Last week, the Criminal Division of the Department of Justice and the Enforcement Division of the Securities and Exchange Commission released their long-awaited guidance on the application and enforcement of the U.S. Foreign Corrupt Practices Act. The release—a 120-page “Resource Guide”—confirms that FCPA enforcement remains a central priority of the U.S. government while simultaneously and most importantly identifying the circumstances when the government may decline to pursue an enforcement action. It is available at http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf.
Compliance Program Guidance
While much of the guidance reaffirms statutory interpretations that practitioners have gathered from published government settlements and opinion releases, it also provides a useful tool for companies seeking to develop FCPA compliance programs that will minimize the risk of enforcement action or severe penalties in the event those systems fail to prevent a violation. Having such a compliance program in place is particularly important given the SEC’s announcement last week that it received more than 3,000 whistleblower complaints in the first year of the new whistleblower program implemented under the Dodd-Frank Act.
The Guide identifies the hallmarks of strong compliance programs generally and addresses the elements of effective FCPA controls, reiterating that there is no “one-size-fits-all” program; an effective FCPA compliance program addresses corruption risks specific to the organization and includes meaningful unique controls to mitigate those risks. Some possible risk-based compliance controls that the Guide suggests are: