On June 20, 2019, Walmart Inc. (“Walmart”) entered into a three-year Non Prosecution Agreement (“NPA”) and Walmart’s wholly owned Brazilian subsidiary, WMT Brasilia S.a.r.l., entered into a plea agreement with DOJ for violations of the accounting provisions of the Foreign Corrupt Practices Act of 1977 (“FCPA”). Separately, Walmart also agreed to a parent-level resolution with the Securities and Exchange Commission (“SEC”) to resolve its investigation. In total, Walmart agreed to pay $282 million in penalties and disgorgement, including the imposition of a two-year compliance monitorship with limitations on its scope and responsibilities (as described in more detail below).1
As set forth in the resolution documents with DOJ and SEC, Walmart’s FCPA violations stemmed from a period of rapid international growth at the company, during which time a series of relatively small and improper payments were made through third party agents and intermediaries to government officials in Mexico, India, Brazil, and China in order to obtain permits and licenses required for the company to open and operate its stores. Dating as far back as July 2000, certain senior Walmart employees and executives were informed of red flags suggesting that the company’s internal controls were allowing these improper payments to be made, and to be incorrectly recorded in the company’s books and records, but the company failed to correct its internal controls until 2011 in order to prevent such payments.
In Mexico, for example, a former attorney for a Walmart subsidiary reported in 2005 that he had overseen a scheme, of which subsidiary executives were aware, where that attorney directed third party agents to make improper payments to government officials in order to obtain store permits and licenses. Invoices from those agents included codes specifying that the improper payments were made to avoid a requirement or eliminate fines. In India, agents hired by a Walmart subsidiary similarly made improper payments to governmental officials which were recorded in Walmart’s books and records with inaccurate and vague descriptions, such as “misc fees,” “miscellaneous,” “professional fees,” and “government fees.” In China, Walmart’s subsidiary’s internal audit team flagged several weaknesses in the company’s anti-corruption accounting controls that were never addressed. And in Brazil, despite repeated findings in internal audit reports that the subsidiary’s controls were lacking, the company continued to hire agents without conducting proper due diligence and improper payments were made to government officials in connection with construction of the company’s stores.
As part of its resolution, Walmart agreed to enter into a three-year NPA with DOJ, to pay approximately $137 million in criminal penalties, and to accept the imposition of a monitorship for a period of two years. Walmart also agreed to disgorge more than $144 million to resolve similar charges brought by the SEC. The case demonstrates the severe consequences for even relatively small, but somewhat frequent, violations of the FCPA.
The Novel and Unusual Features of the Monitorship
There are several novel and unusual features of the Walmart corporate monitor agreement that are noteworthy, beginning with the decision to impose a corporate monitor on Walmart in the first place. Corporate compliance monitors serve as an independent means for the government to ensure that a company is effectively implementing a compliance program. While often viewed as an attractive tool by government regulators, independent monitors should be disfavored as a remedy since they are extremely disruptive to a company’s business operations and can be extraordinarily expensive.
The existing state of a company’s current compliance program is typically the most important consideration for the government when determining whether to impose a monitor. Indeed, the new guidance recently promulgated by DOJ Criminal Division Assistant Attorney General Brian Benczkowski on October 11, 2018 (the memorandum on the “Selection of Monitors in Criminal Division Matters,” colloquially referred to as the “Benczkowski Memo”) stressed this point by stating that “[w]here a corporation’s compliance program and controls are demonstrated to be effective and appropriately resourced at the time of resolution, a monitor will likely not be necessary.”2 What is bound to make the imposition of a corporate monitor controversial here is that DOJ specifically acknowledged that Walmart had fully remediated and enhanced its compliance functions. Among other things, Walmart “engaged in significant remedial measures,” including enhancing its compliance program and anti-corruption accounting controls, hiring a Global Chief Ethics & Compliance Officer and other high level ethics and compliance employees, conducted its own monthly and quarterly anti-corruption internal monitoring across all of its markets, and undertook many other initiatives. Notably, the SEC took a different approach from DOJ and did not require a corporate monitor in its resolution, which contrasts with how the SEC handled recent coordinated FCPA resolutions with DOJ on the Fresenius and MTS matters from earlier this year.3 Thus, casual observers are likely to criticize the imposition of a monitor here as simply “business as usual” at the DOJ.
A closer and more nuanced inspection of the Walmart monitor agreement, however, reveals that DOJ made a number of significant concessions that should signal an openness on the part of the Department to negotiate on terms previously deemed sacrosanct. For example, DOJ agreed to limit the term of the corporate monitor to two years, rather than the three-year or hybrid model that normally is required. In addition, DOJ typically requires a corporate monitor’s mandate to include evaluation of the effectiveness of a company’s entire compliance program and risk management environment, with language specifically requiring an “evaluation and assessment” of a company’s system of internal controls as they relate to “current and ongoing compliance with the FCPA and other applicable anti-corruption laws,” without specifically carving out any countries from the review. In contrast, the Walmart monitor’s mandate is restricted to “Key Risk Areas” in only four countries and Walmart’s headquarters in Bentonville, Arkansas—out of the 27 countries where Walmart currently operates.
The Key Risk Areas also are defined only to include “internal accounting controls relating to anti-corruption, record-keeping, and financial reporting policies and procedures” as they relate to “permits and licensing,” certain matters concerning “real estate development and construction,” a subcategory of “donations,” and "third-party intermediaries.” Finally, whereas previous monitor agreements employed guidance explaining that a monitor “is not expected to” conduct a comprehensive review of all business lines, the Walmart resolution includes language specifically instructing that the monitor “shall not” conduct such a review. Under the circumstances, therefore, it appears that once DOJ and Walmart agreed upon the existence of a monitor, Walmart substantially benefited from DOJ’s newfound willingness to negotiate the language of the monitorship agreement. This could be viewed as consistent with the DOJ’s updated guidance that “the scope of any monitorship should be appropriately tailored to address the specific issues and concerns that created the need for the monitor.”4
What This Means For You
Compliance and Risk Management Programs Must Be Designed to Identify and Respond to Improper Payments, both Large and Small
Historically, DOJ and SEC have been willing to prosecute relatively minor violations of the FCPA. Recent years have shown a more concerted effort by DOJ particularly to bring larger cases based on far more egregious and widespread misconduct, which have yielded correspondingly larger criminal fines and resolutions.5 Walmart’s case, however, demonstrates that DOJ and SEC enforcement officials will continue to investigate and prosecute relatively minor violations in some circumstances, even when doing so requires the devotion of an enormous amount of time, money and resources. As such, it remains as important as ever that companies maintain compliance and risk management programs designed to address all of their anti-corruption risks, without consideration as to whether the dollar amounts involved might be considered de minimis.
Identifying and Responding to Anti-Corruption Risks in a Timely Manner is Crucial
Walmart’s case also serves as an important reminder that companies must try to identify areas of potential concern and then actually respond to those concerns in an appropriate and timely manner. Walmart’s resolution documents demonstrate that senior employees and executives purportedly learned of corrupt payments by third party agents and intermediaries nearly six years before the company actually undertook to remediate and respond to those concerns. In order for any anti-corruption risk management program to be successful, it must include measures designed to encourage the reporting of suspected wrongdoing to the company’s compliance structure. Once concerns are identified and reported, the company must have systems in place to respond accordingly by taking appropriate personnel actions and improving internal accounting controls to prevent similar violations in the future. Had Walmart responded appropriately at the time that concerns were initially identified, it is likely that any final resolution would have taken far less time and looked much different.
When Concerns Are Identified, Effective Advocacy is as Important as Ever
DOJ and the SEC have, year over year, dedicated increased time, money and resources to enforcement of the FCPA, and the Walmart case shows that regulators are taking a more nuanced approach to resolving cases than they have in the past. While it has always been important to have an effective and experienced advocate when engaging with the government as part of an investigation, DOJ’s willingness to negotiate previously sacrosanct terms makes such advocates even more critical. Now more than ever, it is important that companies engage counsel with the requisite experience and expertise to conduct a timely and efficient FCPA investigation, appropriately respond, and where necessary, negotiate with the government for a favorable result.
Fry Wernick previously served as Assistant Chief of the FCPA Unit within the Department of Justice, Criminal Division, Fraud Section. The FCPA Unit prosecuted this case, but he had no personal or substantive role in this matter, nor did he have any input into its outcome.
Visit our website to learn more about V&E’s FCPA & Global Anti-Corruption practice. For more information, please contact Vinson & Elkins lawyers Ephraim (Fry) Wernick, Brian Howard, or Lincoln Wesley.
1 In a related matter, Walmart also filed an 8K on June 20, 2019 to report that it also entered into an Administrative Agreement with the U.S. Environmental Protection Agency (“EPA”) for a three-year term, which replaces the agreement from Walmart’s 2013 $81.6 million settlement with that agency relating to its disposal of hazardous waste and pesticides. Walmart Inc., Current Report Filing (Form 8-K) (June 20, 2019). According to the filing and public sources, this Agreement resolved concerns that Walmart would be debarred or suspended from federal government programs as a result of its FCPA settlement with the DOJ, which could have affected the company’s ability to accept food stamps in its 5,300 U.S. stores, among other things. As part of the Agreement, Walmart also agreed that the appointed FCPA monitor would also monitor its compliance under the new EPA agreement.
2 Assistant Attorney General Brian Benczkowski, Criminal Div., U.S. Dep’t of Justice, Selection of Monitors in Criminal Division Matters (Oct. 11, 2018), https://www.justice.gov/opa/speech/file/1100531/download.
3 In the SEC’s settlement with both Fresenius and MTS the agency implemented its own independent compliance monitor. See Press Release, Sec. and Exch. Comm’n, SEC Charges Medical Device Company with FCPA Violations (Mar. 29, 2019), https://www.sec.gov/news/press-release/2019-48; Press Release, Sec. and Exch. Comm’n, Mobile TeleSystems Settles FCPA Violations (Mar. 6, 2019), https://www.sec.gov/news/press-release/2019-27.
4 See supra note 1.
5 Press Release, Dep’t of Justice, Rolls-Royce plc Agrees to Pay $170 Million Criminal Penalty to Resolve Foreign Corrupt Practices Act Case (Jan. 17, 2017), https://www.justice.gov/opa/pr/rolls-royce-plc-agrees-pay-170-million-criminal-penalty-resolve-foreign-corrupt-practices-act; Press Release, Dep’t of Justice, Telia Company AB and Its Uzbek Subsidiary Enter Into a Global Foreign Bribery Resolution of More Than $965 Million for Corrupt Payments in Uzbekistan (Sept. 21, 2017), https://www.justice.gov/opa/pr/telia-company-ab-and-its-uzbek-subsidiary-enter-global-foreign-bribery-resolution-more-965; Press Release, Dep’t of Justice, Société Générale S.A. Agrees to Pay $860 Million in Criminal Penalties for Bribing Gaddafi-Era Libyan Officials and Manipulating LIBOR Rate (June 4, 2018), https://www.justice.gov/opa/pr/soci-t-g-n-rale-sa-agrees-pay-860-million-criminal-penalties-bribing-gaddafi-era-libyan; Press Release, Dep’t of Justice, Petróleo Brasileiro S.A. – Petrobras Agrees to Pay More Than $850 Million for FCPA Violations (Sept. 27, 2018), https://www.justice.gov/opa/pr/petr-leo-brasileiro-sa-petrobras-agrees-pay-more-850-million-fcpa-violations; Press Release, Dep’t of Justice, Mobile Telesystems Pjsc and Its Uzbek Subsidiary Enter into Resolutions of $850 Million with the Department of Justice for Paying Bribes in Uzbekistan (Mar. 7, 2019), https://www.justice.gov/opa/pr/mobile-telesystems-pjsc-and-its-uzbek-subsidiary-enter-resolutions-850-million-department.