How to address corruption and compliance issues in global M&A transactions
June 2018 | SPECIAL REPORT: MERGERS & ACQUISITIONS
Financier Worldwide Magazine
June 2018 Issue
With the increased enforcement in the last decade of violations of the US Foreign Corrupt Practices Act (FCPA) by the Department of Justice (DOJ) and the US Securities and Exchange Commission (SEC), as well as the enactment and enforcement of corruption laws around the world, due diligence governing compliance matters has become both mandatory and commonplace in global M&A transactions. However, there is no right answer governing the scope of the diligence or how that diligence should be undertaken. Determining what action should be taken requires a judgment call, based on the risk profile of the relevant business and the time that is available to undertake such diligence.
Due diligence is not done solely to discover and learn about potential problems. Adequate due diligence provides an effective insurance policy to mitigate potential penalties that might be assessed by the authorities if compliance issues go undetected – whether due to the wilful withholding of information or fraud by third parties. Diligence also helps to ensure that proper compliance policies, including the requisite training, are implemented after the acquisition.
There is, of course, the issue of what to do when diligence uncovers problems of corruption and other compliance issues. The focus becomes one of assessing the risk of successor liability: what actions can be taken to mitigate the attendant assumption of liability related to past bad acts by the target. In the past, a compliance problem often meant the death of a transaction. In the age of multibillion dollar transactions, where awareness of violations of compliance issues is becoming frequent, not going forward with the transaction is often no longer a viable competitive option for an acquirer. In fact, valuable businesses are often being sold precisely because of the past sins of the sellers and the businesses they are selling. Thus, assessing and addressing corruption and compliance issues are important features of global M&A transactions.
Procedures and steps in undertaking diligence
Recent decisions of the relevant US authorities are helpful in delineating what comprises adequate diligence about corruption and compliance issues. For example, both the SEC and the DOJ recently issued a declination to Harris Corp for alleged violations of the FCPA, perpetrated by the head of a Chinese subsidiary that Harris had acquired in April 2011. As noted by one commentator, “Harris achieved this resolution as a result of its due diligence in advance of acquiring the China subsidiary (CareFx China), its integration of CareFx China after the closing and its voluntary disclosure, remediation and cooperation”.
In terms of diligence, the SEC did not find it fatal that Harris was limited in its ability to conduct pre-acquisition due diligence. What was important was that Harris did sufficient diligence. Harris’ attorneys did interview the head of the Chinese subsidiary about gift giving at CareFx China and he did not disclose the gift misconduct. The SEC recognised that the diligence required to be undertaken needs to be measured in terms of overall materiality of the facts. In particular, the consolidated revenue of CareFx China in fiscal year 2012 was approximately $1.4m, less than 0.1 percent of Harris’ total consolidated revenue. In summary, the risk-based analysis required by the US authorities would suggest that they should be willing to countenance less fulsome diligence in a situation where the operations that create the compliance risks are relatively immaterial.
There is another important lesson to be taken from the Harris Corp decision. Given that enforcement proceedings are likely to occur years after the diligence is undertaken, it is vital that companies carefully document the diligence they undertake. For example, contemporaneous memos should be written of any interviews that are undertaken.
The attorneys that conduct the diligence should also be familiar with the relevant business practices and culture of the jurisdiction and industry implicated by the transaction. Part of the diligence process is to have a set of questions and requests for documents that will unearth potential compliance or corruption issues. These questions and requests need to be tailored to the specific business and jurisdiction on which diligence is being done, but that is only the initial step; the key is to follow up the information provided with inquiries and interviews of relevant employees.
It has become customary in follow-up interviews to use former prosecutors to assist with the diligence process, in light of their familiarity with what the authorities require for adequate diligence. But, in addition, it is just as important to use lawyers who are native to the jurisdiction where the diligence is being undertaken, as they are in the best position in light of their understanding of the culture and language to discern the nuances of what is indicated by a document or being said by a party being interviewed. Knowing what specific questions to ask, based upon a familiarity with local business customs and culture, will elicit more helpful information that could divulge the existence of an improper benefit being bestowed upon a government official.
The diligence process also requires the attorney to work closely with third parties. Close interaction should occur, with the accounting firm reviewing the financial books and records and accounting statements of the target business to identify suspicious payments or other transactions. Use of artificial intelligence compliance tools to review information, such as about the target’s sales, expenses and charitable and political contributions, can be helpful in discerning areas of concern. It has also become customary to have a private investigator undertake background checks. Public records of government authorities or court proceedings or past media reports may provide useful information or raise red flags about the risk of corruption issues existing.
Part of the diligence process is also including specific representations and warranties in the relevant acquisition document. Potential liability for non-disclosure and even potential fraud may lead a seller to voluntarily divulge past sins. In acquisition agreements, a recent trend has been to treat anti-corruption representations as fundamental representations that are subject to lower indemnification baskets, higher indemnification caps and longer indemnification survival periods. To make sure that one is obtaining the necessary disclosure about corruption-related contingencies, one should make sure that wilful non-disclosure and fraud are excepted from the limits on indemnification.
Analysing the situation of where a compliance issue is uncovered
If, as part of the diligence process, a corruption or other compliance issue is discovered, the M&A practitioner needs to examine the issue in light of the relevant local laws that have been violated as well as the FCPA, the UK Anti-Bribery Act or other anti-corruption laws that are applicable to the acquirer or the target. The focus, to a large extent, is to determine what sort of successor liability the purchaser of a business will assume for the bad acts that occurred prior to the acquisition.
Since the 2012 issuance of the DOJ’s ‘A Resource Guide to the US Foreign Corrupt Practices Act’ and subsequent opinion releases, there has been greater clarity in terms of an acquiring company’s liability for acts of a target company. The Resource Guide and subsequent opinion releases have largely made it clear that if a target business were not subject to the FCPA because the jurisdictional underpinnings of the FCPA were not met, FCPA liability should not attach to the buyer. There is, however, one context in which the DOJ has suggested that the FCPA might apply, even where at the time of the past bad acts the jurisdictional requirements of application of the FCPA were not met. That context is the situation where the buyer would continue to benefit from an illegally-obtained right, such as a concession or licence, after the acquisition.
Although not necessarily justified by legal principles, the DOJ has taken this stance because it wants acquirers to voluntarily disclose uncovered compliance issues to the DOJ and SEC. In fact, what the opinion releases and the new Corporate Enforcement Policy issued on 29 November 2017 teach us, is that if an acquirer learns of a compliance issue, the best way to escape liability is to undertake an investigation that ferrets out the full scope of the illicit activity, to put an end to the activity as soon as possible, to disclose the violation, to disgorge any ill gotten gains and to implement compliance policies, including training as of the closing of a transaction. In fact, even if the corrupt acts continue to occur after the closing of the transaction (and thus presumably the jurisdictional basis for the application of the FCPA exists), the DOJ has stated that if the appropriate steps, such as self-reporting and implementation of a robust compliance programme aimed at stopping the violation occur, the DOJ will not impose liability on the acquirer.
The fact that self-reporting may lead to no punitive actions or sanctions from the US authorities does not necessarily mean that all acquirers are eager to disclose compliance issues they uncover. If the acquirer is comfortable that the compliance issues uncovered did not form the basis of an FCPA violation (because the jurisdictional underpinnings for application of the FCPA were not fulfilled) and it has sufficiently scoped out the violations that occurred to ensure that no violations will occur after closing of the acquisition, the acquirer may well elect, after consultation with counsel experienced in dealing with FCPA issues, not to incur the expense, time and effort involved in the self-reporting process with the US authorities.
In addition to the issue of successor liability under the FCPA, there exists the question of successor liability under the local laws of the jurisdiction where the violation occurred. In many civil law jurisdictions, if one acquires a business, one usually inherits all contingencies related to the business. Statutes in certain jurisdictions, such as the Brazilian Clean Company Act, actually specify that, absent fraud, an acquirer of a business inherits liability up to the value of the consideration paid by the acquirer. Thus there is usually no failsafe way of avoiding liability in the local jurisdiction. There are, of course, a number of other factors to take into account in analysing the successor liability under foreign law. First, one should look at the relevant statutes of limitation applicable in foreign jurisdictions to see if relevant prescriptive periods might mitigate the risk of successor liability. Second, it is important to understand what type of liability might attach as a result of the bad acts. In many jurisdictions, criminal liability does not attach to the corporate entity, but rather to the individuals who conducted the criminal actions. The entity itself may be subject only to administrative sanctions that may be easier to deal with and could even be mitigated through a leniency or self-reporting process. Of course, the sellers of a business may not be eager to allow for such self-reporting with the local authorities (including as a result of disclosure to the US authorities) that may subject them to criminal liability.
Practitioners of global M&A transactions are well advised to place a high priority on focusing on corruption and compliance due diligence where a review of the geographic and industry area of activity, customer base and other relevant factors suggest that corruption and compliance issues could exist. How to structure the diligence and how to deal with issues uncovered will require consultation with experienced counsel and accountants who have experience in vetting such issues, both from the US and other applicable foreign law perspective.
Sanjiv K. Kapur is a partner at Jones Day. He can be contacted on +55 (11) 3018 3911 or by email: firstname.lastname@example.org.
© Financier Worldwide
Sanjiv K. Kapur