In the world of anti-bribery and anti-money laundering compliance, third parties are often the source of misconduct and related regulatory enforcement. Distributors, agents, consultants, finders, or joint venture partners are commonly implicated in the payment of bribes, that includes providing anything of value, to foreign officials in international business transactions. Third party responsibility for committing illicit acts, such as providing anything of value to any foreign official for the purpose of obtaining or retaining business, falsifying accounting records or otherwise circumventing internal controls (read hereon FCPA accounting provisions) is the number-one issue in anti-corruption enforcement actions. For example, as of2023, out of 329 FCPA matters initiated, 293 alleged bribery schemes involving third-party intermediaries such as agents, consultants, or contractors.[1] The most common types of third parties implicated are agents, consultants or brokers, accounting for 72% of all FCPA matters.[2]
The FCPA explicitly prohibits corrupt payments made through third parties. However, there might be situations where a third party is engaged in misconduct for its own financial interest, and not to promote a company’s interest, and completely unbeknown to a company. Even if a company did not intentionally use third parties to influence government officials to promote its interests, or was not even aware of such third party misconduct, it can still be liable for a wrong doing by a third party. Liability may arise from failure to act on a significant red flag indicating corrupt or improper conduct by a third party. Being aware of high probability that corrupt payments are being made or being suspicious of corrupt transactions, without conducting any due diligence or asking the relevant questions, will not help the company to avoid liability. One cannot be “willfully blind” to the risk of bribery or, in other words, having “head in the sand” with respect to red flags and corruption risks.
Since use of third-party intermediaries creates risk under the FCPA and companies maybe held accountable for the actions of their third-party partners, companies should adopt an effective third-party due diligence program that would be an integral part of a company’s overall ethics and compliance program.
The U.S. Department of Justice memorandum on Evaluation of Corporate Compliance Programs, updated on March 2023, emphasizes the need of the company to have an understanding of the qualifications and associations of third-party partners, knowledge of the business rationale for needing the third party in the transaction, and the risks posed by third-party partners, including the third-party partners’ reputations and relationships, if any, with foreign officials.[3] The company needs to be diligent about onboarding of any third party and be engaged in ongoing monitoring of the third-party relationships, be it through updated due diligence, training, audits, and/or annual compliance certifications by the third party.
Scrutiny of company third-party relationships that is already commonplace in the context of FCPA, will also be expanded by the enforcement authorities to other contexts, such as export controls and sanctions compliance, making the effective and risk-based third-party management program even more critical.
[1] See Third-Party Intermediaries Disclosed in FCPA-Related Enforcement Actions, Stanford Law School, Foreign Corrupt Practices Act Clearinghouse, https://fcpa.stanford.edu/statistics-analytics.html?tab=4
[2]Id.
[3]Evaluation of Corporate Compliance Programs(Updated March 2023), https://www.justice.gov/criminal-fraud/page/file/937501/download
*The contents of this message, current at the date of publication, are for reference and general informational purposes only and do not constitute legal advice. You should contact your attorney to obtain advice with respect to any particular legal matter. You should not act or refrain from acting on the basis of information in this publication without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.
The FCPA explicitly prohibits corrupt payments made through third parties. However, there might be situations where a third party is engaged in misconduct for its own financial interest, and not to promote a company’s interest, and completely unbeknown to a company. Even if a company did not intentionally use third parties to influence government officials to promote its interests, or was not even aware of such third party misconduct, it can still be liable for a wrong doing by a third party. Liability may arise from failure to act on a significant red flag indicating corrupt or improper conduct by a third party. Being aware of high probability that corrupt payments are being made or being suspicious of corrupt transactions, without conducting any due diligence or asking the relevant questions, will not help the company to avoid liability. One cannot be “willfully blind” to the risk of bribery or, in other words, having “head in the sand” with respect to red flags and corruption risks.
Since use of third-party intermediaries creates risk under the FCPA and companies maybe held accountable for the actions of their third-party partners, companies should adopt an effective third-party due diligence program that would be an integral part of a company’s overall ethics and compliance program.
The U.S. Department of Justice memorandum on Evaluation of Corporate Compliance Programs, updated on March 2023, emphasizes the need of the company to have an understanding of the qualifications and associations of third-party partners, knowledge of the business rationale for needing the third party in the transaction, and the risks posed by third-party partners, including the third-party partners’ reputations and relationships, if any, with foreign officials.[3] The company needs to be diligent about onboarding of any third party and be engaged in ongoing monitoring of the third-party relationships, be it through updated due diligence, training, audits, and/or annual compliance certifications by the third party.
Scrutiny of company third-party relationships that is already commonplace in the context of FCPA, will also be expanded by the enforcement authorities to other contexts, such as export controls and sanctions compliance, making the effective and risk-based third-party management program even more critical.
[1] See Third-Party Intermediaries Disclosed in FCPA-Related Enforcement Actions, Stanford Law School, Foreign Corrupt Practices Act Clearinghouse, https://fcpa.stanford.edu/statistics-analytics.html?tab=4
[2]Id.
[3]Evaluation of Corporate Compliance Programs(Updated March 2023), https://www.justice.gov/criminal-fraud/page/file/937501/download
*The contents of this message, current at the date of publication, are for reference and general informational purposes only and do not constitute legal advice. You should contact your attorney to obtain advice with respect to any particular legal matter. You should not act or refrain from acting on the basis of information in this publication without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.