Legislation

Spotlight on Foreign Corrupt Practices Act (FCPA) compliance

All U.S. firms seeking to do business in foreign markets must be familiar with the FCPA. Enacted in 1977 and amended several times since then, the FCPA generally states that if a foreign company has any footprint in the U.S., even simply wiring money through it, that company is subject to prosecution if involved in corrupt payments to foreign officials for the purpose of obtaining or keeping business.

The FCPA applies to any individual, firm, officer, director, employee, or agent of a firm and any stockholder acting on behalf of a firm. U.S. parent corporations also may be held liable for the acts of foreign subsidiaries where they authorized, directed, or controlled the activity in question, as can U.S. citizens or residents, who were employed by or acting on behalf of such foreign subsidiaries. The same provisions essentially extend to intermediaries which include joint venture partners or agents.

Between 2006 and 2009, the U.S. Department of Justice (DOJ) and the Securities and Exchange Commission (SEC), both of which have jurisdiction over the FCPA, initiated more enforcement actions than in the first 28 years of the FCPA’s existence. And the financial penalties for violations have skyrocketed. In December 2008, Siemens AG, Europe’s largest engineering firm, pleaded guilty to violating U.S. anti-corruption laws and was ordered to pay $1.6 billion to settle bribery charges in U.S. and Germany.

To ensure FCPA compliance, the DOJ recommends that companies exercise risk-based due diligence to ensure that they are doing business with reputable and qualified entities and representatives. The due diligence process, at minimum, should include investigating potential foreign representatives and joint venture partners to determine their general reputation and qualifications, whether they have personal or professional ties to the government, the reputation of their clients, and their history with the U.S. Embassy or Consulate, local bankers and other business associates. Additionally, the U.S. firm should be aware of “red flags,” i.e., unusual payment patterns or financial arrangements, indicators of corruption in the country or the particular industry, or refusal by the foreign joint venture partner or representative to provide certification that it will not engage in actions to further an unlawful offer, promise, or payment to a foreign public official and not cause the firm to be in violation of the FCPA (such as paying unusually high commissions, lacking transparency in expenses and accounting records, or retaining a joint venture partner or representative that has been referred by a government official.)

Capturing recent headlines are the changes to the FCPA-related compliance and ethics provisions of the Federal Sentencing Guidelines for Organizations that will become effective in November 2010. The amendments provide that a meaningful compliance program requires, among other actions, that when criminal conduct is detected, the company implement “reasonable steps to respond appropriately … to prevent further similar conduct.” An annotation to that provision specifies that the actions include “assessing the compliance and ethics program and making modifications necessary to ensure that the program is effective … and possibly including the use of an outside professional advisor to ensure adequate assessment and implementation of any modifications.”

The Guidelines also state that a board must be knowledgeable about the content and operation of the company’s compliance program and must “exercise reasonable oversight with respect to the implementation and effectiveness of its compliance and ethics.” Likewise, the DOJ’s prosecution guidelines consider whether the board exercises independent reviews of the compliance program and whether it is provided with information sufficient to enable the exercise of independent judgment. Directors have similar “Caremark” oversight duties arising under case law and various other directives, such as stock exchange rules, Sarbanes-Oxley, and audit committee charters.

Illinois Employee Credit Privacy Act (096-1426)

Effective January 1, 2011, the Act will prohibit employers, in many circumstances, from inquiring about or using an employee’s or prospective employee’s credit history as a basis for employment, recruitment, discharge, or compensation. The Act also will prohibit an employer from retaliating or discriminating against a person who files a complaint under the Act, participates in an investigation, proceeding or action concerning a violation of the Act, or opposes violation of the Act. Pursuant to the Act, an employer will not:

  • Fail or refuse to hire or recruit, discharge, or otherwise discriminate against an individual with respect to employment, compensation, term, condition, or privilege of employment because of the individual’s credit history or credit report.
  • Inquire about an applicant’s or employee’s credit history.
  • Order or obtain an applicant’s or employee’s credit report from a consumer reporting agency.

Exceptions to the Act are as follows:

  • State or federal law requires bonding or other security covering the individual holding the position.
  • Duties of the position include custody of or unsupervised access to cash or marketable assets valued at $2,500 or more.
  • Duties of the position include signatory power over business assets of over $100 or more per transaction.
  • Position is managerial, and involves setting the direction or control of the business.
  • Position involves access to personal or confidential information, financial information, trade secrets, or state or federal national security information.

The Act also states that nothing in its provisions shall prohibit employers from conducting a thorough background investigation which may include obtaining a consumer report and/or investigative report without information on credit history, as permitted by the Fair Credit Reporting Act (FCRA).

The FCRA and Employer’s Obligations

In recent years, negligent hiring and retention lawsuits have seen a dramatic rise, with settlement payouts averaging over a million dollars. These cases are predicated on the theory that an employer may be held liable for its negligence in placing a person with certain known propensities for criminal or other unfit behavior in an employment position where the individual poses a threat to others. The most common defense against negligent hiring or retention actions is based on foreseeability, which is often determined through a background investigation. Some courts have been more flexible than others in damage awards, but regardless of their stance, the closer the connection between the perpetrator’s dangerous propensity and the actual tortious conduct, the stronger the case against the employer. The law in both negligent hiring and negligent retention also recognizes that a company’s duty to avoid employing dangerous people does not end when an individual is hired–it extends to negligent supervision, negligent training and negligent firing.

Nearly every investigation that touches on employment is covered by the Fair Credit Reporting Act (FCRA), which defines employment (purposes) as “evaluating a consumer for employment, promotion, reassignment or retention as an employee.” If an employer uses a third party screening service to conduct a background investigation of an applicant or employee, that company is considered a “consumer reporting agency” (CRA) under the FCRA. The CRA’s reports, known as consumer reports, may contain information from educational institutions, professional licensing boards, former employers, courts, credit bureaus, references, motor vehicle departments, regulatory entities, media sources, etc.

The FCRA is a complex federal statute that has been significantly revised since 1970. But the Act’s primary mandate remains that CRAs adhere to “reasonable procedures” to protect the confidentiality, accuracy, and relevance of consumer information. Under its Fair Information Practices, the FCRA has established rules concerning personal information that include rights of data quality (to access, dispute and correct), data security, usage limitations, data destruction, disclosures, user consent, and accountability. The FCRA requires the employer/user to affirm to the CRA that it is in compliance (with FCRA) and has enacted the following directives prior to the initiation of a consumer report:

  • Verified that there is a legitimate need for requesting a consumer report
  • Certified that written permission was obtained from the applicant or employee and proper disclosures were provided
  • Stated the reason for requesting a consumer report
  • Certified that the information will be used for employment purposes only.

Before any adverse action is taken based on information in the consumer report, the FCRA obligates the employer to provide the applicant or employee a copy of the report and summary of consumer rights prescribed by the FCRA. And if adverse action is taken, the employer must deliver an “adverse action notice” to the affected individual. Further, the employer must certify that it will not use any information from a consumer report in violation of the applicable federal or state equal opportunity laws and regulations.

The FCRA makes a distinction between a “consumer report” and “investigative consumer report.” Its delineation of a “consumer report” is that it is comprised of verifications of facts about education, employment or other claims made by the applicant, while an “investigative consumer report” is a compilation of information about character, general reputation, personal characteristics, or mode of living through interviews. Thus, an employer who uses investigative consumer reports must comply with the provisions of the FCRA that apply generally to consumer reports as well as the provisions that are specific to investigative consumer reports which include “clearly and accurately” disclosing in writing that it may obtain the aforementioned information. This notice must contain a statement advising the individual of the right to request additional disclosures concerning the nature and scope of the inquiry, along with a written summary of consumer rights. Also, for an investigative consumer report, the disclosure must be made within three days after such report is requested, while in a consumer report, notice must be given before the report is procured.

The FCRA rules also apply when an employer uses a third party to investigate employee misconduct. The employee must be notified “clearly and conspicuously” and authorize, in writing, the undertaking of an investigative consumer report. If the employer disciplines or adversely treats the employee based upon the information in the report, the employer must provide the employee, within 60 days of the adverse decision, the following:

  • Notice of the disciplinary action
  • Name, address and telephone phone number of third party that prepared the report
  • Statement that said third party had no input into the decision to discipline the employee and thus will not provide information about the action taken
  • Notice that the employee is entitled to a free copy of the report and can request that the employer state the reason for the disciplinary action.

The FCRA does not apply to investigations of misconduct conducted by internal personnel or by third parties which do not regularly prepare such reports.

Violations of the FCRA can lead to civil and/or criminal penalties for the CRA and the employer. Civil penalties may carry nominal damages (up to one thousand dollars if no actual damages exist), actual and punitive damages, and attorneys’ fees and costs, if there is “willful noncompliance.” Civil penalties for “negligent noncompliance” are confined to actual damages and attorneys’ fees and costs. Criminal penalties may be imposed when a party knowingly and willfully obtains information from a CRA under false pretenses.

Establishing a relationship with a reputable CRA is one of the best assurances of FCRA compliance. An experienced company can provide guidance not just in the legal process of the FCRA, but also instill trust that it has met its related obligations.

FTC proposes changes to improve credit reporting notices

The Federal Trade Commission announced on August 16, 2010 that it is proposing revisions to the notices that consumer reporting agencies provide to consumers, and to users and furnishers of credit report information under the Fair Credit Reporting Act (FCRA). The FCRA requires the FTC to publish model notices for several forms that must be provided by consumer reporting agencies. The proposed changes are designed to reflect new rules that the FTC and other financial regulators have enacted under the Fair and Accurate Credit Transactions Act of 2003, and to make the notices more useful and easier to understand.
In addition to revising the general Summary of Rights notice, which informs consumers about their FCRA rights, such as how to obtain a free credit report and dispute inaccurate information, the FTC is proposing improvements to the notices that credit
reporting agencies provide to users and furnishers of credit report information.
The FTC is accepting public comments on the proposed changes until September 21, 2010.
(The FTC contact is Pavneet Singh, Bureau of Consumer Protection, at 202-326-2252.) See http://www.ftc.gov/os/fedreg/2010/august/100816fcranotice.pdf for the full text of the proposed revisions.

Can a person be denied a job or be terminated because of a bankruptcy filing?

Section 525 of the Bankruptcy Code provides two slightly different standards for government applicants and employees, and for private employers. The bankruptcy discrimination statute for government employees

[s.525(a)] states that:

[The government] may not…deny employment to, terminate the employment of, or discriminate with respect to employment against, a person that is or has been a debtor under this title or a bankrupt or a debtor under the Bankruptcy Act, or another person with whom such bankrupt or debtor has been associated, solely because such bankrupt or debtor is or has been a debtor under this title or a bankrupt or debtor under the Bankruptcy Act, has been insolvent before the commencement of the case under this title, or during the case but before the debtor is granted or denied a discharge, or has not paid a debt that is dischargeable in the case under this title or that was discharged under the Bankruptcy Act.

Section [s.525(b)] applies to private employers, and states that:

No private employer may terminate the employment of, or discriminate with respect to employment against, an individual who is or has been a debtor under this title, a debtor or bankrupt under the Bankruptcy Act, or an individual associated with such debtor or bankrupt, solely because such debtor or bankrupt (1) is or has been a debtor under this title or a debtor or bankrupt under the Bankruptcy Act; (2) has been insolvent before the commencement of a case under this title or during the case but before the grant or denial of a discharge; or (3) has not paid a debt that is dischargeable in a case under this title or that was discharged under the Bankruptcy Act.

What is a qui tam lawsuit?

A qui tam is a provision of the Federal False Claims Act that allows private citizens, also known as whistleblowers or relators, to bring a lawsuit in the name of the U.S. Government against entities or persons suspected of fraud in the use of government funds. The qui tam plaintiff, if successful in the suit, is entitled to a percentage of the funds recouped by the government, which generally is between 15 to 30% of the recovered amount. Qui tam verdicts and settlements can reach into billions of dollars. In the fiscal year ending September 30, 2009, the Justice Department recovered $2.4 billion in false claims cases, and posted total recoveries of more than $24 billion since 1986.

Update on Senate Bill 1045 (OL 2010. Ch. 102) which amends Oregon Revised Statute 659A.885 that restricts employer’s use of credit history in employment decisions

The Oregon Bureau of Labor and Industries published its final administrative rules regarding Senate Bill 1045 (OL 2010. Ch. 102). The regulations go into effect July 1, 2010. The Oregon Revised Statute 659A.885 specifically prohibits an employer from obtaining or using credit history for employment purposes of an applicant or employee unless that credit history information is “substantially job-related, and the employer’s reasons for the use of such information are disclosed to the employee or prospective employee in writing.” The state of Oregon set up a hotline (at 971-673-0824) to explain the new regulations. The regulations can also be viewed online at http://www.oregon.gov/BOLI/LEGAL/docs/RulesSoS0052010.pdf

What laws require or influence background screening of volunteers?

Whether a volunteer is required by law to submit to a background check depends on the type of organization for which the volunteer work is performed. Several state and federal laws regulate health and public safety organizations, some of which require screening of both employees and volunteers. There are also other laws that provide protection to at-risk populations, especially children. One such law allows the public to access information about convicted sex offenders. For more information and a link to state sex offender registries, see the U.S. Department of Justice’s Child Exploitation and Obscenity Section at http://www.usdoj.gov/criminal/ceos/index.html.

The laws that facilitate an organization’s screening of volunteers are the Volunteers for Children Act of 1998 (VCA) Public Law 105-251, which amended the National Child Protection Act of 1993 (NCPA), 42 USC § 5119(a) a.k.a. “Oprah’s Law” allowing volunteer organizations to access federal criminal records, and the Fair Credit Reporting Act (FCRA), 15 USC §1681, if a background check is performed by a third-party background screening firm.

Searching for violators of the Social Security Act for program-related fraud and patient abuse?

Try the U.S. Department of Health & Human Services – Office of Inspector General Web site (http://oig.hhs.gov/.)

For many years the Congress of the United States has worked diligently to protect the health and welfare of the nation’s elderly and poor by implementing legislation to prevent certain individuals and businesses from participating in federally-funded health care programs. The OIG, under this congressional mandate, established a program to exclude individuals and entities affected by the various legal authorities, contained in sections 1128 and 1156 of the Social Security Act, and maintains a list of all currently excluded parties called the List of Excluded Individuals/Entities, at http://oig.hhs.gov/fraud/exclusions.asp. Basis for exclusion include convictions for program-related fraud and patient abuse, licensing board actions and default on Health Education Assistance Loans.

Alert Regarding Sexual Offender Data

A new California case came out March 23, 2010 that gives a background firm protection when it reports sexual offender data from the Megan’s Law Web site, and also clarifies that the prohibition of using sex offender registration information for employment does not apply when there is a person at risk.
For a quick review of the case, see:
http://www.esrcheck.com/wordpress/1440/california-case-protects-constitutional-right-of-background-screening-firm-to-report-sex-offender-registration.
The actual case can be found at:
http://www.courtinfo.ca.gov/opinions/documents/B214653.PDF

Go to Top