On April 22, the U.S. Securities and Exchange Commission (SEC) announced its first non-prosecution agreement (NPA) with a company in a matter involving alleged violations of the U.S. Foreign Corrupt Practices Act (FCPA).  The SEC entered into the agreement with Ralph Lauren Corporation (Lauren), resolving allegations that Lauren violated the FCPA when its Argentine subsidiary allegedly paid bribes to government and customs officials to improperly secure the importation of Lauren’s products into Argentina. The NPA in this case resulted from Lauren’s prompt self-reporting and extensive cooperation. Prior to the Lauren NPA, the SEC seemed to provide limited credit to public companies for cooperation in FCPA investigations.
Time will tell whether the Lauren NPA is a harbinger of a new approach.
According to the Statement of Facts in the NPA, Lauren’s wholly-owned subsidiary, Ralph Lauren Corporation Argentina (Lauren Argentina), paid bribes through its customs broker to obtain entry of Lauren’s products into the country without required paperwork, avoid inspection of prohibited products and avoid inspection by customs officials.  The SEC alleged that Lauren Argentina’s general manager and others who worked at Lauren Argentina approved the bribe payments, which totaled $593,000 during a four-year period. The SEC further alleged in the Statement of Facts that Lauren Argentina’s general manager directly provided or authorized several gifts to Argentine government officials to improperly secure the importation of Lauren’s products into Argentina. The gifts allegedly were provided to three different government officials between approximately 2005 and 2009, and included perfume, dresses and handbags valued from $400 to $14,000 each.
According to the NPA, the alleged bribes occurred during a period when Lauren lacked meaningful anti-corruption compliance and control mechanisms over its Argentine subsidiary. The alleged misconduct came to light as a result of the company adopting measures to improve its worldwide internal controls and compliance efforts, including implementation of an FCPA compliance training program in Argentina.
Under the NPA, the SEC agreed not to bring an enforcement action against Lauren arising from its investigation in exchange for Lauren agreeing to, among other things, pay $734,846 in disgorgement and prejudgment interest, and to perform certain undertakings. In a related criminal investigation, Lauren entered into a non-prosecution agreement with the U.S. Department of Justice (DOJ) and agreed to pay an $882,000 criminal fine. 
This case is a milestone in the SEC’s implementation of a broad set of policy initiatives in the last several years to encourage cooperation with its enforcement program.  In addition to the develop- ment of mechanisms such as the NPA utilized here, those initiatives include similar mechanisms to recognize cooperation by individuals and a whistleblower program to reward individuals with cash payments for providing information that leads to an enforcement action.
The SEC emphasized that the conduct at issue was discovered by the issuer as it was implementing an FCPA compliance program, and that the issuer reported it to the SEC within two weeks of discovery. Clearly, the government viewed the company’s prompt response to that discovery and immediate self-reporting as commendable. Under the precedent set by Lauren, the SEC will be looking for: (i) self-reporting followed by extensive, thorough, real-time cooperation with both the SEC and the DOJ, including complete disclosure of the violative conduct, and (ii) a thorough review of existing compliance programs, with steps to update and improve compliance measures.
Although the NPA allowed Lauren to avoid statutory and regulatory collateral consequences that follow a federal court injunction or an SEC administrative order, the affirmative remedies imposed in the NPA and a parallel NPA with the DOJ, including disgorgement, fines and substantial undertakings, largely parallel those obtained in cases where the government does insist on a settlement to an enforcement action.  The NPA itself is a publicly available written agreement. Moreover, the NPA in the Lauren matter includes a Statement of Facts setting forth the allegations that the SEC “would have presented” had the case gone to trial. The NPA prohibits the settling party from denying those facts (except in legal proceedings in which the SEC is not a party). Although those “facts” are accompanied by a footnote that they are set forth “pursuant to settlement negotiations” and “are not binding against [the settling company] or its directors, officers or employees, or any other person or entity in any other legal proceeding,” an open question remains as to the potential collateral use of an NPA and its factual rendition in any future proceeding.
The Benefits of Implementing a Robust FCPA Compliance Program and Prompt Remediation
In the press release announcing the NPA, the SEC stated that it determined not to charge Lauren with violations of the FCPA “due to the company’s prompt reporting of the violations on its own initiative, the completeness of the information it provided, and its extensive, thorough, and real-time cooperation with the SEC’s investigation.” According to the NPA and the SEC press release, Lauren’s cooperation included:
- reporting preliminary findings of its internal investigation to the SEC staff within two weeks of discovering the illegal payments and gifts;
- voluntarily and expeditiously producing documents;
- providing English language translations of documents to the staff;
- summarizing witness interviews that the company’s investigators conducted overseas; and
- making overseas witnesses available for interviews with the SEC staff and bringing witnesses to the U.S.
The SEC also stated that it took into account the significant remedial measures undertaken by Lauren, including the company’s implementation of a comprehensive new compliance program throughout its operations. Kara Brockmeyer, the SEC’s FCPA unit chief, stated, “This NPA shows the benefit of implementing an effective compliance program. Lauren discovered this problem after it put in place an enhanced compliance program and began training its employees. That level of self-policing along with its self-reporting and cooperation led to this resolution.” Lauren’s remedial measures included:
- new compliance training for employees;
- termination of employment and business arrangements with all individuals involved in the wrongdoing;
- strengthening its internal controls and its procedures for third party due diligence; and
- conducting a risk assessment of its major operations worldwide to identify any other compliance problems.
Although the SEC did not state the extent to which its decision not to prosecute Lauren was based on the company’s pre-investigation identification of the alleged misconduct, we believe the SEC likely will look more favorably upon a company with a pre-existing, rigorous compliance program than one that simply conducts after-the-fact damage control and program remediation.
The outcome of the Lauren matter again highlights the importance of companies pursuing self-assessments to ensure that their existing internal controls are robust, and that their policies conform to best practices. In their joint Resource Guide to the FCPA released late last year, the SEC and DOJ stated that they will consider the adequacy of a company’s compliance program when deciding what, if any, action to take.  They further noted that a company’s compliance program may influence whether or not charges should be resolved through a DPA or NPA. As a result, it is imperative that companies implement robust FCPA compliance programs designed and tailored to the companies’ specific business operations, geography and areas of corruption risk.
 Press Release, U.S. Sec. and Exch. Comm’n, SEC Announces Non-Prosecution Agreement With Ralph Lauren Corporation Involving FCPA Misconduct, Press Release No. 2013-65 (Apr. 22, 2013), http://www.sec.gov/news/press/2013/2013-65.htm. Prior to the Lauren NPA, the SEC reportedly has entered into three NPAs and two deferred prosecution agreements (DPAs), including a May 2011 DPA with Tenaris S.A. in a case involving alleged FCPA violations. See SEC Announces Deferred Prosecution Agreement with Amish Fund, Rel. No. 2012-138 (Jul. 18, 2012), http://www.sec.gov/news/press/2012/2012-138.htm; SEC Charges Former Fannie Mae and Freddie Mac Executives with Securities Fraud, Rel. No. 2011- 267 (Dec. 16, 2011), http://www.sec.gov/news/press/2011/2011-267.htm; Tenaris to Pay $5.4 Million in SEC’s First-Ever Deferred Prosecution Agreement, Rel. No. 2011-112 (May 17, 2011), http://www.sec.gov/news/press/2011/2011-112.htm; SEC Charges Former Carter’s Executive With Fraud and Insider Trading, Rel. No. 2010-252 (Dec. 20, 2010), http://sec.gov/news/press/2010/2010-252.htm.
 Non-Prosecution Agreement, U.S. Sec. and Exch. Comm’n and Ralph Lauren Corporation, Statement of Facts (Exhibit A) ¶ 5 (Apr. 22, 2013), http://www.sec.gov/news/press/2013/2013-65-npa.pdf.
 Press Release, U.S. Dep’t of Justice, Office of Pub. Affairs, Ralph Lauren Corporation Resolves Foreign Corrupt Practices Act Investigation and Agrees to Pay $882,000 Monetary Penalty (Apr. 22, 2013), http://www.justice.gov/opa/pr/2013/April/13-crm-456.html.
 The SEC’s NPA with Lauren is the result of its cooperation initiative announced in early 2010, which built upon the ana- lytical framework for evaluating a company’s cooperation in the SEC’s October 2001 Seaboard Report.
 Neither the DOJ nor the SEC settlement requires the company to retain an external compliance monitor to review the company’s compliance controls and procedures. Instead, Lauren’s settlement with the DOJ requires the company to continue its implementation of enhanced anti-corruption compliance controls and report to the DOJ periodically during a two-year term on its progress. The government’s decision not to require Lauren to retain a monitor in this case should not be viewed as evidence of the “credit” Lauren received for its cooperation, but rather is consistent with the trend of not requiring companies to retain external compliance monitors.