Since mid-2000s investigation of Siemens, and the resulting $800 million penalty for violations of the Foreign Corrupt Practices Act (FCPA), the FCPA has been an enforcement priority of the U.S. Government. Although a dip in announced penalties in 2015 led some to wonder whether FCPA enforcement had peaked, questions regarding lagging enforcement attention were answered by a record level of enforcement actions and penalties in 2016.
Yet while enforcement activity has been strong under the Obama administration, criticisms of the FCPA by President Trump have led some to question whether FCPA enforcement will be a key priority of the new administration. To help companies determine the level of resources and attention that should be allocated to anticorruption compliance, this client alert presents the “top ten” questions that every company operating outside the United States should be thinking about, particularly companies dealing in high-risk environments such as China, India, Africa, Latin America, and other countries or regions that rank high on indices of perceived corruption.
This client alert is part of a series of “top ten” articles on the future of key international trade and regulatory issues expected to change under the Trump administration. Previously issued client alerts discuss international trade issues (the future of NAFTA,1 Customs and Border Protection,2 and international trade litigation (including antidumping and countervailing duty actions)),3 international investment (the future of the CFIUS review process4 and concerns of PE firms), and international regulation (cybersecurity,5 white collar enforcement,6 and here, the FCPA). Future client alerts will deal comprehensively with all international trade and regulatory areas where significant change could occur under the new administration.
During the election, President Trump did not discuss the FCPA specifically (although he did introduce a promise at the end of the election that he would “drain the swamp,” if elected, a reference to supposed corruption in Washington politics). Prior to the campaign, Mr. Trump expressed skepticism regarding the FCPA in a 2012 interview with CNBC, where Mr. Trump stated that “this country is absolutely crazy” to vigorously prosecute alleged FCPA violations because it puts U.S. businesses at a “huge disadvantage.” Mr. Trump concluded that the FCPA is a “horrible law and it should be changed.”7
It is not likely that the skepticism of businessman Trump will translate to President Trump pushing for a wholesale overhaul of the law or its revocation. With regard to Mr. Trump’s view that the FCPA imposes a disproportionate impact on U.S. companies, the reality is that seven of the ten largest penalties have been imposed on non-U.S. companies. Strong leadership by the United States on corruption has led to a more consistent level of anticorruption laws around the world. With the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions increasingly becoming the benchmark for anti-bribery standards (it has been signed by more than 40 countries), the result has been other countries enacting FCPA-style legislation or enhancing their measures to meet OECD standards. Both OECD and other countries (often at the urging of the United States) are implementing new anticorruption laws and stepping up their enforcement of their laws. For example, the second half of 2016, alone, saw France modernize its anti-corruption enforcement by adopting the Fight Against Corruption and Modernization of Economic Life law (known as Sapin II) in an effort to expand French jurisdiction over worldwide activity for companies that conduct business in France (among other enforcement strengthening). South Korea has also recently implemented a strengthened anticorruption law that prohibits its officials from accepting meals over 30,000 won (around $25) or gifts over 50,000 (around $45), while Brazil has announced a major series of investigations connected with Petrobas.
While it is true that the FCPA formerly put U.S. companies at a disadvantage, with other countries now putting in place their own restrictions on corrupt payments, the bribery-related advantages once enjoyed by companies from other countries have disappeared. This reality, as well as the political imperative that a President elected by promising to “drain the swamp,” will not want to be seen as weakening the principal anticorruption law maintained by the United States. With this in mind, it is unlikely that the FCPA or FCPA enforcement will be weakened under the Trump administration.
In determining the likely enforcement priorities of the U.S. government, it is important to consider the nominees for the key positions that oversee FCPA enforcement: the Attorney General (criminal FCPA enforcement) and the head of the Securities & Exchange Commission (SEC) (oversight of the accounting provisions of the FCPA for publicly traded companies).
With regard to the former, Attorney General Sessions has shown general support for the value of anti-bribery laws, having co-sponsored the Public Corruption Prosecution Improvements Act, which would have revised U.S. law to expand prohibitions against bribery, theft of public money, and other government-related public corruption. As analyzed in the Foley Client Alert regarding white collar enforcement, Mr. Sessions is generally viewed as a law-and-order prosecutor who is unlikely to let violations of white collar laws in general, and the FCPA specifically, slide.8
With regard to the SEC, Mr. Trump has nominated Jay Clayton, a partner at Sullivan & Cromwell LLP, to chair the Commission. While Mr. Clayton chaired a committee of the New York City Bar Association that put out a 2011 white paper that concluded that rigorous FCPA enforcement was pushing foreign companies to avoid registering as U.S. issuers and stating that the U.S. government should “dial back the scope of FCPA enforcement with respect to companies,” the personal views of Mr. Clayton regarding FCPA enforcement are not known.
The SEC in general, however, has in recent years become a strong co-player with the Department of Justice (DOJ) in enforcing the accounting provisions of the FCPA. Institutional forces related to this increased SEC enforcement will push Mr. Clayton towards continuing the strong enforcement of the FCPA. Enforcement of the FCPA has been strong every year since 2008. Although FCPA settlements in 2015 were down (falling to $133 million), this appears to have been a statistical lull based upon the timing of settlements, what with 2014 featuring the announcement of $1.5 billion in penalties and 2016 announcements soaring to $2.48 billion. The new administration will not want to be seen as significantly falling off this pace.
At both the DOJ and the SEC, there is an institutional inertia that transcends changes at the political level. Both agencies have bulked up through the hiring of attorneys and the dedication of investigation resources - specifically for anticorruption/FCPA investigations. These new and existing attorneys work with special squads of FBI agents devoted to FCPA investigations and work closely with enforcement counterparts in other countries. The hiring of the first DOJ compliance expert, Ms. Hui Chen, also shows a commitment to FCPA enforcement and the evaluation of compliance measures in enforcement actions. By all reports, there is a strong pipeline of cases under current investigation, including the massive investigation of Wal-Mart’s potential use of bribes as a business-development tool. Further, with the SEC becoming more aggressive in its penalty assessment, and mining its successful whistleblower program for reports of violations, the table is set for continuing strong FCPA enforcement activity.
Based on all of these reasons, the chances favor continuing strong enforcement of the FCPA at both the DOJ and the SEC.
There have been calls for Congress to change the operation or scope of the FCPA in recent years. For the most part, these proposals have not been attempts to directly ease the reach of the Act, such as by curtailing the controversial (yet effective) assertion of U.S. jurisdiction over tangential contacts with the United States or the U.S. financial system. The proposals, however, could indirectly cause some weakening of the FCPA (in some cases, by design).
The most commonly advocated changes involve two areas: (1) greater clarity regarding the scope and coverage of the law; and (2) institutionalizing credit to be given to companies that maintain well-functioning compliance programs. These efforts are encapsulated by the FCPA reform agenda advocated by the U.S. Chamber of Commerce. The key elements of that reform proposal are as follows:
Although prospects for significant FCPA weakening are low, some elements of this agenda could find a receptive ground before a pro-business Republican Congress and Republican president. The most likely change would be the introduction of an affirmative defense for effective anticorruption compliance measures. Such a provision would mirror the UK Bribery Act and other anticorruption laws that contain a similar provision to encourage effective compliance.
Less certain is whether Congress will enact “clarifying” changes, given that these clarifications generally would curtail the reach of the Act, such as stating that the law does not apply to employees of state-owned entities. There is a bipartisan interest in not appearing to be soft on corruption, especially with regard to bribes by not-particularly-popular U.S. and foreign multinational corporations. The U.S. Government also has an institutional interest in keeping the key terms of the law vague, as the DOJ has used the ambiguity to push an aggressive view of the breadth of the law. Thus, while judicial review of enforcement actions might provide additional clarity regarding these provisions, it is not likely that Congress will take steps to significantly curtail the reach of the law.
At the same time, it is possible that any efforts to open up the FCPA to amendment could actually lead to a tightening of the FCPA standards in two areas: coverage of commercial bribery and the elimination of the facilitating payments exception. Many non-U.S. laws, such as the UK Bribery Act, cover both types of bribes, making the FCPA’s approach somewhat dated.
Regardless of whether these changes occur, companies should be thinking more broadly about corruption compliance best practices, even if they are not explicitly required to comply with the FCPA. Even if the FCPA allows for commercial bribery and for facilitating payments, such actions often violate local law and make for bad compliance decisions. And the U.S. government has other tools, such as the Travel Act and various wire fraud statutes, to reach commercial bribery. As a result, companies should consider broadening their approach from compliance with the FCPA minimums to maintaining broader anticorruption policies, so as to cover all forms of corruption of any size, whether it involves government officials, private persons, facilitating payments, or even the receipt of bribes (kickbacks).
The DOJ and the SEC have undertaken several initiatives in recent years, including the issuance of a joint DOJ/SEC set of guidelines, the implementation of an SEC whistleblower program, SEC regulatory efforts, and the FCPA Pilot Program. In the main, these initiatives were intended to increase enforcement attention and to encourage enhanced FCPA compliance. The main recent regulatory initiatives in the anticorruption space, and prospects for change for each, are as follows:
SEC Whistleblower Program. Although there is pressure to amend the Dodd-Frank program that established this whistleblower regime (as discussed in the Foley Private Equity “Top Ten Questions” alert), the success of the SEC whistleblower program presents institutional pressure to keep it going, regardless of what happens to Dodd-Frank. Since the SEC established a whistleblower program in July of 2010, the SEC program has paid out well in excess of $100 million to whistleblowers, based on the collection of penalties approaching one billion dollars, with much of this activity being in the FCPA realm. The number of tips received annually has grown from 334 in 2011 to 4,218 in 2016.9
The SEC would hate to give up such a successful source of enforcement leads. The SEC placed a vote of confidence in the whistleblower program in several enforcement actions, against such companies as BlueLinx Holdings, Inc. and Health Net, Inc., which imposed severance agreement requirements stating that outgoing employees must waive their rights to any monetary award from the SEC’s whistleblower program. Underscoring the importance of the program, the SEC imposed significant penalties for the implementation of these provisions even though there was no finding that the provisions had prevented anyone from reporting a potential violation to the SEC.
As Jane Norberg, Chief of the SEC’s Office of the Whistleblower, summarized the SEC’s view that the whistleblower program has had a “transformative effect” on SEC enforcement activity.10 The whistleblower program accordingly is likely to survive any changes to the Dodd-Frank Act that initially authorized it. Further, even if the Dodd-Frank authorization were to disappear, the SEC nonetheless might use its inherent regulatory powers to continue a variation of it. It is unlikely Congress would take steps to bar this, given the blowback that such a softening of a well-known anticorruption initiative would create.
FCPA Pilot Program. The FCPA Pilot Program was announced as part of a three-part approach to FCPA enforcement in a memorandum from Andrew Weissmann, the Chief of the DOJ’s Fraud Unit. The three initiatives were that: (1) the DOJ would be “intensifying its investigative and prosecutorial efforts by substantially increasing its FCPA law enforcement resources,” including a fifty percent increase in the number of FCPA-specialist prosecutors; (2) there would be a “strengthening” of DOJ “coordination with foreign counterparts in the effort to hold corrupt individuals and companies accountable”; and (3) there would be an FCPA “pilot program,” which would be a one-year program designed “to promote greater accountability for individuals and companies that engage in corporate crime by motivating companies to voluntarily self-disclose FCPA-related misconduct, fully cooperate with the Fraud Section, and, where appropriate, remediate flaws in their internal control and compliance programs.” Consistent with the dictates of the Yates Memorandum, the FCPA Pilot Program is intended in part to hold individuals responsible for FCPA violations. The FCPA Pilot Program also included circumstances where the DOJ could use its discretion to decline prosecution. These declinations can be used only if certain conditions are satisfied, including complete cooperation and disgorgement of profits gained as a result of the bribes paid.
There are several more months during which the FCPA Pilot Program will run. It appears, however, that the Pilot Program has been successful and that it will be renewed or perhaps made permanent.
Yates Memorandum. The Yates Memorandum, among other things, is designed to increase the focus on individual actors in DOJ enforcement actions. With Attorney General Sessions a law-and-order former prosecutor, who, in the past, has expressed support for prosecuting individuals where they are involved in corporate crime, it is unlikely that the DOJ will seek to weaken the provisions of the Yates Memorandum. The Yates Memorandum is discussed more extensively in Foley’s White Collar Enforcement client alert.11
Extractive Regulations. In contrast to the initiatives listed above, which are expected to continue in force, the draft extractive regulation rule will not become permanent law. A draft reporting rule issued by the SEC required that oil, natural gas, and mining companies reveal details about payments made to secure the right to extract resources. The extractive reporting rule (Rule 13q-1) required that, for fiscal years ending on or after September 30, 2018, companies in the impacted industries make detailed reports regarding payments made to foreign and domestic governments for the commercial development of oil, natural gas, or minerals.
This rule met fierce political opposition, illustrating the difference between weakening an existing law like the FCPA and creating a new anticorruption requirement that targets a specific group of well-connected companies. Following a Joint Congressional resolution disapproving of the rule pursuant to the Congressional Review Act (which permits Congress, by simple majority, to disprove rules shortly following their adoption), President Trump endorsed the invalidation of the rule. Under the terms of the Congressional Review Act, the SEC is precluded from re-adopting the rule, even though the Dodd-Frank Act required the issuance of a resource extraction disclosure rule.
The U.S. Government is taking an increasingly broad look at potential violations, seeking to punish all related conduct. This is manifested in combined AML and economic sanctions enforcement actions, export controls and economic sanctions actions, and so forth. It is likely the U.S. government will emphasize these types of combined enforcement actions in coming years, including with regard to the FCPA. In the FCPA context, this implies a focus on whether the object of the bribes was itself illegal under other laws.
Companies in bribery investigations should also be aware of the fact that enhanced sharing of information between the U.S. government and foreign governments may not be one way. As foreign governments become increasingly active in their own anti-corruption efforts, the chances that companies will face enforcement actions in multiple countries increase. The previous assumption, which was that only the U.S. government would prosecute bribe-related activity over which it has jurisdiction, has become increasingly tenuous.
The last decade has seen a number of sources of “best practices” in the realm of anticorruption compliance, including: (1) the FCPA Guidance issued by the DOJ and the SEC, which contains a section titled “Hallmarks of Effective Compliance Programs”; (2) the DOJ’s Principles of Prosecution of Business Organizations, which contains a section titled ‘Corporate Compliance Programs”; (3) U.S. Sentencing Guidelines, which contain a section titled “Effective Compliance and Ethics Programs”; (4) Attachment C in many recent DOJ FCPA settlement agreements; (5) The UK Bribery Act Guidance issued by the U.K. Ministry of Justice; and (6) the OECD’s “Good Practice Guidance on Internal Controls, Ethics, and Compliance.” These sources of anticorruption compliance best practices coalesce around sound principles of regulatory risk management, including the necessity for a clear, easy-to-understand compliance program, tailored and repeated training, and regularly audited internal controls.
Yet what these many sources of compliance best practices have not offered is a certifiable standard of anticorruption program benchmarking. This gap was filled on October 15, 2016, when the International Organization for Standardization (ISO) adopted ISO 37001 as a certifiable international “anti-bribery management system.”12 While ISO standards are voluntary, in certain areas, such as quality management, its standards have become de facto international benchmarks. The possibility of benchmarking to the standard by third-party certifying parties potentially could make the standard influential – not only with regard to companies seeking ethical partners, but potentially in DOJ and SEC investigations under the new administration as well.13
At this time, it is not certain how impactful the new ISO 37001 standards will be. Initial indications are that the ISO standard may prove most useful in countries that are marked by a high degree of perceived corruption, as they could provide an objective guidepost and assurance of the presence of an audited anticorruption compliance system. Companies operating in such environments may seek certification as a means of gaining a competitive advantage from business partners who want to minimize bribe-related risk.
For many U.S. companies, the receptivity to submitting to an outside ISO audit process will likely turn on how the program is treated in future DOJ and SEC enforcement actions. If it appears that the regulatory agencies are giving extra compliance credit to companies with a certified anticorruption process in place, the program may become coveted by companies at heightened risk of violations. There is precedent for such a result: the DOJ’s “Principles of Federal Prosecution of Business Organizations” states that prosecutors should evaluate “the existence and effectiveness of the corporation’s pre-existing compliance program” when determining whether to charge a corporation with a crime,”14 while the U.S. Sentencing Guidelines state that prosecutors should consider whether the defendant had an “effective compliance and ethics program” in place.15 The presence of a certified program could help with such requirements.
An additional reason to have ISO 37001 certification applies to companies that are subject to the UK Bribery Act of 2010. For these companies, the certification could prove useful because that Act (unlike the FCPA) provides for an “adequate procedures” defense. Because this defense can only be used if the company can “prove [it] had adequate procedures in place to prevent bribery,”16 the ISO 37001 would enhance the company’s ability to argue that it met this standard.
The ISO 307001 standards are ones that undergird effective anti-bribery compliance in general. To be certified as ISO 37001-compliant, an organization must develop systems designed to prevent, detect, and deter bribery while also “comply[ing] with anti-bribery laws and voluntary commitments applicable to its activities.”17 Any ISO 37001 system must address: (1) bribery of government officials; (2) commercial bribery; (3) bribery in the non-profit sector; (4) both active bribery (outgoing payments) and passive bribery (incoming bribes); and (5) incoming and outgoing indirect bribes through third persons.18
The ISO 37001 standards recognize that effective anticorruption compliance requires the adoption of a risk-based approach – described as a “reasonable and proportionate” approach – which should be based upon periodic risk assessments. Risk assessments should be used to make decisions about the “allocation of anti-bribery compliance personnel, resources and activities.”19 Factors companies should consider when determining the breadth of their risk-based compliance response include:
In addition to conducting risk assessments, ISO 37001 requires that companies take the following steps:
One notable difference between the ISO 37001 standards and U.S. law is that the FCPA allows “facilitation payments” while the ISO 37001 standards do not, on the basis that “they are illegal in most locations” (i.e., under local law). Since it is a best practice to make such payments contrary to company policy, this deviation from the strict requirements of the FCPA is not meaningful for most companies.
As discussed above, the SEC whistleblower program has resulted in numerous FCPA penalties and announced settlements. In addition, with studies showing that most whistleblowers are motivated by reasons other than money (i.e., whistleblowing often occurs because employees are disgruntled or terminated, or because an employee believes internal reporting was not taken seriously), even companies that are not publicly traded should be concerned about whistleblower activity.
Minimizing whistleblower risk, to a large degree, starts with an effective compliance program. An effective compliance program, supported by a culture of compliance where employees are encouraged to speak up and internally report potential violations of law, is the best weapon to prevent external whistleblower activity. The more effective internal handling of compliance lapses is, the less likely external whistleblowing will occur.
Specific compliance measures firms should consider to minimize the risks of external whistleblower activity include:
Liability for FCPA issues can effectively be purchased, as changes in corporate structures or control do not eliminate FCPA liability. The FCPA Resource Guide provides for the following tips to minimize risks (which are equally applicable to any high-risk legal regime):
As can be seen, the recommendations center on the conduct of effective due diligence and the implementation of learnings found in that due diligence after the acquisition. The role of due diligence in this process cannot be overstated, as effective due diligence actually has seven rationales: (1) to determine the risk of the acquisition; (2) to ensure proper valuation of the acquired company; (3) to determine the potential liability for violations; (4) to minimize unexpected surprises; (5) to minimize liability for past conduct; (6) to identify future compliance issues; and (7) to assist in post-acquisition planning.
To avoid unpleasant surprises, the following are the general topics the due diligence inquiry should address:
A basic understanding of the operations of the target is required, which is determined by requesting:
Basic Background Information
Compliance and Training
Information regarding the target’s training and compliance measures provides a window into the culture of the target. Discovering this type of information is accomplished by requesting the following information:
Agents and Third Parties
Third parties cause many FCPA problems. To minimize this risk, the acquirer should seek information regarding:
Dealing With Potential FCPA Issues
Where it appears that the target has paid bribes, there are a number of tough questions for the acquiring company to ask itself before proceeding. These include:
Because due diligence is never perfect, acquirers need to consider protections in the event that potential violations are not discovered through the conduct of the due diligence. Contractual safeguards help reduce exposure to FCPA risks.
The scope of the representations and warranties should be negotiated to protect the acquirer against any wrongdoing committed not only by the target company, but also by its agents, its subsidiaries and affiliates, and perhaps even its existing shareholders. To the extent specific risks are identified during the due diligence phase, representations and warranties can be tailored to target identified risks.
In addition, indemnification mechanisms also can provide important protections if there are losses following completion of the transaction. Material adverse changes and conditions precedent clauses also can enable acquirers to abandon transactions where corrupt activities are identified before the transaction has been completed. If corrupt activities occur or are suspected during the transaction or before the closing, the acquirer should have the ability to pull out from the transaction or to carve out the affected portion of the business.
Ultimately, the steps taken to mitigate compliance risks need to be tailored to address the specific risks of the transaction, which is why effective due diligence is important. Conducting comprehensive due diligence before committing to a deal, particularly for targets operating in high-risk jurisdictions, is an important protection from the high-risk FCPA enforcement environment.
The author of this client alert has an international compliance guide that includes just such a twelve-step program; a copy is available by request.35 The headlines of this twelve-step program are as follows:
The international climate for U.S.-based multinational companies and non-U.S. based companies that sell into the United States has never been more uncertain. This client alert is the seventh of a series of Articles that is being prepared to help companies navigate the uncertain international trade and regulatory environment. Future “Ten Question” articles related to the transition to a new Administration already cover international trade issues (NAFTA, International Trade (antidumping and countervailing duty) actions, and Customs); international investment (changes in how the Committee of Foreign Investment in the United States (CFIUS) evaluates investment in the United States, concerns of PE firms); and international regulatory issues (cybersecurity, white collar enforcement and, here, the FCPA). Future client alerts will cover the Office of Foreign Asset Controls (OFAC economic sanctions) and Export Controls and anti-money laundering.
If you would like to be added to the mailing list for these alerts, please contact the chair of the Foley & Lardner LLP Export Controls and National Security practice (and the author of this client alert) at firstname.lastname@example.org or +1 202.945.6149.
1 See Gregory Husisian and Robert Huey, “NAFTA and the Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/nafta-and-the-new-trump-administration-12-01-2016/
2 See Gregory Husisian and Robert Huey, “U.S. Customs and the Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/us-customs-and-the-new-trump-administration-your-top-ten-questions-answered-02-07-2017/
3 See Gregory Husisian and Robert Huey, “International Trade Litigation and the Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/international-trade-litigation-and-the-new-trump-administration-your-top-ten-questions-answered-01-06-2017/.
4 See Gregory Husisian, “CFIUS and the New Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/cfius-and-the-new-trump-administration-your-top-ten-questions-answered-01-25-2017/.
5 See Gregory Husisian, Chanley Howell, and Jacob Heller, "Cybersecurity and the new Trump Administration: Your Top Ten Questions Answered," https://www.foley.com/cybersecurity-and-the-new-trump-administration-your-top-ten-questions-answered-04-27-2017/.
6 See Scott Fredericksen and Gregory Husisian, “White Collar Enforcement and the New Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/white-collar-enforcement-and-the-new-trump-administration-your-top-ten-questions-answered-02-09-2017/.
7 See FCPA Professor, “The FCPA is a Horrible Law and It Should be Changed,” available at http://fcpaprofessor.com/donald-trump-the-fcpa-is-a-horrible-law-and-it-should-be-changed/.
8 See Scott Fredericksen and Gregory Husisian, “White Collar Enforcement and the New Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/white-collar-enforcement-and-the-new-trump-administration-your-top-ten-questions-answered-02-09-2017/.
9 See 2016 Annual Report to Congress on the Dodd-Frank Whistleblower Program.
10 See 2016 Annual Report to Congress on the Dodd-Frank Whistleblower Program.
11 See Scott Fredericksen and Gregory Husisian, “White Collar Enforcement and the New Trump Administration: Your Top Ten Questions Answered,” https://www.foley.com/white-collar-enforcement-and-the-new-trump-administration-your-top-ten-questions-answered-02-09-2017/.
12 See “ISO 37001:2016, Anti-bribery management systems – Requirements with guidance for use,” http://www.iso.org/iso/catalogue_detail?csnumber=65034 (“ISO 37001 Requirements”).
13 Although the ISO had previously issued anticorruption compliance in ISO 19600, that Type B standard provided only guidance for companies to consider in their anticorruption efforts. The ISO 37001 Requirements are a Type A standard, which means that contain objective criteria designed to allow independent auditors to render determinations regarding the fealty of a company to the new ISO standards.
14 US Dep’t of Justice, §§ 9-28.300, 9-28.800, https://www.justice.gov/usam/usam-9-28000-principles-federal-prosecution-business-organizations.
15 U.S. Sentencing Guidelines, § 8B2.1
16 UK Ministry of Justice, The Bribery Act 2010: Guidance 6 (Mar. 2011), https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/181762/bribery-act-2010-guidance.pdf.
17 ISO 37001 Requirements at Introduction.
18 ISO 37001 Requirements § 1.
19 ISO 37001 Requirements, Annex, § A.4.1.
20 ISO 37001 Requirements, § 4.4.
21 ISO 37001 Requirements, Introduction and § 8.7.
22 ISO 37001 Requirements § 5.2.
23 ISO 37001 Requirements § 7.3.
24 ISO 37001 Requirements § 5.1.2.
25 ISO 37001 Requirements § 5.1.1.
26 ISO 37001 Requirements, Annex, § A.10.3.
27 ISO 37001 Requirements § 8.6.
28 ISO 37001 Requirements § 8.6.
29 ISO 37001 Requirements § 188.8.131.52.
30 ISO 37001 Requirements § 8.4.
31 ISO 37001 Requirements § 8.9.
32 ISO 37001 Requirements § 7.5.1.
33 ISO 37001 Requirements § 10.2.
34 FCPA Resource Guide at 29.
35 Please contact Gregory Husisian at +1 202.945.6149 or email@example.com to receive a copy.