Member Article

The risk of corruption – bribery, money laundering – continues to be a cause of significant concern for U.S. businesses operating in the Latin America region.  Effective compliance programs are clearly the first line of defense to prevent corrupt practices.  But any company with any degree of global operations including Latin America is unlikely to be completely successful. 

 

Aside from the costs of implementing effective compliance programs and the cost of investigations and penalties if violations do occur, companies also need to consider:

 

1. The significant costs of follow-on litigation,

 

2. The developing global matrix of anti-corruption laws and enforcement, and

 

3. Best practices companies can adopt to help mitigate risks.

 

The costs of follow-on litigation, which are cases brought by shareholders alleging that companies did not adequately disclose the risks that could have a negative impact on the value of their investment, often dwarf the fines imposed by regulators. For example, one company was required to pay penalties of about $600,0000 but the cost to settle related shareholder litigation was $6,000,000.  Another company entered into a settlement with the government for $2,500,000, but had to pay damages to follow-on plaintiffs of $15,500,000.

 

One way companies can help mitigate the tremendous costs of follow-on litigation is through the U.S. securities laws.

 

References to the Foreign Corrupt Practices Act (FCPA) and other anti-corruption regulations have increased dramatically over the last several years in the SEC filings of companies with operations in the Latin America region.  Similarly, companies are disclosing enforcement actions relating to violations of these rules, in greater numbers than ever before, especially in countries like Brazil, Argentina and Mexico, and often involving the actions of third-party service providers. 

 

Recent enactment of anti-corruption laws within the region contributes to the difficulty in managing this risk for many companies that will need to navigate a growing matrix of anti-corruption laws.  The United States and United Kingdom have had strict anti-corruption laws for some time.  Now we are seeing countries within the region enacting similar laws and enforcing those laws.  Brazil recently enacted the “clean company law”, with several active enforcement actions that have been brought under that law.  Mexico enacted a federal anti-corruption law recently as well.  This new global matrix of laws gives local authorities and U.S. regulators the opportunity for joint enforcement.

 

In the face of this increasing risk and the acknowledgment that even the most robust compliance policies and careful diligence of third-parties may not prevent illegal conduct, U.S. public companies need to be sure that their public disclosure accurately reflects the risks facing their business, including those involving corrupt practices and reliance on third-parties.

 

Companies subject to the U.S. securities laws are required to describe risk factors facing their business or making investment in their securities speculative or risky in their periodic financial statement filings and securities offering documents. These include U.S. public companies and foreign companies offering securities under U.S. laws.

 

The content of the risk factors is, however, up to the company.

 

Even with the increased references to FCPA and enforcement, there are a surprising number of companies that don’t include any risk factors concerning illegal activities. 

The reason for this may be that some companies may not want to suggest that their compliance programs are not effective.  Others don’t want to raise a red flag to regulators or potential plaintiffs. 

 

However, risk factors, if drafted correctly, can help protect companies from claims of inadequate disclosure of risks in follow-on litigation.

 

One commentator has called risk factors the cheapest form of insurance.  Yet, some companies are still not convinced.  Not only can failure to adequately disclose corruption risk take away an important protection, it can actually expand potential litigation exposure for management and the boards of directors, especially if there are known weaknesses in internal controls.   

 

Corporate boards are coming under fire for failures of risk oversight and the resulting consequences – violations, fines, adverse judgments.  One recent example motivated a shareholders organization to recommend a vote against certain board members of a global retailer due to the board’s failure to adequately communicate material risks to shareholders regarding an FCPA investigation, which provides another compelling argument for greater focus on risk factor disclosure.

 

To be effective, risk factors need to be concise and concrete and specifically tailored to the specific risks facing the company in the current environment (cannot be boilerplate).

 

A review of disclosures made by certain U.S. public companies that have been involved in recent FCPA actions indicates that risk factor disclosure has evolved. 

 

For example, companies in the past may have described the risk of violations of anti-corruption laws broadly:

 

International operations subject us to risks associated with the legislative, judicial, accounting, regulatory, political and economic risks and conditions specific to the countries or regions in which we operate, which could adversely affect our financial performance.

 

While broad and general, this type of disclosure is not very helpful in identifying the actual risks corrupt practices might pose to a particular business, and therefore, would not be very helpful in defending claims of inadequate disclosure. 

 

An example of a more effective risk factor would address the company’s particular risk with respect to:

 

- its business (for example, “a significant part of our business relies on international operations and compliance with complex anti-corruption laws increases our costs”),

 

- the countries where it has operations (“we operate in corruption intensive environments and cannot ensure compliance despite having appropriate policies and procedures”),

 

- the extent to which it uses third parties to conduct business (“we rely on third-parties in our operations and cannot ensure their compliance”), and

 

- the consequences of non-compliance (“violations can result in fines, criminal sanctions, civil litigation, and damage to our reputation”). 

 

The company may also describe any pending investigations, although the timing of such disclosure is somewhat tricky.  A more expanded risk factor won’t do much to help with past violations but can help in the future since it is unlikely that these risks will dissipate any time soon.

 

Similarly, a well-drafted risk factor will not prevent regulators from taking action on a violation, but prompt and voluntary disclosure of the violation can help lessen the penalty.  For example, a global clothing manufacturer was able to avoid prosecution because of its prompt and voluntary disclosure of violations involving certain payments made in Argentina.

 

It is likely that given the increased scrutiny by regulators regarding compliance with anti-corruption laws, the expanded global matrix of anti-corruption laws, as well as shareholder litigation alleging inadequate disclosure of risks, companies will need to focus more closely on identifying and disclosing potential risks facing them in the region. 

 

So it’s the same song – corruption risk continues to require significant attention and resources for any company operating or thinking of operating in the region, but a new verse – disclosing the risk can actually help mitigate the costs for companies subject to US securities laws.

 

Link to article