Corruption allegations under the Foreign Corrupt Practices Act (FCPA) typically hit companies hard. An FCPA investigation is almost always unexpected and it immediately places the organization under tight, government-imposed deadlines to produce relevant information. This can be quite disruptive to day-to-day business. According to the Association of Certified Fraud Examiners’ 2018 Report to the Nations on Occupational Fraud and Abuse, just 15 percent of corporate fraud is detected by internal audits, which suggests that traditional information management tools and protocols cannot be counted on to avert a potential disaster.
Recent investigations and enforcements by the DOJ and SEC suggest that FCPA violations will continue to be vigorously pursued. On the other hand, incentives under DOJ’s relatively new FCPA enforcement policy, announced in November 2017, offer organizations a more reasonable and predictable path to resolution that minimizes disruption, reduces potential penalties and mitigates the risks that such an event imposes. This is true even if they haven’t discovered misconduct internally and are therefore unable to self-disclose before being hit with a government investigation. The new enforcement standard rewards organizations for “proactive… rather than reactive” cooperation with the government and “timely and appropriate remediation” with a substantial reduction in the recommended penalty.
To benefit from this policy, however, organizations will need to have their e-discovery house in order. This requires a clear understanding of what makes FCPA matters unique, as well as the toolset and expertise to address those unique challenges.