On February 12, 2007, Johnson & Johnson acknowledged that it had disclosed to the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) "that subsidiaries outside the United States are believed to have made improper payments in connection with the sale of medical devices in two small-market countries." That announcement highlights the risks for the medical device industry of violating the Foreign Corrupt Practices Act (FCPA) and reflects a more pervasive trend of increased FCPA enforcement.
Risks for Medical Device Industry
Medical device companies are particularly at risk with respect to FCPA violations. The FCPA covers officers and employees of the government and any subordinate department, agency, or instrumentality, as well as persons acting in an official capacity on behalf of a governmental entity. However, in many parts of the world, hospitals and clinics are government owned. Accordingly, the medical staff and other employees are government officials within the meaning of the FCPA. Given that, sales activities that would ordinarily be considered routine can create FCPA liability. More directly, practices that are common in the industry violate both the letter and the spirit of the FCPA. These risks are multiplied for companies operating in high-growth overseas markets where corruption is commonplace, such as China and India.
Scope of the Foreign Corrupt Practices Act
The anti-bribery provisions of the FCPA make it a criminal offense to pay, offer, or give anything of value to a foreign official, a foreign political party, or a candidate for foreign office for the purpose of obtaining or retaining business or obtaining favorable or preferential treatment from the government. This prohibition includes offering money or anything of value to a third party while knowing that some or all of the payment will be passed on to a foreign official for an improper purpose. This includes employees of government-owned hospitals and other entities, as well as officials of international organizations, such as the World Health Organization. In addition, under the FCPA, U.S. parent corporations may be held liable for the acts of foreign subsidiaries where they authorize, direct, or control the activity in question.
By its terms, the FCPA applies to U.S. companies, citizens, nationals, and residents, as well as anyone located in the United States, even temporarily, and foreign-based "issuers" under U.S. securities law. However, in 1998 the FCPA was amended to assert territorial jurisdiction over foreign companies and nationals. A foreign company is now subject to FCPA sanctions if it causes, directly or through agents, an act in furtherance of the corrupt payment to take place within the territory of the United States. Recent plea agreements with the DOJ illustrate the government's willingness to pursue criminal cases against foreign companies acting in close concert with domestic corporations.
Dangerous Assumptions
Companies often ignore or tolerate possible FCPA violations based on a mistaken understanding of the law. Among the most common misperceptions:
Myth #1: The U.S. parent is not liable for bribes paid by foreign agents or subsidiaries.
The FCPA prohibits persons located in the United States from approving or authorizing payments to government officials. Thus, even if the party making the payment (such as a foreign sales agent) is not directly covered by the FCPA, the U.S. company can be liable if its officers or employees approve the payments. In practice, ignoring reports or suspicions of improper payments can be considered authorization of payments and lead to liability. Under the FCPA, actual knowledge of the actions of a company's agent or partner is not necessarily required. While the FCPA does not, in the words of the legislative history, punish negligence or "mere foolishness," purposeful ignorance will not shield an individual or a company from prosecution under the FCPA. Thus, management and employees may not turn a "blind eye" to activity that appears to violate the FCPA.
Myth #2: Where bribery is common, customary payments do not violate the FCPA.
"Everybody's doing it" is not a defense against an FCPA charge. To the contrary, knowledge that the company is operating in a corrupt environment can serve as the basis for establishing knowledge of improper payments. The "tacit authorization" theory can be used to establish liability where management is aware that bribery is common and fails to take steps to prevent it. While the FCPA permits payments that are "lawful under the written laws and regulations" of the official's country, the fact that bribery may be widespread in a particular country or industry does not make it permissible under either local law or the FCPA. Nor does the fact that a foreign official solicits or demands a bribe excuse such payments. Finally, the mere absence of written laws prohibiting a specific activity (such as hiring a government official's spouse as a "referral agent") does not meet the requirement that the activity be lawful under the country's written laws.
Myth #3: The FCPA does not cover small payments.
Although an exception for facilitating payments (often called "grease" payments) exists under the FCPA, this should not be confused with an exception for small bribes. The grease payments exception applies only to payments made to facilitate routine government action, such as mail pickup, power and water supply, and processing official papers. Routine governmental action never includes any decision to award new business or purchase a particular product.
Moreover, a company that ignores small bribes may overlook the cumulative impact of such payments. Here, the Vetco Gray case is instructive. Most of the individual payments were relatively small. few exceeded $5,000 and some were under $100. However, the total payments over a two and a half year period exceeded $2 million. It was that amount the government focused on in its investigation. Thus, companies should not assume that the government will overlook repetitive low-level bribery.
Avoiding Prosecution
Medical device companies with significant overseas sales should ensure that they have effective FCPA and international antibribery compliance procedures and training, as well as an adequate system of internal controls. Management should carefully review contracts with foreign agents and ensure that those agents certify that they have been advised of the FCPA requirements and that they intend to comply with those requirements. Medical device companies must also evaluate their programs to ensure that product incentive programs do not violate the broad FCPA prohibitions against offers or payments of any kind.
Moreover, companies should adopt a compliance plan that is carefully tailored to how the company does business. This is especially true for public companies, as the books and records provisions of the FCPA require public companies to accurately report financial information and to maintain a system of internal controls to prevent violations.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
