FCPA: Compliance Lessons from the HP Settlement

May 12, 2014
Categories: Anti-corruption

Last month, Hewlett Packard (HP) and three of its subsidiaries agreed to pay $108 million to resolve charges brought by the U.S. Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) that the entities violated the U.S. Foreign Corrupt Practices Act.

Among the charges against HP and its subsidiaries were the following:

  • HP’s Russian subsidiary paid more than $2 million through agents and shell companies to a Russian government official to retain a contract with the federal prosecutor’s office;
  • HP’s Polish subsidiary provided gifts and cash worth $600,000 to Polish officials to obtain a contract with the national police agency; and
  • HP’s Mexican subsidiary paid more than $1 million in inflated commissions to a consultant who in turn bribed a Mexican government official to influence the bid process for a software sale.

According to the SEC order, in the case of both HP Russia and HP Mexico, the deals went ahead even when questions were raised internally and apparently without any meaningful due diligence on the agents and consultants involved.

The HP settlement underscores some important points that companies should remember:

  1. The use of third parties poses significant and inherent risk. HP is just one example of many.  According to Kara Brockmeyer, Chief of the FCPA Unit at the U.S. Securities and Exchange Commission, 60 percent of FCPA enforcement actions in the last two years have involved third parties.  As such, third parties must be rigorously vetted; the company and agent must have a formal retention agreement in place with proper anticorruption protections, including a right to audit and to terminate for corruption-related breaches. The company must also monitor the third party post-engagement.
  2. Parent companies can be held liable for the acts of their foreign subsidiaries, and must ensure that their anti-corruption compliance programs are effectively implemented across their entire business operation. To do so, subsidiaries should be included in all compliance processes, including risk assessment, training and monitoring and auditing.
  3. Cross-jurisdictional cooperation is the norm. Companies operate in a different world today, where multijurisdictional liability is a distinct possibility. Joint investigations, harmonization of best practices, and consultation among prosecutors are increasingly common. In the HP case, the SEC, DOJ, FBI and IRS cooperated with their counterparts in Russia, Mexico and Poland. Prosecutors in Poland and Russia have reportedly instituted their own probes into HP’s conduct as well.

Instituting bribery prevention measures is much less costly than implementing remedial efforts, and as companies rely  more on a distributed supply chain and  branches and affiliates overseas, ensuring anti-corruption compliance is more important than ever. Anti-Corruption Resources