Bribery Schemes in Brazil to Win Exclusive Business Demonstrate Lack of Strong Due Diligence and Compliance Program.
At the close of 2022, when some were paying for holiday celebrations, Honeywell International Inc., agreed to pay over $160 million to resolve violations of the Foreign Corrupt Practices Act (FCPA). This was part of a parallel enforcement action by the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC). The SEC and DOJ coordinated the resolution along with authorities in Brazil. Honeywell’s alleged FCPA violations and monetary penalties highlight the need for a strong compliance program, and underline the robust safeguards needed when working with third parties, foreign subsidiaries, and partnerships.
According to court documents and Honeywell’s own admissions, between 2010 and 2014, Honeywell UOP, a subsidiary of Honeywell International Inc., conspired to offer a bribe of approximately $4 million to a “then-high-ranking” executive to secure improper advantages with a goal of obtaining and retaining business from Brazil’s state owned, oil company, Petróleo Brasileiro S.A (Petrobras) to design and build an oil refinery called Premium. Honeywell UOP won the contract after receiving certain business advantages which included insider information and secret assistance from the Petrobras executive. Honeywell UOP received profit earnings of approximately $105.5 million from the illicitly obtained dealings.
Honeywell UOP settled with the DOJ to resolve criminal charges of FCPA violations. According to a DOJ press release, Honeywell International entered a “three-year deferred prosecution agreement (DPA) with the department in connection with criminal information filed in the Southern District of Texas charging the company with conspiracy to violate the anti-bribery provisions of the FCPA. Honeywell UOP will pay a criminal penalty of around $79 million imposed by the DPA, along with approximately $81 million in disgorgement and prejudgment interest as part of the SEC’s civil charges of violations of the FCPA anti-bribery, books and records, and internal account provisions according to an internal administrative order. The SEC agreed to a credit of around $39.6 million of that criminal penalty” against amounts Honeywell UOP agreed to pay Brazilian authorities connected to related proceedings.
The company, however, did not receive voluntary disclosure credit under the DOJ’s Corporate Enforcement Policy, as the DOJ’s investigation was initiated before Honeywell decided to cooperate. Honeywell, however did receive full credit for cooperation.
Lessons to Learn on Due Diligence, Global Risk, and FCPA Compliance
Over 90% of FCPA violations are triggered by third parties, which is exactly what played out in Honeywell’s case.
Companies can be held accountable for the actions of numerous types of third parties they do business with. This includes: agents, partners, contractors, vendors supply chain distributors and manufacturers, and other entities business is conducted with.
Honeywell engaged in remedial measures in lieu of an FCPA enforcement, which included terminating and disciplining certain employees involved in the misconduct and strengthening its compliance program. The company also expanded its compliance program, hired compliance professionals, and eliminated its use of sales intermediaries. Honeywell also implemented an automated sales intermediary due diligence tool that requires managers to provide compliance certifications on a quarterly basis.
However, it is unknown how they are addressing due diligence investigations of current executives, new executive hires, and any external third-party agents and associates.
The Type of Due Diligence Investigations Needed
The DOJ is cracking down hard on FCPA violations and increasing its scope. According to the Goodwin report, the DOJ is now looking to fight corruption by use of money laundering theories to charge foreign officials, who are not themselves subject to the FCPA, in order to target the recipient of bribes, in addition to the initiator. This is new and increases a company’s need for a strong compliance program, highlighting how critical it is for due diligence investigations to be conducted on executives in foreign subsidiaries, third-party connections, and with third-party vendors and other relations.
The Goodwin report additionally remarks that the DOJ will be targeting a striking number of “FCPA-related” charges, such as tax violations, Travel Act violations, mail and wire fraud, money laundering, and false statements in addition to, or sometimes instead of, FCPA charges.
When obtaining new entities through M&A, even within your own country, company culture can be inconsistent in many regards, including ethics. Often, a company will continue do business as usual, but what might constitute an acceptable social, or even legal, practice in one nation, may be illegal in another. The risk of unethical practices increases when business entities are distinct, and the risk rises even higher when they are located in other nations.
It is important to create a culture of integrity from the top down and make clear what is expected in regard to that.
New penalties are being dispensed, and FCPA fines are increasing.
Monitorship is one such penalty the DOJ is now imposing, as in the Stericycle resolution earlier in 2022. While Honeywell did not have a monitorship imposed, it does not mean that the next company to run afoul of the DOJ will not. These monitorships provide an extra monetary and compliance burden on a company. JDSUPRA reported that with the enforcement of DAG Monaco and the imposition of monitorships “[w]here a corporation’s compliance program and controls are untested, ineffective, inadequately resourced, or not fully implemented at the time of a resolution,” there can be “significant on-going costs” for monitorship to companies.
Third-Party Risk Mitigation
The Honeywell case highlights the inherent risk of third parties and global enterprises. While Honeywell had a compliance program in place, it was not sufficient to prevent corruption in their foreign subsidiaries.
To best mitigate third-party risk, preemptive measures should have been in place, including: strict maintenance of all books and records, implementing a strong code of conduct and anti-corruption polices, provision of FCPA training and associated education for executives, staff, and third-party partners and agents, establishing a culture of compliance with clearly expressed ethical business practices, disclosure to the DOJ of any corrupt payments discovered during due diligence activities, and conducting enhanced or deep dive due diligence investigations on all executives and third parties prior to Merger and Acquisition (M&A) proceedings.
Due diligence investigations are part of a strong compliance program and not only conducted when hiring executives, but routinely conducted on company executives, board members, and on third-parties before undertaking any M&A proceeding. Maintaining a strong culture of integrity and robust compliance program is critical to a company’s risk management strategy.
Honeywell has stated that they have “been publicly recognized as Honeywell is a seven-time honoree of Ethisphere’s World’s Most Ethical Companies award, including in every year since 2019,” but when looking at such recognitions, it should be noted that they are often composed of a variety of factors not necessarily related to anti-corruption statutes, such as environmental concerns or social justice matters. This means that such recognition does not mean mitigation of risk or that a company is in compliance with the FCPA.
Honeywell’s FCPA resolution underscores the need for a strong compliance and due diligence investigation program.
The lack of a comprehensive and evolving compliance program and due diligence investigations can severely damage a company: reputation loss, huge fines, profit loss, and even potential jailtime can be the result.
As the federal government (DOJ/SEC) introduce new enforcement actions, such as divestment of entities and monitorships as part of settlement agreements for FCPA violations, businesses need to place an increased emphasis on a strong and secure internal anti-corruption risk management and compliance program and enhanced due diligence investigations to identify and mitigate risk.