Foreign Corrupt Practices Act: High Risks for the Medical Device Industry

To prevent violations, medical device companies need to understand the act’s provisions.

Foreign Corrupt Practices Act: High Risks for the Medical Device Industry

REGULATORY OUTLOOK

Bethany Gilbert

On February 12, 2007, Johnson & Johnson acknowledged that it had disclosed to the U.S. Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) “that subsidiaries outside the United States are believed to have made improper payments in connection with the sale of medical devices in two small-market countries.” The company's announcement indicates that the medical device industry is not immune to the consequences of violating the Foreign Corrupt Practices Act (FCPA). Such behavior has resulted in an increase of aggressive FCPA enforcement. For example, less than two weeks after the finalization of deferred prosecution agreements with five medical device companies on domestic bribery charges, SEC informed three of those companies of its intent to investigate potential FCPA violations.

Michelle Merola Kane

Scope of the Foreign Corrupt Practices Act

According to the FCPA antibribery provisions, it is a criminal offense to pay, offer, or give anything of value to a foreign official, a foreign political party, or a candidate for foreign office for the purpose of obtaining or retaining business, or obtaining favorable or preferential treatment from the government.1 This prohibition includes offering money or anything of value to a third party while knowing that some or all of the payment will be passed on to a foreign official for an improper purpose. Third parties include employees of government-owned hospitals and other entities, as well as officials of international organizations, such as the World Health Organization and various European Union entities. In addition, under the FCPA, U.S. parent corporations may be held liable for the acts of foreign subsidiaries when they authorize, direct, or control the activity in question.

By its terms, the FCPA applies to U.S. companies, citizens, nationals, and residents, as well as anyone located in the United States, even temporarily, and foreign-based issuers under U.S. securities law. However, in 1998, the FCPA was amended to assert territorial jurisdiction over foreign companies and nationals. A foreign company is now subject to FCPA sanctions if it guides, directly or through agents, the corrupt payment to take place within the territory of the United States. This act can be as minute as calling or sending e-mails to the United States. Recent plea agreements with DOJ illustrate the government's willingness to pursue criminal cases against foreign companies acting in close concert with domestic corporations.

SEC has recently been using the accounting provisions of the FCPA, which require books and records of internal FCPA controls, to reach
improper transactions even where it has no primary jurisdiction. For instance, a technical violation would occur if a medical device company failed to record improper payments to a foreign private doctor. Although SEC does not have primary jurisdiction over payments made to foreign physicians, the technical books and records violation could result in fines or penalties.

Risks for the Device Industry

Timeline

1977Congress enacts the Foreign Corrupt Practices Act(FCPA).

1998FCPA is amended to assert territorial jurisdiction over foreign companies and nationals.

2007Johnson & Johnson's disclosure to DOJ indicates that device companies are not immune to the FCPA.

Medical device companies are particularly at risk with respect to FCPA violations. The FCPA covers officers and employees of the government and any subordinate department, agency, or instrumentality, as well as persons acting in an official capacity on behalf of a governmental entity. However, in many parts of the world, hospitals and clinics are government owned. Accordingly, medical staff and other employees are government officials within the meaning of the FCPA. Given that, sales activities that would ordinarily be considered routine could create FCPA liability. More directly, practices that are common in the medical device industry, such as product discounts tied to purchase volume and incentive programs to enourage increased purchasing, may violate both the letter and the spirit of the FCPA. These risks are multiplied for companies operating in high-growth overseas markets, such as China and India, where corruption is commonplace.

Dangerous Assumptions

Companies often ignore or tolerate possible FCPA violations based on a mistaken understanding of the law or ignorance of red flags such as expedited regulatory approvals or increased sales volumes. Medical device companies should be aware of some common misperceptions.

Myth #1: Bribes Paid by Foreign Agents or Subsidiaries Do Not Affect the U.S. Parent.

The FCPA prohibits persons located in the United States from approving or authorizing payments to government officials. Even if the party making the payment (such as a foreign sales agent) is not directly covered by the FCPA, a U.S. company can be liable if its officers or employees approve those payments. In practice, ignoring reports or suspicions of improper payments can be considered authorization of payments and lead to liability.

Under the FCPA, actual knowledge of the actions of a company's agent or partner is not necessarily required. Although the act does not, in the words of its legislative history, punish negligence or mere foolishness, purposeful ignorance or conscious avoidance will not shield an individual or a company from prosecution under the FCPA. Therefore, management and employees may not turn a blind eye to activity that appears to violate the act's provisions.

The recent guilty plea of Vetco Gray Control Inc. and its subsidiaries demonstrates this point. A General Electric Oil & Gas business, Vetco Gray provides equipment and services for onshore and offshore drilling and production. On February 6, 2007, Vetco Gray pled guilty to securing an improper advantage with respect to importation of goods and equipment in Nigeria. The company made corrupt payments to Nigerian customs officials. These payments to agents were explained as local processing fees or administrative transport fees in Vetco Gray records. E-mails and memos to the Vetco Gray entities in the United States indicated clear red flags of possible FCPA violations. Therefore, DOJ had jurisdiction over the foreign agents and subsidiaries in addition to the Vetco Gray entities in the United States.

Myth #2: Customary Payments in Areas Where Bribery Is Common Do Not Violate the FCPA.

“Everybody's doing it” is not a defense against an FCPA charge. On the contrary, knowledge that the company is operating in a corrupt environment can serve as the basis for establishing knowledge of improper payments. The tacit authorization theory can be used to establish liability where management is aware that bribery is common and fails to take steps to prevent it.

The FCPA permits payments that are “lawful under the written laws and regulations” of the official's country; however, the fact that bribery may be widespread in a particular country or industry does not make it permissible under either local law or the FCPA. The fact that a foreign official solicits or demands a bribe does not excuse such payments either. Finally, the mere absence of written laws prohibiting a specific activity (such as hiring a government official's spouse as a referral agent) does not meet the requirement that the activity be lawful under the country's written laws.

Medical device companies should be aware that recent enforcement trends indicate a broad interpretation of the FCPA. As stated, the act is limited to jurisdiction over transactions made for the purpose of obtaining or retaining business. Despite that fact, DOJ found that the Vetco Gray payments that were made in order to avoid customs restrictions were closely connected to obtaining or retaining business. Therefore, the payments were enforceable as an FCPA violation.

Myth #3: Small Payments Are Not Covered by the FCPA.

Although an exception for facilitating payments (often called grease payments) exists under the FCPA, this should not be confused with an exception for small bribes. The grease payments exception applies only to payments made to facilitate routine government action, such as mail pickup, power and water supply, and processing official papers. Routine government action never includes any decision to award new business or purchase a particular product or device.

Moreover, a company that ignores small bribes may overlook the cumulative effect of such payments. Here, the Vetco Gray case is again instructive. Most of the individual payments were relatively small. Few exceeded $5000 and some were less than $100. However, the total payments over a two-and-half-year period exceeded $2 million. The government focused on that total amount in its investigation. Companies should not assume that the government will overlook repetitive low-level bribery.

Avoiding Prosecution

Medical device companies with significant overseas sales should ensure that they have effective FCPA and international antibribery compliance procedures. Companies should also invest in training programs, as well as an adequate system of internal controls, for employees and agents of both U.S. and foreign entities. Management should carefully review contracts with foreign agents, including distributors and clinical research organizations. Those agents should annually certify that they have been advised of the FCPA requirements and that they intend to comply with those requirements. Medical device companies must also evaluate their sales and marketing programs to ensure that product incentive programs do not violate the broad FCPA prohibitions against offers or payments of any kind. Companies should keep in mind that, depending on the specifics, many discount and purchase incentives that fall under antikickback safe harbors may not be allowable transactions under the FCPA.

Finally, medical device companies should adopt a compliance plan that is carefully tailored to the company's international business operations. This is especially true for public companies, because the books and records provisions of the FCPA require public companies to accurately report financial information and to maintain a system of internal controls to prevent violations. An effective compliance plan works both to prevent FCPA violations and to identify small FCPA problems before they become big problems. Without such a plan, a company is exposing itself to possible criminal and civil fines and penalties, debarment, suspension, exclusion, limits on export licenses, and even private causes of action for treble damages.

Bethany Gilbert and Michelle Merola Kane are attorneys at Hodgson Russ LLP (Buffalo, NY). Gilbert can be reached at [email protected] and Kane at [email protected].

Reference

1. Foreign Corrupt Practices Act, 15 U.S.C. 78 (1–3).

Copyright ©2008 Medical Device & Diagnostic Industry

Sign up for the QMED & MD+DI Daily newsletter.

You May Also Like