On March 1, the U.S. government announced that it had reached a settlement with Titan Corporation for civil and criminal violations of the FCPA the largest ever in the Act’s history. The Titan case grabbed headlines when it helped derail Titan’s planned merger with Lockheed in June 2004. Under the settlement agreement, Titan is obligated to pay approximately $28.5 million in criminal and civil fines (including disgorgement of profits from the relevant transactions), as well as to hire an independent consultant to revamp the company’s FCPA compliance program. The severity of the fine may have reflected a perception that the FCPA violations were egregious, particularly for a defense contractor, as well as the company’s lack of a compliance program.
The Titan case is the most recent example of the snares the FCPA can create in M&A transactions. It comes on the heels of several other FCPA cases in this context, including the InVision case resolved earlier this year, and the ABB case from last year. Unlike Lockheed/Titan, these cases involved transactions that ultimately went forward.
Our July 9, 2004 Alert reported on the ABB case in some detail. With respect to GE/InVision, several months after GE and InVision announced their intention to merge, InVision disclosed potential violations of the FCPA to the Justice Department and SEC. Under the terms of the merger agreement, the merger could not go forward until those problems were resolved. In December 2004, InVision reached a settlement agreement with the DOJ that obligated InVision to pay a penalty of $800,000 and undertake continuing compliance obligations. GE entered into a separate agreement with the DOJ which shielded it from liability for violations already disclosed to DOJ, but also obligated GE to integrate InVision into its compliance program. In February 2005, after the merger was complete, GE InVision entered into a settlement agreement with the SEC for approximately $1.1 million in penalties (including disgorgement of profits from the relevant transactions).
More than Titan, these cases raise the issue of what measures an acquirer in an M&A transaction should take to avoid FCPA successor liability with respect to the preacquisition activities of the acquiree. As highlighted by the SEC’s report of investigation issued in connection with the Titan settlement, these transactions also raise new disclosure liability risks.
How Much Diligence is Due?
As with many FCPA issues, the legal issue of what acts, omissions, or circumstances may give rise to successor liability on the part of an acquirer has not been squarely addressed, since the cases have all been settled rather than fully litigated. What is clear, however, is that there is an enforcement expectation that an acquirer should undertake FCPA due diligence with respect to the target and put a halt to any ongoing activities or transactions that raise FCPA issues.
As with all other due diligence questions, the question in the M&A context is how much due diligence is enough. A recently-released Opinion under the Opinion Procedure (a vehicle for the Department of Justice to express its enforcement intentions with respect to prospective transactions) relating to the ABB case, DOJ Op. Proc. Rel. 04-02 (July 12, 2004), is noteworthy for the set of measures that enforcement officials deemed sufficient to insulate the acquirer from liability for pre-acquisition violations of the acquired company.
Extensive “FCPA Compliance Review” Integrated Into M&A Due Diligence
According to the Opinion, after execution of a preliminary acquisition agreement in October 2003, the investor group and ABB agreed to jointly conduct an “FCPA compliance review,” using separately-engaged outside counsel and forensic auditors, of the relevant entities for a five-year period. ABB provided the investors with access to relevant witnesses and records. The Opinion notes that this review entailed:
- Over 44,700 “man-hours” of work by more than 115 attorneys;
- Manual review of over 1,600 boxes and 4 million pages of documents and electronic files;
- Over 165 interviews of current and former employees and agents of the entities;
- Review by over 100 forensic accountants of details of hundreds of thousands of transactions in 21 countries; and
- 22 separate reports by investors’ counsel on the entities’ operations.
Obviously, such a level of effort is extraordinary and will not be the norm in M&A activity. The level of “due diligence” (in reality, a wide-ranging investigation) in this case likely reflected the fact that the FCPA issues had been disclosed by the target to the authorities prior to the transaction. In transactions that are not already under the enforcement microscope, the answer to the question of how much due diligence is due will vary with the risk profile of the acquiree, the history of the acquirer, and other circumstances of the transactions. In other words, it will likely need to be approached on a case-by-case basis, and adjusted as the transaction progresses.
Disclosure and Cooperation
ABB and recent cases are also noteworthy for the processes through which the punished activities were discovered and reported to the U.S. Government, and the ongoing obligations undertaken by the acquirer in order to secure a settlement. While in ABB the voluntary disclosure preceded the transaction, in Titan and InVision, the disclosure came as a result of the transaction. All three, however, involved voluntary disclosures and subsequent cooperation by the disclosing parties with the enforcement agencies. The ABB Opinion highlights some of the implications of such cooperation. In keeping with the enforcement agencies’ recent emphasis on “real-time enforcement”, the ABB Opinion states that all documents and witness interview memoranda were provided to the Justice Department and SEC as they were produced.
Continuing Disclosure Obligations and Comprehensive Compliance Program
All of the cases also required the settling firms to promise that they would continue to cooperate with U.S. and foreign authorities in any investigation of past payments by the acquired entities and would disclose any additional payments to the Justice Department upon discovery.
The settling entities also covenanted that it would ensure that the acquired entities adopted a “rigorous” anti-corruption compliance program covering not just the entities themselves, but all of the entities’ “business partners,” including agents, consultants, representatives, and joint venture partners. The Opinion lists the elements of that program, which are similar to other Justice Department lists of what it considers to be elements of best compliance practices under the FCPA, including a three-year comprehensive review by outside counsel and auditors of the program as a whole, and a training program that extends even to agents of the company.
In the ABB Opinion, the Department noted that while the program provides “significant precautions” against future FCPA violations, the opinion “should not be deemed to endorse any specific aspect of the Requestors’ program.” This may become a standard disclaimer for any such listing in the future, allowing the Department maximum flexibility in the instance of a specific enforcement action.
A Continuing Signal of “Buyer Beware”
The profile of international regulatory compliance due diligence in the M&A context has been rising steadily since late 2002, when a Commerce Department administrative law judge ruled in the Sigma-Aldritch case that an acquirer could not avoid successor liability for a target's violations of the Department's export control regulations simply by structuring the sale as an asset transaction. That ruling’s disregard of standard corporate liability rules has been much debated.
Whether or not the result was correct, and whether or not the export controls case might be distinguishable from FCPA context because of the significant “in rem” features of the former, the reality is that several enforcement actions have underscored the risk of liability on the surviving company of a merger or acquisition for violations that are committed by an acquiree. Besides the Titan fines of $28 million, fines in these cases have ranged from $16.4 million total in ABB, to $3 million in Syncor, to $1.9 million in InVision.
Shareholder Disclosure Obligations
A lesson to be gleaned from the just-announced Titan case is the importance of ensuring the accuracy of all representations made in merger agreements and other contracts when they are disclosed to shareholders.
At the time it settled the FCPA case against Titan, the SEC, in a Section 21(a) Report, announced its intent to investigate Titan for making representations which it knew or should have known were misleading in the Titan-Lockheed merger agreement and proxy statement that were disclosed to shareholders. In those disclosures, Titan included representations that the company was not aware of any past FCPA violations by the company that could create liability.
The SEC noted that, although the merger agreement and proxy statement were amended several times due to subsequent investigations of Titan for FCPA violations, Titan did not modify the FCPA representation.
A Limited Precedent?
That thorough due diligence and rigorous compliance measures may shield an acquiring company from successor liability will be, on the one hand, welcome news. At the same time, the extent and, presumably, cost of the extensive measures cited in the ABB Opinion are such that they would be impractical in many circumstances and thus of limited value as a template for other M&A situations. Moreover, none of these cases have clearly addressed the issue of successor liability, and how it may be affected by the structure of a transaction.
Regardless of the outcome of this debate over the level of measures appropriate to a specific case, these recent cases make it clear that FCPA due diligence cannot be ignored in an M&A transaction and, indeed, may need to occupy a much more central role than may have been the case in the past, particularly where high risk countries and industries are involved. The recent cases also suggest that the traditional indemnities, and perhaps even assumptions about structure (for example, the difference between asset and stock transactions), may no longer be adequate and that the absence of appropriate and thorough due diligence may result in successor company liability for past FCPA violations.
An attachment to this Alert provides more details on the recent relevant cases and transactions.