International Background Checks – Foreign Corrupt Practices Act ("FCPA") Compliance Best Practice

A key role for Human Resources and Security in any company is the background screening of not only US based employees, but also of overseas employees, customers, suppliers, vendors, agents and other business associates. HR and or Security are usually on the front lines of such activities, although it may be in conjunction with the Legal or Compliance Department.

We are frequently asked by clients what is considered best practice when it comes to international employee screening. The short answer is that it depends. When asked we try to understand specifically what the organization is trying to accomplish, what sort of compliance requirements are they looking to meet that is relative to their business, and finally what are the countries involved?

A client recently asked what we consider best practice for International Background Checks as it related to complying with the Foreign Corrupt Practices Act (“FCPA”). The client had recently been the subject of enforcement action after it was discovered that the company’s drilling equipment was found in a sanctioned country. It was also discovered that the company had engaged local independent agents from the sanctioned countries without performing proper background checks. Talk about getting caught with your hand in the proverbial cookie jar! We were asked to help come up with a solution to fix this problem and to limit the chances of it happening again.

In order to drawl, a set of best practice guidelines about this subject its important to have an understanding of what the FCPA is and how it applies to human resources. Then it’s a matter of developing a method and a set of processes that will enable an organization to meet the required outcome there by meeting compliance requirements.

Foreign Corrupt Practices Act

The FCPA is a federal law that prohibits offering, promising, or giving anything of value, as well as authorizing such an offer, promise, or gift, to a foreign official for the purpose of obtaining, retaining, or directing business to a person or entity. This prohibition is contained in the FCPA’s anti-bribery provisions, which are enforced by the DOJ. The FCPA’s anti-bribery provisions have a much broader reach than many other U.S. laws. U.S. corporations can be liable for conduct that occurs entirely outside the United States and multinational corporations can be liable for conduct that bears only a tenuous connection to the United States. This includes employees of overseas subsidiaries, customers, suppliers, vendors, agents and other business associates.

With the number and size of penalties increasing, the Foreign Corrupt Practices Act (FCPA) is causing many U.S. institutions to look into how they evaluate all of their relationships overseas. The lack of a due diligence of a company’s agents, vendors, and suppliers, as well as merger and acquisition partners in foreign countries could lead to doing business with an organization linked to a foreign official or state owned enterprises and their executives. This link could be perceived as leading to the bribing of the foreign officials and as a result lead to noncompliance with the FCPA. Due diligence in regards to FCPA compliance is required in two aspects:

  • Initial due diligence – this step is necessary in evaluating what risk is involved in doing business with an entity prior to establishing a relationship and assesses risk at that point in time.
  • Ongoing due diligence – this is the process of periodically evaluating each relationship overeas to find links between current business relationships overseas and ties to a foreign official or illicit activities linked to corruption. This process needs to be performed indefinitely as long as a relationship exists, and usually involves comparing the companies, executives, and other business associates to a database of foreign officials that may be classified as “Politically Exposed”.

While financial institutions are among the most aggressive in defining FCPA best practices, manufacturing, retailing and energy industries are highly active in managing FCPA compliance programs.

Suppose a multinational company has a compliance and ethics policy and tells its employees not to pay bribes – is that enough, or should the company go further? 

A clear corporate policy against paying bribes is important, as well as including explicit language in every employment and agent agreement that prohibits bribery, but it is also critical for companies to conduct thorough employment and pre-engagement background checks on their agents and other third parties.

Certainly, U.S. government regulators expect nothing less. In a February 2009 FCPA settlement (for $579 million) by KBR and Halliburton with the Securities and Exchange Commission (SEC) and the Department of Justice (DOJ), the SEC criticized Halliburton’ s due diligence policy and practice and its failure to conduct any due diligence on one particular agent in Japan. If the government shows up at your door asking to see the files on your overseas employees and trading partners, you want to be able to produce sufficient documentation to demonstrate you’ve looked thoroughly at the background and reputation of these individuals before engaging them to work on your behalf. According to the Federal Sentencing Guidelines for Organizations (FSGO), §8B2.1. (b)(3). “The organization shall use reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program.”

On the other hand, if you open your background check file to the government and it is empty or thin, the organization is going to be in a challenging situation. In the event a FCPA violation is uncovered, it is increasingly apparent from past cases that the government is far more likely to be lenient on a company that has a commitment to an anti-bribery compliance and ethics program, including being able to demonstrate the organization has exercised a responsible level of due diligence on their overseas employees and related business associates.

What sort of checks should be done to meet FCPA requirements on overseas employees and business associates?

As with any background check program, we are looking for any “red flags” or “signs” such as discrepancies in the individual’s background that could show a pattern of misconduct. First, we validate the individual’s identity to confirm the individual is who they say they are. When dealing with foreign national candidates, this can be accomplished by performing a local ID validation of the individual’s government issued identity documents such as a passport or other local national identity documents. A search of Restricted Parties and Blocked Persons is checked to determine if an individual or business entity may be on a list of sanctions, known fraudesters, terrorists, money launderers, OFAC or consolidated lists, or even linked to politically exposed persons.

We would conduct an international criminal record check on the individual from countries they’ve resided. Be aware the time required to undertake an overseas criminal record check may take much longer than what you may be accustomed to and that criminal data may be limited from some countries due to local legal provisions governing access and privacy as well as the quality and availability of local records may be rather different than what you would expect from the U.S. It is, however, important tonote that even though costs may be higher and access to local criminal data may be limited, organizations still need to be able to demonstrate that they applied a reasonable level of due diligence based on local available means. When researched properly, the end result from many countries should be an official document issued from local authorities attesting to the individual’s criminal history. These are sometimes called “Good Conduct Certificates”, “Police Clearance Certificates” or “Certificate of No Conviction”.

If and when a local criminal record check may not be possible due to local legal provisions or the quality of data may be limited we would have the candidate provide a copy of their own “Good Conduct Certificate” for authentication. Most Police Clearance documents are printed on security paper and contain sequence numbers that can be authenticated through the issuing agency. This is known as a Police Clearance Authentication. Results should then go in the individual’s background check file as a matter of record. Examples of some of the “red flags” we have uncovered involve a US defense contractor who was sourcing contingent workforce options. All of these individuals initially provided what appeared to be legitimate clearance documents indicating they had no criminal record. Convictions of white slavery, homicide and employment fraud were uncovered on several in country Filipino staffing agencies and their principles. Suffices to say organizations should never entirely rely upon the authenticity of provided documents without the benefit of verification. The defense contractor opted not to do business with the questionable staffing firms.

Next look to confirm whether the entity (either individual or company) has a real business track record and experience in the particular industry for which they are being engaged. Personal and professional reference interviews, and overseas employment verifications, allow us to assess the reputation and business practices, integrity, and the possibility of any history of questionable activities. Academic and professional credential verifications allow us to verify the individual in fact received and was awarded claimed certifications. Civil history searches and or consumer credit checks are also done where available to asses past civil cases and possible financial liabilities.

International Business Reports can be accomplished on overseas trading partners. Business reports include business background information, details about a company’s credit risk ranking, banking and finance validations, verification of trade references, property, assets, legal filings, structure, key personnel, payment behavior and financial assets and liabilities along with standard “Know Your Customer Checks” such as a search of Denied, Debarred, and/or Restricted Parties to include media searches on the actual company. We then examine the individual owners/directors/principals of a company to identify any connections to or relationships with local government, political, or military officials. A search of politically exposed persons can uncover this type of information. And finally, determine if the company is licensed to do business in the country.

The Role of Human Resources

Now more than ever regulatory compliance has understandably become one of the most important topics for companies operating in the modern business environment. For these companies it is important to ensure not only that they are acting in accordance with national and international regulations, but also demonstrate that they have undertaken reasonable levels of due diligence in this respect. The penalties for non-compliance with these regulations can include prison sentences and severe fines. Beyond this, there is also the risk of bad publicity and the possibility of inclusion on one of the denied-party lists. If, for example, a European company were to be included on one of the US denied-party lists it could effectively result in that company being unable to trade with the US. 

We have many more Credit Repair Articles Now Available.