Special thanks to Tom Fox of T Fox Law for the reference in his post, below. Clearly, Eli Lilly’s FCPA matter is gaining solid attention amongst Compliance and Audit professionals (See below).
In Parts II and III of my
As it is a New Year, I would like to start out with listing Paul McNulty’s Three Maxims regarding the effectiveness of a FCPA compliance program. I have been privileged to hear Paul speak many times for several years. These Maxims were the questions he posed to companies when he was in his role as the United States Deputy Attorney General. First, what did you do to prevent it? Second, what did you do to detect it? Third, what did you do to remedy it?
With the McNulty Maxims in mind, Lilly got into FCPA hot water for using four different styles of bribery schemes in four separate countries. In China, the corruption involved employees and bribery payments which were falsely labeled as reimbursement of expenses. In Brazil, the corruption involved a distributor which received a larger than normal discount for Lilly products. The additional revenues generated from this discount were used to pay a bribe. In Poland, the corruption involved charitable donations which were falsely labeled in Lilly’s books and records. These charitable donations were used to induce a Polish government official to approve the purchase of Lilly products; and, finally, Lilly’s subsidiary in Russia, paid bribes to Offshore Agents who were domiciled outside Russia and who performed no services for the compensation they received.
According to the SEC Complaint, in China the FCPA violations centered around various sales representatives who submitted false expense reports to cover bribes which were paid or their supervisors who instructed them to do so. The SEC Complaint noted that although the dollar amounts for the gifts provided to Chinese officials “generally small, the improper payments were wide-spread throughout the [Chinese] subsidiary.” To prevent such actions, a company must train its employees about the requirements of the FCPA, or any other relevant anti-corruption law, regarding what is and is not allowed under such laws. A company must then follow up to monitor and audit such activities. In a sales model which is employee based, internal audit must review the expense reports of its sales representatives as they represent the highest risk of corruption.
In Brazil, Lilly used the distributor model to market its drugs through third-party distributors who then resold these products to public and private entities. As noted by Matt Ellis, in his post entitled “Eli Lilly’s Distributor in Brazil: The Non-Obvious FCPA Risk”, the discounts that distributors typically receive from manufacturers such as Lilly can be problematic under the FCPA because “enforcement officials can see these discounts as potential “loose money” that can be used for bribe payments. This is especially the case when the distributor is engaging in other activities on behalf of the producer, like marketing, licensing, and customs clearance.” This was the situation that Lilly found itself in as the standard range of discounts given to distributors was “between 6.5% and 15%, with the majority of distributors in Brazil receiving a 10% discount” but in early 2007, at the request of a Lilly sales manager, the company awarded an unusually high discount of between 17% and 19% to a distributor for the sale of a Lilly drug to the government of one of the states of Brazil. The distributor used approximately 6% of this additional discount to create a fund to pay Brazilian government representatives to purchase the Lilly drugs from him.
In the area of prevent, the SEC Complaint noted the following “Lilly-Brazil’s pricing committee approved the discounts without further inquiry. The policies and procedures in place to flag unusual distributor discounts were deficient.” Lastly, as stated by Ellis, “It noted that the company relied on representations of the sales and marketing manager without adequate verification and analysis of the surrounding circumstances of the transactions.” Indeed Kara Brockmeyer, the SEC’s chief FCPA enforcer, stated in the SEC Press Release announcing the matter:
Eli Lilly and its subsidiaries possessed a “check the box” mentality when it came to third-party due diligence. Companies can’t simply rely on paper-thin assurances by employees, distributors, or customers. They need to look at the surrounding circumstances of any payment to adequately assess whether it could wind up in a government official’s pocket.
All of this means that if a discount is outside the normal range typically given to a distributor, a red flag is raised as to why the increased discount was allowed. Simply basing a management decision on the representations of a sales manager is not a sufficient mechanism to clear such a red flag.
From the detect prong, internal audit needs to follow up with ongoing monitoring and auditing. Internal audit can be used to help determine the reasonableness of a commission rate outside the accepted corporate norm. Further, as noted by Jon Rydberg, of Orchid Advisors, in an article entitled “Eli Lilly’s Remedial Efforts for FCPA Compliance – After the Fact”, the company should be “implementing compliance monitoring and corporate auditing specifically tailored to anti-corruption” for the distributor sales model.
Here Lilly used charitable donations to a charitable foundation which was, as stated in the SEC Complaint, “founded and administered by the head of one of the regional government health authorities at the same time that the subsidiary was seeking the official’s support for placing Lilly drugs on the government reimbursement list.” There were a total of eight payments made to the charitable foundation. In addition to the charitable donations made, Lilly “falsely characterized the proposed payments”. Lilly had a group which reviewed the request for such donations called the “Medical Grant Committee [MGC]” which approved the payments “largely based on the justification and description in the submitted paperwork.”
From the prevent prong, it is clear that if the MGC had adequately reviewed the donation request, it would have determined that the charitable foundation was administered by the same person making the decision over the sale of Lilly products. Indeed, the largest request was made just two days after the government decision maker authorized a large purchase of Lilly products. The SEC Complaint also noted that of there were different corporate justifications for the eight requests for the charitable donations made. So, as noted by Rydberg, there was a failure of corporate governance and financial controls. In its FCPA Guidance, the Department of Justice (DOJ) lists five questions which a company should ask when considering a charitable donation. They are: (1) What is the purpose of the payment? (2) Is the payment consistent with the company’s internal guidelines on charitable giving? (3) Is the payment at the request of a foreign official? (4) Is a foreign official associated with the charity and, if so, can the foreign official make decisions regarding your business in that country? (5) Is the payment conditioned upon receiving business or other benefits?
From the detect prong, there are several things which can be incorporated into a FCPA compliance program regarding charitable donations. The DOJ has issued several Opinion Releases on charitable donations and based on Opinion Release 10-02, some of the protections a company can do to comply with the FCPA regarding charitable donations are as follows:
1) Certifications by the recipient that it will comply with the requirements of the FCPA;
2) Due diligence to confirm that none of the recipient’s officers or directors are affiliated with the foreign government at issue;
3) A requirement that the recipient provide audited financial statements;
4) A written agreement with the recipient restricting the use of funds to humanitarian or charitable purposes only;
5) Steps to ensure that the funds were transferred to a valid bank account;
6) Confirmation that contemplated activities had occurred before funds were disbursed; and
7) Ongoing auditing and monitoring of the efficacy of the program.
These protections allow an audit trail which can be monitored or audited by the company’s audit team.
Tomorrow I will take a look at Lilly’s FCPA violations in Russia and use that information to set forth some minimum best practices which you can use in your compliance program to help you both prevent, detect and then FCPA compliance violations.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at email@example.com.
© Thomas R. Fox, 2013