Making Way For International Business Integrity And Compliance Due Diligence In Cross-Border Acquisitions

When a company prepares for an acquisition of a foreign entity, a due diligence review of the target's international business integrity often takes a back seat to its general corporate cousin. This practice ignores two important risks: the risk that the target's past unlawful practices that went undetected before closing will create grounds for the acquirer's successor liability under the Foreign Corrupt Practices Act ("FCPA") and U.S. trade sanctions and export controls ("U.S. Trade Controls") and the risk that the absence of information about the target's international business integrity will leave the acquirer unprepared to identify, terminate or mitigate the target's questionable business practices after the acquisition. These risks are particularly serious because penalties for violations of the FCPA and U.S. Trade Controls include severe civil and criminal penalties.1

In this article, we briefly describe the key provisions of the FCPA and U.S. Trade Controls that may become relevant for a company acquiring a foreign entity and generally discuss the practices for overcoming the challenges that such an acquisition may present to the acquiring company's current compliance strategy.

The FCPA

The FCPA contains anti-bribery prohibitions and accounting requirements. In general, the anti-bribery provisions of the FCPA prohibit corrupt payments or transfers of value to foreign government officials, foreign political parties, foreign political party officials, or any candidate for foreign political office ("foreign officials" or "foreign official"), directly or through a third party, for the purpose of obtaining or retaining business ("corrupt payments").2 The accounting provisions of the FCPA require issuers to make and keep adequate books, records, and accounts and to devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that the corporate assets are well protected and accounted for and that transactions involving corporate assets are properly recorded.3 Of key importance to U.S. acquirers4 of foreign entities are the issue of successor liability for the past activities of the target, the issue of vicarious liability for the future acts of the target,5,6 and, for issuers, the issue of liability for the failure of the target to adhere to the accounting requirements of the FCPA.7

U.S. Trade Controls

The United States utilizes a variety of international trade sanctions and export controls to promote its foreign policy and maintain its national security.

A group of those measures is administered by the U.S. Department of Treasury's Office of Foreign Assets Control ("OFAC"). In addition to several other categories of covered persons, these measures, which target specific countries and individuals, apply to U.S. companies and their foreign branches. The North Korea and the Cuba sanctions also apply to foreign subsidiaries of U.S. companies. The OFAC-administered sanctions generally require the blocking of property or interests in property of the persons listed on the Specially Designated Nationals List ("SDN List") and prohibit certain business transactions with restricted countries or persons listed on the SDN List. In this context, U.S. acquirers must be particularly aware of the possibility of incurring liability under the U.S. sanctions programs for structuring or changing their operations in a way that has the effect of channeling transactions that would be prohibited if performed by a U.S. person through their foreign subsidiaries.8

The Export Administration Regulations ("EAR")9 regulate the export and reexport of most commercial items.10 U.S. acquirers must be cognizant of the broad, predominantly U.S.-origin-based scope of the EAR, which (by way of an example) may reach such conduct as the export and reexport of foreign-made goods that are direct products of U.S.-origin technology, the transfer of an item to a wholly-owned foreign subsidiary, or the release of technology to a foreign national in the United States.

The antiboycott provisions of the Export Administration Act ("EAA")11 and the Internal Revenue Code ("IRC")12 require U.S. persons to refuse to participate in foreign boycotts that the U.S. government does not sanction and to report the receipt of requests to support foreign boycotts. The anti-boycott provisions of the EAA, administered through the EAR, apply to sales, purchases, or transfers of goods or services within the United States or between the United States and a foreign country involving, among others, domestic concerns and their "controlled-in-fact"13 foreign entities. The antiboycott provisions of the IRC apply to taxpayers' operations in, with, or related to boycotting countries or their nationals.

Pre-Acquisition Due Diligence And Recommendations For Future Compliance Efforts

This brief introduction to the FCPA and U.S. Trade Controls demonstrates a distinct need for a U.S. acquirer of a foreign entity to conduct a thorough pre-acquisition due diligence review of the target's past and current activities and to develop a strategy for avoiding, sharing, or mitigating any uncovered compliance risks. If the identified risks of successor liability or future non-compliance cannot be reasonably avoided, shared or mitigated, the U.S. acquirer might be required to step away from the deal.

In the wake of several recent enforcement actions under the FCPA and the EAR, successor liability has become a major issue to be considered by U.S. acquirers in acquisitions of foreign entities covered under the FCPA or U.S. Trade Controls at the time of the acquisition.14 Pre-acquisition due diligence review of the target's integrity and compliance is central to identifying the risks of the target's future non-compliance with the FCPA and U.S. Trade Controls and preventing the acquirer's vicarious liability for the target's post-acquisition non-compliance.

If "red flags" are identified during the review, the acquirer must come up with an adequate response15 to the risks of non-compliance represented by the identified "red flags." The response must be tailored to the organizational structure of the acquirer and correspond to the likelihood of the risk's occurrence and the severity of its impact on the acquirer's business integrity. This also would be a good moment for the acquirer to think about aligning the target's internal controls, corporate risk management, and compliance policies and procedures with its own policies and procedures and, if necessary, about amending its own policies and procedures to address the identified new risks. As part of this process, the acquirer should plan to appoint an independent compliance officer at the target, acquaint the officers, directors and employees of the target with the acquirer's compliance policies and procedures, institute a mandatory compliance certification program for the officers, directors, employees, agents, and business partners of the target, develop for the target reliable procurement and document retention policies, and introduce regular reporting by the target about its organizational changes, foreign government ownership, employment or election as directors of former foreign officials, and participation in joint ventures with government interest.

Finally, a pre-acquisition due diligence review should allow the acquirer to verify whether the target's export activities have been conducted in compliance with the applicable U.S. export controls and whether any of the target's related parties, customers, suppliers, agents, and other business partners are located in the sanctioned countries or included on the SDN List, the Department of Commerce, Bureau of Industry and Security's ("BIS") Denied Persons List, the BIS Unverified List, the BIS Entity List, the ITAR's Debarred List, the Nonproliferation Sanctions Lists, and General Order No. 3 to Part 736 of the EAR.16

Conclusion

In conclusion, conducting a pre-acquisition due diligence of a foreign target's international business integrity and compliance is key to supplying the domestic acquirer with the information necessary for passing an informed and balanced decision with respect to the prospects of acquiring a foreign entity. The benefits from costs saved on due diligence are often far outweighed by the risk of exposure to severe penalties from staying ignorant.1 See, e.g., 15 U.S.C. 78dd-2(g) (2006). In addition, a person found in violation of the FCPA may face debarment or suspension from doing business with the Federal Government and other negative government action. U.S. Department of Justice, Lay-Person's Guide to the FCPA Statute (2001), at www.usdoj.gov/criminal/fraud/fcpa/dojdocb.htm (last visited Apr. 2, 2007).

2 15 U.S.C. 78dd-1-78dd-3.

3 15 U.S.C. 78m(b).

4 U.S. citizens and businesses do not require a territorial nexus with the United States to become liable under the anti-bribery provisions of the FCPA. See, e.g., 15 U.S.C. 78dd-1(g).

5 Foreign subsidiaries of U.S. entities may incur direct liability pursuant to 15 U.S.C. 78dd-1(a), 78dd-2(a), and 78dd-3.

6 It is sufficient for liability to be found that a person is aware of a high probability of the third party's engagement in corrupt conduct. See 15 U.S.C. 78dd-1(f) and 78dd-2(h).

7 15 U.S.C. 78m(b)(6).

8 See, e.g., Iran Sanctions, 31 C.F.R. 560.101 et seq. (2006).

9 15 C.F.R. 730-774.

10 Defense articles and services are regulated by the U.S. Department of State's International Traffic in Arms Regulations. 22 C.F.R. 120-130.

11 50 U.S.C. Appx. 2407.

12 26 U.S.C. 999.

13 See 15 C.F.R. 760.1.

14 See, e.g., FCPA Opinion Procedure Rel. 04-02 (Jul. 12, 2004); Order Denying Respondents' Motions for Summary Decision, Sigma-Aldrich Bus. Holdings, Inc, 01-BXA-06, Sigma-Aldrich corp., No. 01-BXA-07, Sigma-Aldrich Research Biochemicals, Inc., 01-BXA-11 (Dep't of Commerce Bureau of Indus. & Sec., Aug. 29, 2002, available at www.bis.doc.gov/Enforcement/CaseSummaries/Sigma_Aldrich_ALJ_Decision_02.html.)

15 Foreign blocking laws may prevent foreign companies from complying fully with some U.S. sanctions programs. See e.g., Council Regulation (EC) No. 2271/96 of November 22, 1996.

16 Collection and processing of this data potentially may be contrary to the provisions of the EU Directive 95/46/EC of the European Parliament and of the Council of October 24, 1995.

Published .