Anti-Corruption Compliance: FCPA and US Standards
The Foreign Corrupt Practices Act (FCPA) and related US anti-corruption standards govern how American companies and individuals conduct business with foreign officials, prohibiting bribery and mandating transparent accounting practices. Enforcement spans domestic and international operations, with penalties reaching tens of millions of dollars per violation. This page covers the statutory framework, how FCPA compliance programs are structured, the scenarios most likely to trigger enforcement, and the decision boundaries that separate lawful facilitation from prohibited conduct.
Definition and scope
The FCPA, enacted in 1977 and significantly amended by the Omnibus Trade and Competitiveness Act of 1988, contains two principal components: the anti-bribery provisions and the accounting provisions. The US Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) share enforcement authority, with DOJ handling criminal prosecutions and SEC managing civil enforcement for issuers registered with the commission.
Anti-bribery provisions prohibit US persons, US-registered companies, and foreign companies listed on US exchanges — along with their agents and intermediaries — from paying, offering, or authorizing anything of value to a foreign government official to obtain or retain business. The term "foreign official" includes employees of state-owned enterprises, a category that has been consistently construed broadly by DOJ (see the FCPA Resource Guide, 2nd Edition, DOJ/SEC 2020).
Accounting provisions apply to all SEC-registered issuers regardless of whether any foreign conduct is involved. These provisions require accurate books and records and a system of internal accounting controls sufficient to prevent and detect improper payments (15 U.S.C. § 78m(b)).
The FCPA's jurisdictional reach extends to conduct occurring outside the United States when it involves a US nexus — a wire transfer through a US bank, an email routed through US servers, or an action taken by a US person abroad. Foreign subsidiaries of US companies fall within scope if a US parent directed, authorized, or knowingly permitted the conduct.
An effective compliance program typically treats FCPA obligations as one layer within a broader anti-corruption framework that also references the UK Bribery Act 2010, OECD Anti-Bribery Convention obligations, and domestic statutes such as the Travel Act (18 U.S.C. § 1952).
How it works
A structured FCPA compliance program follows a framework with discrete operational phases:
- Risk assessment — Mapping geographic markets, transaction types, and third-party relationships against corruption risk indices such as Transparency International's Corruption Perceptions Index. Higher-risk jurisdictions and transaction types receive proportionally greater controls.
- Policy and procedures development — Drafting gift, entertainment, and hospitality policies; anti-facilitation-payment policies; and vendor due diligence procedures aligned with the FCPA's text and the DOJ/SEC Resource Guide standards.
- Third-party due diligence — Screening agents, distributors, joint-venture partners, and consultants who interact with foreign officials. The Resource Guide identifies third-party intermediaries as the single highest-risk vector in FCPA enforcement actions.
- Training and communication — Delivering role-specific training to personnel who travel internationally, manage procurement, or supervise third-party contracts. (Compliance training frameworks address cadence, format, and documentation requirements.)
- Monitoring, auditing, and testing — Conducting transactional testing of expense reports, accounts-payable ledgers, and petty-cash accounts in high-risk locations. The COSO Internal Control – Integrated Framework provides widely adopted control benchmarks.
- Reporting and investigation — Maintaining a mechanism for employees and third parties to report suspected violations, and establishing investigation protocols with legal privilege protections in place.
- Remediation and continuous improvement — Updating controls in response to audit findings, enforcement trends, or changes in business operations.
Common scenarios
FCPA enforcement actions cluster around identifiable transaction patterns:
- Government procurement and licensing — Payments to officials who control permits, import licenses, or contract awards. This is the most frequently charged fact pattern in DOJ enforcement actions.
- Customs and inspections — Cash payments to expedite customs clearance, which may constitute "facilitation payments" (a narrow statutory exception that applies only to routine non-discretionary acts) or prohibited bribes depending on the official's discretionary authority.
- State-owned enterprise contracting — Payments to employees of entities that are majority-owned or controlled by a foreign government. Courts and enforcement agencies have upheld broad SOE coverage even when the entity operates in a commercial sector.
- Hospitality and gifts — Sponsoring travel, entertainment, or gifts for foreign officials. The FCPA does not set a bright-line dollar threshold; materiality and intent govern analysis.
- Charitable donations and political contributions — Payments routed through nominally charitable or political vehicles that benefit an official's personal or professional interests.
Decision boundaries
The most consequential analytical distinctions in FCPA practice are:
| Factor | Permitted | Potentially Prohibited |
|---|---|---|
| Payment type | Bona fide promotional expenses, lawful under local law | Payments to influence discretionary official action |
| Facilitation payments | Routine governmental action, non-discretionary | Payments to obtain licenses, contracts, or favorable rulings |
| Recipient | Private commercial party | Foreign government official or SOE employee |
| Intermediary knowledge | No reason to know funds will reach an official | Red flags ignored or willful blindness applied |
| Books and records | Accurate characterization of expenditure | Mischaracterized as "consulting fee" or "commission" |
The facilitation payment exception — codified at 15 U.S.C. § 78dd-1(b) — is narrowly construed and does not exist under the UK Bribery Act 2010, creating a compliance asymmetry for multi-national operations. DOJ's Corporate Enforcement Policy rewards voluntary self-disclosure, full cooperation, and timely remediation with potential declinations or reduced penalties, making compliance due diligence documentation critical before and after suspected violations surface.
References
- US Department of Justice — FCPA Overview
- SEC FCPA Spotlight Page
- DOJ/SEC FCPA Resource Guide, 2nd Edition (2020)
- 15 U.S.C. § 78dd-1 — FCPA Anti-Bribery Provisions, House US Code
- 15 U.S.C. § 78m(b) — Accounting Provisions, House US Code
- DOJ Corporate Enforcement Policy
- COSO Internal Control – Integrated Framework
- Transparency International Corruption Perceptions Index
On this site
- Compliance: Standards Overview
- Process Framework for Compliance
- Compliance: Scope
- Compliance Services: Definitions and Scope of Practice
- Core Components of an Effective Compliance Program
- Compliance Risk Assessment: Methods and Frameworks
- Compliance Monitoring and Auditing Practices
- Compliance Officer: Roles and Responsibilities
- Compliance Training and Education Requirements
- Developing Compliance Policies and Procedures
- Compliance Reporting Mechanisms and Hotlines
- Conducting Internal Compliance Investigations
- US Compliance Enforcement Actions and Penalties
- Compliance Requirements by US Industry Sector
- Healthcare Compliance Requirements in the US
- Financial Services Compliance in the US
- US Environmental Compliance Requirements
- Workplace Safety Compliance: OSHA and US Standards
- Data Privacy Compliance in the United States
- Employment Law Compliance for US Employers
- Third-Party and Vendor Compliance Management
- Compliance Documentation and Recordkeeping Requirements
- Building a Culture of Compliance and Ethics
- Compliance Technology Platforms and Tools
- Regulatory Change Management for Compliance Teams
- Compliance Gap Analysis: Process and Best Practices
- Compliance Corrective Action Plans: Development and Execution
- Federal Agency Compliance Requirements in the US
- State-Level Compliance Considerations for US Organizations
- Compliance Outsourcing and Managed Compliance Services
- Compliance Metrics, KPIs, and Performance Measurement
- Compliance Committee Structure and Governance
- Whistleblower Protections Under US Compliance Law
- Compliance Due Diligence in Mergers and Acquisitions
- Annual Compliance Review: Process and Requirements
- Compliance Attestation and Self-Certification Processes