ISO 37001 – The Potential Impact of the New International Anti-Bribery Management System Standard

The International Organization for Standardization (“ISO”) recently published ISO 37001, the first international anti-bribery management system standard.  ISO, a Swiss-based international organization, is well known for issuing widely-used business process standards such as the ISO 9000 “family” of quality management system standards, one of the most widely used management tools in the world today.  ISO received input from working groups representing over 20 countries in devising the new standard, which does not focus on the legal requirements of any single nation’s anti-corruption laws but rather allows a flexible approach to implementation that can fit the specific laws to which an organization is subject.  As set forth in the standard’s introduction, ISO 37001 “reflects international good practice and can be used in all jurisdictions.  It is applicable to small, medium and large organizations in all sectors, including public, private and not-for-profit sectors.”  Despite its purported applicability to organizations of all types and sizes, ISO 37001 is not a one-size-fits-all compliance plan and requires organizations – consistent with accepted anti-corruption compliance practices – to perform an assessment of bribery risks and then to design and implement a compliance system that is “reasonable and appropriate” to the risks identified by the assessment. Because ISO 37001 purports to draw upon existing anti-corruption guidance, much of what is contained in it will be familiar to those experienced in anti-bribery compliance.  Among other things, ISO 37001 contains the following familiar requirements: Written anti-bribery compliance policy and procedures; Commitment and support from top management; Risk-based due diligence and assessment of bribery risk relating to business associates; An independent compliance manager; Anti-corruption training; and Reporting, monitoring, and...

False Claims Act Update: A Statistical Review of 2015 and Key Events for 2016

As reported by the Department of Justice (DOJ) in a December 2015 press release, the False Claims Act (FCA) remains the federal government’s primary means for combating fraud.  In 2015, the DOJ recovered $3.583 billion in FCA actions, the fourth year in a row that such recoveries have exceeded $3.5 billion.  While the majority of these recoveries were related to healthcare and defense-related government contracts (respectively, $1.9 billion and $1.1 billion), a sizable minority (around $500 million) related to fraud in other government programs. Perhaps the most notable conclusions to be drawn from the DOJ’s recent report, however, relate to the role of whistleblowers in bringing and prosecuting FCA claims.  As stated in DOJ’s press release: “Most (FCA) actions are filed under the Act’s whistleblower, or qui tam, provisions that allow individuals to file lawsuits alleging false claims on behalf of the government.  If the government prevails in the action, the whistleblower, also known as the relator, receives up to 30 percent of the recovery.”  In 2015, the government recovered $2.9 billion from whistleblower-initiated lawsuits, and whistleblowers received a record-setting $597 million for their share. Even more notable is the fact that in 2015, for the first time, whistleblower recoveries in cases where the government declined to intervene ($334.6 million) exceeded whistleblower recoveries in cases where the government intervened ($262.9 million) – e.g., the government made a formal appearance in the case and took the lead in litigating it.  (See Fraud Statistics Overview). This statistic is contrary to a prior commonly held belief that a government decision not to intervene was the “kiss of death” to the relator’s chances...

2015 1st Half Review: Why Fewer FCPA Prosecutions Means That Internal Compliance Is More Worthwhile Than Ever

Now that the first half of 2015 is in the books, it is time to take stock of what the FCPA enforcement landscape looks like.  Notably, it appears that only eight enforcement actions have been resolved so far this year by U.S. enforcement authorities (five by the SEC and three by the DOJ).  Unless the pace greatly increases in the next few months, this year will represent the lowest number of FCPA enforcement resolutions since 2005. Although this information might cause one to draw the conclusion that FCPA enforcement is winding down after a sustained period of exceptionally high levels of activity, such a conclusion is likely premature.  A closer examination of 2015 reveals other trends that point toward continued high levels of enforcement and a renewed focus on internal corporate compliance programs. One potential reason for the relatively low number of FCPA enforcement actions resolved so far this year is a corresponding increase in the number of declinations – or decisions not to pursue an enforcement action.  It is often difficult to accurately determine the number of declinations, as the enforcement agencies simply inform the target company (or individual) of the decision and do not publicly announce the declination.  Some companies choose not to publicize the declination, particularly when the investigation was not a matter of public knowledge.  Those that do often delay the announcement and do so in the context of quarterly securities filings. Subject to those qualifications, there appear to have been at least eight declinations thus far in 2015, which is on pace to be among the highest in the last several years.  Although the...