Foreign Corrupt Practices Act (FCPA) Risks: How Travel and Expense Play a Critical Role in Mitigation

Erin Giordano |

“Even though COVID-19 continued to disrupt the global economy this summer, there was no disruption to the Department of Justice’s evolving compliance expectations of business organizations,” said Professor Mike Koehler, a leading FCPA expert and web administrator of the FCPA Professor site. 

The following article explains enforcement actions taken in August 2020. Details include how two employees were creatively reimbursed $775,000 for meals and entertainment in fewer than six months to help fund a bribery scheme. The company agreed to pay the government $123 million. 

In recent months, the DOJ:

  1. Released revisions to its “Evaluation of Corporate Compliance Programs” including expectations of data sources access to allow for timely and effective monitoring of transactions 
  2. Announced (along with the SEC) an FCPA enforcement action concerning the abuse of employee reimbursements to fund a bribery scheme 

Compliance professionals should be aware of both developments and how they may impact their business organizations and the unique compliance risks they encounter. This re-emphasizes the importance of a deep level of understanding on how expense systems can help companies with timely and effective mitigation monitoring. 

Expert Insights: Strategies for Minimizing Bribery & FCPA Risks

 

Revisions to the Department of Justice’s Evaluation of Corporate Compliance Programs (ECCP) policy 

The DOJ’s “Evaluation of Corporate Compliance Programs” (ECCP) is a policy document that prosecutors consider – when a legal violation has been established – to determine the appropriate: 

  • Form of resolution or prosecution 
  • Monetary penalty 
  • Compliance obligations contained in any corporate criminal resolution 

Even though the DOJ has stated that it “does not use any rigid formula to assess the effectiveness of corporate compliance programs,” the ECCP is focused on three fundamental questions: 

  1. Is the corporation’s compliance program well-designed? 
  2. Is the program being applied earnestly and in good faith? Is the program adequately resourced and empowered to function effectively? 
  3. Does the corporation’s compliance program work in practice? 

Compliance professionals should be knowledgeable about the ECCP’s contents, given that in the June revisions, the DOJ made clear that it will evaluate compliance programs, “both at the time of the offense and at the time of the charging decision and resolution.” Organized in the form of questions, the revised ECCP adds the following to the general issue of whether a compliance program is adequately resourced and empowered to function effectively: 

Data Resources and Access – Do compliance and control personnel have sufficient direct or indirect access to: 

  1. Relevant sources of data to allow for timely and effective monitoring and/or testing of policies, controls, and transactions? 
  2. A data source that companies are increasingly incorporating into compliance is employee expense systems to allow for timely and effective monitoring. 

SAP Concur product portfolio and account teams have been uniquely empowered to help you respond to these updated guidelines. 

 

Abuse of employee reimbursements 

In recent years, several FCPA enforcement actions have involved the abuse of employee reimbursements to “fund” bribery schemes. The most recent example announced in August 2020 by the DOJ and SEC concerned a health and personal care products company operating in China and involved a bribery scheme to obtain a direct selling license from Chinese government agencies. The enforcement action principally involved two Chinese nationals, the managing director of the Chinese division and the head of the external affairs department of the company responsible for interfacing with Chinese governmental agencies. The abuse of employee reimbursements by these individuals was in a league of its own and represents employee reimbursements gone wild. The culpable employees entertained thousands of Chinese officials and discussed using fake meal invoices and fake gift invoices to conceal their conduct from the company to avoid internal audit oversight. 

According to the government, “during a six-month period, one of the individuals received approximately $775,000 in reimbursements for purportedly entertaining 4,312 officials at 239 meals (more than one meal per day) that involved alcohol and karaoke.” 

In an internal e-mail cited by the government, a culpable employee acknowledged that the evening was “so expensive, my hands were shaky.” 

To circumvent the company existing controls regarding meals and entertainment, the employees: 

  • Made up the names of officials who did not actually attend the meals (to keep within the company’s per person limits) 
  • Split reimbursement requests into several separate applications to evade detection.
  • Another reimbursement scheme involved the individuals obtaining reimbursement for more than 100 pounds of purported fruit and vegetable purchases “without any documentation indicating that any produce was actually shipped.” 

To resolve its legal liability caused by the abuse of employee reimbursements, the company agreed to pay the government $123 million, cited by the DOJ. Benefits of a revised ECCP are reflected in corporate resolutions and future compliance expectations. As a condition of settlement, the company agreed that it “will ensure that compliance and control personnel have sufficient direct and indirect access to relevant sources of data to allow for timely and effective monitoring and/or testing of transactions” moving forward. In addition, the company agreed to report to the SEC on the status of its remediation and implementation of compliance measures including “the testing of relevant controls including the collection and analysis of compliance data” for a three-year period, shares the FCPA Professor

 

Fraudsters: Exploiting the weakest link 

This August 2020 enforcement action is an example of how fraudsters were able to fund a bribe using a company’s expense system. They found the weakest link within the organization. 

“Fraudsters use multiple means to steal and pull off their schemes, and many fraudsters attack the company from multiple angles,” says Andi McNeal, CFE, CPA, director of research for the ACFE. “Fraudsters may need cash…so they might steal multiple gift cards or create a fake invoice with payment going to their bank account. There’s your red flag—uncovering an employee theft or fraudulent payment might unravel a larger scheme that puts the company at risk for a corruption scandal.” 

Savvy companies who pull together various departments of an organization who plan, manage and oversee employee spend, can often find the weakest links that enable fraud in the first place. Legal, compliance, and security need to have a seat at the table. If employees are stealing from the expense reimbursement area, then they are most likely stealing from other parts of the organization.

To learn more, we encourage you to download this white paper that features advice from Professor Koehler and SAP Concur client Discover Financials. The SAP Concur product portfolio and account teams have been uniquely empowered to help you respond to these updated guidelines and help mitigate risk. 

Contact us for advice today.