Due Diligence on International Deals with Foreign Business Partners
By George Benaur and Ben Rozenshteyn
Worldwide enforcement of corrupt business practices continues to intensify and the news is filled with new stories and large fines for violations of anti-bribery, sanctions, antitrust and other laws. While the United States’ Foreign Corrupt Practices Act (FCPA), the UK Bribery Act, and multinational agreements oblige companies to “know” their foreign counterparts, U.S. Securities and Exchange Commission, Russian Federation’s Rosfinmonitoring, and United Kingdom’s National Crime Agency tighten the noose on those willfully or maliciously ignorant.
In this business climate, companies need to be diligent in choosing their international business partners, but in practice, it is often difficult to find the right balance for what level of due diligence is required in a given situation. In addition, new technologies are entering the due diligence space, and companies, especially small to medium-sized businesses engaged in international trade, should seek case-specific and cost-effective solutions for each transaction to maximize both the effectiveness and cost of their due diligence and compliance programs.
Today, companies are expected to conduct deeper, more systematic investigations of potential international business partners. Legal and compliance officers are given more and more hints, as well as occasional resources, by way of enforcement actions and guides becoming public on a more frequent basis. The 2012 Resource Guide to the US Foreign Corrupt Practices Act, the 2010 Guidance on the Bribery Act, and the 2016 List of Mandatory Requirements, are just some of the resources released by foreign and domestic regulatory bodies for senior executives, board members, and their staffs.
In an environment where an offense may bring about severe penalties, individuals and companies are increasingly focusing on conducting due diligence and ensuring compliance, both prior to, and throughout the duration of their business ventures. The necessary scope of due diligence is somewhat of a gamble, as insufficient due diligence may increase risk exposure and liability, while excessive due diligence may lead to wasted time and resources. The void between insufficiency and excess may best be filled by a risk-based approach.
Since not all third-party relationships are the same, it follows that not all third-party risk is the same. This becomes particularly true when dealing with foreign business partners and assets. By utilizing a risk-based approach, it is possible to determine the appropriate level of due diligence for each third party. The lower the risk, the more basic and less costly the due diligence can be. Alternatively, the higher the risk, the broader, and more extensive the due diligence.
A report from the Deloitte, The Case for Vetting Global Business Partners, authored by John Leonard, director in the Forensic & Dispute Services practice of Deloitte Financial Advisory Services LLP, explores options for information-gathering and examines factors in the due diligence process for senior business leaders and international entrepreneurs to consider. The report is based on the aforementioned 2012 Resource Guide to the US Foreign Corrupt Practices Act, and the enforcement actions outlined therein. As evidenced by the report, the three most common due diligence pitfalls are:
- Failing to conduct timely and sufficient due diligence.
SEC and DOJ enforcement actions have cited situations where companies engaged business partners and conducted due diligence after the fact. In addition, many companies often rely on their own employees to complete internal documents without requiring the overseas business partner to answer specific questions.
- Failing to adequately verify information provided by business partners.
Numerous SEC and DOJ enforcement actions have criticized companies for failing to verify information disclosed on questionnaires completed by business partners.
- Failing to act on identified red flags.
The DOJ has also opined on the need for companies to act on risk factors identified during the due diligence process.
When considering a business relationship with international partners, companies are best advised to design an effective and thorough questionnaire that asks reasonable questions and puts the business partner “on the record” regarding certain key issues and potential red flags. To be effective, a questionnaire should be designed working with experienced legal counsel and should contain, at a minimum, the following elements:
- Company background, including identifying and registration information.
- Ownership and management, including beneficial owners and others able to exercise influence over the entity and any relationships with government officials, as well as information on these individuals.
- Disclosure of any civil, criminal, and regulatory matters, to identify a history of issues that may present risk factors.
- Anti-corruption knowledge and compliance, including questions about knowledge of laws and the company’s compliance regime and training efforts.
- References from individuals knowledgeable about the business partner who can provide verification of business relationships and experience.
- Signature of a responsible party who attests to the veracity of the information and agrees to abide by all applicable laws and policies of the company in carrying out its activities.
Effective international business partner due diligence requires that a company gather meaningful information, assess potential risk across the enterprise, and tailor risk-mitigation actions accordingly. Among key questions a company should ask regarding international business partners:
- Is this a “real” business partner with a business profile, and is it experienced in the relevant industry?
- Is the business partner owned by company employees, or do other potential conflicts of interest exist?
- Does the business partner, or its principals, have a track record of bankruptcy or solvency issues that might threaten the supply chain?
- Does the business partner, or its principals, have a history of serial litigation, criminal problems, counterfeiting, child labor, or product safety issues?
- Is the business partner associated with organized crime, terrorist groups, money laundering, bribery, or corruption?
- Is the business partner located in a country restricted by US law from receiving payment, or does the vendor appear on sanction and embargo lists such as that of OFAC?
By way of example, in connection with recent work involving an acquisition of a manufacturing facility in Eastern Europe, Benaur Law implemented a due-diligence checklist that was subsequently used both in pre-purchase communications and on the ground assessment of the prospective acquisition. The list included the following recommendations (specific subsections omitted):
- Lien Search
- Public Records and Litigation Search
- Financial and Accounting Review
- Contract Review
- Real Estate Review
- Insurance and Liability Review
- Supplier and Customer Review
- Operations and Organization Review
- Environmental Review
The firm has also recently been engaged to represent a software manufacturer and developer that has entered the space of KYC/AML compliance and is seeking to ease the burden for compliance officers of large financial institutions. This FinTech AML/KYC compliance business from Europe is entering the U.S. market and we are witnessing how technology is impacting the compliance field. Along with the developments in cybersecurity that we are seeing from our work with investigation companies, for whom the firm does certain contract-related work, we are seeing how new technology is swiftly changing the legal landscape for due diligence on international business deals.
Engaging competent legal counsel and conducting risk-based due diligence is an important step toward preventing regulatory actions against your business. With regulations becoming ever tighter in an ever more transparent and globalizing business world, skipping on this important procedure is a misstep that only few can afford. Solutions need to be found for every circumstance, as due diligence required for one transaction in a particular part of the world may be very different from another transaction with different counterparties elsewhere.