There have been a relatively limited number of U.S. Foreign Corrupt Practices Act (FCPA) enforcement actions in recent years. Nonetheless, two recent announcements (one resolution, one declination) by U.S. regulators underscore the importance of implementing and maintaining effective internal controls.
KT Corporation Pays Penalty For Lack of Internal Controls and Anti-Corruption Policies
On February 17 the U.S. Securities and Exchange Commission (SEC) announced that KT Corporation (KTC), a South Korean telecommunications firm, agreed to pay $6.3 million to settle charges of violating the books and records and internal accounting controls provisions of the FCPA. The settlement consists of roughly $3.5 million in civil penalties and $2.8 million in disgorgement. In addition, KTC is required to report to the SEC approximately every 180 days for two years on its progress to enhance its anti-corruption compliance procedures.
The SEC had jurisdiction over KTC, although a non-U.S. company because KTC is an issuer of securities in the United States. Additional details of this matter, the SEC’s first announced FCPA enforcement action of 2022, are below.
South Korean Slush Funds
The SEC asserted that from at least 2009 through 2017, KTC executives maintained slush funds to make illegal political contributions and improper gifts. According to the SEC, senior executives at KTC issued inflated bonuses to KTC officers and executives who in turn used those funds to create a slush fund of approximately $1 million to pay for gifts and other payments to government officials. KTC did not maintain records of the recipients of these gifts and payments. In late 2013, this bonus scheme was reported in the media, which led to executive resignations and criminal investigations in Korea.
Even after the bonus scheme was made public, KTC purportedly used gift cards converted to cash and directed into a slush fund used for political contributions and improper gifts and entertainment. According to the SEC, these benefits were provided to government officials with authority to impact KTC’s business and industry. The SEC found that gift card expenses were inaccurately recorded as “research and analysis” or “entertainment.”
Payments to and Directed by Corrupt Government Officials in South Korea and Vietnam
The SEC also found that KTC paid over $1.6 million to several organizations at the request of high-level government officials in South Korea and Vietnam.
In South Korea, KTC allegedly altered its policies to hire a new advertising agency at the request of a government official, resulting in the payment of $454,009 in salaries and $5.88 million in fees to the advertising agency. In Vietnam, KTC reportedly arranged with third parties to pay bribes to government officials to improperly obtain government contracts.
According to the SEC, KTC had neither policies nor procedures to determine if such payments were legitimate nor adequate due diligence processes for reviewing third-party relationships. The SEC further asserted that the payments were inaccurately documented in KTC books and records as charitable donations, sponsorships, or consultant fees.
Interestingly the U.S. Justice Department (DOJ) did not announce a parallel resolution as is commonplace for joint FCPA enforcement actions. It is possible that DOJ declined to prosecute KTC. That could be because of a lack of evidence related to the alleged payments; it could also be a result that KTC has been subject to aggressive criminal prosecution in South Korea.
In announcing the penalty, the SEC noted that KTC did not voluntarily disclose the matter but did cooperate with the SEC once the SEC commenced its investigation. The SEC also noted that KTC had introduced improved compliance processes while terminating certain personnel involved in the conduct at issue. Yet the SEC also pointed out that KTC needed to continue to take steps to strengthen its compliance program.
Benefits to Cooperation and Disclosure
In contrast to the penalty assessed against KTC, Cisco Systems, Inc. (Cisco) announced on February 22 that the SEC and DOJ had declined to take action against the company for potential FCPA violations. Cisco apparently revealed those potential issues to the government following an internal investigation of allegations characterized as a scheme by former employees in China to make or direct payments to “various third parties, including employees of state-owned enterprises.”
The SEC and DOJ had previously declined to bring enforcement actions against Cisco in September 2017 following an investigation of possible FCPA violations involving Cisco’s operations in Russia and the Commonwealth of Independent States and certain resellers of their products in those countries.
Implicit in the declination decision is that Cisco presumably had robust internal controls and accounting processes such that potential wrongdoing could be easily identified and reviewed. The alleged conduct in the KTC matter is that a company would normally expect its auditors to identify. Indeed, it is well established that an effective compliance program both prevents and detects misconduct. The fact that KTC’s conduct continued for several years suggests that its internal controls were not adequate – that was certainly the SEC’s view.
Lindsey Fetzer and Thad McBride are members in the Washington, D.C. office of Bass, Berry & Sims and Sylvia Yi is an associate in that office. All three lawyers are members of the firm’s Compliance & Government Investigations team, which regularly advises clients on FCPA issues, including internal and government investigations. Please contact Lindsey, Thad, or Sylvia if they can assist you.