The risk based approach to anti-corruption diligence in corporate transactions

Written by Gary DiBianco, Warren Feldman and Bradley Klein

In May 2013, communications technology manufacturer Harris Corporation disclosed in its periodic financial reports that it was cooperating with the U.S. Securities and Exchange Commission and U.S. Department of Justice in relation to potential anti-corruption issues in the China operations of Carefx, a company that Harris acquired in 2011. Harris’ disclosure described that following closing of the transaction, and in connection with an audit of Carefx China operations, Harris “became aware that certain entertainment, travel and other expenses in connection with the Carefx China operations may have been incurred or recorded improperly.” The disclosure further stated that in investigating the issues, Harris “learned that certain employees of the Carefx China operations had provided pre-paid gift cards and other gifts and payments to certain customers, potential customers, consultants and government regulators.” Harris voluntarily reported these issues to the SEC and DOJ, which “initiated investigations with respect to this matter.” (Harris Corp. Form 10-Q, May 2, 2013, at p. 49).

The Harris disclosure highlights the importance of anti-corruption due diligence in connection with cross-border transactions. Indeed, transactions in Asia present particularized risks: pre-signing or pre-closing access to a target’s operations may be limited as a result of logistical or legal issues; corporate history and ownership may be difficult to trace and confirm; and the role of company founders or promoters and their track record may not be fully transparent. State secrecy laws or data privacy concerns may limit the availability of relevant data. While even thorough diligence is not guaranteed to identify specific acts of past misconduct, a thoughtful, well-planned and well-executed diligence process will identify structural risks and compliance weaknesses that can be addressed in transaction agreements and in post-closing compliance enhancements.

Framework For Successor Liability. The Foreign Corrupt Practices Act (“FCPA”) Guidance issued by the U.S. Department of Justice (DOJ) and U.S. Securities and Exchange Commission (SEC) in November 2012 provides a helpful compilation of the those agencies’ view of potential liability under FCPA following acquisitions and investments.Title Where a non-U.S. company has not previously been subject to U.S. jurisdiction, acquisition by a U.S. issuer or company does not confer jurisdiction for pre-acquisition conduct. (See FCPA Guidance at 31.) However, post-acquisition bribery payments by the acquired company would be subject to potential investigation and prosecution (Id. at 32), not on a theory of successor liability but on a theory that the payments were violations by the U.S. entity.

Where a target company was subject to the FCPA prior to a transaction, the DOJ and SEC may have jurisdiction to prosecute the predecessor company on a theory of direct liability or the acquiring company on a theory of successor liability. (See FCPA Guidance at 33). Where the acquirer has conducted robust diligence and sought to implement post-acquisition controls, the FCPA Guidance indicates that the DOJ and SEC are unlikely to prosecute the acquirer for pre-acquisition conduct on the basis that the acquirer sought to understand fully any anti-corruption risks and to remedy them appropriately. (Id.)

Where both an acquirer and target were subject to the FCPA pre-transaction and improper conduct occurs at the acquired company post-transaction, the DOJ and SEC take the position that they can – and likely would – prosecute the acquirer. (See FCPA Guidance at 33 – 34). The DOJ and SEC take the position that the acquirer is familiar with its own (and the target’s) industry and risks, and thus is in a position to understand and remedy risks in its own operations as well as those of the acquired entity. (The FCPA Guidance is available at: http://www.justice.gov/criminal/fraud/fcpa/guidance/).

In most transactions that have a degree of multi-jurisdictional corruption risk, it will be appropriate to: (1) include risk-based diligence procedures in the overall diligence plan; (2) implement post-closing enhancements to the target company’s compliance program; and (3) ensure education of management and directors on anti-bribery compliance. In addition, it is appropriate to tailor the diligence to the transaction structure. For example, diligence in connection with a 100% acquisition is likely to be more elaborate than diligence for a minority investment. In considering joint venture partnerships, a company should carefully assess the potential governance and board structures, and tailor diligence to gain comfort regarding the entities and personnel who will partner in the venture. Finally, where possible, it is beneficial to secure financial guarantees against past liabilities, to structure financial incentives to encourage enhancements or remedial measures, and to use contractual protections to promote ongoing compliance.

Goals of Diligence. In light of the above framework regarding successor liability, transactional diligence has several goals. First and foremost, to assess the risks of questionable payments, improper accounting entries, or controls weaknesses that could create liability. Second, as an exercise of due care. If specific issues are not discovered pre-transaction but arise later, due diligence procedures will form the basis for arguments that no liability should be imposed on the acquirer/investor after the transaction is completed. Third, to identify specific control enhancements or remedial steps to implement upon closing to minimize forward-looking risks.

Risk Profile. Established practices and guidance from U.S. and European regulators confirm that a risk-based approach to due diligence is appropriate, with diligence resources focused on high risk interactions with government customers and regulators. The diligence risk assessment should take into account the specific characteristics and risks of the target’s geographic profile and industry risks. Vigorous anti-corruption enforcement in the last several years has created a body of settlements from which risks can be gleaned. In the Asia-Pacific region, for example, settlements have identified improper payments in the areas of travel, meals, entertainment and gifts; improper payments through distributors to secure sales; and improper payments through agents, consultants and other third party vendors to secure regulatory approvals or to obtain business. Similarly, parties operating in the industries that have been the focus by anti-corruption authorities – such as oil and gas, freight forwarding and logistics, and pharmaceuticals and medical devices – should account for potential regulatory scrutiny in evaluating the risk profile of a transaction.

Due Diligence Procedures. Anti-corruption due diligence usually can be performed, at least initially, in tandem with standard economic and financial due diligence requests and should focus on potentially high risk areas of a business. Because access to information during the diligence process is almost always more limited than in an investigation, risk should be assessed based on compiling information from several sources. In particular, information can be gathered and compiled from (1) data room materials; (2) financial ledger analysis; (3) management interviews; and (4) publicly available information on both the target and third parties retained by the target, such as sales consultants, agents, and distributors. In appropriate circumstances, an acquirer may seek to involve forensic accountants or investigators if there are indications of potential improper payments. Risk areas can be explored by seeking information regarding internal controls environment and history; sales to government entities; government subsidies, tax breaks or other benefits; regulatory relationships; travel, meals and entertainment expenses; charitable and political contributions and activity; third party relationships, including the use of consultants and agents.

Timing of Anti-Corruption Due Diligence Procedures. Ideally, an acquirer or investor would have comprehensive pre-signing access to sufficient information to complete reasonable diligence. In reality this is rarely the case, either because of commercial pressures (including competitive bidding) legal restrictions (access to confidential information) or a combination of both. The DOJ’s 2008 Opinion Procedure Release to Halliburton Corporation (reaffirmed in the FCPA Guidance) describes a possible procedure for post-closing due diligence (and voluntary disclosures) in the context of a transaction where pre-closing due diligence was not feasible. (See DOJ FCPA Opinion Procedure Release 08-02 (June 13, 2008)). The contemplated target operated in a number of jurisdictions with a high corruption perception index, and at the time Halliburton was under active DOJ and SEC investigation for its activities in many of these same regions. In this circumstance, Halliburton proposed, and the DOJ endorsed, a 180-day post-closing period to conduct staged post-acquisition due diligence, and to self-report any corruption, accounting, or controls violations identified. The 180-day post closing period set out in this Opinion Procedure Release has become somewhat of a benchmark for post-closing diligence and controls remediation, although any post-closing voluntary disclosures to regulators by an acquirer or investor should be carefully considered on a case-by-case basis.

“Day One” Compliance. Even if no problematic issues are identified in pre-transaction due diligence or post-closing review, regulators expect that appropriate controls will be introduced on “day one” following closing of a transaction. In the merger context, and to the extent permitted by antitrust laws, parties to a transaction may want to begin outlining a post-closing compliance policy framework and organizational structure immediately after signing a letter of intent. Key elements of such a program include: (1) written policies that address governing anti-corruption laws; (2) revised reporting structures; (3) compliance resources for sales personnel and other relevant employees; (4) training; and (5) an audit function to review compliance. Post-closing compliance also should focus on review and enhancement of controls over third-party relationships. It may be appropriate, for example, to execute contract amendments or new contracts to incorporate appropriate anti-corruption representations and warranties and audit rights.

Conclusion. In light of increasing anti-corruption enforcement activity in Asia, anti-corruption due diligence should be considered as an important component of an acquisition or investment plan, and should be well documented and carefully executed.

Expert Biography

Gary DiBianco, Partner, Skadden, Arps (London); Warren Feldman, Partner, Skadden, Arps (New York); Bradley Klein, Counsel, Skadden (Beijing). Gary, Warren and Brad all practice in Skadden’s white collar and government enforcement litigation group and regularly handle anti-corruption matters in Asia and elsewhere.