by Kara Brockmeyer, Andrew M. Levine, Bruce E. Yannett, Ada Fernandez Johnson, and Katelyn McNelis

In particular, the 2021 Recommendation:

• promotes the use of non-trial resolutions (“NTRs”) by countries, using a consistent and transparent global framework;
• encourages countries to cooperate with single and multi-jurisdictional anti-bribery investigations, particularly through mutual legal assistance processes;
• requires countries to incentivize self-reporting, cooperation, and remediation with reduced sanctions and other advantages for companies that comply;
• requires enhanced protections for whistleblowers;
• provides heightened expectations for internal controls and corporate compliance programs;
• recommends that countries incentivize companies to adopt compliance programs;
• discusses the tension between data protection and anti-corruption compliance programs; and
• addresses the demand side of bribery.

We anticipate that the 2021 Recommendation will impact significantly the global anti-bribery landscape, especially as the OECD evaluates the enforcement efforts of both existing members and new countries seeking to join the OECD against these updated standards.

Background

In 2009, the OECD published its original Recommendation for Further Combating Bribery of Foreign Officials (the “2009 Recommendation”). The 2009 Recommendation set the standard against which the OECD Working Group on Bribery evaluates whether its member countries are meeting their obligations under the Anti-Bribery Convention. Now in its fourth round, this rigorous peer-review process is widely recognized as one of the most successful mechanisms of its type. It has contributed to, among other things, passage of the UK Bribery Act and the French Sapin II Law, as well as publication of the DOJ-SEC FCPA Resource Guide.

In 2018, the Working Group announced that it would begin reviewing the 2009 Recommendation to bring it current with existing trends and challenges. In addition to consulting with member countries (which comprise nearly all of the major exporting nations in the world), the Working Group received input from civil society, academics, the business sector, and the defense bar, including the Recommendation 6 Network and the IBA Anti-Corruption Committee.

This three-year effort culminated on November 26 with the publication of the 2021 Recommendation. As discussed below, this new set of standards will impact meaningfully both countries and their companies in the fight against foreign bribery.

Non–Trial Resolutions

Perhaps most importantly, the OECD now recommends that member countries use NTRs to address foreign bribery for both corporate entities and individuals. The 2021 Recommendation emphasizes for all NTRs the importance of “due process, transparency, and accountability.” As such, the 2021 Recommendation advises member countries to develop “clear and transparent” frameworks and standards, as well as associated oversight procedures.

When resolving a bribery case through an NTR, the 2021 Recommendation provides that, to the extent possible, member countries should publish the:

• central facts and key persons involved;
• factors weighed when deciding to use an NTR;
• sanctions imposed and basis for those sanctions; and
• remedies to be adopted.

According to the 2021 Recommendation, NTRs with one party should not preclude prosecuting other individuals or entities.

The 2021 Recommendation is an initial step toward a global framework for multi-jurisdictional settlements. In particular, the key provisions address transparency regarding factors such as how a company enters into an NTR (including whether or not it admits guilt or relevant facts); which authorities have the ability to enter into NTRs; what criteria will qualify a company or individual for an NTR; and what advantages can be obtained through an NTR. The 2021 Recommendation thereby provides much-needed guidance for countries that have not yet adopted an NTR framework and certainly will help encourage coordinated resolutions of cross-border investigations.

International Cooperation

Like the 2009 Recommendation, the 2021 Recommendation encourages member countries to cooperate with other countries and international authorities in anti-bribery enforcement. Under the 2021 Recommendation, member countries should use, facilitate, and encourage mutual legal assistance, including by:

• developing agreements to facilitate international mutual legal assistance; and
• ensuring that processes for requesting mutual legal assistance are public, “easily accessible,” and supported by an adequate infrastructure.

The 2021 Recommendation further states that member countries proactively work and coordinate with other countries’ anti-bribery investigations, whether single or multi-jurisdictional in nature.

Although the 2021 Recommendation does not go so far as to recommend that one country take the lead in multi-jurisdictional cases, it directs countries to consider consultation and cooperation throughout the lifecycle of a case. The 2021 Recommendation also notes specifically that member countries should “pay due attention to the risk of prosecuting the same natural or legal person in different jurisdictions for the same conduct.” While not quite as explicit as DOJ’s anti-“piling on” policy, it comes pretty close.

Sanctions and Confiscation

Under the 2021 Recommendation, the OECD recommends that member countries work to implement “transparent, effective, proportionate, and dissuasive” sanctions for foreign bribery actors, including confiscating the proceeds of such bribery. Although the 2009 Recommendation and the OECD Convention already required that sanctions be “effective, proportionate and dissuasive,” the 2021 Recommendation adds the requirement that they be transparent.

This requirement serves the dual purpose of deterring would-be wrongdoers and allowing both the Working Group and civil society to better monitor a country’s compliance with the Anti-Bribery Convention. In fact, the new Recommendation specifically requires countries to make their sanctions and the key elements of resolved cases “public and accessible,” consistent with local data protection and privacy laws, including the main facts of the case, individuals or entities sanctioned, and sanction amount and basis for it.

In a major new development, the 2021 Recommendation urges member countries to consider mitigating factors when determining the appropriate sanction, in order to “incentiviz[e] and reward[] good corporate behavior.” Specifically, the 2021 Recommendation asks countries to consider the following mitigating factors (similar to those employed in the United States):

• fulsome, timely, and voluntary reporting of the misconduct;
• “full” cooperation with law enforcement, including the disclosure of “all facts relevant to the wrongdoing”;
• acceptance of responsibility for the wrongdoing; and
• timely and appropriate remediation, including creating or augmenting ethics and compliance programs.

The 2021 Recommendation contains sweeping provisions for the protection of whistleblowers. These include the following, among other critical pieces of a whistleblower protection framework:

• confidential reports;
• potentially allowing for anonymous whistleblowers;
• sanctioning and providing remedies for retaliation, defined to include both workplace and other “actions that can result in reputational, professional, financial, social, psychological, and physical harm”; and
• steps to prevent data protection rules and privacy rights from “unduly imped[ing]” whistleblower protections and reporting.

These protections should apply to “the broadest possible range of” public and private reporters. That encompasses individuals who no longer work at the company, are in the recruiting process, and others who potentially could face work-related retaliation, leaving room for countries to protect third parties connected to whistleblowers.

These whistleblower protections, which can apply even to family members of whistleblowers, are even broader than U.S. legal standards protecting whistleblowers. It will be interesting to see how countries interpret and implement these standards.

Internal Controls / Ethics and Compliance

The 2021 Recommendation urges member countries to take steps to establish robust accounting and auditing standards, including incentives for companies to adopt compliance programs. Member countries’ internal accounting standards should aim to prevent off-the-books accounting and transactions and mandate the disclosure of “material contingent liabilities.” Correspondingly, external auditors of member countries’ companies should be independent and mandated to report suspected bribery to companies’ “management and, as appropriate, to corporate monitoring or governance bodies.”

Furthermore, the 2021 Recommendation significantly increases the expectations for improvements to a company’s compliance program, including:

• expanding areas covered to include conflicts of interest, hiring processes, use of intermediaries, and public tenders;
• requiring detailed provisions relating to third parties, such as ensuring that contracts specifically describe the services to be performed and appropriate payment terms, and that companies obtain and exercise audit rights where appropriate;
• expanding whistleblower reporting and protection policies, including measures to ensure no retaliation;
• specifying how the company will address alleged or suspected bribery;
• encouraging the use of data analytics;
• requiring periodic reviews of a company’s risk profile; and
• in connection with M&A transactions, requiring “comprehensive risk-based due diligence,” “prompt” incorporation of the acquired business into the company’s internal controls and compliance program, and post-acquisition audits.

These standards will be familiar to most large or medium companies, given that they draw extensively on DOJ’s guidance for corporate compliance programs. However, they raise the bar significantly in countries that have not yet adopted such compliance standards.

Finally, the 2021 Recommendation for the first time directs member countries to develop effective incentives for companies to adopt these compliance programs. This includes considering compliance programs when “grant[ing] public advantages” and in mitigating sanctions in criminal anti-bribery enforcement.

Data Protection

As regular readers of our FCPA Update know, GDPR and its brethren have made it more difficult for companies to conduct certain anti-corruption due diligence and internal investigations. The 2021 Recommendation directly addresses this tension between protecting privacy and data and ensuring that companies sufficiently can diligence third parties and investigate suspected wrongdoing.

Accordingly, the 2021 Recommendation now states explicitly that data protection rules and privacy rights, while important, should not “unduly impede” international cooperation and companies’ own internal controls and compliance programs. To that end, the new guidance directs member countries with relevant data protections to consider issuing regulations that allow for the processing of data in both anti-corruption due diligence and internal investigations.

Addressing the Demand Side of Foreign Bribery

Like the FCPA, the OECD Anti-Bribery Convention does not address the demand side of foreign bribery—the susceptibility of public and private officials to taking bribes. The corollary gap in enforcement frameworks has generated significant criticism over the years, particularly from civil society.

The 2021 Recommendation seeks to bridge this gap through a multipronged approach, recommending that member countries consider taking steps to:

• educate public officials on their bribery and solicitation laws;
• publish their “rules and regulations on gifts, hospitality, entertainment, and expenses for government officials” on public websites for ease of access, which certainly will ease the lives of compliance officers the world over;
• push companies to “prohibit or discourage” facilitation payments and “undertake to periodically review their policies and approach on small facilitation payments,” as previously recommended;
• proactively make “full use” of measures available under their legal systems to identify, freeze, and confiscate bribe payments, including both money and property; and
• develop anti-bribery policies specifically targeted at public officials stationed abroad, make such officials aware of bribery risks, train them to help “enterprises confronted with bribe solicitation,” including specific information on reporting potential bribery, and attempt to work with host countries and potentially other countries to address bribery issues.

Conclusion

The 2021 Recommendation has the potential to be a game changer in international anti-corruption enforcement. For the first time, there is now an international standard for NTRs, which should widen their adoption and encourage a more consistent and coordinated global approach to settlements. This should make it easier for companies operating globally to coordinate resolutions for misconduct spanning jurisdictions.

More broadly, the combination of incentivizing self-reporting, cooperation, and remediation, plus the proactive adoption of a robust compliance program, should help level the playing field for years to come for companies subject to these standards.

Stay tuned for further developments as OECD countries that don’t yet have NTRs begin to adopt related measures and also seek to incentivize companies to take anti-corruption compliance more seriously.

Kara Brockmeyer, Andrew M. Levine, and Bruce E. Yannett are partners, Ada Fernandez Johnson is counsel, and Katelyn McNelis is a law clerk, at Debevoise & Plimpton LLP.

Disclaimer

The views, opinions and positions expressed within all posts are those of the authors alone and do not represent those of the Program on Corporate Compliance and Enforcement or of New York University School of Law.  The accuracy, completeness and validity of any statements made within this article are not guaranteed.  We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the authors and any liability with regards to infringement of intellectual property rights remains with them.