A telecom giant’s second FCPA settlement might look unremarkable at first glance: simple scheme, relatively modest penalty, no formal monitorship. But dig deeper and you’ll find crucial lessons about supplier risk, compliance program evolution and what it really means to learn from past mistakes, says CCI columnist Mary Shirley.
Telefónica Venezolana, a Venezuelan subsidiary of the Spanish telecommunications company, entered into its second FCPA settlement by way of a deferred prosecution agreement (DPA) and an $85 million penalty.
The bribery scheme resulting in Telefónica’s latest settlement, which was announced Nov. 8, was relatively simple: The company improperly induced Venezuelan government officials for preferential access to U.S. dollars through a government-sponsored currency auction. It deployed two suppliers as third-party intermediaries to make bribes by buying equipment from the suppliers at inflated prices, creating a slush fund.
Telefónica’s FCPA DPA and settlement are largely unremarkable, though a couple of points stand out to me.
First, Telefónica is a recidivist offender and managed to get by not only without a monitorship but also a fairly modest pecuniary penalty, though joining the frequent flier club was noted to be an aggravating factor. Similarly, its fine this time around is substantially bigger than the $4.1 million fine the telecommunications company paid in its first tango with FCPA enforcement in 2019.
Despite not receiving a formal monitorship, the organization will be subject to what I consider to be a quasi-monitorship, a situation where the company makes assurances around continued cooperation and agrees to provide reports to the government about its remediation efforts and improvements made to the compliance program. I remain curious about what will tip a company over from receiving a quasi-monitorship to a formal monitorship, especially when the company has an improper inducement history.
Royal Screw-Up Costs Raytheon $950M
Settlement includes federal monitors after DOJ finds company wasn't forthcoming
Read moreThough many organizations have now moved to conducting some sort of check on suppliers compared to the turn of the century, I would suggest many of us are not categorizing suppliers as the highest-risk third parties in our FCPA risk assessments and due diligence program, as we would with, say, sales consultants/agents and distributors.
This case ought to prompt compliance professionals to reflect upon whether there are deeper checks we should be carrying out on certain suppliers beyond human rights and forced labor diligence. Perhaps they should also consider making specific mention of suppliers in FCPA and anti-bribery training not only as possible sources of bribes being offered to procurement and supply chain colleagues but also as potential conduits for bribery payments from within the organization. I do have a certain admiration for the creativity and innovation in evolving ways to pay bribes, legality aside.
DOJ has explained some of the mitigating factors in this case:
- Proffering non-U.S.-based employees for interviews on U.S. soil and taking disciplinary action against certain employees.
- Providing a considerable amount of documentation while balancing international privacy laws and associated obligations.
- Providing translations of evidence and methodically presenting it.
- Taking disciplinary action against involved employees, including termination.
Perhaps unexpectedly, given this isn’t Telefónica’s first FCPA encounter, the company also got credit for building and “empowering” an independent compliance function. Which begs the question, what remediation was done after the first FCPA settlement? (I think a riveting idea for an article would be an “FCPA Offenders, Where Are They Now?”) The chief compliance officer also got direct access to the board’s audit committee.
An aggravating factor was the failure to provide key documentation to the regulator in a timely manner. This feels like a step-and-repeat of other cases of late. While this seems like a simple aspect for companies to get right at the first sign of trouble, never underestimate how voluminous the data can be that internal investigators have to sift through, how difficult it can be with various systems after mergers and acquisitions and how despite your best efforts to establish good record-keeping hygiene, what can slip through the cracks and not be documented or documented properly.
This case goes to show that the fines need not be flashy and the bribery scheme need not resemble a high drama for there to be interesting points to glean for compliance officers.
