On March 3, 2015, Andrew Ceresney, Director of the Securities and Exchange Commission’s Enforcement Division, spoke to the CBI Pharmaceutical Compliance Congress about the importance of industry compliance with the Foreign Corrupt Practices Act (FCPA). His speech emphasized the expanding U.S. government scrutiny of the pharmaceutical industry, now deemed at “high risk” for FCPA violations. Despite this growing pressure, many companies are still unaware of the steps needed for FCPA compliance. Those who ignore the Act are making a risky choice—as Mr. Ceresney noted, pharmaceutical companies like Eli Lilly and Pfizer recently entered multi-million dollar settlement agreements with the government to resolve alleged FCPA violations.
Administered jointly by the U.S. Department of Justice and the U.S. Securities and Exchange Commission, the FCPA has two primary components: anti-bribery provisions and accounting provisions. The Act makes it unlawful for companies and individuals to make payments of any item of value to foreign officials in exchange for influence or business opportunities, and also requires that foreign companies with U.S.-listed securities follow FCPA accounting provisions. Most importantly for U.S. pharmaceutical companies, any foreign subsidiaries or distributors must also follow these same regulations.
In recent years, the federal government has closely monitored the pharmaceutical industry for FCPA violations, largely as the result of renewed concerns about bribery of foreign officials. As reflected by multiple investigations and settlements, the government is actively engaged in “sweeps” of various industries. Thus, if one company is being investigated concerning various activities, it is likely that the company’s competitors are also being investigated. One reason for these “sweeps” is the constant revolving door of high-level employees within specific industries. Thus, if one company has a “bad practice,” it is possible that bad practice has migrated throughout the industry.
Specific to the pharmaceutical industry—which has been a target of the government for several years—pharmaceutical company representatives frequently interact with doctors, pharmacists, and administrators at foreign public hospitals to promote their products. These individuals, however, are often classified as “foreign officials” under the FCPA, meaning any item of value given to these practitioners violates the Act. This is because the majority of the world’s health systems are actually managed by governments, unlike the United States where the health industry is primarily private. As an example, in 2012, Pfizer settled with the SEC for more than $26 million over alleged violations of the FCPA, including the payment of foreign government doctors to prescribe Pfizer products. One of the most egregious examples from the case was the “bonus program” for Croatian doctors in senior leadership at government health care institutions. A percentage of the value of Pfizer products used by each institution was funneled back to the doctors as cash, international travel, and free products.
Mr. Ceresney also raised concerns about the role of foreign representatives, who may not follow the same strict rules as the U.S. parent company. For example, in 2012, Eli Lilly was charged by the SEC with a variety of FCPA violations committed by its foreign subsidiaries, and ultimately paid $29 million to settle the matter. The SEC alleged, among other violations, that Eli Lilly’s Brazilian subsidiary allowed its pharmaceutical distributor to bribe government health officials, and its Polish subsidiary made payments to a charity administered by the head of a regional governmental health authority in exchange for the official’s support in placing Eli Lilly drugs on the government reimbursement list.
The experiences of Pfizer and Eli Lilly are only compounded by the investigation involving GlaxoSmithKline Plc (GSK) related to corruption in China. In September 2014, GSK was fined $490 million by the Chinese government for bribery and one of its executives was sentenced to Chinese prison. GSK is still under investigation by other governments, including the United Kingdom, the United States, and others, for related activities. This reflects the on-going multi-jurisdiction investigations by different foreign governments, which usually significantly increases the investigation and legal costs.
Mergers and acquisitions pose a significant risk for pharmaceutical companies as they attempt to consolidate market share or address the increase in generic options in the foreign market. For example, in 2013, Cubist Pharmaceuticals Inc. purchased Optimer Pharmaceuticals and has subsequently disclosed government investigations focusing on the due diligence performed on certain grants by Optimer. Grants may be viewed as a way to garner support for drug approval or foreign operations. However, providing a grant to a leading foreign university to “study” the benefits of a drug may raise FCPA compliance issues where there is also a foreign government stake or interest at issue. Therefore, due diligence on acquisitions and relationships with foreign universities (in addition to foreign health institutions) is a major takeaway from recent cases.
In recent years, the government has concentrated on specific acts of actual bribery. However, the history of the FCPA is actually based on the books and records provisions. The SEC and DOJ showed that these FCPA accounting requirement provisions still have teeth in the settlement with Bio-Rad Laboratories, Inc., a medical diagnostics and life sciences manufacturing and sales company. Bio-Rad agreed to pay a $14.35 million penalty to resolve FCPA allegations of falsifying its books and records and failing to implement adequate internal controls in connection with sales it made in Russia. These alleged failures reflect the real risks for any company, including pharmaceutical companies, doing business abroad.
To this end, pharmaceutical companies may develop robust compliance programs today to avoid future FCPA violations. A strong compliance program includes compliance staff, detailed policies and procedures, frequent training, regular compliance audits, and multiple internal reporting mechanisms. The best compliance programs also have significant senior management and Board of Director engagement, which communicates the importance of FCPA compliance to all employees.
To create a strong compliance program, companies must first create clear and comprehensive policies and procedures regarding FCPA and other foreign anti-bribery laws. These policies often include guidelines about expense controls, methods for staff to report compliance concerns, and straight-forward explanations of the company policy against bribery. Companies may wish to also appoint designated personnel to run the compliance program. This team can respond to initial reports of red flags and ensure compliance policies are followed company-wide.
Second, companies may wish to implement frequent mandatory training for all staff and foreign agents on these compliance procedures. These trainings, led by compliance personnel, are designed to highlight the potential ramifications of violating the Act and help all employees understand their own compliance responsibilities. The training is particularly important for foreign subsidiaries and employees, who may not be familiar with the FCPA requirements.
Third, companies may wish to periodically review their guidelines and company adherence to the compliance program. This includes annual internal compliance audits and regular externally-led audits to identify areas for further development and potential red flags that warrant further investigation. Due diligence for third-party agents is also often necessary. Companies may wish to frequently check that their foreign representatives and distributors are following the company compliance procedures and understand how to avoid potential FCPA violations.
Finally, if these reviews turn up past FCPA violations, companies may wish to immediately conduct an internal investigation. In a recent settlement involving Goodyear Tire, the government provided public accolades as to the immediate handling of an allegation of a potential FCPA violation. This included the immediate retaining of an outside law firm to conduct an investigation, the utilization of a forensic audit team to review the material, divesture of the interests in the foreign entity that allegedly caused the violation, and immediately cooperating with the DOJ and SEC.
Therefore, in addition to conducting a full review, companies may wish to consider self-reporting to the Department of Justice and SEC. The government has made it very clear that by voluntarily disclosing violations, the company may mitigate any penalties or receive a deferred prosecution agreement from the government. If a company chooses to self-report a violation, it may wish to first consult with an attorney experienced in FCPA matters to correctly identify problems and undertake remedial measures to avoid further harm.
The U.S. federal government has increased FCPA enforcement over the past several years, particularly for pharmaceutical companies, leading to substantial financial penalties. The pharmaceutical industry must therefore increase its own focus on FCPA compliance, monitoring both foreign subsidiaries and agents in addition to all U.S.-based staff. By developing a robust compliance program, companies may ward off any violations and help all employees follow U.S. law.