Skip to main content

DOJ and SEC Issue Second Edition of FCPA Guide

International Alert

On July 3, 2020, the U.S. Department of Justice (DOJ) and Securities and Exchange Commission (SEC) released a Second Edition of the Resource Guide to the U.S. Foreign Corrupt Practices Act (FCPA) (the Guide), which the agencies originally released in November 2012. The Guide summarizes the key aspects of the FCPA, sets out the agencies' positions related to interpretation of statutory provisions and relevant legal principles, and discusses the agencies' enforcement policies and priorities, including as to the requirements and benefits of an effective FCPA compliance program and related controls. 

Overall, the Second Edition of the Guide does not substantially change the agencies' positions on the interpretation of the FCPA or their enforcement priorities. Rather, the new edition is an update that accounts for almost eight years of developments – including some international developments – since the original's issuance. As stated in the Guide's new Foreword: "[a]lthough many aspects of the Guide continue to hold true today, the last eight years have also brought new cases, new law, and new policies," including "new case law on the definition of the term 'foreign official' under the FCPA, the jurisdictional reach of the FCPA, and the FCPA's foreign written laws affirmative defense." The Foreword notes that the update also "addresses certain legal standards, including the mens rea requirement and statute of limitations for criminal violations of the accounting provisions"; "reflects updated data, statistics, and case examples"; and "summarizes new policies applicable to the FCPA that have been announced in the DOJ's and SEC's continuing efforts to provide increased transparency."

The Foreword also adds new language that reiterates the agencies' public commitment to continuing the fight against corruption in the face of questions that periodically have arisen regarding the current administration's commitment to the FCPA:  

Foreign bribery is a scourge that must be eradicated. It undermines the rule of law, empowers authoritarian rulers, distorts free and fair markets, disadvantages honest and ethical companies, and threatens national security and sustainable development. This updated Guide is meant not only to summarize the product of the dedicated and hardworking individuals who combat foreign bribery as part of their work for the U.S. government, but also to help companies, practitioners, and the public – many of whom find themselves on the front lines of this fight – prevent corruption in the first instance.

While this sentiment should be tested against actual enforcement data (which we will continue to monitor), this language is as strong a public statement on the topic as any similar messages have been in the last 20 years.

In this alert, we highlight some noteworthy aspects from a preliminary review of the updated Guide. The agencies have made changes in one form or another to almost half of the 133 pages in the Guide, so this alert will focus only on those we consider to be of the most interest to compliance professionals. Also, as will be discussed below, the Guide is densely footnoted and, true to form with other legal publications, contains important pieces of information in those notes. We will continue to analyze these notes for further insights into the agencies' positions and policies as they affect companies and persons covered by the FCPA.

Non-Binding Legal Status of the Guide

As with the previous edition, the updated Guide states that it is "non-binding, informal, and summary in nature" and that its text "does not constitute rules or regulations." The new edition reinforces this position with the addition of language that the "guidance reflects the views of the [SEC's] Division of Enforcement, but it is not a statement by the Commission and the Commission has neither approved nor disapproved its content." As a result, the Guide would have little legal authority if cited in court. At the same time, the Foreword at least implies that companies can rely on the agencies maintaining positions that are consistent with the Guide by noting that the Guide is meant "to help companies, practitioners, and the public – many of whom find themselves on the front lines of this fight – prevent corruption in the first instance."

Updates on Cases and Non-Binding Dispositions

As noted by the Foreword, the Guide incorporates discussions of the agencies' view of the legal effects of notable court decisions relevant to the FCPA from the past few years. These court decisions include the Eleventh Circuit's decision in United States v. Esquenazi (discussing the definition of an "instrumentality" and setting out a list of fact-based factors relevant to determinations of government "control" of an entity); the Supreme Court's rulings in Kokesh v. SEC (defining disgorgement as a "penalty" subject to the relevant five-year statute of limitations) and SEC v. Liu (restricting the use of disgorgement in certain contexts and requiring disgorgement calculations to account for certain factors); and the Second Circuit's ruling in United States v. Hoskins (which limited the use of conspiracy and aiding and abetting charges based on jurisdictional requirements).

While the Guide's summaries are accurate, in some cases the agencies' statements emphasize the limitations of the court holdings or note areas of enforcement practice they consider to be not bound by the relevant rulings. For example, the Guide's discussion of Hoskins (p. 36) emphasizes that the decision applies only to the Second Circuit (which is correct from a jurisprudential point of view) and makes a point to note that the Illinois district court decision in United States v. Firtash "rejected the reasoning in the Hoskins decision, and concluded that the defendants could be criminally liable for conspiracy to violate the FCPA anti-bribery provisions and aiding and abetting a violation, even though they do not 'belong to the class of individuals capable of committing a substantive FCPA violation.'" In addition, the Guide notes (on p. 46) that "[u]nlike the FCPA anti-bribery provisions, the accounting provisions apply to "any person," and thus are not subject to the reasoning in the Second Circuit's decision in United States v. Hoskins limiting conspiracy and aiding and abetting liability under the FCPA antibribery provisions."

In another example, rather than focusing on the limits set out by the decision, the Guide accentuates the positive in its summary of the Liu decision (on p. 71, in a new section on "Forfeiture and Disgorgement"): "'[e]quity courts have routinely deprived wrongdoers of their net profits from unlawful activity,' and [the Court held] that disgorgement is permissible equitable relief when it does not exceed a wrongdoer's net profits and is awarded for victims." In what is perhaps a more subtle nod to the effects of the Supreme Court decisions on the SEC's ability to impose equitable remedies, the updated version of the Guide changes the language discussing the SEC's ability to impose monitorships – from "can obtain other equitable relief, such as enhanced remedial measures or the retention of an independent compliance consultant or monitor" to "also can order other relief to effect compliance with the federal securities laws, such as enhanced remedial measures…. (emphasis added)." Another uncited revision can be seen in the deletion of language from the discussion on jurisdiction over foreign nationals on p. 11: after the phrase "a foreign national who attends a meeting in the United States that furthers a foreign bribery scheme may be subject to prosecution," the old edition had contained a further statement – "as may any co-conspirators, even if they did not themselves attend the meeting. A foreign national or company may also be liable under the FCPA if it aids and abets, conspires with, or acts as an agent of an issuer or domestic concern, regardless of whether the foreign national or company itself takes any action in the United States." The Hoskins holding may have caused this language to be dropped in the updated Guide.

The new edition of the Guide contains numerous summaries of FCPA dispositions from the past eight years, some of which replace discussions of older cases covering similar issues. The agencies have also updated the Guide's extensive footnotes with such cases (as well as court decisions, where relevant). While these summaries are useful to compliance professionals as illustrations of potentially problematic fact patterns and the agencies' views thereon, it should be recalled that most of the dispositions cited are the results of negotiations between the relevant agencies and entities and are not precedent binding on the agencies or U.S. courts. 

Updated but Limited Recognition of International Developments and Dimensions

The updated Guide includes discussions in various places of relevant international anti-corruption developments. The "International Landscape" section of Chapter 1 is significantly expanded, discussing updates to the various international conventions (including, for example, the OECD Working Group evaluation process in which the United States continues to participate, and the number of states that have signed the UN Convention Against Corruption), and noting certain legal developments in other countries (such as the passage in France of the Sapin II law in December 2016). Several sections of the Guide reference U.K. developments, including, for example, the adoption of Deferred Prosecution Agreement (DPA)-style corporate dispositions. Chapter 6, on penalties and consequences, includes a discussion on debarment by multilateral development banks and the agencies' cooperation efforts in such proceedings. 

That said, because it remains focused primarily on U.S. agency actions, the updated Guide does not discuss many of the complex issues that companies in corruption investigations today face related to international enforcement dynamics. For example, there is no discussion of the challenges that data privacy laws such as the EU's General Data Protection Regulation present to companies in terms of collecting and sharing evidence that the U.S. agencies require as conditions of cooperation. There are also no indications that, for example, different countries' definitions or treatment of legal privileges, due process, or corporate liability can create substantial strategic and tactical issues that can fundamentally affect FCPA-related investigations and can create significant costs for companies. Companies and persons looking to understand these issues must look elsewhere. 

Integration of DOJ Policies

The updated Guide references and summarizes DOJ policies introduced since the first edition, including the FCPA Corporate Enforcement Policy (CEP); the policy on "Coordination of Corporate Resolution Penalties" (also known as the policy against "piling on" of penalties); guidelines of the "Selection of Monitors in Criminal Division Matters"; and the guidance on "Evaluation of Corporate Compliance Programs." Some of these policies receive their own new summary sections, while others, especially the CEP, have driven changes seeded throughout the Guide's text. Below are some noteworthy examples of the Guide's discussions of and elaborations on these policies. 

  • Principles of Prosecution. In addition to a new section summarizing the CEP itself, the CEP's framework has resulted in changes to the Guide's discussion of how the DOJ applies the Principles of Federal Prosecution of Business Organizations. The summary on p. 51 now discusses "[t]en factors [that] are considered in conducting an investigation, determining whether to charge a corporation, and negotiating plea or other agreements." The old edition discussed nine factors; the new one results from the break-out of "the corporation's willingness to cooperate with the government's investigation" as a separate factor, consistent with that subject's importance in the CEP. The summary of factors also newly highlights the need to evaluate compliance program effectiveness "at the time of the offense, as well as at the time of a charging or resolution decision" (similar language is also added on p. 57 to the general discussion of evaluation of compliance programs per the recent DOJ guidance) and, in the discussion of a company's general remediation, adds language on the need to analyze "remedies resulting from the corporation's cooperation with relevant government agencies."
  • DOJ Declinations. The new edition of the Guide discusses the process for obtaining declinations under the CEP, and on pp. 52-54 discusses three specific examples in which such declinations were granted. The Guide discussion also states (on pp. 51-52), "[e]ven where aggravating circumstances exist, DOJ may still decline prosecution [under the CEP], as it did in several cases in which senior management engaged in the bribery scheme." The relevant footnote cites the Cognizant, Insurance Corp. of Barbados, and Guralp declinations as support for this statement. The new edition keeps the separate discussion of declinations (and the same anonymized examples) found in the first edition in the chapter on resolutions – now on pp. 79-81. The only update is added language that references the earlier CEP declination discussion and states that "[o]ther than those pursuant to the CEP, neither DOJ or SEC typically publicizes declinations…" This language suggests that the DOJ has continued to decline enforcement in cases outside of the formal CEP framework. Finally, the Guide summary (p. 52) also notes that the CEP (and its presumption toward declinations) only applies to the DOJ, and "does not bind or apply to the SEC"; the relevant footnote references different agency dispositions in the Dun & Bradstreet and Nortek matters.
  • Compliance Monitors. The Guide's discussion of the use of compliance monitors has been overhauled to account for the DOJ's monitor guidance, and it is clear that here (as in some instances elsewhere in the Guide), the SEC has agreed to the same principles. The discussion states (on p. 74) that monitors "should never be imposed for punitive purposes," echoing the DOJ guidelines. The summary updates the list of factors considered by the agencies to determine whether a monitor is appropriate, focusing, for example, on the "quality of the company's compliance program at the time of resolution" and "whether the company's current compliance program has been fully implemented and tested." The Guide also now states, "[w]hen both DOJ and SEC require a company to retain a monitor, the two agencies have been able to coordinate their requirements so that the company can retain one monitor to fulfill both sets of requirements" – an assertion that is generally borne out by our monitorship experiences. 
  • "Piling On." The Guide introduces (on p. 71) a new section on this important consideration in any investigation, aligned with the DOJ's guidance in the Justice Manual. The discussion cites the Braskem case as an example and provides some statistics on other cases resolved in cooperation with foreign authorities – "more than 10 cases" for the DOJ and "at least five" cases for the SEC. A footnote (381) lists at least some of these cases.

Summaries of the Anti-Bribery Provisions

The updated Guide's discussions of the various elements of the FCPA's anti-bribery provisions, for the most part, have not fundamentally changed. As noted above, where judicial decisions have impacted the substance, such decisions are incorporated – for example, the holding of Esquenazi in the summary of how the agencies assess potential government control of an instrumentality. 

In many places the Guide provides updated examples in the text and in footnotes that cite to recent dispositions, including from early 2020. For example, the discussion on pp. 9-10 of jurisdiction over foreign issuers updates SEC statistics on the number of such issuers registered with the SEC (down to 923 in 2015 from 965 in 2011) and, for the proposition that "officers, directors, employees, agents, or stockholders acting on behalf of an issuer (whether U.S. or foreign nationals) also can be prosecuted under the FCPA" cites to the relatively recent Ericsson, Leissner, and Colin Steven cases as support. 

In other sections, the Guide summarizes or cites more recent cases to illustrate or expand on key concepts, including Odebrecht (cash payments), SBM Offshore and Ericsson again (gifts, travel, and hospitality issues), and Joo Hyun Bahn, et al., (defining corrupt intent and the proposition that it is not necessary for the "foreign official actually to solicit, accept, or receive the corrupt payment for the bribe payor to be liable"). In some instances, the case summaries illustrate enforcement risks that were not clearly delineated in the first edition; an example is the discussion of the Credit Suisse case on p. 16 showing that hiring children of officials "to win business" can create FCPA liability. 

Generally, the illustrative hypotheticals that many companies found to be one of the most helpful elements of the first edition of the Guide have not been updated. This signals that the principles elucidated by the hypotheticals – for example, that small gifts and inexpensive hospitality generally are not the subject of enforcement interest – remain valid. 

One other aspect of these updates that bears note is the citation by the agencies of jury instructions and trial transcripts to support their interpretations of key concepts, such as "corruptly" or "willfully." The first edition of the Guide included such references, but the increase in FCPA-related trials of individuals in the intervening period has provided many more examples for the agencies to use for support. A notable example is the Guide's discussion on p. 24 of the Ng Lap Seng case as it relates to the interpretation of the local law affirmative defense. The summary relies completely on various citations to the trial transcript to describe the trial court's rejection of the defendant's interpretation of the defense that contrasted with the agencies' view. 

Statutes of Limitations

The updated Guide adds three statements worth noting in regard to statutes of limitations. First, the Guide adds a new sentence that clarifies, "For [criminal] violations of the FCPA accounting provisions, which are defined as "securities fraud offense[s]" under 18 U.S.C. § 3301 [which provision includes 15 U.S.C. §78ff(a)], there is a limitations period of six years (emphasis added)." The six-year period is contrasted with the five-year period for civil violations. 

Second, the Guide adds new language on the use of tolling agreements, stating that "[c]ompanies and individuals may choose to [sign a tolling agreement] so that they may have additional time to do their own investigation of the conduct, as well as to give them an opportunity to meet with the government to discuss the case and attempt to reach a negotiated resolution." While true (as FCPA investigations often take substantial amounts of time, in part due to the need to collect evidence abroad), this language does not capture all of the considerations at play with regard to tolling agreements. On the one hand, the comments to section 9-28.210 of the Principles of Federal Prosecution of Business Organizations state, "[e]very effort should be made to resolve a corporate matter within the statutorily allotted time, and tolling agreements should be the rare exception." On the other hand, though this is not set out formally in the CEP, in many FCPA cases companies feel pressure to sign on to tolling agreements with the DOJ in order to be seen as fully cooperating by the DOJ to preserve their chances of a declination. It is at least encouraging that the updated Guide does not formalize any such requirement. 

Third, the Guide clearly states the effect of Kokesh on the statute of limitations for disgorgement.

Summaries of Internal "Accounting" Controls

The primary changes in the text of the updated Guide's summaries of the FCPA's accounting provisions relate to how "internal controls" are discussed. As a result of language in some dispositions in the past few years, some commentators have argued that the SEC has effectively subsumed corporate compliance programs within the definition of "internal controls" – ignoring the language in the statute that actually defines the applicable requirements as "internal accounting controls." That criticism notes that key aspects of compliance programs, for example training of employees and the communication of ethics-based messaging by management, fall well outside the scope of accounting controls focused on a much narrower set of concerns related to management approval of transactions and control over access to assets. Thus, the argument concludes, a finding that deficiencies in least certain elements of a corporate compliance program represent a violation of the internal accounting controls requirements cannot be grounded in the plain language of the statute. Language in the first edition of the Guide expressed the expansive view of "internal controls" that the above argument criticizes. Most directly, in two different places that edition includes the following language: "an effective compliance program is a critical component of a company's internal controls (emphasis added)."  

The updated edition of the Guide appears to recognize the critique and attempts to re-frame the agencies' positions in a manner that is closer to the statute's actual language. In many (though not all) places, the phrase "internal controls" has been replaced with "internal accounting controls." The introduction to the main summary (on p. 40) now contains the following language: "[a]lthough a company's internal accounting controls are not synonymous with a company's compliance program, an effective compliance program contains a number of components that may overlap with a critical component of an issuer's internal accounting controls (emphasis added)." The older language in the other reference has been changed (on p. 56) to read: "[i]n a global marketplace, an effective compliance program reinforces a company's internal controls and is essential to detecting and preventing FCPA violations (emphasis added)." At least two other discussions (on p. 41) now distinguish between compliance programs and internal accounting controls. 

Whether these changes represent a change in the SEC's actual enforcement approach to this issue in future cases remains to be seen, but the updated language at least recognizes the distinctions and can be helpful for advocates arguing these points. 

Additional Language on M&A Due Diligence

Except for some updates to relevant cases (citing or summarizing, for example, the Technip and Alstom matters), the sections on mergers and acquisitions and successor liability remain largely unchanged. There are no changes to the sections on "practical tips" or the hypotheticals discussions. The updated Guide does include (on p. 29) new language consistent with the CEP regarding both agencies' recognition of "the potential benefits of corporate mergers and acquisitions, particularly when the acquiring entity has a robust compliance program in place and implements that program as quickly as practicable at the merged or acquired entity." More helpful is additional language on the same page that states:

DOJ and SEC also recognize that, in certain instances, robust pre-acquisition due diligence may not be possible. In such instances, DOJ and SEC will look to the timeliness and thoroughness of the acquiring company's post-acquisition due diligence and compliance integration efforts.

Compliance Programs

As noted, the updated Guide revises its discussion of the importance and key elements of corporate compliance programs (on pp. 56-68) with specific references to the DOJ's recent program evaluation guidance (to which the SEC effectively accedes, although the agencies' alignment on, for example, the hallmarks of an effective program has been visible for a long time in their public case disposition documents). We have commented previously on this guidance as it has been updated. Subtle language changes highlight the agencies' increased emphasis on a program being "effectively" implemented in the field (the prior edition spoke of "thoughtfully" implemented programs). Language changes elsewhere also support the need for data-driven assessments of actual program effectiveness, again consistent with the June 2020 revisions to the DOJ guidance. This includes a reformulation of the "three basic questions" for evaluating a program to include: "[d]oes it work in practice?" (emphasis added).

More generally, the compliance program section of the updated Guide includes new or revised language on various hallmarks, including a new section on "Investigation, Analysis and Remediation of Misconduct," and modifications to the discussions on confidential reporting and internal investigations, continuous improvement, and, as noted above, M&A activity. As is the case elsewhere, however, the hypotheticals and the "Compliance Program Case Study" (summarizing the results of the 2012 Morgan Stanley dispositions related to the company and a former executive, now on p. 68) have not been updated, despite at least one more recent example that is relevant. The references to other U.S. or international guidance also have not been updated (with the exception of some footnotes citing to more recent versions), and thus guidance issued by, for example, U.K. authorities, is not noted. 

Roles of DOJ/SEC and Other U.S. Agencies

The Guide's summaries of the roles of the DOJ and SEC in FCPA cases are largely unchanged from the first edition. One change, on p. 3, clarifies that "[t]he FCPA Unit within the Fraud Section handles all FCPA matters for DOJ" (emphasis added), replacing prior language stating that "FCPA matters are handled primarily by the FCPA Unit." This statement recognizes long-standing efforts by Main Justice to centralize FCPA criminal enforcement.

The discussions on pp. 5-6 of the Guide summarize the increasing roles taken by other U.S. agencies over the past few years in combatting foreign public corruption – including the Federal Reserve, the Commodities Futures Trading Commission (CFTC), and the Financial Crimes Enforcement Network (FinCEN) (in addition to the Office of Foreign Assets Control (OFAC), the Department of Homeland Security, and the Internal Revenue Service, all of which were recognized in the first edition). The Guide also expands its discussion of Department of Commerce efforts, including noting U.S. Foreign Commercial Service (USFCS) resources available to assist companies with due diligence inquiries in various countries and citing the International Trade Administration's (ITA) resources and guidance for reporting "Concerns about Corruption" as a potential foreign trade barrier to the ITA. Finally, the Guide summarizes updated Department of State and United States Agency for International Development (USAID) anti-corruption efforts and resources.


All in all, the updated Guide remains a useful source of information on the DOJ's and SEC's views regarding the interpretation and enforcement of the FCPA. As is suggested in this alert, however, users of the Guide should continue to be aware of the Guide's status as a non-binding summary that in some places omits or does not fully discuss key aspects of FCPA-related investigations and compliance issues that companies face in their day-to-day operations. 

For more information, please contact:

John E. Davis,, 202-626-5913

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.