Mergers & Acquisitions Under the FCPA: Adequately Addressing Due Diligence

November 5, 2014

Monica Reinmiller Thad McBride

Presented By:

2 2

Speakers

Moderator

Jamie Saine

Convercent

Presenters

Thad McBride

Partner Sheppard Mullin

Monica Reinmiller

Dir. Ethics & Compliance Symantec

3 3

Agenda

Ø FCPA Overview

Ø Practical Guidance

Ø Hypotheticals / Discussion

Ø Questions

Due Diligence / Value of Compliance

Ø Business team must understand value of compliance Ø Don’t assume your deal lawyers have this covered

Ø Train and empower deal makers to identify and

report prospective issues

Ø Robust compliance culture leads to §  Less horse trading with your own people §  Team that is attuned to the issues §  Smoother diligence process overall

4

FCPA Overview

5

What is the FCPA?

Ø US statute that has been in place since 1977

Ø Other countries have similar laws

Ø OECD, UN, and other international organizations have adopted similar conventions

Ø Vigorous enforcement by DOJ and SEC

6

What does the FCPA do?

Ø Prohibits corrupt payments to foreign officials for a business purpose

Ø Requires Issuers to maintain accurate books and records and robust internal controls §  Best practice even for non-Issuers

7

Who is subject to the FCPA? Ø Any US citizen or resident, wherever located

Ø Any entity organized/incorporated under US law Ø Any Issuer, regardless of nationality

§  Issuer = a company that (i) has securities registered in the United States or (ii) is required to file periodic reports with the SEC

Ø Any person in the United States, regardless of nationality

Ø A regulated person’s agent or other representative

8

What is a Payment?

Ø Actual payment or gift

Ø Offer or promise to pay

Ø Authorize to pay

** Can be any thing of value.

9

What is a Thing of Value?

Ø Any thing of value to recipient §  Money §  Gift §  Hospitality §  Loan/favorable financing §  Discounted/free maintenance §  Donation

Ø Can be proactive or reactive

10

Who is a Foreign Official?

Ø Any officer, employee or agent of any: §  Non-US government, whether national, state, local, etc. §  Department, agency, or bureau of a non-US government §  Instrumentality owned/controlled by a non-US government §  Public international organization (e.g., UN, WTO, etc.) §  Non-US political party

11

Foreign Official (cont.)

Ø Non-US political party

Ø Candidate for non-US political office

Ø Person holding ceremonial title depending on facts Ø Anyone acting on behalf of a Foreign Official

Rank or title is irrelevant

12

What Payments are Permitted?

Ø Reasonable and bona fide payment to §  Demonstrate, promote, or explain a product or service, or §  Execute or perform a contract with a foreign government

Ø Payment authorized under country’s written law

Ø Facilitating Payments §  Payment to expedite non-discretionary governmental action §  NOT PERMITTED under most country’s laws

Ø Highly fact-dependent ; keep good records

13

Settlements Involving M&A Ø Snamprogetti (2010)

§  2006: ENI sold Snamprogetti to Saipem §  2010: Snamprogetti incurred FCPA criminal liability and

agreed to pay a $240 million fine §  ENI and Saipem held jointly liable

Ø Alliance One (2010) §  Pre-2005: Alleged violations by Dimon/SCC subsidiaries §  2005: Dimon and SCC merged to form Alliance One §  2010: DOJ brought criminal case against Alliance One §  Alliance One required to retain an independent compliance

monitor for three years

14

Liability in M&A Context

Ø Acquiror may be liable for target’s FCPA violations pre-acquisition

Ø Successor liability

Ø Asset sale vs. stock sale

15

Other Consequences

Ø Discovery of FCPA violations may:

§  Alter transaction price §  Change deal structure §  Necessitate specific reps and indemnifications in

purchase agreement §  Delay proposed deal §  Cause integration challenges after closing §  CRATER THE DEAL

16

Due Diligence at Symantec

17

Diligence at Symantec About Symantec §  Global software company operating in more than 50 countries §  Provides security, storage and systems management solutions to help

consumers, small businesses, and global enterprises §  Solutions range across multiple product families, and two brands:

Symantec

Norton

18

Diligence at Symantec (cont.)

Ø Mature governance process: §  Driven by dedicated M&A teams (acquisition and integration) §  Detailed check list and questionnaire(s)

Ø 2014: Office of Ethics & Compliance §  Reviewed existing diligence process and documentation §  Performed risk assessment (integrated an audit review) §  Documented FCPA “risk-indicators” based on: q  Public sector revenue q  Use of third parties (agents, distribution channel, etc.) q  High ranking CPI territories

19

Diligence at Symantec (cont.)

Ø Consider other factors too: §  Is the target in an industry where corruption is pervasive? §  Is the target important to the business? §  Is the acquisition particularly high-profile?

§  In the media? §  Within the company?

§  Were target’s key assets or contracts obtained appropriately?

Ø KEY OBJECTIVE: Isolate heightened risk in the diligence report beyond the standard checklist and questionnaire process

20

Key Steps

Ø Analyze risk indicators (“flags”), e.g.: §  Use of revenue programs in public

sector (fees/commissions, rebates, discounting)

§  Agency agreements (contracts, prior diligence or background checks, etc.)

§  State Owned Entity relationships (“politically exposed person”)

21

Note:  You  may  be  working  parallel  to  the  integra5on  team  to  iden5fy  and  resolve  issues  

Key Steps (cont.)

Ø Evaluate flags for enhanced review or action: §  Individual due diligence (“red flag”

report) §  Transactional audit §  Investigation

22

Note:  You  may  be  working  parallel  to  the  integra5on  team  to  iden5fy  and  resolve  issues  

Key Steps (cont.)

Ø Determine any necessary remedial actions and perform a disclosure analysis, if necessary

KEY OBJECTIVE: Determine successor liability disclosure action no later than 180 days, in alignment with the DOJ’s Opinion Procedure Release No: 08-02

23

M&A Diligence Nuts & Bolts

Ø Review documents such as: §  Compliance policies and procedures §  Copies of training presentations and attendance lists §  Reports of compliance / internal audits §  Information about any investigations §  Agent / distributor agreements

24

Nuts & Bolts (cont.)

Ø Review books and records Ø Focus on accounts such as:

§  Hospitality §  Entertainment §  Gifts §  Facilitation §  Petty cash

Ø Interview personnel if needed

25

Compliance Pitfalls

Ø Fail to evaluate third party relationships Ø Not doing a deeper dive on revenue programs Ø Lack of documented compliance procedure

and / or trainings (enhanced review) Ø Missing an enforcement disclosure analysis Ø Not preparing for integration on DAY 1 post-close

26

DOJ Opinion Release 2008-2 Ø Halliburton sought to acquire a UK company

Ø By the terms of the acquisition, Halliburton was restricted from access to certain relevant FCPA-related information

Ø DOJ stated it would not take action against Halliburton for any subsequently determined violation

Ø Halliburton committed to (i) conduct a detailed internal review and (ii) report back to the Justice Department

27

OPR 2008-2 (cont.)

Ø In the Opinion, the DOJ outlined the specific guidance and time frames necessary to determine and disclose violations in order to mitigate Halliburton’s FCPA liability

Ø The Opinion serves as a guide based on the DOJ’s standard of disclosure §  Predicated on accuracy of facts as submitted to DOJ §  Not binding on DOJ in any other matter

28

M&A – Contract Terms

Ø Include appropriate protections §  Standard compliance reps and

warranties

§  Indemnity, including for costs of any compliance investigation

§  Additional terms if needed based on facts of deal

29

Post-Acquisition

Ø If not possible pre-acquisition, conduct due diligence post-acquisition

Ø Promptly incorporate acquired company into compliance program §  Training §  Re-evaluate third parties §  Audits of new business units §  Disclose if absolutely necessary

30

Hypothetical / Discussion

31

Hypothetical Ø  Alabama Co. is a US retail

company

Ø  Alabama wants to do a joint venture with British Co

Ø  Alabama would hold 60% of the JV; Brit Co would hold 40%

Ø  During diligence, Alabama reviews an audit report indicating that Brit Co’s agent paid customs officials to expedite entry of goods in China

32

Hypothetical (cont.)

Ø What steps should Alabama take?

Ø What if Alabama determines the payments were made? What should Alabama consider before it proceeds with the transaction?

33

Hypothetical (cont.)

Ø Alabama decides to proceed with the venture even though payments were made.

Ø Should Alabama disclose the issue to the US government?

Ø Are there other steps should Alabama take?

34

THANK YOU! Monica Reinmiller Thad McBride Director, Ethics & Compliance Partner Symantec Sheppard Mullin Richter & Hampton Monica_reinmiller@symantec.com tmcbride@smrh.com + 1 425.201.3022 +1 202.747.1925

For more information, visit these FCPA Compliance Resources from Convercent:

• Managing FCPA Risk Success Kit

• The Common Causes of FCPA Enforcement

• FCPA Fundamentals: 30 important considerations foreffective FCPA compliance program

More resources at Convercent.com/resources

FCPA Resources

37

Convercent’s enterprise governance, risk and compliance (GRC) platform enables the design and implementation of a measurably effective compliance program. Pairing a refreshingly intuitive user experience with actionable reporting, Convercent integrates the management of corporate compliance risk, cases, disclosures, training and policies. With hundreds of customers in more than 130 countries—including Philip Morris International, CH2M Hill and Under Armour—Convercent’s award-winning GRC solution safeguards the financial and reputational health of a company. Based in Denver, CO, Convercent is backed by Sapphire, Azure Capital, Rho Capital Partners and Muntucket Capital. For more information, visit Convercent.com

Convercent