Introduction
This article was written by Olgu Kama and Ece Sürmen, lawyers at İnal Kama Attorney Partnership, affiliate firm of Norton Rose Fulbright in Turkey.
Emerging markets harbor appealing business opportunities for investors especially from developed countries due to their ever-growing nature. In the World Bank’s Doing Business 2020 Report, Turkey, as an emerging market, ranks 33 out of 190 economies and jumps up 10 places by scoring 76.8 overall, in terms of ease of doing business. Turkey has comprehensive laws and regulations regarding corruption and bribery and also ratified The Council of Europe Criminal Law Convention on Corruption of January 27, 1999, the Council of Europe Civil Law Convention on Corruption November 4, 1999, Council of Europe Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime and on the Financing of Terrorism, the United Nations Convention against Corruption etc. Yet, the nature of the conduct keeps the battle going. Thus, combatting corruption and bribery continues to be a necessity, and some risks continue to be pitfalls for companies. The complexity of combatting corruption and bribery may arise from (i) existing corruption culture; (ii) a weak framework to avoid corruption; (iii) different perceptions on corruption; (iv) absence of the political will to fight; and/or (v) lack of transparency. Therefore, investors should pay particular attention to compliance culture in the jurisdiction and not just in the company itself, to protect the company. In order to do that, the rule of law in the jurisdiction, application of the laws, independence of the judiciary, and society’s trust in the system should be evaluated.
In addition to local applicable laws, international companies that have a US nexus, should vary in enforcement in other jurisdictions. US Department of Justice (“DOJ”) is relentless in pursuing these matters in general. In 2018, a total of US$2.89bn was sanctioned by the DOJ to resolve cases regarding the Foreign Corrupt Practices Act (“FCPA”). A Brazilian oil and gas company paid a record US$1.78bn to the DOJ, Securities and Exchange Commission (“SEC”) and Ministerio Publico Federal in Brazil. In addition to monetary fines of companies, the DOJ took action against more than 30 individuals for their contribution to corrupt behavior. Turkish companies appeared in several cases of DOJ and SEC. In 2010, a company agreed to pay US$185m combined to DOJ and SEC for its Turkish subsidiary’s illicit payments to third parties. A multinational conglomerate company agreed to pay US$1,6bn in 2008 for payments made by its subsidiaries in kickbacks.
In this realm, where corruption is a high risk factor in emerging markets, anti-corruption and bribery enforcement crosses borders (i.e. (i) issuers and their officers, directors, employees, agents and shareholders (ii) domestic concerns and their officers, directors, employees, agents and shareholders and (iii) certain persons and entities other than issuers and domestic concerns acting while in the territory of the US, it is extremely important to avoid corruption schemes that could result in DOJ and SEC imposing substantial sanctions on companies and individuals. In order to avoid prosecution and the inevitable reputational loss, companies should have an effective compliance program. Investors that consider investing in Turkey or international companies doing business in Turkey should apply the following measures in order to minimize the multijurisdictional risks.
Elements of an effective compliance program
With an eye towards developing a comprehensive and effective compliance program, companies should bear in mind both the country’s and the industry’s habits and customs with respect to corrupt behavior. Even companies that are not subject to the FCPA should pay attention to the measures taken to avoid corrupt behavior before making investments.
According to the FCPA Guidelines, an effective compliance program must consist of (i) clear anti-corruption policy and commitment from senior management; (ii) company code of conduct and policies; (iii) oversight by a company executive or executives, autonomy from management and sufficient resources; (iv) risk assessment strategy; (v) effective training; (vi) necessary incentives and disciplinary measures; (vii) third party due diligence; (viii) confidential reporting mediums and internal investigations; (ix) periodic testing and review of the program; and (x) pre-acquisition due-diligence and post-acquisition integration. When preparing a compliance program, the local culture must be taken into consideration since some traditions may hinder to see beyond the actions. For example, in Turkey, it is traditionally accepted to bring a gift when you visit someone. The program must make clear that even though this is the tradition, providing a gift to a government official is against the law. Something similar can be stated for whistle blower hotlines. In most cultures, an employee would not want to be the one that makes the call to tell on a co-worker. Therefore, it bears great significance to have confidential hotlines, where the whistleblower does not have to identify herself and/or the company does not reveal the identity of the whistleblower.
Third party due diligence, pre-acquisition due diligence, and post-acquisition integration have become the most prominent components as investors are now more frequently entering into an emerging market through third parties or acquisitions.
Third parties stipulated in the DOJ and SEC enforcement actions are agents, consultants, distributors, brokers etc. They represent a large risk for companies. Indeed, the OECD’s Foreign Bribery Report analyzed 427 cases and found that third parties were involved in 75 percent of the bribery cases. Therefore, when dealing with third parties, it is important that companies:
- use public resources to have a general understanding of who they are dealing with. The basic general information may raise a red flag and this red flag may prevent the company from becoming involved in possible misconduct.
- specify the capability and necessity of the third party to conduct the business; (to do this, managers and auditors must make sure that they have described the services by the third party in their agreement precisely and checked whether the third party has experience in the field.)
- look at the required payment method by third parties; (companies must determine whether the payment method is compliant with the country and/or industry standards. A payment method that is out of the ordinary for the industry and the market must raise a red flag for the company.)
- inform the third parties about its compliance and ethics policies, and where necessary, ask for a reciprocal commitment to create a culture of compliance with third parties
- not abandon control over third parties when the work starts
- repeat due diligence again when deemed necessary, place audit conditions in agreements, exercise these audit rights, and provide trainings to continue the risk free relationship. This training must be in the local language for every stakeholder to understand and has to be held face-to-face. A “one size fits all” approach does not work in this scenario. Therefore, training that is compliant with the local culture is a necessity.
Besides third party due diligence, companies should conduct pre-acquisition due diligence and focus on post-acquisition integration when entering an emerging market. This is to confirm that they will not incur liability arising from an ongoing or previous bribery scheme and also to make sure that their values are accepted and understood throughout the new company. Due diligence prior to acquisition helps companies to detect misconduct, to take the misconduct to the DOJ and SEC and mitigate the risk of receiving a robust fine. There are instances where the DOJ and SEC did not take any enforcement action when the company had adequate due diligence and voluntarily disclosed the misconduct. Post-acquisition integration has an integral role in the adaptation process. The acquirer transmits its own compliance and ethical values to the employees of the acquired company through tailored trainings. In addition to trainings, in order to fully transform the compliance scene and detect possible misconduct, companies should continuously and thoroughly evaluate the third party risks.
The growth opportunities of emerging markets may draw investors to an unfamiliar corruption culture and might lead to both a local and a cross-border enforcement action that will harm the company’s finances and reputation. To diminish these risks, companies should have an adequate and comprehensive compliance program, which might even operate as a mitigating factor for the companies subject to DOJ and SEC jurisdiction in the event of misconduct.