In August, the Securities and Exchange Commission (SEC) finalized and implemented a whistleblower program enacted under Dodd-Frank, which will dramatically alter the landscape for public and private companies alike. This program, and its first cousin, the SEC cooperation program, will have a game-changing impact on the detection, punishment and deterrence of violations of the Foreign Corrupt Practices Act (FCPA). Indeed, in the SEC's November 2011 release highlighting enforcement activity over the fiscal year ending in September, the agency's Foreign Corrupt Practices Act Unit, formed in 2009, recorded its first 20 FCPA enforcement actions in the fiscal year.
During my tenure as a senior attorney at the SEC, I played a leadership role in drafting the provisions of the whistleblower program and served as the first National Coordinator of the cooperation program. Both programs emerged as a response to the serial misconduct pervading the commercial marketplace. And, importantly, both programs recognize that for law enforcement to be more proactive and effective in identifying unlawful conduct in domestic markets and abroad, it needs greater participation from the public at large.
While the private sector's role in the broader enforcement context is an established part of American jurisprudence, that role has diminished in recent years. Some of this can be attributed to recent court decisions that limit the role of private litigants in securities enforcement. But another reason likely rests on the fact that coming forward to report misconduct has historically rendered the whistleblower persona-non-grata at best, and, worse, exposed to tremendous personal and professional risk.
In this way, the whistleblower program is revolutionary. The program provides significant financial incentives (10-30% of the monetary sanctions collected) to whistleblowers providing original information about possible violations of the federal securities laws. The new anti-retaliation protections are also robust, protecting qualified whistleblowers for up to 10 years, regardless of whether their good-faith reports are ultimately verified. Additionally, whistleblowers may remain anonymous until they wish to receive their award - if they are represented by counsel.
The broad reach of these regulatory developments creates serious implications for business across the globe. The reported misconduct may occur anywhere. Any violation of US federal securities laws qualifies. International organizations and individuals that do business or have personal contacts with the US can be subject to jurisdiction. A whistleblower may be any individual or group of individuals, regardless of citizenship, that provides information not known to the SEC or solely derived from public sources.
Given that FCPA violations are both common and the subject of increased law enforcement focus, it is a safe bet that numerous FCPA enforcement actions will be initiated as a result of whistleblowers. (This trend is certainly confirmed in my own law practice.)Furthermore, since the monetary sanctions in this area are large and headline-grabbing, whistleblowers will have a greater incentive to come forward. Consider the record Siemens settlement in 2008, under which the company resolved FCPA charges for $1.6 billion in fines, penalties and disgorgement of profits, including $800 million to US authorities. A qualified whistleblower, meeting the various eligibility requirements, could have received up to $240 million under the new SEC whistleblower program.
This is an area of serious multi-agency scrutiny. FCPA enforcement actions have doubled since 2009. According to the SEC's website, in the first half of 2011, ten different enforcement actions have reaped half a billion in penalties from blue-chip companies, including Johnson & Johnson and IBM. Significantly, because many FCPA actions have parallel proceedings by DOJ, whistleblower awards, which extend to related actions, are likely to be even higher.
Illustrating the financial significance of the parallel proceedings for whistleblowers, in April 2011, the SEC announced a settlement with Johnson and Johnson to resolve charges that the global giant violated the FCPA by bribing public doctors in several European countries and paying kickbacks to Iraq to illegally obtain business. J&J agreed to pay more than $48.6 million in disgorgement and prejudgment interest to settle the SEC's charges and an additional $21.4 million to DOJ to settle criminal charges.
Also in April, the SEC and Comverse Technology, Inc. reached a settlement in connection with alleged FCPA violations. Comverse offered to pay approximately $1.6 million in disgorgement and prejudgment interest to the SEC and $1.2 million in criminal penalties to the Department of Justice.
In May 2011, the SEC entered into its first ever Deferred Prosecution Agreement (DPA) under the cooperation program with Tenaris S.A. The investigation focused on allegations that the global manufacturer violated the FCPA by bribing Uzbekistan government officials during a bidding process to supply pipelines for transporting oil and natural gasUnder the terms of the DPA, Tenaris must pay $5.4 million in disgorgement and prejudgment interests and an additional $3.5 million criminal penalty in a Non-Prosecution Agreement with the Justice Department.
As US enforcement bodies ante up their efforts and expand their reach, the trend is gaining traction in other jurisdictions. The UK Bribery Act, finalized this past July, extends to any company with a UK office, employees who are UK citizens, or a company that provides services to a UK organization. The fines are unlimited and the Act has a broad jurisdictional reach, affecting the majority of US public companies. In addition, in October of this year, the UK Serious Fraud Office launched "SFO Confidential," a hotline for insiders to report fraud and corruption. This development marked a major shift in position because the Financial Services Authority has historically discouraged external reporting and does not guarantee confidentiality to whistleblowers.
These parallel developments in the UK signal a larger recognition that regulators need to think outside of geographic and investigative boundaries. As both the FCPA and Bribery Act have extraterritorial reach, so too does the recognition that whistleblowers can and should play a key role in reporting such violations.
What's a company to do? Invest.
As business grows ever more global, expansion into emerging markets is an exciting and promising commercial reality. But it is also rife with exposure. Companies need to invest in transparency, invest in compliance and invest in their people. Even companies with top-notch corporate compliance programs must be on their guard. Given the significant retaliation protections and major financial incentives, whistleblowers will come forward to report FCPA violations. People with original information should be encouraged to report internally, protected from retaliation when they do, and assured their reports will be properly addressed.
This is a bare minimum of corporate integrity. In a world where FCPA enforcement actions are on the rise, and reputational damage can level a company, not meeting this bare minimum is a cost no company can afford.