Domestic & International Compliance

Executive Summary

The aggressive enforcement of U.S. laws governing exports and international conduct has special resonance for automotive supply chain companies. Illustrated by the recent enactment of special sanctions targeting Iran's auto industry, and several high-profile Foreign Corrupt Practices Act (FCPA) investigations involving prominent OEMs, these trends underscore the risks that automotive suppliers incur when doing business overseas. Similar developments are evident in the domestic domain as well, where the growing frequency and intensity of antitrust, False Claims Act, and Government Contract investigations present new challenges for manufacturers, suppliers, and service providers of all kinds. Managing these issues on a piecemeal basis is a recipe for failure and frustration. Instead, companies can better manage their risk and mitigate costs by adopting a risk-based approach to compliance tailored to their unique method of operations, risk profile, countries of operation, and products sold.

1. EXPORTS AND INTERNATIONAL COMPLIANCE

U.S. laws governing exports and international conduct pose unique risks for the automotive sector. From the FCPA to ever-tightening sanctions and export controls, companies involved in the automotive supply chain face an increasing complex universe of requirements governing how and where they conduct business overseas. These regimes also shape business decisions at home, with the so-called "deemed export" rule compelling exclusively domestic companies to seek export licenses before disclosing controlled articles, data, and technology to their non-U.S. employees. Combined with new disclosure requirements for listed companies and government contractors, the regulatory environment grows more complicated with each passing day.

Enforcement trends amplify these risks. In recent years, U.S. Government agencies have targeted a variety of automotive and automotive supply chain companies under a number of different regulatory regimes. Notable examples include FCPA enforcement actions against AB Volvo, Daimler AG, Fiat, Iveco, Ingersoll-Rand, and Renault. Other companies, such as Bridgestone and United Defense Industries, Inc., have stated that FCPA investigations are ongoing. Sanctions enforcement is also on the rise, with Toyota Motor Credit Corporation and Volvo Construction Equipment North America both targeted by the U.S. Treasury Department's Office of Foreign Assets Control.

Automotive companies like GM-Daewoo have even faced government enforcement actions in relatively obscure areas like anti-boycott violations — a littleknown legal regime that has both export and tax implications.

These trends show no sign of changing. From improved databases and forensic tools, to enhanced collaboration between law enforcement, licensing, and intelligence agencies, enforcing these laws is now second only to fighting terrorism in terms of U.S. Government enforcement priorities. FCPA, sanctions, and export control violations resulted in more than $3 billion in civil and criminal penalties in 2012 alone.

Many companies in the automotive sector have attributes that contribute to elevated risk. Chief among them are large global supply chains, downstream manufacturing by worldwide affiliates, and frequent international trade in U.S.-origin goods, services, and technologies. Multinational business practices also raise concerns, with sales, operations, and joint ventures reaching into countries known for high levels of corruption, industrial espionage, and illegal export diversion. With U.S. companies increasingly liable for the actions of their overseas agents and affiliates, a risk-based, integrated approach to international compliance offers the best means of identifying, managing, and mitigating these risks.

2. MITIGATING RISK

Faced with these challenges, automotive companies should carefully consider how U.S. laws impact foreign behavior. This means identifying and addressing the risks that are likely to arise based on the nature of their business, the places where they conduct business, and the customers they serve. It also means evaluating the degree to which foreign parties — whether subsidiaries, joint ventures, or even contractors — engage in activities that expose their U.S. counterparts to civil and criminal liability. Managing these issues in piecemeal fashion is a recipe for failure and frustration. Instead, companies can best manage their risk and mitigate costs by conducting periodic risk assessments, crafting tailored internal controls, conducting frequent training, and coordinating common standards across their entire organization.

The same principles apply in the domestic compliance context. Suppliers need to understand their areas of risk and rigorously monitor and enforce their compliance policies, procedures, and codes of conduct. Conducting periodic internal reviews, reviewing and updating written policies and procedures, and updating and enhancing training programs are all components of a robust compliance program. Encouraging your employees to report any improper, unethical, or illegal conduct is critical to uncovering any potential fraud within your organization. Clearly delineating responsibility for compliance with various policies and internal controls ensures accountability.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.