Increasingly, the insurance industry is exploring the possibilities of extending directors and officers (D&O) liability insurance to costs associated with investigations of potential U.S. Foreign Corrupt Practices Act (FCPA) violations. Earlier this week, the FCPA Professor published a helpful interview with one broker who now offers a policy that funds certain costs resulting from any regulatory investigation by any regulator in the world concerning alleged bribery of a government official.
Underwriters, because of the very nature of their profession, are experts in risk management. As they venture into this new market, they should know that tools exist to provide a helpful degree of certainty in assessing corruption risk.
What is covered by the policies? Though FCPA liability coverage does not extend to fines, penalties, and disgorgement that result from FCPA enforcement actions, the reach can still be considerable. In the case of Marsh’s FCPA Corporate Response, its coverage extends not only to attorneys fees, but also to “experts, consultants, accountants, auditors, and any other professionals a company typically hires in the course of conducting or defending itself against an anti-corruption investigation.” It can also extend retroactively to investigation costs incurred as part of the internal investigation prior to regulators getting involved. It even extends to the agents, consultants, and contractors of the entities and individuals implicated in the investigation.
The current state of the market. The market is not yet mature, but it is certainly ripening. Investigations can be expensive, which drives the need to obtain insurance to better manage costs. FCPAméricas has reported on how internal investigations can easily cost in the hundreds of millions. Investigations are also on the rise. Enforcement officials resolved six FCPA enforcement actions in 2002. In 2010, they resolved 71. In 2011, the SEC and DOJ initiated almost fifty actions combined. It is estimated that there are currently 150 civil and 80 criminal investigations underway.
Coverage providers are still looking for their sweet spot as they tread lightly with this exposure. It might be the case, as some have reported, that the largest multinational corporations are not yet interested in purchasing such coverage because they find the costs associated with investigations to be insignificant when compared to the actual fines and penalties. Midsized companies that might benefit from purchasing this coverage might not yet fully understand the risks. But, in time, the market for this product will surely crystallize. Companies will likely see the value of the product and will understand that the better their own compliance efforts, the lower the premiums they can negotiate.
Assessing risk. Underwriters should know that there are now clearly developed standards by which they, with the assistance of FCPA experts, can assess a company’s FCPA risk before choosing to extend coverage. The assessment involves two parts: examining the corruption risk profile of the insured and evaluating the compliance efforts of the insured to mitigate risk.
Understanding the corruption risk profile involves evaluating factors, such as:
- - Where the company is operating (including the relative period of time of operating in each foreign country);
- - Its sector or industry (including percentage of company activity in each distinct sector and industry);
- - Its size (measured by number of employees, revenues, and number of divisions); and,
- - The nature of its interactions with government officials (including the interactions of their third party intermediaries).
Understanding the effectiveness of the company’s compliance efforts involves evaluating factors like the types of policies and guidelines it has in place, the level of management support, the books and records and internal controls policies, the risk assessments it conducts, the mechanisms in place to communicate policies, the mechanisms in place to allow reporting of suspected violations, due diligence programs for third parties, incentives and disciplinary procedures for employees, contractual provisions, and periodic reviews.
In short, an FCPA practitioner can evaluate these factors against minimum standards provided by enforcement officials and other sources.
Companies that take FCPA compliance seriously, and those that do not, can be distinguished … like night and day. Asking basic questions can provide a quick sense of the level of compliance sophistication. When was the last time the company trained its foreign sales team on its FCPA compliance policy? How quickly can the company generate a list of all third party agents and the last due diligence reports produced for each? A more granular review of the company identifies specific exposure and can provide a solid understanding of risk.
The FCPAméricas blog is not intended to provide legal advice to its readers. The blog entries and posts include only the thoughts, ideas, and impressions of its authors and contributors, and should be considered general information only about the Americas, anti-corruption laws including the U.S. Foreign Corrupt Practices Act, issues related to anti-corruption compliance, and any other matters addressed. Nothing in this publication should be interpreted to constitute legal advice or services of any kind. Furthermore, information found on this blog should not be used as the basis for decisions or actions that may affect your business; instead, companies and businesspeople should seek legal counsel from qualified lawyers regarding anti-corruption laws or any other legal issue. The Editor and the contributors to this blog shall not be responsible for any losses incurred by a reader or a company as a result of information provided in this publication. For more information, please contact Info@MattesonEllisLaw.com.
The author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author.
@2012 Matteson Ellis Law, PLLC
Comments | |Leave a Comment