediments to the country’s competitiveness are an inefficient bureaucracy and corruption. Other surveys concur. This economic environment may explain why Wal-Mart allegedly resorted to bribery to conduct business in Mexico, but it would not excuse the retailer under the law. The Mexican Government is showing growing resolve to address corruption. The federal nature of the Mexican state leads to a variety of regulatory environments in different states and municipalities. To meet its commitments under the OECD Convention Against Bribery and the OAS Convention against Corruption, Mexico has enacted or amended several laws against bribery, including a June 2012 law focused on government contracts. Mexico’s penal code also sanctions bribery of domestic and foreign public officials with fines and imprisonment for a period ranging from three months to fourteen years, depending on the size of the bribe. Most recently, President Peña Nieto sent a bill to Congress to establish an anti-corruption commission with the ability to side step bank and fiscal secrecy hurdles in order to address money laundering.
The Mexican example shows that developing countries are strengthening their resolve to combat corruption. The BRICS countries (Brazil, Russia, India, China, and South Africa) too have adopted domestic legislation and are the subject of anti-bribery enforcement efforts.
What can companies do to reduce their exposure to criminal liability globally?
Many companies are watching the Wal-Mart story closely, wondering what they can do to avoid being caught in a similar plight.
Many companies for which bribery is a risk have internal compliance systems designed to prevent bribery and address any breaches. But the challenge is to ensure their effectiveness. In fact, at the time of the alleged bribes, Wal-Mart had a strict anti-corruption policy that prohibited all employees from “offering anything of value to a government official on behalf of Wal-Mart.” What then, does an effective corporate policy look like? How can companies reduce, and ideally extinguish, acts of bribery within their ranks? If bribery nevertheless surfaces, how can companies protect themselves from criminal prosecution and harsh penalties?
The specifics of anti-bribery laws vary from country to country, so companies will need to tailor their practices to the regulations relevant to their activities. Yet some overall guidance is applicable across countries.
Strong internal compliance procedures are not only useful to prevent bribery in the first place, but they can also help to protect companies and individuals against criminal liability if bribery does emerge. The United Kingdom allows a company to advance a formal defense against a bribery charge if it had in place “adequate procedures.” Although the FCPA does not offer a similar affirmative defense, the presence of strong internal compliance procedures can be a mitigating factor at the sentencing stage: the Government usually factors in the bona fide efforts of the company when deciding what level of fines to impose. As another example, earlier this year Russia amended its anti-corruption law to require companies to have compliance officers and procedures.
Several guides exist to help companies establish an effective compliance system and understand how domestic anti-bribery laws are enforced. The Department of Justice and Securities and Exchange Commission, in a joint guide released in 2012, have articulated “hallmarks of effective compliance programs.” Similarly, the Ministry of Justice in the U.K. has outlined principles for an effective compliance system. The OECD, the World Bank, Transparency International, the International Chamber of Commerce and several others also provide guidance tailored to international business transactions. Because some of these handbooks come directly from the agencies charged with enforcing anti-bribery laws, they should provide a good indication of what prosecutors look for.
An effective corporate policy will vary depending on the sector, the size of the company, governing anti-bribery law, and the risk of corruption. Still, several overarching best practices and recommendations emerge from these various guides that are worth highlighting:
- Risk assessment and proportionality: Given limited internal resources, an effective compliance program allocates time, money, oversight, prevention and sanctions according to risk. If a company understands which countries, subsidiaries, sectors, business partners, activities or transactions (e.g. government contracts) are the most vulnerable to bribery, it is better able to address risk. Those higher-risk activities should then receive additional supervision, training, audits and sanctions as necessary.
- Culture of compliance: A clear anti-bribery policy should have full support from and apply to all levels of the company, including its board of directors and corporate officers. Employees should see that their higher ups behave impeccably and expect them to do the same. As former SEC Commissioner Cynthia Glassman put it, it is essential to set the right “tone at the top.” This requires setting and enforcing clear disciplinary measures when employees break the rules, and rewarding good conduct when appropriate.
- Communication and training: The policy should be clearly stated and disseminated widely within the company, in multiple languages if necessary. Regular training and certification of employees and business partners can ensure that all understand the policy. Complex issues can be referred to senior managers or in-house counsel for guidance.
- Well-resourced, independent oversight: A specific department or officer within the organization should be in charge of the anti-bribery procedures. He or she should operate autonomously, without political interference, have adequate resources, and direct access to the board of directors. Employees should be able to report violations confidentially and without fear of retaliation.
- Due diligence: A company can be held accountable for the wrongful conduct of those acting on its behalf, including subsidiaries, agents, consultants, and distributors. Therefore, a company should screen and regularly monitor the risk posed by these actors. It can decide, as necessary, to monitor them closely, train them or avoid them altogether. The intensity of due diligence can also be tailored to risk. Mergers and acquisitions are a major source of risk for businesses. Pre-acquisition due diligence can help a company assess the target company’s exposure to bribery, and value it accordingly. Post-acquisition, the parent company will need to integrate the acquired company into its compliance program, including by training all new employees.
- Reviewing and learning: It is important to continuously evaluate the company’s evolving activities and the compliance program itself. The compliance program can be strengthened or tailored as needed, based on practice. A 2008 survey conducted by FTI Consulting noted that 64% of general counsel whose companies were subject to the FCPA believed that there was room for improvement in their FCPA training and compliance programs.
The Wal-Mart case is sure to yield many lessons. Two are already clear. The first is that bribery can lead to serious criminal liability, shareholder lawsuits, and reputational damage. The second is that internal prevention systems sometimes fail. Now is probably a good time for companies to take another look at their own practices and exchange lessons with their peers.