Meena Sinfelt and Katie Matsoukas of Barnes & Thornburg’s White Collar, Compliance and Investigations team discuss President Biden’s recent Memorandum on Establishing the Fight Against Corruption as a Core United States National Security Interest, and how they’re advising their clients regarding this and related issues around compliance, whistleblowing and cybersecurity.
CCBJ: President Biden has indicated that he views global corruption as a national security threat. His June 3 memorandum on the subject establishes the fight against corruption as a core U.S. national security interest, and further states that it threatens economic equity, global antipoverty and development efforts, and democracy itself. But given that the memorandum did not specify policy changes or new programs, what areas of global corruption are you advising clients will likely get the most attention?
Katie Matsoukas: The first place you look is at the Foreign Corrupt Practices Act (FCPA) and its enforcement, both on the criminal side with the Department of Justice (DOJ) and on the civil side with the Securities and Exchange Commission (SEC). We watch carefully how the FCPA is enforced, what settlements come out and which industries are targeted – and that’s going to continue. Specifically, we’re looking at how it might be expanded. For example, the FCPA unit at the DOJ has approximately 40 or 45 prosecutors now, and I wouldn’t be surprised if it continues to grow. And as more prosecutors are added, that potentially means more strike forces or special task forces. That all seems consistent with this memorandum.
The memo is clearly focused on financial transactions. So you may see, for example, more FCPA or other enforcement with respect to banks and other institutions and companies that could have exposure there.
Meena Sinfelt: President Biden’s memo specifically talks about the freezing of assets and the recovery of stolen assets. Even though the first 200 days of this interagency review is still underway, we are advising our clients about the Corporate Transparency Act of 2019 and how it’s going to be implemented under this Administration, particularly with regard to the federal database of beneficial ownership information. We think there will very likely be increased efforts to collect financial information around anti-money laundering (AML). We have been encouraging our clients to look at their compliance programs related to all of their AML programs.
Part of the president’s focus is on bilateral coordination with partner countries as well as international institutions in multilateral bodies. Given this focus, what is the likely impact on government investigations of corporations in the United States and abroad?
Sinfelt: We think there will be increased cooperation with global agencies. And there is a precedent that certain agencies within the United States share information with foreign law enforcement and investigative agencies. However, as seen in the Biden memo, there is now a greater emphasis on global sharing of intelligence in order to close existing gaps. We’ve already seen announcements about international cooperation surrounding cybercrime, fraud and other crimes. The memo mentions the Financial Action Task Force, for instance, as well as the World Bank and the International Monetary Fund.
It will be interesting to see how FCPA prosecutions take off – or don’t take off, for that matter. But again, we expect financial prosecutions to increase, and we believe there will be a focus on cybercrime and cybersecurity too. On July 19, there was an announcement by the White House regarding the cross-border sharing of information in relation to a cyber incident involving the People’s Republic of China. We think there will be requests by the government to private companies for increased sharing of information related to national security involving any type of cyber incident like this on a going-forward basis.
Matsoukas: We do already see a fair amount of international cooperation. What I mean by that is that U.S. law enforcement, for the most part, coordinates with law enforcement in other jurisdictions worldwide – and that creates certain efficiencies, because if a matter is more closely related to, say, France or the United Kingdom, those authorities can take the lead on that front. It frees up resources in the United States and abroad when you have coordination and you don’t have duplicative efforts.
I think that trend is going to continue and expand. I wouldn’t be surprised if you see efforts to get more nongovernmental organizations (NGOs) being tapped for their resources and expertise and ability to track, in particular, financial movement worldwide.
Sinfelt: Let me just add that we also think there will be a focus on any type of fraud related to COVID-19. Not only in the United States, with COVID-19-related assistance generally, but also anything related to, for example, international trade of personal protective equipment and price fixing, which could mean price-fixing cartels with a global reach.
Do you anticipate an increase in whistleblowing? And if so, what will that look like? Has the government made it easier to report fraud and corruption?
Matsoukas: We don’t think that we will necessarily see an increase in whistleblowing, because those opportunities are already out there. The opportunities for individuals to report and get rewards under the FCPA and under other governing laws already exist. But perhaps we may see higher rewards, or maybe more publicity of those whistleblowing opportunities. For instance, during the pandemic, there have been TV commercials about the U.S. Secret Service investigating COVID-19 fraud. You may see more things like that, not necessarily targeted at the general public, but targeted at compliance professionals and in-house lawyers. These people are generally already aware of the opportunities that exist for whistleblowers, but perhaps they don’t imagine the scope in which it could be relevant.
Another thing that’s related here is cooperation incentives for corporations. I think the DOJ would say that its FCPA leniency program has been successful. A good number of organizations and corporations have come forward under that program to self-report violations, because it gives them a better chance of getting more lenient treatment when it comes to a settlement.
Sinfelt: We might see increased whistleblowing related to professional service providers such as accountants, auditors or CPAs – people who enable the movement of wealth or whose job it is to help facilitate those transactions. They owe a duty of confidentiality to their clients, but also have professional responsibilities that are related to their licenses. Given the new focus on tying national security to corruption, we could see more of these professionals seeking the safety of whistleblower protections.
How are you advising clients or individuals to prepare for this more intense focus on fraud, corruption and antitrust violations? And if organizations or individuals expect increased scrutiny, what steps should they take?
Sinfelt: First of all, no matter the administration, we always advise our clients to regularly monitor and assess the effectiveness of their compliance program. We always tell them that bad actors are going to find a way to manipulate the system. The question they need to ask is whether the components of their compliance programs are sufficient such that if a bad actor is found or a weakness is found it can be contained, reported and addressed relatively easily. Is the company engaging in active compliance efforts? Are they detecting and assessing red flags? Those are the types of things that we’re going to continue to tell our clients.
Beyond that, we like to emphasize the importance of understanding AML and know-your-customer rules. We think that increased knowledge and education is going to be really important right now. Our clients tend to get caught up in their own businesses, which is understandable, and it’s our job to inform them and educate them about how they’re going to have to start thinking about things from a broader scope, because they are required to know what the laws are in order to operate their businesses.
Matsoukas: Many companies that we deal with, when we talk about FCPA violations, they say, “Well, we’re a good company. We’ve got a compliance program. We’re not in the business of wanting to violate the FCPA. We want to do things the right way, that’s what our company is about.” And we tell them that’s great. We agree. But that’s not going to keep you safe from an FCPA violation. The FCPA requires corrupt intent, and we’ve actually found that intent is one of the easiest elements of the FCPA to prove, because the government can point to any flaw in a corporation’s compliance program, any failure to enact a piece of the program by a subsidiary – and they can use that to imply corrupt intent by the organization, even when that organization is not a “bad organization” by their own estimation.
The good news is that if you do have a strong compliance program in place, one that is targeted and tailored and scaled, that’s going to increase your organization’s chances of getting out of an FCPA investigation with a declination or favorable settlement. And that’s why we encourage a routine review, at least on an annual basis, of your compliance program, because many companies don’t know that their policy is missing something or that their actions may fall under a foreign jurisdiction’s investigative authority. There’s always something that can be improved upon.
Sinfelt: Another thing I want to add is that it’s not just FCPA. As I mentioned earlier, it’s anti-money laundering. It’s the Computer Fraud and Abuse Act. When a company receives a third-party subpoena, sometimes their automatic thought is, “I’m just receiving a third-party subpoena. Obviously I’m not really involved. Do I have to comply with this?” From our point of view, we want to protect our client’s interests and their business secrets, naturally. But if the government is sending a grand jury subpoena for information, they likely have a valid reason for that. And it is really difficult to quash that subpoena. We’re always willing to try, but at the end of the day, it’s usually best to comply. We can try to narrow the scope or talk to the prosecutor and work out a way to ensure that our client’s business secrets don’t get disclosed in any public trial. But when subpoenas are received, you almost always have to comply with them.
The best way to deal with this is to have a process in place to notify in-house counsel to respond quickly or another designated person to handle the response. Ensuring your company has a chain of command in place to contact in-house counsel or outside counsel to respond to those subpoenas is essential. Ignoring or downplaying a grand jury subpoena can get your company in trouble quickly.
Which agencies do you anticipate being the most active in carrying out the Biden administration’s anticorruption mandate? What laws, in addition to the Foreign Corrupt Practices Act, do you see them zeroing in on?
Matsoukas: There’s a laundry list of agencies that could potentially touch this, but obviously the DOJ and SEC usually lead the charge in terms of anticorruption investigations. But what we have seen is that there are resources that other agencies can bring to the table. So, for example, the Department of Commerce has a great deal of information and resources and manpower to deal with import-export issues and foreign asset control, among other things.
You’ve also got Homeland Security, which has an Office of Inspector General that’s been very involved in looking at fraud around COVID-19 issues and has resources in place to effectuate some of the mandates that are in this memorandum, given the agency’s focus on national security.
Sinfelt: Another agency that I think will help carry out these investigations domestically and abroad is the Office of Foreign Asset Control – there will be a lot of economic sanctions that can be enforced there. There’s also the Directorate of Defense Trade Controls, and the National Security Division inside DOJ, along with the Computer Crime and Intellectual Property Section. There are a whole host of DOJ sections that carry out or assist prosecutions within the DOJ that will probably start coming to the forefront more.
In his May 12 Executive Order on Improving the Nation’s Cybersecurity, President Biden said that incremental improvements will not give us the security we need. He went on to call prevention, detection, assessment and remediation of cyber incidents a top priority and essential to national economic security. What trends are you seeing in cybercrime and cybersecurity, and what do you see looming on the cyber horizon?
Sinfelt: On July 19, the White House issued a press release stating that along with the European Union and our NATO allies, the United States has been working collectively to increase information sharing regarding cyber threats, and it also unsealed criminal charges against four hackers that were related to China. So there is going to be an increased focus on the private sector and government collaboration for reporting purposes, but also international collaboration on cyber incidents, as hackers become a more serious threat here and overseas.
These hackers are working at a fast pace, and there’s a surge in hacking that calls for cooperation among private corporations, government entities and international bodies in order to keep up with and get ahead of what’s happening.
Matsoukas: What we’re seeing now is an increase in the sophistication of things like phishing schemes. We hear from clients who are savvy and who do receive training on this, and yet they still have employees who get targeted by someone who’s posing as a vendor or a bank that the person typically deals with, from an email address that looks familiar. These intricate phishing schemes are sometimes difficult to detect in time to stop the money from leaving the country.
A trend that I expect to see is more and more sophistication on that front. And unfortunately so far, education and training efforts to counteract it are just not keeping up with the efforts of these criminals. We are advising our clients that this is an area where they really need to focus and invest in additional education efforts.
The president’s anticorruption agenda signals that all enforcement mechanisms will be deployed. Discuss the relative importance of addressing three key areas: illicit financing, accountability for corrupt actors, and interagency and international cooperation.
Matsoukas: With respect to our existing government enforcement operations, I think those three areas are all being addressed. We have seen a great deal of attention, really since 9/11, on illicit financing sources from abroad. We’ve seen an increase in accountability for corrupt actors in the way that FCPA enforcement in our country has been elevated and escalated. More resources have been devoted to it. You’ve seen things like the Yates memo, which talks about individual culpability for corrupt actors. We’re also seeing more interagency and international cooperation.
Some of it is going to be hard. Many of these issues are tied up in the U.S.’s relations with China and Russia. That’s often where we see reports that bad actors come from. That’s where much of the illicit money and cybercrime come from.
Sinfelt: The Biden administration, I believe, is looking at how effective illicit actors have become globally because they are working cooperatively with other illicit actors around the world. What we see on the white-collar defense side is that when bad actors work together, they’re very effective. But if you follow the money, the illicit financing, you’re going to find the bad actors. So this administration may need to find additional support resources (perhaps support from the private sector), but then also build upon international cooperation and hold the bad actors accountable.
If they do use this triple-threat strategy, they will be very effective in protecting national security, which is the goal. The way that private corporations fit into this is what we’re looking at now, and how it affects their businesses. Again, it is still the initial 200-day review of what this is going to look like and how it’s going to affect our clients, so we’re going to keep on top of that. But none of us think it’s going to be status quo. And we’re watching the FCPA and the financial statutes to see how it all goes. It’s going to be an interesting time, for sure.
Published October 13, 2021.
