The Editor presents the following summary of a whitepaper with the above title that was commissioned by FTI Consulting Inc. and authored by Severin Ian Wirz. Please download the complete whitepaper at www.ftitechnology.com/FCPA-Survey.
FTI commissioned a 2012 survey on e-discovery issues in international investigations, with emphasis on those conducted under the Foreign Corrupt Practices Act (FCPA) and other anti-bribery statutes. Global companies have sought to end corrupt practices and are enlisting the help of experts, both to develop global compliance mechanisms aimed at detecting and deterring bribery and to coordinate cross-border investigations where potential problems arise.
Based on survey responses from experts, this report presents best practices for e-discovery during a multinational investigation. As investigations become increasingly commonplace, companies, law firms and e-discovery service providers are working together to overcome the technological, legal and cultural barriers to conducting effective cross-border investigations.
Recognizing that anti-bribery enforcement efforts have become more aggressive, the report emphasizes the demands of anti-corruption investigations, though principles described below are applicable to all manner of cross-border investigations or litigation.
The group of 114 survey respondents is comprised entirely of legal and accounting professionals who have handled e-discovery matters for either multinational investigations or cross-border litigation. Reflecting the central role played by lawyers in anti-bribery investigations, 76 percent of the respondents are from law firms, 12 percent are in-house counsel, with the remainder from government, nonprofit, education and consulting organizations.
Most respondents represent large organizations – with 63 percent from organizations with greater than 1,000 employees and 16 percent from companies with over 10,000 employees – and 38 percent representing companies with annual revenues in excess of $1 billion. Eight respondents agreed to in-depth telephone interviews, and their thoughts are directly quoted throughout the report.
The report begins with a concise description of the FCPA and U.S. agencies tasked with its enforcement. Enforcement has increased considerably in the last ten years versus relatively infrequent efforts during the first 20 years of the FCPA’s existence, and companies have paid a steep price. In 2010 alone, the DOJ imposed $1 billion in FCPA-related penalties.
Reflecting the belief that anti-bribery enforcement will only increase, more than 50 percent of survey respondents answered that the biggest factor in international investigations over the next five years will be the FCPA.
The report then presents a similar introduction to the UK Bribery Act, describing components of the law and highlighting its expanded scope in criminalizing bribery of private persons and companies – as well as of foreign public officials as provided in the FCPA.
Nearly 60 percent of respondents saw the UK Bribery Act as a top-three concern over the next five years. Fewer than 10 percent viewed it as their single most important concern, which may reflect its being relatively new and not yet widely enforced.
Universal among survey respondents who were interviewed was the observation that effective anti-bribery investigations require coordination among various global business units. These cross-border investigations present many challenges, including those relating to accessing witnesses and managing data privacy regimes.
U.S. discovery laws are broader than those of many other countries and can involve production of evidence from non-U.S. companies, foreign subsidiaries or foreign affiliates – even if the information resides outside of the U.S. Thus, companies may need forensic accountants to conduct independent analysis of financial records; outside counsel to review electronic data; and independent investigators to interview individual employees.
In such investigation, standard U.S. concerns about privilege, preservation, collection and review now require additional consideration of foreign legal traditions, cultures and language differences. Further, data privacy laws create significant hurdles, especially in Europe.
Following are specific themes from FTI’s survey of international litigation and investigations, including anti-bribery probes.
To effectively detect and deter bribery, global businesses must conduct due diligence in various jurisdictions, including the review of foreign agents, subsidiaries and thorough inspection of target company records before a merger or acquisition.
Companies must balance their need for third-party agents to conduct business abroad in keeping with FCPA requirements to ensure that the agent is not susceptible to acts of foreign bribery. For larger companies, a proper compliance procedure will usually involve regular audits, vendor payment and approval controls and other monitoring tools.
Respondents who were interviewed spoke of the FCPA’s “vicarious liability provisions” and the real dangers associated with third-party agents. Often, these agents will represent the company in dealings with a government entity or in jurisdictions with a high risk of corruption. Practical measures to manage this risk are presented.
In an anti-bribery probe, the DOJ frowns on companies that fail to secure relevant documents and data. If litigation is involved, discovery schedules become tight, and the process of collecting and reviewing documents can become a race against the clock. Numerous concerns must be addressed right away, including the need to isolate the actors; to manage data that resides on mobile devices as well as on servers; and to mitigate the risk that documents will be unintentionally or purposely destroyed. Numerous interviewees expand on these topics.
In China, companies should conduct on-site document review because local companies can invoke “state secrets” rules to prevent documents from being taken out of the country.
Litigation procedures must quickly account for cultural and legal differences in foreign jurisdictions that are unfamiliar with rigorous U.S. standards. Specific procedures may include communicating the document hold in multiple languages, providing it in an easily accessible format and placing responsibility to ensure its compliance with a non-party.
Among respondents to FTI’s survey, 54 percent said data privacy was the number-one challenge to multinational discovery matters, and 76 percent anticipate an increase in data privacy requirements around document review.
Data privacy laws regulate the use and discovery of employee records, with many global practices differing substantially from U.S. standards. UK and EU rules are described as “intense.” The EU Directive 95/46/EC, for example, covers a broad range of employee characteristics and allows the transfer of an employee’s personal data only to outside countries that ensure an adequate level of protection. Importantly, the U.S. is not among the approved countries.
One interviewee noted that many companies seek to neutralize potential legal issues within data privacy laws by requiring European employees to sign consent forms at the outset of investigations. Another noted that privacy laws are applicable to the extent the documents are located in that particular jurisdiction; thus, strict European laws may apply even in situations where the misconduct occurred elsewhere.
Survey respondents also raised concerns regarding foreign blocking statutes, which generally prohibit production of documents and disclosure of information and may be enacted specifically to thwart U.S.-style discovery. One interviewee suggests strategies to avoid implicating foreign blocking laws: when the SEC or DOJ issues a subpoena or treaty request for the documents, the investigators can simply inspect the documents in the foreign country or bring witnesses to the U.S. to be interviewed by government investigators.
Secrecy laws tend to protect bank customers and corporate data, and these laws are common in some parts of the world. U.S. courts, for example, have recognized Article 47 of the Swiss Bank Law, which prohibits disclosure of bank customer information. Some bank secrecy laws are not codified by statute but, instead, are construed to be “waivable privileges” held by bank customers. Despite these prohibitions, U.S. enforcement agencies may nonetheless demand that companies provide bank records relevant to a bribery investigation.
In China, the major issues involve laws protecting government secrets, rather than data privacy. One interviewee mentions difficulties in working with the Chinese government, as many of their documents are protected and difficult to transfer offsite. In these cases, onsite investigation is recommended.
Most U.S. persons also are accustomed to fairly broad rules concerning the attorney-client privilege, which belongs to the client and protects most communications with attorneys. There is no similar concept in many other parts of the world. In Italy, for example, an in-house counsel’s communications with lawyers in an Italian subsidiary, may be discoverable in U.S. litigation.
Issues that appear to be local can swiftly take on international proportions because many companies house documents over a global network of servers. Without preparation, investigation costs can balloon out of control, and proactive management can save major costs in the long run.
Forty percent of survey respondents reported spending more than $500,000 on e-discovery for multinational matters, and 33 percent simply don’t know how much they spend. Finding proactive solutions to FCPA compliance is the best answer because an internal investigation or agency probe can be much more costly in the long run. Further, prosecutors will give corporate compliance efforts favorable consideration settlement negotiations.
An e-discovery service provider or a law firm specializing in e-discovery matters can be an invaluable partner in resolving forensic problems and the organizational and technical requirements involved in securing evidence outside the U.S.
In dealing with in-country data privacy requirements, over 80 percent of respondents have partnered with in-house, IT or legal departments to ensure that local document procedures were defensible. More than 60 percent indicated that they had similarly partnered with a global service provider.
Some forward-thinking e-discovery service providers offer the latest technology in the field, such as mobile data-processing review environments, along with the manpower trained to use it. Mobile data-processing allows reviewers to analyze documents locally, thereby avoiding discovery issues posed by data privacy laws, blocking statutes, secrecy laws and the like.
The extraterritorial reach of the FCPA and other anti-bribery laws has prompted concern about misconduct occurring outside of the U.S. For survey respondents, Asia and Latin America countries constitute five out of the top-ten countries from which companies collected data, and 48 percent reported data collection in China.
Please see FTI’s supplemental reports for region-specific observations on Latin America and Asia by visiting www.ftitechnology.com/FCPA-Survey.
FTI’s 2012 survey reflects the complexity of issues within international anti-bribery investigations, with data privacy laws, blocking statutes, secrecy laws and ill-defined privilege rules of concern generally, but reliably so in the FCPA context.
While there is no single best method of conducting an international investigation, legal experts suggest the following strategies:
Finally, the DOJ intends to publish new compliance guidelines for the FCPA. These guidelines will further assist lawyers in helping their clients navigate the many challenges of conducting an effective international or anti-bribery investigation.
Severin Ian Wirz is an independent legal consultant and member of the New York State Bar. He is a former associate of Hughes Hubbard & Reed LLP, where he worked on matters pertaining to the Foreign Corrupt Practices Act, bankruptcy law, and international litigation. He is also the author of several articles on anti-bribery law and corporate social responsibility.
About FTI Technology:
FTI Technology helps clients manage the risk and complexity of e-discovery with a complete range of offerings. From forensic data collection to managed document review services, FTI provides unprecedented flexibility to address any discovery challenge with confidence. Clients rely in the software, services and expertise of FTI to address matters ranging from internal investigations to large-scale litigation with global e-discovery requirements. For more information, please visit www.ftitechnology.com.