Integrating Appropriate Anti-Corruption Provisions in Third-Party Contracts

Written by John P. Cunningham

In response to the U.S. government’s heightened enforcement of the Foreign Corrupt Practices Act (“FCPA”) in recent years, companies are increasingly under pressure to manage the actions of their third-party business partners. Today’s robust enforcement climate requires corporations subject to FCPA jurisdiction to enhance efforts to ensure that these partners comply with applicable law and make ethical decisions during the course of a business engagement. These efforts should be informed primarily by guidance from the Department of Justice (“DOJ”) and Securities and Exchange Commission (“SEC”), through which U.S. authorities articulate expectations around the third-party contracting process.

Defining Third Parties

According to a recent global fraud survey, approximately 90 percent of reported FCPA cases involve third parties acting for or on behalf of a company, including (typically) business development agents, consultants, distributors, advisors, sales affiliates, and other intermediaries. FCPA enforcement actions brought by DOJ and SEC demonstrate that third parties are frequently used to facilitate or conceal the payment of bribes to foreign government officials in all types of international busi­ness transactions.

Understandably, however, companies may be confused when attempting to decipher precisely what qualifies as a “third party” under the FCPA and similar anti-corruption laws – and, likewise, how to gauge the type of risk such business partners can create. When it comes to this threshold risk question, it can be particularly helful to examine the relevant language of the statutory source.

The FCPA, in its anti-bribery section, describes third-party intermediaries as individuals or entities “acting on behalf of” a company that is subject to FCPA jurisdiction. By comparison, and similarly, the U.K. Bribery Act explains third parties (or “associated persons”) as individuals or entities performing services “for or on behalf of” a company that falls within the ambit of the Act’s jurisdiction. Importantly, by incorporating the term “agent” in this context, these statutes make it abundantly clear that they are not referring solely to a company’s officers, directors, and employees in underscoring this type of liability. Both definitions include third-party intermediaries such as sales affiliates and distributors.

Considering Government Expectations

The U.S. government clearly expects companies to perform due diligence on third parties acting on their behalf, and then exercise reasonable oversight of these relationships. The DOJ and the SEC have stated this repeatedly in FCPA enforcement agreements and in the joint Resource Guide to the FCPA (“FCPA Resource Guide”). Inherent in this “oversight” component is the expectation that, in contracts with third parties, companies will include “compliance provisions” that are “reasonably calculated” to prevent violations of the FCPA. Accordingly, a key to effective management of third-party engagements is the integration of customized ethics and compliance clauses in written agreements. Meeting the expectations of U.S. enforcement agencies in this area, however, represents a significant challenge to companies with global operations, many of which rely heavily on third-party intermediaries to represent their interests before or with foreign (i.e., non-U.S.) government and state-owned or operated clients. These companies may have hundreds or thousands of third-party relationships around the world. Following the direction of DOJ and SEC, however, these companies are now compelled to expend considerable resources to integrate ethics and compliance provisions into contracts with third parties and allay the risk highlighted in FCPA actions involving liability created by intermediaries.

Starting with Core Guidelines

There is no uniform set of “best practice” anti-corruption compliance provisions for third-party engagements. The clauses should be risk-based and require third-party partners to make ethical business decisions and otherwise comply with relevant laws and regulations — with a particular focus on the FCPA, the U.K. Bribery Act, and other global anti-corruption laws. In recent settlement papers, the DOJ has stated that the incorporation of anti-corruption provi­sions should generally include anti-corruption representations and warranties, audit rights, and contract termination language. DOJ has likewise indicated that, when such clauses are omitted or hastily drafted, a company exposes itself to third parties acting improperly, unethically, or illegally on behalf of the company in a manner that increases the company’s vulnerability to reputational damage, government investigations, and criminal charges.

On the other hand, ethics and compliance provisions that are inconsistent with applicable laws and regulations – perhaps because they are overly broad or unnecessarily demanding — can expose a third-party partner to onerous contract terms that may be too costly to comply with, or disproportionate to what is required by applicable law. This type of unrefined third-party anti-corruption contracting approach can be bad for business, generating tension in negotiations with key business partners and/or making it difficult to secure the third-party assistance necessary for the company to thrive in a global marketplace. Common to all companies with successful third-party compliance policies, therefore, is the informed crafting and negotiation of proportionate and enforceable anti-corruption clauses and covenants.

Tailoring for Risk and Proportionality

Thankfully, there is some flexibility inherent in the guidance from U.S. authorities with respect to the contracting process for third-party business partners. The DOJ and SEC have emphasized, for example, that anti-corruption provisions should be integrated into agreements “where appropriate” and that the provisions “may, depending upon the circumstances” include anti-corruption covenants, audit rights, and contract termination language. In practical terms, this means that companies should generally seek some protective language in third-party agreements, focusing on the inclusion, where “appropriate,” of the “big three” standard provisions — anti-corruption covenants, audit rights, and termination rights.

But companies should not adopt a “one size fits all” strategy. Considerable thought should be given to differentiating among third-party business partners based on risk, and then customizing contract provi­sions according to this risk. One method, effectively implemented by many companies, is to divide third parties into high, medium, and low risk categories and create template clauses for each risk category – and then begin the contract negotiation process with the appropriate template.

Companies should also be prepared to concede that, with some third-party business partners, it may not be appropriate or feasible to insist on certain terms (such as au­dit rights). In some cases, companies may, for example, meet resistance from third parties that feel they are being bullied into providing information that they deem confidential. Indeed, in certain circumstances, the absence of audit rights in agreements with major multinational companies may not come as a surprise to U.S. authorities, which is why the government writes some flexibility into its guidance for covenants.

Ultimately, the key is to leverage ethics and compliance clauses and certifications to mitigate liability risks. To this end, third-party agreement provisions can and should differ depending on the nature and location of the goods or services under contemplation. A contract to engage a multinational conglomerate with a known anti-corruption program and a designated compliance department (with a Chief Com­pliance Officer) for services to be provided in Canada can reasonably vary from a written agreement with an individual business development agent engaged in a country with a known reputation for corruption.

 Expert Biography 

Mr. Cunningham concentrates his practice at Baker & McKenzie LLP on internal investigations, anti-corruption compliance, and white collar criminal defense. He has experience in a broad range of compliance and dispute resolution matters, including corporate and regulatory investigations, FCPA and global anti-corruption compliance, compliance program development, anti-corruption due diligence, money laundering, fraud, asset forfeiture, and related civil litigation.