Compliance Risk Assessment Components: Interactions with Government Officials

In our last post we discussed the corruption risks that may arise when you do business directly with a government agency, state-owned company, or private company otherwise affiliated with a government official. But doing direct business with a foreign government (e.g., by acting as the prime contractor on a large infrastructure project) is not the only way that a company can run afoul of laws that prohibit offering or providing bribes to foreign government officials, such as the US Foreign Corruption Practices Act (FCPA) or the UK Bribery Act (UKBA).

This blog continues our discussion of the components of a compliance risk assessment by discussing other types of interactions with foreign government officials that may put your company in a difficult situation. Consider the following non-comprehensive list of activities, any of which might put you into contact with foreign government officials:

• Registering your company to do business in another country;
• Obtaining visas and/or residency permits for your employees;
• Donating to local charitable causes;
• Hiring local agents, consultants, brokers, lawyers, or other representatives to assist you in dealing with local government institutions.
• Hiring of foreign nationals (with particular attention to “Politically Exposed Persons” [PEPs] – persons who may be former government officials or related to current or former government officials);
• Getting a permit to build facilities;
• Setting up utilities, telephone, and postal services;
• Obtaining local roads or other transportation infrastructure to service your facilities;
• Getting law enforcement services (on or off-duty) to secure your premises;
• Procuring licenses to engage in business or professional activities;
• Obtaining concessions or permits to extract or use resources;
• Negotiating contracts with the government or with state-owned enterprises (SOEs);
• Shipping goods to or from your facilities abroad, or into other countries where you do business;
• Dealing with local banking institutions, especially if they are SOEs;
• Paying taxes and dealing with tax authorities;
• Setting up pension funds for your employees or providing other employee benefits required by law;
• Contracting or otherwise engaging with employees and representatives of public international organizations, such as the World Bank;
• Lobbying municipal, regional, or national offices or agencies for changes in laws or policies;
• Bringing a case or defending your company’s interests in foreign courts; and
• Engaging in elections or local political party activities.

The above is only a partial list. The critical point is that your business activities abroad will most certainly involve foreign government institutions in some form, even if you do not directly engage in government procurement activities. Doing business in any jurisdiction requires the involvement of government institutions from the ground up. And offering or providing what applicable law views as “bribes” to any foreign official affiliated with any of those institutions could subject you to liability under anti-corruption laws. The definition of a “bribe” under laws such as the FCPA and UKBA may include not only obvious bribe types such as cash or property, but also more remote benefits such as donating to a foreign official’s favorite charity or hiring his or her relative as a company intern or employee.

The term “foreign official” includes not only government ministers and high-level officers, but also employees, consultants, and agents of the government at all levels. Any individual, from a law clerk to a customs inspector to a postal delivery person could be considered a foreign official under the FCPA and UKBA. In addition, officers, employees, and representatives of state-owned enterprises (such as utility companies, banks, telecommunications companies, hospitals, or universities) would most likely be foreign officials, as would be officers, employees, and representatives of public international organizations. Finally, anti-bribery laws also cover candidates for political office, political party officials/employees/representatives, and political parties themselves.

Importantly, the FCPA also contains provisions that recognize third parties often act as the conduit for bribes. Accordingly, the Act applies to your company’s interactions with any other person, if your company offers or gives a benefit, “while knowing that all or a portion of [the benefit] will be offered, given, or promised, directly or indirectly,” to any of the persons listed above. The requirement of knowledge is broad; the person offering or giving a bribe only needs to be aware that there is a “high probability” that a bribe will occur. In other words, when engaging in an analysis of your contacts with foreign officials you need to carefully consider your indirect as well as your direct contacts with them. The UKBA (§6) contains similar provisions.

Once you have identified all of your company’s potential contacts with foreign officials, you will be in a position to begin assessing which of these contacts present the highest corruption risks, given the environment in which you are operating. You can then focus your compliance framework on policies, procedures, and controls aimed at preventing and detecting your company’s most risky government interactions.

For example, you may want to set up guidelines for who in your company is authorized to officially interact with foreign governmental officials, on what types of matters they can interact on, and what approvals they must obtain before providing anything of value to officials. You also may want to put into place internal controls over which of your officers and employees can commit your company to relationships with outside entities (such as local utility companies and security firms) and who is required to approve any direct or indirect outgoing payments or other benefits to such entities and their representatives. Interactions with and payments to foreign government officials – at all levels – should be specifically covered as part of your periodic compliance review(s) and annual internal audit plans.

In our next blog, we will continue this discussion of components of the compliance risk assessment process by discussing risks peculiar to certain industries and business practices.