SAP's FCPA Journey

The DOJ press office is an excellent resource and an opportunity to learn from the (alleged) missteps of others.?

Today’s post is a bit longer and more complex than usual, its a complicated international investigation with lots to unpack.? Highlights from the press release (available at: Office of Public Affairs | SAP to Pay Over $220M to Resolve Foreign Bribery Investigations | United States Department of Justice ) below:

• ?A publicly traded global software company (SAP) has agreed to pay over $220M to resolve FCPA violations involving bribes paid in South Africa and Indonesia to obtain business from government entities.
• The underlying bribery took place in 2013-2018.? The investigations involved collaboration with respective local law enforcement.
• The fines paid by the company equate to a criminal penalty of $118M and an administrative forfeiture of $104M.
• As part of the resolution of the case, the company has signed a three year deferred prosecution agreement.? A copy of the DPA is available here: ???dl (justice.gov)

The DPA includes details of the underlying allegations of bribery:

• The underlying bribes were made to government officials using intermediaries and were often reported as sale commissions.?
• The illegal payments in South Africa resulted in profits of to the Company of approximately $103M.
• Alleged payments in South Africa (listed below in USD equivalent amounts) include:

August 2016 payment of $155,555 recorded as a ‘sales commission’ to an intermediary, later transferred to a GO.

November 2016 payment of $215,800 to an intermediary.

Payments of more than $900,000 to an intermediary in 2013 and 2014.

Payments to multiple other third party intermediaries who were owned/controlled or closely affiliated with government officials.

• ? Alleged payments in Indonesia (listed below in USD equivalent amounts) include:

June 2018 payments of $3,600 and $5,040 that had been requested in cash via ‘an empty envelope”.?

In June 2018 officials of a state-owned telecommunications firm traveled to the United States where an intermediary paid for shopping trips by a Government Official ("GO") and their family member.? The intermediary had a budget of $10,000 and also provided the GO with a “luxury watch”.?

The government credited the company for the following items of cooperation relating to the Investigation:

1.????? Immediately cooperating with an investigation when allegations of misconduct were made public in 2017.

2.????? Expeditious production of documents across multiple jurisdictions.

3.????? Voluntarily making employees and company officers available for interviews.

4.????? Raising and resolving potential conflict issues between the government’s investigation and its own internal investigation.

5.????? Promptly collecting and analyzing “voluminous information, including complex financial information.”

6.????? Translating voluminous foreign language documents.

7.????? Taking images of the phones of custodians at the initiation of the Company’s investigation.

?

The Government also credited the company with the following remediation measures:

1.????? Conducting root cause analysis and undertaking appropriate remediation to address those root causes.

2.????? Undertaking a comprehensive risk assessment focusing on high risk areas and controls around payment processes, including incorporating comprehensive operational and compliance data into its risk assessments.

3.????? Eliminating its third-party sales commission model globally, and prohibiting all sales commissions for public sector contracts in high-risk markets.

4.????? Significantly increasing the budget, resources, and expertise devoted to compliance and ensuring adequate stature, independence, autonomy, and access to executive leadership.

5.????? Enhancing its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties.

6.????? Enhancing its reporting, investigations, and consequence management processes.

7.????? Adjusting compensation incentives to align with compliance objectives and reduce corruption risk.

8.????? Enhancing and expanding compliance monitoring and audit programs, planning, and resources, including developing a well-resourced team devoted to audits of third-party partners and suppliers.

9.????? Expanding its data analytics capabilities to cover over 150 countries, including all high-risk countries globally.

10.? Promptly disciplining any and all employees involved in the misconduct

?

One additional item to note.? The Company had previously (in February 2016) been fined about $4M by the SEC for FCPA violations related to its business activities in Panama.? SEC.gov | SEC Charges Software Company With FCPA Violations

?

For more information please consult your Legal/Compliance team or your Compliance counsel.??

?

?