The U.S Department of Justice and Securities and Exchange Commission (SEC) recently announced a Foreign Corrupt Practices Act (FCPA) enforcement action against German-based medical device company Fresenius Medical Care resulting in an approximately $232 million settlement. If you’re not familiar with the FCPA, the law prohibits business organizations from paying or offering money or other things of value, directly or indirectly, to foreign officials to influence their discretion in obtaining or retaining business.
This wide-ranging enforcement action against Fresenius serves as an important reminder for compliance professionals in all industries regarding several prominent FCPA enforcement practices. Below are a few compliance takeaways from the matter that you can apply to your business.
FCPA enforcement defines “foreign officials” as a more extensive category than you may realize
The FCPA enforcement action against Fresenius alleged improper relationships with physicians, nurses and hospital administrators associated with various foreign healthcare systems. Given that Congress intended for foreign officials to mean traditional government officials such as Presidents and Prime Minister, it may surprise you that health officials are considered foreign officials by the U.S. government, but this enforcement theory has been prominent for at least a decade.
Compliance officer’s in the health care sector need to be aware of this and communicate it to any employees in the global marketplace who may have points of contact with this expansive category of alleged “foreign officials.” Indeed, without first understanding which points of contact in the global marketplace are subject to the FCPA, many subsequent compliance practices may be for naught.
Under FCPA enforcement policy, “anything of value” means just that
Under the FCPA, “anything of value” means just that – anything of value. The items of value offered to physicians, nurses or hospital administrators by Fresenius included gifts, side trips and extra day accommodations for physicians in connection with travel to medical conferences, donations to charities or projects of importance to the physicians, educational benefits, payment through sham consulting contracts for non-existent services, and providing free shares in various business entities.
Having a strong internal control environment is key
In the Fresenius case, the government was critical of Fresenius’s FCPA-required internal control environment. For instance, the SEC found (among other internal control deficiencies) that Fresenius failed to properly assess and manage its worldwide risks, devote sufficient resources to compliance including by failing to assign a compliance officer to high-risk regions, adequately train employees on its anti-corruption policies, and engage in sufficient due diligence of third parties.
Minimize FCPA risk
FCPA risk is best minimized when compliance is approached as a team effort among your accounting, finance, and auditing departments. With high levels of collaboration, problematic corporate expenses can be prevented.