Countering Corruption

By Monica C. Meinert

Banks must adhere to numerous rules and regulations to detect, deter and report financial crime. From the Bank Secrecy Act to the numerous other anti-money laundering laws passed over the past three decades, ensuring compliance in this area is a top priority of any financial institution.

Among the many laws targeted toward preventing financial wrongdoing is the Foreign Corrupt Practices Act. While it was first signed into law in 1977, enforcement of the FCPA was slow to take off for almost a quarter-century, notes Jonathan Lopez, a partner at Orrick, Herrington and Sutcliffe and a panelist at the American Bankers Association’s recent Financial Crimes Enforcement Conference. But since the early 2000s, there has been a marked increase in FCPA enforcement cases, and a heavy focus on financial institutions and the financial services industry.

FCPA: An extra challenge for financial institutions

At its core, the FCPA has a simple message: don’t bribe anyone. But Lopez explains that, as is typically the case with any compliance-related law, the FCPA is much more complicated in practice—especially for banks.

Join the national conversation on compliance at the ABA Regulatory Compliance Conference, June 9-12 in New Orleans.
Unlike most corporations, banks must take a two-pronged approach to FCPA compliance. Whereas a typical corporation (take oil giant Chevron, for example) would only need to be concerned with the conduct of its own employees and agents operating in foreign countries, banks must look inside their own house and at their customers to ensure they remain on the right side of the law.

“A lot of times, financial institutions are really focused on the customer side and are still getting up to speed on the institution side,” Lopez says.

Perhaps that’s not surprising—after all, there are a number of intersection points between FCPA compliance and BSA/anti-money laundering monitoring, notes Frederick Reynolds, global head of financial crime and legal at Barclays Bank. For example, both the FCPA and BSA have a significant emphasis on internal controls, and on knowing the identities and associations of those with whom the bank conducts business.

But “the interesting thing about FCPA is that the threat is both internal and external,” he adds. “Not only do you have to monitor a threat that’s coming at you externally, you also have to be monitoring internally. It’s [a hybrid]between traditional BSA monitoring and what you do with compliance monitoring.”

Tripping points

One of the most common ways banks can run afoul of FCPA is through their relationships with outside vendors or other third parties they may contract with to operate on their behalf in foreign countries. There are several potential tripping points with in-country agents. Cultural differences can be a factor—what’s considered a bribe (and therefore criminal) here in the U.S. might be an accepted way of doing business in a foreign country.

Additionally, in countries like China with economies that are largely state-run, even a janitor could technically be considered a “state official” under the FCPA. “Now, are you going to get charged with bribing the janitor in China? Probably not,” Lopez says. “But the point is that a regular utility that you may think of as being privately owned here . . . may be state-owned” in a foreign country.

That’s why it’s extremely important for banks to know who’s representing them in dealings abroad. “Much like you would do due diligence on your customers, there needs to be a lot of due diligence on your agents,” he adds. “Who are those agents? What interactions with the government do they have? Are they government facing at any point?”

Bank employees themselves could also unwittingly cross the line and commit an FCPA violation as they attempt to build a business relationship with a foreign official. The FCPA prohibits the giving of “anything of value,” which could be interpreted broadly to include anything from extravagant entertainment to providing an internship for the son or daughter of a foreign official. In these instances, by and large, “people don’t see themselves as committing a crime,” Reynolds says. “They might see it as relationship building.”

And then there are the bank’s customers.

While it’s impossible to catch every potential bribe payment that passes through the bank, the regulatory expectation is that banks have strong monitoring programs in place to spot the red flags when they appear. That comes from understanding who the bank’s clients are and what their business is, as well as monitoring negative news, Lopez and Reynolds note.

Getting it right

Ensuring FCPA compliance starts with the tone at the top. According to Lopez, if the Department of Justice or the Securities and Exchange Commission ever do come knocking about a potential FCPA violation, that’s one of the first things they’ll look at. “It’s got to be clear from your CEO on down that this is important,” adds Reynolds. “If you’re a line person and you feel that this is important to the board and important to the CEO, it will be important to you.”

In addition, banks must also ensure that they are allocating appropriate resources toward building up a compliance program that includes sound policies and procedures and having an ability to conduct internal testing.

“You have to have good key risk indicators,” Reynolds says. “The SEC and DOJ understand that sometimes mistakes happen. But if you don’t have vigorous testing, if you don’t have resources to do it, you don’t have the tone at the top, they’re going to be much less willing to listen.”

Firms that tend to target foreign clients in higher-risk jurisdictions may also need to give thought to how they approach client selection. “You have to assume that something is going to go wrong,” Reynolds explains. “There’s built-in cost in terms of legal fees. You need to build that into your client selection.”

Ultimately, the bank must determine whether it is worth the risk to take on these foreign clients, knowing that even if it does everything right, it could still incur legal costs down the line. Often, that is a mindset shift for those on the front lines, who are hard-wired to bring in new business. “We’ve trained them to be suspicious and look for red flags,” Reynolds says. “We have not really trained them for looking at the sustainability of the business knowing that something will go wrong.”

The FCPA At a Glance

The FCPA consists of two key elements: anti-bribery provisions and accounting provisions.

Anti-bribery provisions:
Prohibit offering, paying, authorizing or providing

  • Money or anything of value
  • Directly or indirectly
  • To a non-U.S. official
  • Made with corrupt intent
  • For a business advantage (to obtain or retain business, direct business to any person or obtain a business advantage)

Accounting provisions:
Require companies traded in the U.S. to

  • Maintain accurate books and records
  • Maintain internal accounting controls sufficient to detect and prevent violations

About Author