The dramatic pre-dawn arrest in Zurich of nine FIFA officials on bribery-related charges dominated the headlines last week. The FIFA corruption investigation news last week also overshadowed the resolution of an FCPA enforcement action involving different sports-related events – BHP Billiton’s sponsorship-related activities at the 2008 Summer Olympics in Beijing. Though the SEC’s enforcement action against BHP Billiton represents a lower-magnitude development than the FIFA bribery scandal, the enforcement action and the $25 million civil monetary penalty to which the BHP Billiton agreed in order to resolve the matter has some extraordinary features and also has a number of important implications – some of which are quite troublesome, particularly in context of the ongoing FIFA scandal.
The SEC’s May 20, 2015 press release about the BHP Billiton enforcement action can be found here. The cease and desist order that the company entered can be found here. The company’s May 20, 2015 press release about the resolution of the SEC investigation can be found here.
BHP Billiton is a global mining company with headquarters in Australia and the United Kingdom. The company’s American Depositary Shares trade on the New York Stock Exchange. The company was an official corporate sponsor of the 2008 Beijing Olympic Games. The company paid a sponsorship fee and supplied raw material for the sponsorship rights.
In connection with its sponsorship initiative, the company developed a sponsorship hospitality program under which the company invited over 650 people to participate. The purpose of the hospitality program was to “reinforce and develop relationships with key stakeholders” and to “help facilitate approvals for future projects.”
Among the invitees were 176 senior-level government officials, including 98 representatives of state-owned enterprises. The company also invited 102 spouses of these governmental officials. According to the SEC, the majority of the invitations to government officials were from countries in Africa and Asia that “had well-known histories of corruption.” The hospitality packages included luxury hotel accommodations, meals, event tickets and sightseeing excursions with a cost of between $12,000 and $16,000. The company offered round-trip business class airfare to approximately 51 foreign government officials as well 35 of the officials’ spouses. Sixty government officials ultimately attended, 24 of them with their spouses or guests. A number of other officials accepted the invitation but ultimately cancelled before the Olympics began.
In connection with its planned hospitality program, the company identified the risk involved with inviting government officials and the potential for the program to violate anti-corruption laws. Accordingly, the company put in place a pre-invitation approval process to address the risk. The process required business unit managers to complete a hospitality program application that included on its cover sheet a short description of the company’s anti-bribery policies. However, while the company had controls in place with respect to the hospitality program, the SEC later said that the controls “did not adequately address the anti-bribery risks associated with offering expensive travel and entertainment packages to government officials.”
Specifically, the control weaknesses the SEC identified included the fact that the company did not require independent legal or compliance review of hospitality applications by someone outside of the business unit submitting the application; that the company’s Olympic Sponsorship committee and ethics panel subcommittee did not review the appropriateness of individual hospitality applications; that some of the applications were not accurate or complete; that the company did not provide its employees and executives with any specific training; and that the company did not institute a process for updating the applications in order to reassess the appropriateness of the application in light of changed circumstances.
To illustrate the problems associated with the company’s application process, the SEC cited four examples of governmental officials who the company had invited to the Olympics. The examples involved officials from Burundi, the Philippines, the Democratic Republic of Congo, and Guinea. According to the SEC, these four officials were directly involved in, or in a position to influence pending negotiations, regulatory actions or business dealings. Interestingly, although all four received hospitality invitations, in the end only one of the four, the Burundian official (and his wife) actually wound up attending the Olympics. The others cancelled or had their invitation withdrawn prior to the Olympics. Even more interestingly, the SEC did not contend that the invitation to these officials in fact improperly influenced the negotiations, regulatory actions or business dealings.
In the cease and desist order, the SEC averred that the company had violated two provisions of the FCPA, the provision requiring companies to keep accurate books and records and the provision requiring the company to devise and maintain an appropriate system of internal accounting controls. The company agreed to pay a civil monetary penalty of $25 million and to provide the SEC with voluntary reporting on its FCPA compliance for one year. The company neither admitted nor denied the wrongdoing the agency alleged.
This SEC enforcement action and its resolution have a number of noteworthy features. First, the $25 million that the company agreed to pay represents, according to the FCPA Professor (here), the largest civil money penalty ever imposed by the SEC in an FCPA enforcement action. There have of course been many much larger settlements of FCPA enforcement actions, but the bulk of those other large settlements represent disgorgement amounts. This sizeable penalty is noteworthy in and of itself, but it is also noteworthy because the company was required to agree to pay this amount to extract itself from the enforcement action even though, according to the SEC itself, the company provided “significant cooperation” in the investigation and even though the company voluntarily undertook “significant remedial actions.”
But perhaps even the even more extraordinary thing about this record-setting fine is that it was imposed even though the SEC did not allege any violation of the FCPA’s anti-bribery provisions. The only violations the SEC alleged were books and records and accounting control violations. The problem with the hospitality program was not that it facilitated improper payments to government officials, but that, according to an SEC official’s statement quoted in the agency’s press release, the program “created a heightened risk of violating anti-corruption laws.” In other words, the mere fact that the program might have led to an improper payment was enough to subject the company to scrutiny and to oblige the company to pay a record-setting fine.
The other extraordinary thing about this investigation and the company’s obligation to pay a $25 million fine is that the company had anticipated that the program could create risks and had put a control process in place. The problem, therefore, was not that the company did not take steps to try to address the risk; rather, as an SEC official stated in the agency’s press release, the problem was that though the company “put some internal controls in place,” the company “failed to implement sufficient internal controls to address” the “heightened risk.”
Most people understand the FCPA to be an anti-bribery law, with the implication being that as long as the company doesn’t make any improper payments, it won’t have any FCPA problems. However, as this case shows, the reality is that FCPA authority –as interpreted by the SEC – reaches far beyond the payment of bribes. The Paul Weiss law firm, in its May 28, 2015 memo about the BHP Billiton enforcement action (here) noted that the case “represents a rare example of the SEC bringing internal accounting controls and books and records charges in a case where it neither alleges actual bribery of a foreign official, nor suggests that such bribery took place.”
As the Steptoe & Johnson law firm put it in their May 27, 2015 memo about the BHP Billiton enforcement action entitled “Does SEC’s Enforcement Action against BHP Billiton Take the FCPA’s Accounting Provisions Too Far?” (here), this case “represents one of the most aggressive uses by the SEC to date of its accounting, and in particular its internal controls, authorities in an FCPA context.”
Rather than an improper payment, the alleged FCPA violation apparently, according to the Paul Weiss law firm, is based “solely on SEC’s subjective assessment of the adequacy of an issuer’s anti-corruption compliance program.” In particular, the SEC’s books and records charge “appears to rest on highly specific criticisms of the internal forms used to evaluate individual hospitality applications.” The law firm commented in that regard that “there is nothing in the language of the books and records provision to suggest that it encompasses purely internal application forms completed for the purpose of approving gifts and entertainment expenditures.”
In light of the extraordinary reach the SEC asserted here, “many companies,” according to the Steptoe & Johnson memo, “will understandably be very uneasy about the direction of the SEC’s enforcement program.” This case suggests, according to the Paul Weiss law firm, that merely preventing improper payments alone is not enough to ward off SEC FCPA enforcement; rather, “unanticipated gaps or shortcomings in the implementation of a compliance program may become fodder for an SEC investigation or enforcement action, even where there is no actual (or even alleged) bribery.”
Given what happened here, companies may have particular concerns about their organized corporate entertainment activities. Clearly, this enforcement action, according to the Steptoe law firm, “raises the question whether business entertainment for the purposes of relationship building – a necessary activity in most, if not all businesses – will raise enforcement risks when it nevertheless does not rise to the level of a specific, prohibited quid pro quo arrangement.” The Paul Weiss law firm’s memo suggests that the implication of these developments is that “companies that engage in organized business entertainment, gift-giving, marketing, sponsorships, or even community development projects would be well-advised to take a second look at their controls, processes, communication and training with respect to each of those activities.”
Indeed, reassessment of existing activities alone may not be sufficient. As a commentator noted in a May 24, 2015 column in the Sydney Morning Herald (here), multinational companies may now have to ask themselves “not just if they can handle the risks that are raised by major corporate sponsorships, but whether they have systems in place that are capable of detecting the risks in the first place.” The author suggests that not only will BHP Billiton now decide that “vacating the major-event field is the safest and best option,” but also that “ golden age of corporate sponsorships and networking is drawing to a close: corporate sponsorships might have to be a less important part of major-event business cases in coming years.”
The suggestion that major event corporate sponsorships, or at least the hospitality events associated with the sponsorships, might be a thing of the past is reinforced by the separate developments involved with the FIFA bribery scandal. The FIFA scandal has, at a minimum, raised serious questions relating to the organization’s relationship with its sponsors. Indeed, questions have even been raised about the banks that were involved with funneling the cash used for the improper payment.
For many years, corporate sponsorships have been a ubiquitous part of the global sports environment. In light of recent developments and the likely scrutiny that corporate sponsorships will now face, the involvement of corporate sponsorships in international sporting events has likely changed forever.
We can leave for another day the discussion of the appropriateness of the U.S. regulator exercising enforcement authority over a company with its headquarters in Australia and the United Kingdom, in connection with activities not in the U.S. but solely in the company’s home countries and in China and allegedly involving officials from countries in Africa and Asia –particularly where there is no allegation that improper payments took place or even that the companies books and records did not accurately reflect the company’s financial condition.
There is more that might be said on this topic, but suffice it to say here that this is yet another kind of risk exposure that a non-U.S company takes on when it chooses to list its securities on a U.S. exchange. This is one of the many issues a non-U.S. company has to consider when make a choice in the context of a global economy of whether or not to list securities on a U.S. exchange.
Finally, for D&O insurers underwriting U.S.-exposed non-U.S. companies, this is yet another risk consideration that must be taken into account.