Skip to main content

FCPA Autumn Review 2022

International Alert


The third quarter of 2022 featured a major policy pronouncement on corporate criminal enforcement by the U.S. Department of Justice (DOJ), although Foreign Corrupt Practices Act (FCPA)-related enforcement activity by the DOJ and the U.S. Securities and Exchange Commission (SEC) remained at levels consistent with the past few quarters. Other notable developments included two corporate dispositions, the latest appellate ruling in the long-running Hoskins case, a key court decision limiting certain whistleblower protections in FCPA cases, new Magnitsky sanctions for corrupt activities, new issues related to the Glencore case, and a number of international developments. 

On September 15, 2022, Deputy Attorney General (DAG) Lisa Monaco issued a new memorandum (Monaco Memo) on "Further Revisions to Corporate Criminal Enforcement Policies" that will apply across all the DOJ's "components," including the Fraud Section. This new memorandum follows DAG Monaco's October 28, 2021 memorandum on "initial revisions" to those policies and is the result of an evaluation process by the DOJ's Corporate Crime Advisory Group that included input from the private sector and defense bars. The new memorandum announces new guidance for DOJ prosecutors in several key areas of interest to companies potentially facing criminal investigations, including the prioritization of building cases against culpable individuals in parallel with related corporate investigations, evaluations of a company's history of prior corporate misconduct in making decisions about resolving present investigations, new commentary on how to evaluate a company's corporate compliance program – including new specific discussion of the role of executive compensation structures, expansion of prior DOJ guidance on corporate policies related to use of personal devices and "third party applications," – and other issues. We discuss the Monaco Memo in detail here

Corporate Enforcement Actions

The DOJ and SEC announced two FCPA-related corporate enforcement dispositions in the third quarter, both in September. The first disposition by the DOJ and SEC involved the Brazilian airline GOL Linhas Aéreas Inteligentes S.A. (GOL), which entered a three-year deferred prosecution agreement (DPA) with the DOJ and a Cease-and-Desist Order with the SEC. The second settlement, involving only the SEC, covered Oracle Corporation. While this pace of eight corporate announcements after three quarters likely puts the agencies on pace to exceed their 2021 numbers, more will be needed to match their pre-pandemic averages over the medium and long term. 

Resolved FCPA Enforcement Actions by Year (2009-2022)

The GOL case is notable for the company's success in arguing that it was unable to pay the penalties initially determined appropriate by the DOJ and SEC, resulting in substantial reductions in the fines actually assessed. The agencies also did not require GOL to appoint an Independent Compliance Monitor, though the company is required to self-report on the implementation of an enhanced compliance program and to issue certifications – including the new Chief Compliance Officer (CCO) certification recently introduced and championed by the Criminal Division – at the end of the reporting period. Oracle settled its second FCPA case with the SEC (the first occurred in 2012). Both Oracle settlements concerned controls around third-party distributors. 

In other corporate matters, Glencore is continuing to manage issues related to its FCPA disposition with U.S. authorities, which we discussed last quarter. The company's sentencing for that case has been delayed until November 21, 2022 at the request of the DOJ, which noted that the DOJ "is continuing to engage with Swiss authorities in connection with issues relating to the imposition of an independent compliance monitor." On November 3, a London court ordered Glencore to pay almost £281 million in penalties and forfeitures in the related case brought by the U.K. Serious Fraud Office (SFO).  The court noted that the conduct underlying the corruption charges “represent[ed] sophisticated offending that was sustained over prolonged periods of time.” In mid-October 2022, according to a report in Global Investigations Review, the federal court overseeing the case granted a request by the owners of a medical services company to argue for restitution from Glencore as victims of Glencore's bribery that led to an adverse result for the medical services company during litigation in the Democratic Republic of Congo. Glencore also continues to face investigations by other government authorities, including those in the Netherlands, Switzerland, South Africa, and Cameroon. 

In the DOJ market manipulation case brought in parallel with the FCPA case, the federal district court in Connecticut on September 23, 2022 sentenced Glencore to a fine of $341 million and required forfeiture of over $144 million. The sentence occurred after Glencore told the court that the company had entered a confidential settlement agreement with Mexican state-owned oil company Petroleos Mexicanos (Pemex) to resolve Pemex's separate restitution claims. 

Enforcement Actions against Individuals

Overall, the DOJ is on course to exceed the number of announced individual enforcement actions in 2021, though those totals are still well below pre-pandemic levels. 

Snapshot of Enforcement Activity Against Individuals (2009-2022)

On June 27, 2022, a federal district court in New York, per the SEC's request, entered a default judgment against a former Herbalife China executive and Chinese national, Yanliang "Jerry" Li, ordering him to pay $550,000 in civil penalties and issuing a permanent injunction against him related to allegations of bribery of Chinese officials. 

On July 19, 2022, the former Minister of Economy of Guatemala, Asisclo Valladares Urruela, pleaded guilty to conspiracy to launder approximately $350,000 derived from unlawful bribes between 2014-2018. Urruela also agreed to forfeit $140,000, the "sum of money equal in value to property constituting, or derived from, proceeds obtained by [Urruela]," and to cooperate with the investigation. 

On August 1, 2022, a federal judge ruled that Carlos Enrique Urbano Fermin, a Venezuelan businessman involved in a Petróleos de Venezuela, S.A. (PDVSA) bribe scheme, should forfeit $3 million. Urbano was sentenced in May 2022 to five years' probation. 

The DOJ announced several indictments related to foreign bribery during the quarter, including: charging three individuals (a Florida resident and two Ecuadorian citizens residing in Costa Rica) with multiple counts related to alleged bribes paid to officials of Ecuador's state-owned and controlled insurance companies Seguros Sucre S.A. and Seguros Rocafuerte S.A.; and charging two individuals (one a citizen of Switzerland and the other of Argentina) for money laundering related to an approximately $1.2 billion bribery and money laundering scheme involving PDVSA.

The DOJ also announced an indictment in August "charging Venezuelan national [Rixon Rafael Moreno Oropeza] for laundering the proceeds of substantially inflated procurement contracts obtained by making bribe payments to senior officials at Petropiar, a joint venture between Venezuela's state-owned and state-controlled energy company and an American oil company."  

In early September, the DOJ completed its extradition of two nationals of the Republic of the Marshall Islands (RMI) from Thailand, Cary Tan and Gina Zhou, and indicted them on FCPA, money laundering, and related conspiracy charges. According to the DOJ press release, "Yan and Zhou, as the president and assistant to the president, respectively, of a New York-based non-governmental organization, conspired…in connection with a multi-year bribery and money laundering scheme [involving] elected RMI officials…in exchange for supporting legislation creating a semi-autonomous region within the RMI…that would benefit the business interests of the defendants and their associates."

Finally, the appellate litigation involving a trial court's November 2021 dismissal of a DOJ indictment of Swiss national Daisy Rafoi-Bleuler (who is represented by Miller & Chevalier) based on jurisdictional grounds continues. On October 6, a three-judge panel of the U.S. Court of Appeals for the Fifth Circuit heard oral arguments from Rafoi-Bleuler and the DOJ. 

Declinations and Other Indicia of Enforcement Trends

The DOJ did not announce any public declinations this quarter. On August 1, Jacobs Engineering announced in a public filing that an SEC investigation dating from October 2019 had ended with the SEC notifying the company that no enforcement action would be taken. 

Boston Scientific disclosed in this quarter that the company was investigating potential FCPA issues in Vietnam after receiving a whistleblower report in March and that the company was cooperating with authorities. Ideanomics also disclosed an FCPA-related internal investigation in September, though the text of the disclosure did not discuss whether the company had self-reported to any agencies. Overall, the pace of announced FCPA investigations for the year is on track to be the lowest total since at least 2009.

Known FCPA Investigations Initiated (2009-2022)

We note, as always, that the numbers in this chart are subject to limitations on available public information, and because neither the DOJ nor the SEC disclose official investigations statistics in anything close to real time and only some companies are likely to disclose such information through SEC filings or other means, our investigation statistics are necessarily incomplete. 

Policy and Legislative Developments

As we noted, the new Monaco Memo issuing updated guidance to DOJ prosecutors on various issues was the most significant policy development of the quarter. 

Other developments of note include the continued imposition of economic sanctions by the U.S. Department of the Treasury on non-U.S. persons, including public officials, for their involvement in public corruption under the Global Magnitsky Human Rights Accountability Act. One notable instance of such sanctions in this quarter involved sanctions against multiple senior government officials of Liberia. Such sanctions are part of the current administration's overall Strategy on Countering Corruption (SCC). 

As evidenced in the Gol case, the DOJ is continuing to move forward with its plan (originally announced in March 2022) to require that company CCOs "certify at the end of the term of the agreement that the company's compliance program is reasonably designed and implemented to detect and prevent violations of the law (based on the nature of the legal violation that gave rise to the resolution, as relevant), and is functioning effectively." In a speech linked to the roll-out of the Monaco Memo in September, Assistant Attorney General (AAG) for the Criminal Division Kenneth Polite, Jr., reemphasized the DOJ's commitment to these certifications, arguing that they are "designed to give compliance officers an additional tool that enables them to raise and address compliance issues within a company or directly with the department early and clearly" and "meant to guarantee a seat at the table that all compliance officers should have in an organization with a functioning compliance program."  Noting that "some concern [has been] raised about this certification process," he continued:

For too long, [CCOs] have complained that compliance doesn't have the same voice in corporate decision-making. These certifications and other resources are empowering you to demand that voice. A corporate leader who ignores the emphasis we are placing on compliance does so at his or her own risk. But you cannot shy away from this role. You cannot run away from the responsibility. My call is that you embrace it, knowing full well that stronger, more empowered compliance voices are exactly what we need.

As we have noted previously, this requirement has been questioned and challenged by compliance professionals and the defense bar, who have raised a variety of concerns, including as to whether the certifications place undue personal risk on compliance professionals. Such concerns likely will only be addressed in actual cases in the coming years as the new certifications come due. 

On the personnel side, Glenn Leon, former CCO at Hewlett Packard Enterprise and a former DOJ prosecutor, became the Chief of the DOJ's Fraud Section during the third quarter. In September, former Anheuser-Busch InBev compliance officer Matt Galvin joined the DOJ in a newly created position as a compliance and data analytics counsel. It is anticipated that Galvin will bring his expertise in building a data analytics system for his former company to the DOJ, which has publicly cited similar systems run by the SEC (ARTEMIS, a system that assesses trading patterns) and the DOJ's own healthcare fraud unit as models. 

In July, Richard Nephew, a veteran former diplomat and national security official, was appointed as the Department of State's Coordinator on Global Anti-Corruption, a new position. He will lead the State Department's efforts related to implementing the SCC, including "enforcing the Foreign Corrupt Practices Act in multilateral fora" and "continu[ing] to call out and promote accountability for corrupt actors through our Global Magnitsky and other financial sanctions programs and the State Department visa restrictions."  

U.S. Court Decisions

The quarter saw the issuance of judicial decisions relevant to individual enforcement and whistleblower protections, among other issues. 

First, the U.S. Court of Appeals for the Second Circuit ended the long-running saga of the DOJ's prosecution of ex-Alstom employee Lawrence Hoskins by affirming his February 2020 acquittal on FCPA charges by the district court in the case. Hoskins was convicted for money laundering charges, however. The Second Circuit majority in the 2-1 opinion held that the district court properly acquitted Hoskins under criminal procedure Rule 29 because there was insufficient evidence of an agency or employee relationship between Hoskins and Alstom's U.S. subsidiary. The dissenting opinion disagreed as to the evidence and raised concerns about the ruling's effect on U.S. obligations under the Organisation for Economic Cooperation and Development (OECD) Anti-Bribery Convention. 

In July, the U.S. Court of Appeals for the First Circuit issued a ruling in Baker v. Smith & Wesson that confirmed the narrow scope of whistleblower protections for employees who report potential violations of the FCPA. The court held that the FCPA does not constitute a "rule or regulation of the [SEC]" within the meaning of Section 806 of the Sarbanes-Oxley Act (SOX) and therefore Section 806's protections against retaliation do not apply. As discussed below, the First Circuit holding is similar to a 2019 ruling by the Ninth Circuit in the case of Wadler v. Bio-Rad Laboratories, Inc.

Also in July, the U.S. Court of Appeals for the Fourth Circuit affirmed the November 2019 conviction of former transportation executive Mark Lambert on various counts, including FCPA and related conspiracy charges. Lambert had argued various errors by the trial court, including erroneous exclusion of certain evidence and issues with jury instructions. The Fourth Circuit, however, found "no reversible error" and affirmed the trial court rulings. 

International Developments

In July, the French National Financial Prosecutor's Office (PNF) announced that the Judicial Court of Paris approved two non-trial disposition agreements related to allegations of bribery and corruption against two French companies: digital security company Idemia Group and oil and gas engineering company Doris Group S.A. 

On July 7, 2022, the Irish government launched the Corporate Enforcement Authority (CEA), "a new statutory independent agency with the staff and resources to investigate and prosecute breaches of company law." According to the government's media release, the new authority and added budget are among the "new measures to tackle economic crime and corruption through the cross-Government Implementation Plan arising from the report of the Review of Structures and Strategies to Prevent, Investigate and Penalise Economic Crime and Corruption (Hamilton Review Group) led by the Minister for Justice."  

On July 12, 2022, the Brazilian government published a new decree that amended the main Brazilian anticorruption law. The new decree addresses the process for negotiating leniency agreements with the relevant Brazilian authorities and provides an updated range and definition of fines that must be taken into consideration. In addition, the decree contains guidance on the expectations of the authorities when assessing and monitoring a company's corporate compliance program. 

On July 19, the Milan Court of Appeal upheld a Milan trial court's March 2021 acquittal of multinational energy companies Shell and ENI, as well as former senior company executives, related to actions in Nigeria involving alleged corruption by senior Nigerian officials related to oil licenses. The decision and related actions effectively conclude the criminal side of the Italian court proceedings, although the Government of Nigeria is continuing to appeal on the civil side in order to claim restitution totaling $3.5 billion. On July 21, the Dutch Public Prosecutor's Office (OM), which had been conducting its own investigation of Shell since 2016 in coordination with the Italian authorities, announced that it was "dismiss[ing] the criminal case against Shell," citing the finality of the Italian acquittal and the international law principle of ne bis in idem, which per the OM announcement "means that if a suspect has been irrevocably acquitted by a criminal court, the same suspect may not be brought before a court and tried again for the same offence."

In mid-July, a Swiss appeals court ruled that Gulnara Karimova, the daughter of the former president of Uzbekistan, was not a public official under Swiss law, and thus, according to the court, "the existence of the crime of money laundering and bribery is not demonstrated." The ruling allows Karimova, who is imprisoned in Uzbekistan, to continue efforts to obtain access to almost 300 million Swiss francs that have been frozen in Swiss bank control. Karimova was at the center of three large FCPA-related enforcement actions involving telecommunications companies Telia, VimpelCom, and MTS

Corporate Enforcement Actions

Brazilian Airline GOL Resolves Parallel FCPA Investigations by DOJ and SEC for Violations of Anti-Bribery and Books-and-Records Provisions

On September 15, 2022, the DOJ and SEC announced that GOL, the second largest domestic Brazilian airline and an "issuer" as defined by the FCPA, agreed to resolve parallel investigations by the two agencies involving charges against the company for violating the FCPA's anti-bribery and accounting provisions.

As a result of the resolution, GOL entered a three-year DPA with the DOJ, which charged GOL with one count of conspiracy to violate the FCPA's anti-bribery and books and records provisions. The company also consented to the entry of SEC's Cease-and-Desist Order. The company agreed to pay over $41 million in penalties, including $17 million in criminal penalties to the DOJ and $24.5 million in disgorgement and prejudgment interest to the SEC. The DOJ agreed to credit $1.7 million to be paid to the Brazilian authorities to resolve a concurrent investigation, at which time the DOJ penalty will go down to $15.3 million. All payments to the U.S. authorities are to be made over the next two years, based on findings under the agencies' "inability to pay" processes, which are discussed below. The company also undertook to self-report to the DOJ on the implementation of compliance program improvements and updates over the term of the DPA. 

According to the DPA and the SEC Order, "[b]etween in or about 2012 and in or about 2013, GOL, together with others, including [a] GOL Director and [a third party] knowingly and willfully conspired and agreed with others to corruptly offer and pay approximately $3.8 million in bribes to Brazilian government officials … to secure an improper advantage in order to obtain or retain business for GOL." The case documents also state that GOL failed to devise and maintain an adequate system of internal accounting controls in 2012 and 2013, resulting in disregard and non-compliance with Gol's procurement and purchasing policies and lack of oversight.

According to the SEC Order, in 2011, the Brazilian authorities were contemplating measures to stimulate their country's economy, among which were lowering payroll taxes from 20 percent to one to three percent. Originally, the airline industry was not among those sectors covered by the proposal. The SEC alleges that around the same time a member of the Board of Directors of GOL (GOL Board Director) agreed to pay $5.4 million as bribes to various Brazilian politicians, including a senior legislator, to have the airline industry included in the list of sectors of economy that would benefit from the new measure.

In September 2012, the change in the law's coverage benefiting GOL was included in the legislation (and subsequently became law in January 2013). The case documents state that thereafter the company, through its subsidiary and the GOL Board Director, paid the equivalent of $1.14 million in bribes to at least one Brazilian official from October 2012 through November 2013. The payments took various forms, including payments to companies controlled by Brazilian politicians that were characterized as "legitimate advertisement expenses" or "reimbursements for online advertisement[s]." Some of these payments utilized U.S. dollar correspondent accounts held by U.S. banks. Both the SEC Order and the DPA note that, in all, GOL saved the "approximate equivalent of $39.7 million" in payroll taxes in 2013.

According to the case documents, GOL also made illicit payments to Brazilian officials to pass legislation to lower the aviation fuel tax in Brasília, Brazil's capital, from 25 percent to 12 percent. These payments were handled through an intermediary and were paid both to officials and a political party. To hide the bribes, the parties used various companies, intermediaries, and forged documentation, in some cases characterizing bribes as "a fee for other services provided even though the services were never rendered." As a result, in May 2013, Brasília lowered its aviation fuel tax to 12 percent. In all, GOL saved the approximate equivalent of $12.24 million from lower aviation fuel taxes and the resulting increased efficiencies related to using Brasilia as a refueling hub.

With regard to jurisdiction, the case documents describe specific ties to the U.S. related to the payments and related communications. In addition to the use of U.S. correspondent banks noted above, the SEC Order notes that at least one payment went from a Bahamian company controlled by the GOL Board Director "to a U.S.-based company that a close associate of [a] Brazilian Official owned." The SEC Order also states that a "close associate" of a Brazilian official, who was acting as an intermediary for the payments, discussed the bribe schemes with the Brazilian official and others "in person, by phone, and via an ephemeral messaging application that uses end-to-end encrypted and content-expiring messages with servers exclusively located in the U.S."

When discussing the weaknesses in GOL's internal accounting controls, the SEC Order states that "GOL paid the vendors involved in this bribe scheme even though most of these vendors' purported services were never rendered." Because "the procurement process did not include an effective review of the documentation submitted before or after the disbursement of funds to monitor compliance with GOL's purchase policy," the process "relied primarily on the GOL Director for authorization and verification of these services with little oversight or review." The DPA notes that the GOL Board Director had "his own budget or 'Cost Center'" at the company and directed many of the payments to the various involved intermediaries through that cost center. This cost center "had been created for GOL Director under the legal department" but the DOJ emphasized that the GOL Board Director "had spending discretion without clearly defined controls and limits."

GOL undertook various remediation steps cited by the U.S. agencies. The DPA states that the GOL Board Director "resigned from his position and has had no role at the Company since." Other remediation steps included "conducting a comprehensive risk assessment"; "redesigning its entire anti-corruption compliance program," including changing aspects related to third parties; creating a new compliance function with a new chief compliance officer; and "terminating its relationships with third parties involved in the misconduct."

In a speech on September 16, 2022, the day after the GOL disposition was announced, AAG Kenneth Polite, Jr., noted that the DOJ did not impose a Monitor "because at the time of the resolution, the company had redesigned its entire anti-corruption compliance program, demonstrated through testing that the program was functioning effectively, and committed to continuing to enhance its compliance program and internal controls."  

Key Takeaways

  • Significant Reduction in Liability Based on Financial Condition: According to the official documents, the DOJ calculated – based on factors in the U.S. Sentencing Guidelines – that the appropriate criminal penalty for GOL's conduct was $87 million. GOL did not receive credit for self-disclosure but did receive credit for full cooperation with the DOJ's investigation. However, GOL petitioned under the DOJ's inability to pay guidance to have the penalty reduced. Per the DPA, GOL made certain requisite representations and provided supporting evidence to the DOJ regarding the company's financial condition. The DOJ conducted "an independent analysis verifying the accuracy of those representations" and received a forensic accounting report. As a result of this intensive process, the DOJ agreed to reduce the penalty to $17 million. Similarly, the SEC Order states that GOL should pay disgorgement of $51,940,000 and prejudgment interest of $18,060,000, for a total of $70 million to the SEC. However, based upon GOL's evidence of inability to pay such amounts, the SEC reduced that amount to $24.5 million. 
  • Applying Compliance-Related Policies and Controls to Everyone: The overwhelming majority of illicit actions described by the DOJ and SEC documents were directed and executed by the GOL Board Director. As noted, the director had access to company funds through his own budget and cost center, but the company's controls did not create sufficient oversight and review of the director's use of such funds. Other FCPA cases have involved the use by senior executives of special funds or budgetary authorities outside of the full scope of a company's internal controls and compliance policies – for example, the SQM matter. The GOL disposition is a reminder that anyone with access to company assets should be subject to appropriate policies and controls that effectively guard against risk of improper usage.
  • New Certifications: The DPA incorporates the DOJ's relatively recent requirement that the CEO and CCO certify at the end of the DPA's term that the company's compliance program is "reasonably designed" to prevent and remediate future violations of applicable laws, focused on anti-corruption and anti-fraud laws. This follows the first imposition of such a requirement in the Glencore resolution earlier this year and is an approach to which AAG Kenneth Polite, Jr., remains committed. In addition, the DPA also requires that the CEO and CFO certify at the end of the term that the company has disclosed all information it is required to disclose under the agreement, including "any evidence or allegation of conduct that may constitute a violation of the FCPA anti-bribery provisions had the conduct occurred" with the jurisdiction of the U.S.
  • Concurrent Brazilian Disposition: In addition to the U.S. dispositions, GOL concurrently resolved an investigation in Brazil related to the same facts, agreeing to pay "approximately $3.4 million in additional penalties or restitution" to the Brazilian Controladoria-Geral da União (CGU) and the Advocacia-Geral de União (AGU). The Brazilian investigation is tied to the long-running Lava Jato/Operation Car Wash cases. 

Oracle Settles with the SEC for FCPA Violations Related to Conduct at Three Subsidiaries

On September 27, 2022, Texas-based technology company Oracle Corporation (Oracle) agreed to pay the SEC $22.9 million (a civil penalty of $15 million plus $7.9 million in disgorgement and prejudgment interest) to settle charges that it violated provisions of the FCPA. Specifically, the SEC alleged that Oracle violated the FCPA's anti-bribery, books and records, and internal accounting controls provisions due to the conduct of agents and employees at its subsidiaries in Turkey, the United Arab Emirates, and India. 

Oracle settled without admitting or denying the findings. The SEC Order notes that Oracle's cooperation, remediation, and self-reporting of unrelated conduct were considered in the SEC's decision to settle the matter. 

The SEC Order highlights an approval system that the Order states permitted improper discounts and marketing reimbursements that generated excess funds to be paid as bribes. In both Turkey and the United Arab Emirates, excessive discounts and reimbursements funded off-book accounts at Oracle's "value added distributors" (VAD) and "value added resellers" (VAR). 


The SEC states that, in Turkey, Oracle's local affiliate (Oracle Turkey) requested and received excessive discounts and sham marketing reimbursement payments between 2009 and 2019 to finance off-book accounts at two VADs. Per the SEC Order, "Oracle Turkey sales employees referred to the accounts as 'havuz,' which means 'pool,' or 'kumbara,' which means 'moneybox'"; these "slush funds" were expressly prohibited by Oracle's internal policies. The funds in the account were used to pay for travel for clients, including foreign officials and their families, to technology conferences in Turkey and Oracle's own technology conference in the U.S. According to the SEC, this activity was known and condoned by the Turkish subsidiary's management, including the "country leader." 

The SEC Order discusses two other issues involving the Turkish subsidiary. First, in 2018, Oracle Turkey won a contract with the Turkish Ministry of the Interior after a sales representative paid for officials to travel to California, spending most of their time on leisure activities. The funds for the trip originated from a discount approved by Oracle's headquarters, where personnel did not request documentary support of the hypothetical competition that warranted the discount. Second, in 2016 and 2017, Oracle Turkey won contracts with Turkey's Social Security Institute after bribing officials through an intermediary using funds from VAD and VAR off-book accounts. The involved sales representative also claimed the need for a large discount due to competition – a claim that went undocumented during the approval process. 

United Arab Emirates

Oracle's United Arab Emirates affiliate (Oracle UAE) created accounts, nicknamed "wallets," at VARs, funding them with "excessive discounts and marketing reimbursement payments." Oracle UAE personnel used these funds to pay for travel and accommodations for clients, including foreign officials, from 2014 to 2019. According to the SEC Order, between 2018 and 2019 an Oracle UAE sales representative paid $130,000 in bribes to a chief technology officer at a state-owned entity in return for six contracts. The SEC Order notes that some of the "bribes were funded with the assistance of two complicit VARs through an excessive discount and paid through another [United Arab Emirates] entity…that was not an Oracle approved VAR for public sector transactions and whose sole purpose was to make the bribe payments."


Oracle's India subsidiary (Oracle India) used "an excessive discount" in a transaction with a transportation company whose majority owner was the Indian Ministry of Railroads. The Indian subsidiary requested a 70 percent discount for the contract — citing competition for the contract — and without requiring documentary support, the request was approved by an Oracle designee despite publicly available information showing there was no competition. The scheme resulted in $330,000 being transferred to an entity "with a reputation for paying [state-owned entity] officials." The SEC Order notes that "[o]ne of the sales employees involved in the transaction maintained a spreadsheet that indicated $67,000 was the 'buffer;’ available to potentially make payments to a specific Indian SOE official."

Key Takeaways

  • Repeat FCPA Offender: Oracle previously settled with the SEC in 2012 for violations of the FCPA's books and records and internal controls provisions. The violations stemmed from Oracle India's practice of keeping "side funds" at distributors for which the company did not properly account. Oracle and its distributors generated these funds by creating "created extra margins between the end user and distributor price." The 2012 SEC complaint noted that Oracle India employees used some of these funds to "pay unauthorized third parties" "which created the potential that they could be used for bribery or embezzlement."
  • Risks of Indirect Sales Model: The SEC stated that the use of VADs and VARs in an indirect sales model exposed Oracle to significant risks related to off-book accounts – risks that the SEC noted that Oracle had recognized since 2012. The SEC also recognized Oracle had legitimate reasons for using an indirect sales model, "such as local law requirements or to satisfy payment terms." The SEC Order noted that Oracle had system in place to manage VAD and VAR-associated risks, such as "utilize[ing] a global on-boarding and due diligence process for these channel partners that Oracle implemented at the regional and country levels." However, the SEC found issues with the execution of Oracle's controls over ongoing transactions with the relevant VADs and VARs at issue in this matter.
  • Importance of Requiring Documentary Support: A common failure noted by the SEC Order in Oracle's execution of its controls related to transactions with VARs and VADs across all three subsidiaries was the approval of discount requests or marketing reimbursements without relevant documentary support – some of which, the SEC maintains, could have flagged the problematic behavior by employees at the subsidiaries. The SEC noted that, while Oracle required that discount requests include accurate information and approvers could request documentary support, Oracle did not mandate documentary support. Similarly, in the context of marketing reimbursements, supervisors at the subsidiaries could approve reimbursements under $5,000 without requesting documentation that the marketing had actually occurred. In describing Oracle's remediation efforts, the SEC noted that Oracle improved the approval process for discounting and added additional oversight of the purchase requisition process. Oracle also "limit[ed] financial incentives and business courtesies available to third parties, particularly in public sector transactions."
  • Subsidiary Leadership Involvement and Remediation: The SEC highlighted that Oracle Turkey's management, including the country leader, was aware of the use of slush funds and condoned the behavior for over 10 years. In describing Oracle's remediation efforts, the SEC noted that Oracle terminated the regional managers and employees involved in the misconduct. The SEC also noted that "Oracle self-reported certain unrelated conduct," "facilitate[ed] the [SEC] staff's requests to interview current and former employees of Oracle's foreign subsidiaries," "terminat[ed] distributors and resellers involved in the misconduct," and implemented "a compliance data analytics program," among other remediation steps.

Individual Enforcement Actions

Court Award SEC Default Judgment Against Chinese National 

On June 27, 2022, a federal judge in the Southern District of New York (SDNY) ordered Yanliang "Jerry" Li, former Managing Director of a Chinese subsidiary of Herbalife, Ltd. (Herbalife), to pay approximately $550,000 in civil penalties for allegedly orchestrating a scheme to bribe government officials in China from 2006 to 2016. 

As previously reported, U.S.-headquartered multilevel marketing company Herbalife settled FCPA charges with the DOJ and SEC in August 2020. Li and another employee of Herbalife China, former head of External Affairs Hongwei "Mary" Yang, were central figures in the case; prior to the corporate resolutions, the DOJ filed an indictment against Yang and Li in November 2019 for conspiring to violate the anti-bribery and internal accounting controls provisions of the FCPA, as well as committing perjury and destroying records in the investigation. The SEC also brought civil charges against Li, alleging violations of the FCPA's anti-bribery, books and records, and internal controls provisions. According to the SEC's complaint, Li had directed a scheme to bribe officials – using "cash, gifts, travel, meals, and entertainment" – in order to obtain licenses for, stop Chinese regulatory investigations into, and prevent negative media coverage of Herbalife China. Li allegedly then falsified expense reports and otherwise circumvented internal accounting controls to hide the bribe payments. The DOJ and SEC also noted that Li overtly lied to SEC staff during their investigation. 

Li, a Chinese national believed to be in Shanghai, never responded to the SEC's November 2019 complaint, and the agency moved for default judgment. Judge J. Paul Oetken found that the SEC adequately alleged each of its claims and thus granted the motion. Judge Oetken imposed Tier II civil monetary penalties against Li, which he noted were appropriate because Li's violations "involved fraud, deceit, manipulation, or deliberate or reckless disregard of a regulatory requirement." He also issued a permanent injunction barring Li from future violations, stating that Li had "not acknowledged his misconduct or provided any assurance that he [would] refrain from such conduct in the future."  

Guilty Plea by Former Guatemala Minister of Economy 

On July 19, 2022, the former Minister of Economy of Guatemala, Asisclo Valladares Urruela, pleaded guilty to conspiracy to launder approximately $350,000 derived from unlawful bribes between 2014-2018. According to the plea agreement, Urruela agreed to forfeit $140,000, the "sum of money equal in value to property constituting, or derived from, proceeds obtained by [Urruela]," and to cooperate with the investigation.

This guilty plea follows charges brought against Urruela on August 5, 2020, by federal prosecutors in South Florida. The plea agreement does not mention links to the drug trade which are discussed in the criminal complaint and discusses only a small fraction ($350,000) of the $10 million initially alleged to have been laundered. According to the criminal complaint, Urruela conspired with a corrupt Guatemalan politician, a major drug trafficker, and a rogue Guatemalan bank employee, and executed a complex money laundering scheme, involving hand delivery of large amounts of cash, among other methods. 

Based on the guilty plea, Urruela faces a 10-year maximum term of imprisonment, followed by a five-year term of supervised release, as well as a fine of up to $500,000 or twice the value of the transaction (whichever is greater). 

Three Individuals Charged with Bribery Offenses in Connection with Seguros Sucre S.A. and Seguros Rocafuerte S.A.

On July 19, 2022, a federal court unsealed an indictment by a federal grand jury in the Southern District of Florida dated July 14, 2022, charging three individuals (a Florida resident and two Ecuadorian citizens residing in Costa Rica) with (1) conspiracy to pay bribes to officials of Ecuador's state-owned and controlled insurance companies Seguros Sucre S.A. and Seguros Rocafuerte S.A., (2) one substantive violation of the FCPA, (3) conspiracy to commit money laundering, and (4) four counts of engaging in transactions involving criminally derived property (a related DOJ declination and a case in Colombia were discussed in our Spring 2022 FCPA Review).

The three individuals (Esteban Eduardo Merlo Hidalgo, Christian Patricio Pintado Garcia, and Luis Lenin Maldonado Matute) allegedly conspired to pay bribes to Ecuadorian officials to obtain and retain business for themselves, reinsurance clients, and an intermediary company that used a part of brokerage commission (received from Seguros Sucre and Seguros Rocafuerte) to make bribery payments. According to court documents, the bribery payments were routed through bank accounts in Florida and were used for personal benefit of the co-conspirators.

Merlo made an initial court appearance on July 19, 2022, while the two Ecuadorian citizens, Pintado and Maldonado, remain at large. According to the DOJ, each defendant faces a maximum penalty of 60 years in prison in case of conviction. 

Two Financiers Indicted in Connection with Bribery and Money Laundering Scheme Involving PDVSA

On July 12, 2022, the DOJ announced the indictment of Ralph Steinmann and Luis Vuteff, citizens of Switzerland and Argentina, respectively, for money laundering related to approximately a bribery and money laundering scheme worth $1.2 billion involving PDVSA, the Venezuela state-owned and state-controlled oil and natural gas company. 

According to the indictment, Steinmann and Vuteff were each charged with one count of conspiracy to commit money laundering. U.S. prosecutors alleged that for over three and a half years (December 2014 through August 2018), Steinmann and Vuteff, both of whom are former top managers of Swiss-based financial asset management firm Aquilla Swissinvest, helped launder more than $200 million in illicit proceeds from a corrupt foreign currency exchange scheme involving bribery of Venezuelan officials. According to the criminal complaint filed with the U.S. District Court for the Southern District of Florida a month before the indictment, the conspiracy began in December 2014 "with a currency exchange scheme designed to embezzle" approximately $600 million from PDVSA through bribery and fraud. Steinmann and Vuteff had agreed to create "sophisticated financial mechanisms and relationships" to launder and move the money and to place it in financial and real estate investments, as well as to "open accounts for or on behalf of at least two Venezuelan public officials" to receive the bribery payments, according to the charges.

The indictments of Steinmann and Vuteff are the most recent development in the corruption probe into PDVSA, which we covered in previous FCPA Reviews (see, for example, here, here, and here). According to the DOJ's press release, Vuteff was arrested and is subject to an extradition proceeding in Switzerland, while Steinmann remains at large. Steinmann and Vuteff face up to 20 years in prison if convicted. 

Policy and Legislative Developments

OFAC Sanctions Senior Liberian Officials for Corruption under Global Magnitsky Act

On August 15, 2022, the Treasury Department's Office of Foreign Assets Control (OFAC) designated three Liberian government officials as targets for economic sanctions for their involvement in public corruption. The sanctions were authorized under Executive Order 13818, issued in December 2017, which was designed to build upon and implement the Global Magnitsky Human Rights Accountability Act. That legislation authorized the U.S. government to impose sanctions on and deny entry to foreign individuals and entities that "commit serious human rights abuses or engage in corruption."

According to OFAC, all three Liberian officials were designated for "being a foreign person who is a current government official who is responsible for or complicit in, or [who] has directly or indirectly engaged in, corruption, including the misappropriation of state assets, the expropriation of private assets for personal gain, corruption related to government contracts or the extraction of natural resources, or bribery." Per the OFAC release, details on the reasons for the designation of each official are as follows:

  • Nathaniel McGill, Minister of State for Presidential Affairs and Chief of Staff to President George Weah, "bribed business owners, received bribes from potential investors, and accepted kickbacks for steering [government] contracts to companies in which he has an interest;" "manipulated public procurement processes…to award multi-million dollar  contracts to companies in which he has ownership;" used government funds to run his own projects; and "distribute[d]…undocumented cash to other government officials." 
  • Sayma Syrenius Cephus, Solicitor General and Chief Prosecutor of Liberia, "received bribes from individuals in exchange for having their cases dropped" and "worked behind the scenes to establish arrangements with subjects of money laundering investigations to cease investigations in order to personally benefit financially." Cephus also "utilized his position to hinder investigations and block the prosecution of corruption cases involving members of the government" and "has been accused of tampering with and purposefully withholding evidence in cases involving members of opposition political parties to ensure conviction." 
  • Bill Twehway, the current Managing Director of the National Port Authority (NPA), "orchestrated the diversion of $1.5 million in vessel storage fee funds from the NPA into a private account" and "secretly formed a private company to which, through his position at the NPA, he later unilaterally awarded a contract for loading and unloading cargo at" a specific port.  

As a result of the designations, all property and interests in property of the three officials within the U.S. or control of U.S. persons are blocked. Individuals who engage in transactions with the officials and financial institutions that knowingly facilitate a significant transaction for the officials could also be subject to sanctions. 

The designations are part of a consistent increase over the past few years in the use of Global Magnitsky Act sanctions. As of December 2021, more than 148 individuals and 189 entities were subject to economic sanctions under Executive Order 13818. This trend is illustrated in a December 2021 report by the Congressional Research Service, including in the following chart:

Individuals Designated for Economic Sanctions Over Time Based on Human Rights Abuses, Corruption, or Both

Other recent notable examples of persons sanctioned for corruption include Israeli businessman Dan Gertler (in 2017), along with various persons and entities identified as connected to him, related to alleged corruption involving mining concessions in the Democratic Republic of Congo; certain Cambodian officials cited in November 2021 for "significant corruption" in defense procurement; and current and former Bulgarian officials and 64 related entities in June 2021 for "significant corruption" that undermined the rule of law and "the Bulgarian public's faith in their government's democratic institutions and public processes."

Global Magnitsky Act sanctions are one of the U.S. government's many tools for combating corruption, which President Biden established as a "core U.S. national interest" in his June 3, 2021 National Security Study Memorandum (NSSM), covered in the FCPA Summer 2021 Review. The SCC, issued on December 6, 2021, highlighted the role of the sanctions in setting "the international standard for visa restrictions and economic sanctions regimes specifically focused on corruption." 

U.S. Court Decisions

Second Circuit Affirms Acquittal of Hoskins

On August 12, 2022, the Second Circuit affirmed a district court ruling that Lawrence Hoskins, a U.K. citizen who formerly worked in Paris for Alstom Power, Inc (API), a global power and transportation services company, was not an "agent of a domestic concern" within the meaning of the FCPA. The appellate court's ruling upheld Hoskins' resulting acquittal from FCPA charges and creates continuing challenges for the DOJ in extending FCPA jurisdiction over the actions of non-U.S. persons.

In the early 2000s and as part of his responsibilities, Hoskins actively participated in the approval of payments to two consultants that were hired by API's American subsidiary allegedly to bribe Indonesian officials to help secure a $118 million power contract in the Tarahan Project. At the time, Alstom was divided into "Sectors" and "Functions" and Hoskins was the Area Senior Vice President for Asia Pacific and Northern and Eastern Europe, a position embedded in Alstom's International Network, an affiliate, according to the Second Circuit, "that provided support, coordination, and oversight across multiple sector and regions." Alstom S.A. and relevant subsidiaries entered a plea agreement with the DOJ on December 22, 2014 related to actions in Indonesia and elsewhere, agreeing to over $772 million in penalties – a record at the time for a DOJ-specific FCPA resolution. Hoskins was named in the plea agreement and separately charged. 

The DOJ used two theories designed to hold Hoskins liable for FCPA-related violations. In its first attempt, the government tried to bring Hoskins within the FCPA scope as a co-conspirator or accomplice to an FCPA violation by Alstom's U.S. subsidiary. This theory was rejected in 2018 by the Second Circuit in an interlocutory appeal decision in earlier litigation. The Second Circuit held in that decision that a person could not be "guilty as an accomplice or a co-conspirator for an FCPA crime that he or she is incapable of committing as a principal." The court determined that, "[b]ecause Hoskins is not an American citizen, was not employed by [Alstom's U.S.] subsidiary, and did not enter the United States while allegedly working on the scheme," he fell outside of the FCPA's jurisdictional scope. The court thus concluded that "the presumption against extraterritoriality bars the government from using the conspiracy and complicity statutes to charge Hoskins with any offense that is not punishable under the FCPA itself because of the statute's territorial limitations." As the DOJ has itself noted, this 2018 ruling is at odds with applied law in other cases, most notably in the Seventh Circuit, where a district court in the case U.S. v. Firtash dismissed a similar claim from the defendant and allowed the DOJ's case to move forward.

The 2018 Second Circuit decision did, however, allow the DOJ to proceed with part of its indictment if the DOJ could prove that Hoskins was an "agent" of a "domestic concern" under the FCPA. A new trial occurred, at the end of which the jury convicted Hoskins on 11 counts, seven of which were FCPA violations. However, in February 2020, the district court judge granted part of a motion for acquittal presented by Hoskins, who argued he was not an "agent" within the meaning of the FCPA. The judge stated that "the Court sees no evidence upon which a rational jury could conclude that Mr. Hoskins agreed to or understood that [Alstom Power] would control his actions on the [Indonesia] Project, as would be required to create an agency relationship. Nor does the Court see any evidence upon which a rational jury could have concluded that [Alstom Power] actually had the authority to control Mr. Hoskins's actions." The district court denied the part of the motion for acquittal related to money-laundering charges and soon after sentenced Hoskins on those charges but ordered a new trial as to the FCPA charges. The DOJ appealed that order in March 2020, leading to the August 2022 ruling by the Second Circuit.

The August 2022 ruling was a 2-1 decision, in which the Second Circuit majority held that the district court properly acquitted Hoskins under Rule 29 of the Federal Rules of Criminal Procedure because there was no agency or employee relationship between Hoskins and API's U.S. subsidiary. As stated by the court, "the government failed to present sufficient evidence to allow the jury to find and agency relationship…" and "…the record demonstrates Hoskins and API's relationship lacks key elements of agency, such as any indication that Hoskins had any authority to act on API's behalf, and whether API could "revoke" any authority it purportedly gave to Hoskins, or even do anything to control Hoskins's actions."

In a dissenting opinion, Circuit Judge Raymond Lohier, although agreeing with his colleagues that Hoskins's liability under the FCPA turned on whether the government proved that Hoskins was acting as an "agent of a domestic concern," found that the evidence presented by the DOJ was sufficient to reject Hoskins's motion to vacate under Rule 29. Judge Lohier stated that sufficient evidence of agency was present if the U.S. subsidiary's control over Hoskins's actions was viewed "in connection with the specific events related to the Tarahan Project," rather than the broader view of the overall relationship between Hoskins and Alstom's U.S. subsidiary applied by the majority. He noted, for example, that Hoskins "helped identify, negotiate with, and approve third-party consultants" in the region that covered Indonesia and that "the Government elicited evidence of API's power to terminate some of his agency to transact on its behalf on the Tarahan deal." Judge Lohier concluded,

if Hoskins cannot be held accountable under an agency theory of liability, then he will evade accountability under the FCPA altogether, even though as part of API's bid to secure a foreign contract, he played a critical role on behalf of the company in hiring consultants to bribe local Indonesian officials, offering his advice on which consultants to hire and then locking down contract and payment terms. Such a result also creates an incentive that Congress could not have wanted: U.S. companies will be motivated to organize themselves to avoid exercising control over the employees of foreign affiliated companies who engage in bribery overseas.

Judge Lohier also raised concerns in his dissent about the potential consequences that the majority's decision might have on U.S. compliance with its international obligations under the OECD Anti-Bribery Convention. He noted that, as part of its Phase 4 process, the OECD Working Group in 2020 had already questioned whether the Second Circuit's 2018 decision limiting Hoskins's liability under conspiracy/aiding and abetting theories might "violate the Convention." He then stated, "[t]oday's decision cannot possibly help in that regard" and cited with approval the DOJ's statement in its case brief asserting that "'a restrictive definition of agent' under the FCPA 'could put the U.S. in violation of the OECD Convention to the extent that it prevents prosecution of those responsible for bribery that occurred in part in this country."   

The lead examiners of the OECD's Phase 4 Report on the U.S., in reaction to the 2018 Hoskins appellate decision, noted that "[t]o the extent that recent U.S. case law developments create a divergence between how U.S. courts apply conspiracy law to those who conspire to bribe domestic and foreign officials, the lead examiners consider that this would violate the Convention." The report recommends that the Working Group follow up "on whether conspiracy to bribe a foreign public official is an offence to the same extent as conspiracy to bribe a domestic public official, even when the conspirator seeking to bribe the foreign official could not be held directly liable for foreign bribery".  

As to the potential effect of the new Hoskins ruling on U.S. treaty compliance, the Convention itself does not define "intermediary" – though the concept of an agent is included in that category generally. The 2021 OECD Anti-Bribery Recommendation in its Good Practice Guidance on Implementing Specific Articles of the Convention states that "Member countries should ensure that, in accordance with Article 1 of the OECD Anti Bribery Convention, and the principle of functional equivalence in Commentary 2 to the…Convention, a legal person cannot avoid responsibility by using intermediaries, including related legal persons, to offer, promise or give a bribe to a foreign public official on its behalf" (emphasis added).  

It is too early to tell how the OECD will view the recent ruling – in part, that will depend on results in other circuits (that either follow or diverge from the Second Circuit's holding) and on any actions by Congress or the administration to address the issue. The OECD Working Group report also notes, correctly, that "[n]otwithstanding future decisions, the use of alternative offences with broader jurisdictional reach, in particular the federal money laundering statutes, leaves the [U.S.] government with alternative possibilities to successfully prosecute non-issuers, non-domestic concerns and individuals who are not employed by such entities, even when they act entirely outside the United States."

U.S. First Circuit Holds that FCPA is Not "Rule or Regulation" of the SEC Under Sarbanes-Oxley Act's Whistleblower Protections

On July 13, 2022, the U.S. Court of Appeals for the First Circuit issued a ruling in Baker v. Smith & Wesson, 40 F.4th 43 (1st Cir. 2022), that confirmed the narrow scope of whistleblower protections for those reporting potential violations of the FCPA. The case centered on SOX Section 806, which protects whistleblowers from retaliation by their employers. However, SOX's whistleblower protections extend only to whistleblowers who report certain types of violations, including, as relevant here, violations of "any rule or regulation of the [SEC]." In Baker, the First Circuit held that the FCPA does not constitute a "rule or regulation of the [SEC]," and therefore the protections against retaliation do not apply.

In this case, Earl Donald Baker sued his former employer, Smith & Wesson, for whistleblower retaliation in violation of SOX Section 806. As explained in the First Circuit's decision, Baker made an internal report alleging that "management employees received large bribes and provided improper preferential treatment to a vendor." At some point after these allegations were made, Smith & Wesson placed Baker on administrative leave and then subsequently terminated his employment. The parties disputed the reason for Baker's ultimate termination, with Baker arguing his termination was retaliation for his prior whistleblower report. To take advantage of whistleblower protections with respect to those allegations, Baker argued that the alleged misconduct violated the books and records and internal accounting controls provisions of the FCPA, which Baker further argued were within the universe of legal violations protected under SOX Section 806. 

However, the First Circuit disagreed. Relying on an analysis of the plain language of the statute, the court found that the FCPA's provisions were not a "rule or regulation of the [SEC]," but rather statutory provisions falling outside this term. The First Circuit held, therefore, that Baker could not bring his claim for whistleblower retaliation. 

The First Circuit joins the Ninth Circuit in reaching this conclusion. In 2019, the Ninth Circuit reached a similar holding in Wadler v. Bio-Rad Laboratories, Inc., 916 F.3d 1176 (9th Cir. 2019), which was discussed in the FCPA Spring Review 2019. In Wadler, however, the Ninth Circuit left open the possibility of whistleblower protections for those who report books and records violations. 

The Baker opinion narrows the protections available to whistleblowers who report misconduct that may violate the FCPA and potentially leaves certain reporters without viable whistleblower retaliation protections under SOX unless they also allege other violations considered within the scope of Section 806. Without these protections, it is possible that whistleblowers will be less willing to come forward and report potential violations of the FCPA. However, it is unclear at this time how significant the impact may be on reporters' willingness to come forward. We also note that the Dodd-Frank whistleblower protections remain available, although under recent precedent such claims have different requirements (including reporting to the SEC).  

International Developments

French National Financial Prosecutor's Office Enters into CJIPs with Idemia Group and Doris Group S.A.

On July 7, 2022, the PNF announced in press releases that the Judicial Court of Paris had approved two deferred prosecution agreements, or Conventions Judiciaire d'Intérêt Public (CJIPs), that settle allegations of bribery and corruption against two French companies, Idemia Group (Idemia), a digital security company (formerly named Oberthur Technologies) and Doris Group S.A. (Doris), an oil and gas engineering company.

According to the terms of its CJIP, Idemia will pay €7,957,822 (approximately USD $8 million) in fines to to resolve allegations of bribery and corruption. Likewise, under the terms of its CJIP, Doris will pay a total of €3,463,491 (approximately USD $3.5 million) in fines and will also undergo audits and verifications for a period of three years, to be carried out by the French Anti-corruption Agency (AFA), as part of a required compliance program upgrade by the company.

According to Idemia's CJIP, the accompanying Validation Order, and press release, the PNF commenced its investigation into Idemia on July 21, 2017, after the agency received a "spontaneous transmission of information" from the U.K.'s National Crime Agency warning of "possible acts of corruption" on the part of Idemia. 

The public settlement documents state that between 2013 and 2015, Idemia made improper payments to a Bangladeshi official to secure a contract to print identity cards for the Bangladesh Election Commission under a World Bank-funded project to provide a national identification system in Bangladesh. Specifically, the documents allege that Idemia used an influential British business intermediary (which in turn used two other companies in his control – Tiger IT Bangladesh (Tiger IT) and Decatur Europe (Decatur)) to make payments to a Bangladeshi official, who had ties to the Prime Minster of Bangladesh, the Bangladeshi Army, and the Bangladesh Election Committee, in order to secure the contract.

The public case documents state that one of the intermediary companies – Tiger IT – supplied Idemia with polycarbonate (to produce the identity cards) at elevated prices to generate a higher profit margin, which was then used to bribe the Bangladeshi official. Further, Idemia also paid Decatur an extra fee of €0.024 per identification card for each order exceeding 70 million cards, which the documents assert was also used to bribe the same high ranking official.

The CJIP between Idemia and the PNF resolves Idemia's French law liability arising from the same set of facts as a November 2017 settlement between the Idemia and the World Bank for corrupt and collusive practices that resulted in debarment of Idemia until May 2020. Furthermore, according to the 2019 Sanctions Board Decision No. 118 (Sanctions Case No. 488) (and as noted in the accompanying World Bank press release), Tiger IT and its principal, Mr. Ziaur Rahman, were also debarred by the World Bank in 2019 for apparently the same conduct.

The PNF announced the unrelated resolution with Doris on the same day. The PNF's investigation into Doris commenced on November 12, 2019, after the agency received two “spontaneous transmissions” of information from U.S. authorities on December 27, 2018, and March 19, 2019, respectively, alleging acts of corruption and money laundering on the part of Doris in Angola. 

According to the CJIP and the subsequent Validation Order, information communicated to the PNF alleged the existence of acts of corruption between Doris Engenharia Angola Ltda (DEAL), an Angola-based intermediary of Doris, and Sonangol, the Angolan state-owned oil company, with the goal of obtaining contracts in Angola to the benefit of Doris.

According to the settlement documents, Doris specifically selected as a shareholder of DEAL an Angolan representative who had links to a leader of Sonangol and who was also one of Sonangol's representatives in the Angolan Deepwater Consortium (ADC), a private-public consortium established in 2001 to further research into the exploration of Angola's deepwater oil and gas deposits. 

The investigation found, among other things: that the Angolan shareholder transmitted sensitive business information to the Sonangol ADC representative; that Doris had entered into a contract worth more than a million dollars to lease premises from a company whose effective beneficiary was the same Sonangol ADC representative; and that several companies beneficially owned by the same Angolan shareholder of DEAL had invoiced various services to Doris for which payments were intended to be transferred to public officials of Sonangol. 

According to the CJIP, between 2013 and 2019, through these various payments, Doris obtained four engineering and technical assistance contracts that are believed to have generated net profits of approximately €2,770,793 (approximately USD $2,712,453).

The agreements between the PNF, Idemia, and Doris are the eleventh and twelfth CJIPs signed and approved since the 2016 enactment of Sapin II, France's current anti-corruption legislation, and reflect the French government's commitment to its implementation. 

The two CJIPs highlight continuing cooperation among international enforcement agencies in international anti-bribery and corruption investigations. Both French investigations commenced after French authorities received information from their international counterparts on potential wrongdoing by Idemia and Doris affiliates. 

New Decree Modifies and Updates Key Aspects of Brazil's Anti-Corruption Law

On July 12, 2022, the Brazilian government published Decree No. 11,129/2022, which amends the regulation of the Clean Company Act of 2014 (the Brazilian Anti-corruption Law) and replaces Decree No. 8,450/2015. The new decree addresses the process for negotiating a leniency agreement with the CGU and AGU and provides an updated range and definition of fines that must be taken into consideration. In addition, the decree contains guidance on the expectations of the CGU when assessing and monitoring a company's compliance program. 

The CGU stated that the new regulation "is the result of the experience gathered by the federal government in enforcing the [Brazilian] Anticorruption Law over the last eight years (…)," which reflects the agency's intention to standardize some of the lessons learned from the Lava Jato cases. No substantial rethinking of the statute or its enforcement is introduced, but the decree does formalize some key practices and follows efforts by other countries to standardize the use of what the OECD calls "non-trial resolutions" (such as U.S. DPAs, French CJIPs, and the Brazilian leniency agreements) and the key elements of an effective compliance program. 

Range of Fines for Aggravating and Mitigating Circumstances

The decree modifies the range of fines that must be considered for certain aggravating and mitigating circumstances:

Aggravating Factors Decree No. 8,420/2015 Decree No. 11,129/2022 
Ongoing misconduct Range from 1% to 2.5% Up to 4%
Board of directors or senior management having knowledge of or tolerating the misconduct  Range from 1% to 2.5% Up to 3%
If the misconduct causes the interruption of a public service or a public work Range from 1% to 4% Up to 4%
Offender's economic situation 1% 1%
Reoffenders 5% Up to 3%
Contract value An incremental range from 1% to 5% related to the total value of the contract starting from BR$ 500,000 An incremental range from 1% to 5% related to the total value of the contract starting from BR 1,500,000
Mitigating Factors Decree No. 8,420/2015 Decree No. 11,129/2022 
The misconduct does not occur Up to 1% Up to 0.5%
Offender provides compensation for damages 1.5% Up to 1%
Offender provides collaboration to the investigation Range from 1% to 1.5% Up to 1.5%
Offender self-reports 2% Up to 2%
Offender has implemented an adequate compliance program Range from 1% to 4% Up to 5%

Definition of Undue Advantage

The decree provides an updated definition of "undue advantage" – a key concept when defining penalties under the Brazilian Anti-corruption Law or negotiating a leniency agreement. The term is defined as the "monetary equivalent of the proceeds of the illicit act, understood as the gains or profits obtained by a legal entity directly or indirectly from such illicit act" and can calculated in the following manner:

  • If the misconduct was performed to obtain or execute a public contract, the undue advantage will be the total profit obtained from such agreement minus any legitimate cost the company incurred, to the extent it can be effectively demonstrated. 
  • If the misconduct did not take place, the total value of expenses or cost avoided.
  • The marginal profit obtained by the company from any governmental action that would not have taken place otherwise if the misconduct had not existed. 

Leniency Agreements 

The new decree formalizes the already established practice that leniency agreements under the Brazilian Anti-corruption Law are to be negotiated and entered into jointly with the CGU and AGU. More importantly, the decree clarifies that leniency agreements must include the conditions for any compliance monitorships. 

Another addition is the possibility to provide credits for any payments made under a leniency agreement with other sanctions originated in different processes, provided they refer to the same facts included in the scope of the leniency agreement and avoid piling convictions from different agencies for the same misconduct. 

Assessment and Monitoring of Compliance Programs

The decree provides updated guidance on the CGU's expectations for assessing the effectiveness of a company's compliance program. It includes new elements for consideration, such as whether a company has adopted effective risk management processes, whether a company has allocated sufficient resources for its compliance program, and whether a company has implemented adequate due diligence procedures, including when dealing with politically exposed persons (PEPs) and considering sponsorships or donations. The decree also states that the CGU will take into consideration a company's revenue and corporate governance structure when evaluating the company's compliance efforts. 

Furthermore, the updated wording states that monitorships entered into as part of a leniency agreement will be carried out by CGU, either directly or indirectly. The regulation also explains that monitorships can be waived in certain cases, taking into consideration the nature of the breach and the remediation actions performed by the company. Certain information about active monitorships will be made public on the CGU website for transparency purposes. 

Miller & Chevalier Upcoming Speaking Events, Recent Publications, and Podcasts


EMBARGOED! is intelligent talk about sanctions, export controls, and all things international trade for trade nerds and normal human beings alike, hosted by Miller & Chevalier Members Brian Fleming and Tim O'Toole. Each episode will feature deep thoughts and hot takes about the latest headline-grabbing developments in this area of the law, as well as some below-the-radar items to keep an eye on. Subscribe for new bi-monthly episodes so you don't miss out: Apple Podcasts | Spotify | Amazon Music | Google Podcasts | Stitcher | YouTube

Upcoming Speaking Engagements

12.06.22 PLI Briefing: A Changing HR Compliance Landscape: Why Companies Need to Rethink Their Approach to Sexual Harassment and Discrimination Risks (Alejandra Montenegro Almonte, Ann Sultan, Katherine Pappas)
12.02.22 Asset Recovery Americas: Fraud Litigation, Contentious Insolvency & Enforcement in the Americas (Margarita Sánchez)
11.30.22 ACI 39th International Conference on the FCPA (Kathryn Cameron Atkinson, James Tillen)

Recent Publications

11.02.22 Trade Compliance Flash: USTR Seeks Comments on China Tariffs (Richard Mojica, Dana Watts, Mary Mikhaeel)
10.28.22 Fintechs Take Note: Lessons Learned from Treasury's Recent Bittrex Enforcement Actions (Jeffrey Lehtman, Tim O'Toole, Leah Moushey)
10.28.22 Trade Compliance Flash: Executive Order Targets Gold Mining in Nicaragua and Lays Groundwork for Expanded Sanctions and Trade Restrictions (Alejandra Montenegro Almonte, Tim O'Toole, Margarita Sánchez, Manuel Levitt)
10.14.22 Trade Compliance Flash: USTR Will Conduct Review of Necessity on China Tariffs (Richard Mojica, Dana Watts, Mary Mikhaeel)
10.13.22 Executives at Risk: Fall 2022 (Editors: Lauren Briggerman, Ian Herbert, Katherine Pappas)
09.30.22 Getting the Deal Through - Market Intelligence: Anti-Corruption 2022: Global Trends and United States Chapters (John Davis)
09.23.22 New DOJ Guidance on Corporate Enforcement Focuses on "Timely" Disclosures, Prosecutions of Individual Executives, Executive Compensation, and Management of Monitors (John Davis, Matt Ellis)
09.13.22 Dropped FCPA Case Holds Key Reminder for Defense Attys (John Davis, Ann Sultan, Francisco Grosso)
09.08.22 International Arbitration Avenues for U.S. and Canadian Investors in Mexico to Narrow Soon While USMCA's Consultations Advance (Richard Mojica, Margarita Sánchez, Mary Mikhaeel)
09.02.22 The Guide to Compliance – First Edition: Introduction and U.S. Compliance Requirements Chapters (Alejandra Montenegro Almonte, Ann Sultan, FeiFei Ren)
08.11.22 Trade Compliance Flash: Federal Register Notice Provides New Information on the UFLPA Entity List (Richard Mojica, Virginia Newman, Mary Mikhaeel)
07.27.22 Them's the Breaks: What Companies Can Learn from Boris Johnson's Downfall (Alejandra Montenegro Almonte, Nicole Gökçebay)


EditorsJohn E. DavisDaniel Patrick Wendt, Ann Sultan, Nicole Gökçebay, and Ricardo Rincón

ContributorsMaame Esi AustinAlexandra Beaulieu, Anton Berezin,* Facundo Galeano,** Francisco Grosso,*** Abi Hollinger, Ivo K. Ivanov,* Maryna Kavaleuskaya,* and Virginia S. Newman*

*Former Miller & Chevalier attorney
**Law clerk
**Visiting law clerk

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.