Hand in the cookie jar: How Stericycle’s FCPA resolution provides insight into FCPA enforcement under President Biden


Earlier this year, we wrote that Illinois-based waste disposal company Stericycle, Inc. (Stericycle) had agreed in principle with the Ministry of Justice (the DOJ) and the Securities Exchange Commission (the SECOND) to settle charges relating to an alleged conspiracy to violate the anti-corruption, books and records and internal accounting controls provisions of the Foreign Corrupt Practices Act (the FCPA) as part of Stericycle’s activities in Latin America. On April 20, the DOJ and SEC formally announced their resolutions with Stericycle and shared details regarding the underlying conduct. Stericycle has agreed to pay more than $84 million to resolve these charges, a portion of which will be deducted from fines the company will pay to Brazilian authorities in related proceedings.

Specifically, as agreed to by Stericycle in its Deferred Prosecution Agreement with the DOJ (the ODA), between 2011 and 2016, Stericycle paid approximately $10.5 million, often through intermediaries, to foreign officials in Latin America for business and other benefits. The conduct allegedly involved employees of Stericycle’s offices in Brazil, Mexico and Argentina.

In light of the reduction in the number of major FCPA resolutions in recent years, this resolution offers two key insights into the approach of enforcement agencies.

Key Insight #1: Extensive remedies may not be sufficient to prevent the imposition of a compliance monitor

In concluding the three-year DPA with Stericycle, the DOJ cited the “extensive remedial actions” the company took after discovering the wrongdoing, including, among other things, divesting its subsidiaries in Mexico and Argentina and taking steps to address the associated risks in Brazil.

The company has also, among other things: replaced members of senior management and directors on its board of directors; hired additional staff in its compliance organization; revamped its code of conduct, policies and procedures regarding anti-corruption, third-party management and related compliance training; and disciplined and terminated certain employees involved in the misconduct.

Despite these measures, the DOJ asked Stericycle to agree to the imposition of an independent compliance monitor for two years and to comply with self-reporting obligations for another year. The DOJ said in the DPA that oversight was needed because the company “to date has not fully implemented or tested its enhanced compliance program.”

The DOJ’s requirement for an independent compliance monitor in this case, even after Stericycle has already implemented various corrective actions, is consistent with statements by Deputy Attorney General Lisa Monaco last year (which we covered here) and the associated DOJ policy change to the use of watchdogs. to ensure companies have strong compliance programs. The imposition of oversight here also underscores the importance of proactively developing a compliance program over time to deter misconduct and establish cultural norms around compliance.

Key insight #2: Compliance organizations must evolve in tandem with the expansion of a business

In its cease and desist order, the SEC specifically cited Stericycle’s rapid expansion into Latin America and its failure to ensure that sufficient internal compliance and accounting controls were in place in those jurisdictions.

According to the SEC, Stericycle entered the Latin American market in 1997 and grew rapidly through “the acquisition of numerous local businesses in Argentina, Brazil and Mexico.” [in which] [t]Former local business owners continued to run operations. Yet as it grew, according to the SEC, Stericycle’s accounting processes and controls remained largely decentralized “without uniformity or proper oversight,” the company had no centralized compliance department, and did not not implemented FCPA policies and procedures until 2016.

The resolution in this case illustrates the importance of addressing compliance risks in the context of M&A transactions. Companies pursuing a growth strategy that involves acquisitions should take reasonable risk-based steps to mitigate risks, such as conducting due diligence to assess the risks of bribery and corruption associated with proposed acquisitions and implementing reasonable post-closing integration measures to address risks.

Conclusion

In summary, Stericycle’s resolutions with the DOJ and SEC demonstrate the U.S. government’s continued attention to whether companies have taken adequate steps to ensure that their compliance programs can address corruption risks in their operations, especially where, like here, businesses are expanding across borders. . In addition to conducting due diligence on potential acquisitions and engaging in post-closing integration efforts, companies should assess whether they have reasonable risk-based controls in place to address kickback risks. wine and corruption that may arise in their ongoing business operations.

Previous Sauce Magazine - 13 Reasons We Love Louie Over DeMun In Clayton
Next Why aren't Australian wages rising?