The Foreign Corrupt Practices Act is the law of the land. In order for multinational companies to engage in business, they have to be sure that the regulation is adhered to. Though companies that run afoul of the FCPA typically aren't household names, that certainly wasn't the case for Hewlett-Packard, the Palo Alto, California-based information technology company that was recently cited in April for violating the law.
Earlier this year, the Securities and Exchange Commission charged Hewlett-Packard with breaking the FCPA law after one of its subsidiaries made improper payments to government officials in several different countries, all in an effort to gain access to public contracts worth a lot of money.
The SEC came down with the violation after finding that Hewlett-Packard paid in excess of $2 million to a government official based in Russia as a means of gaining access to a highly lucrative contract with the country's federal prosecutor. Meanwhile, in Poland, the multinational IT company provided cash bribes valued at more than $600,000 to a government official in order to curry favor with the national police agency there. Furthermore, in Mexico, Hewlett-Packard is believed to have paid more than $1 million to a consultant in order to win a software purchase bid with a petroleum company owned by the Mexican government.
Kara Brockmeyer, chief of the SEC's enforcement division that specializes in FCPA illegalities, indicated that Hewlett-Packard failed with its internal compliance strategy.
"[The company] lacked the internal controls to stop a pattern of illegal payments to win business in Mexico and Eastern Europe," said Brockmeyer. "The company's books and records reflected the payments as legitimate commissions and expenses. Companies have a fundamental obligation to ensure that their internal controls are both reasonably designed and appropriately implemented across their entire business operations, and they should take a hard look at the agents conducting business on their behalf."
The scheme is alleged to have occurred over a seven-year period, stretching from 2000 to 2007, according to the SEC's order, with the bribes being paid through agents and consultants. There had been several indications made to Hewlett-Packard about an inappropriate deal being conducted, observed by employees, but the IT company failed to conduct an internal investigation which might have prevented the FCPA from being violated.
Hewlett-Packard consents to paying more than $100 million in penalties
Perhaps recognizing its fault in the matter, Hewlett-Packard agreed to pay more than $108 million to SEC in order to settle the charges, according to the government memo. The official ruling handed down by the SEC was that the IT company violated the internal controls of the Securities Exchange Act, a law that's 80 years old.
Reviewing this case is not done in an effort to criticize Hewlett-Packard or its subsidiaries, but rather to point out that the FCPA can be violated easily if employers aren't clear about what the law requires and how their accounting IT systems are set up to track potential issues. Though there are many ways in which the FCPA can be violated, it's typically done when an employee of a business - with or without the company's knowledge - pays or promises to pay money to a government or federal official in exchange for something of value.
Companies invest millions into governance and process control. However, they often don't realize that these systems are not the invoicing and fiscal reporting solutions in Latin American countries. Instead, third party bolt-ons are used that leave huge gaps in visiblity. It is these gaps where fraud is usually found. How are you managing your invoicing processes across Latin America - espeically Mexico? Remember that all companies over 4 Million Pesos annually will have to file eAccounting reports monthly. The relationship of validated XML to prove and track sales and purchases give a whole new level of Big Brother meets Big Data. Remember, the gov't has visiblity into virtually 100% of your in country business transactions -- do you?