Holding companies, not just individuals, responsible for corporate crime
Brandon L. Garrett (@brandonlgarrett), Justice Thurgood Marshall Distinguished Professor of Law at the University of Virginia School of Law and author of Convicting the Innocent (2011) and Too Big to Jail (2014).
The OECD Working Group on Bribery (WGB) is correctly interested in examining more closely the question of legal liability of organizations, including corporations. The broad question raised is what makes for an effective system for the liability of legal persons and as the WGB recognizes, there are many choices that follow if corporate criminal liability is adopted. Corporate criminal liability has evolved enormously in the United States, not in the legal standard, but in the details of its implementation, and many lessons can be learned from that experience.
Costs and Benefits of Corporate Criminal Liability
One advantage of entity legal liability for foreign bribery, and a range of crimes, is that often employees and agents are not facilitating the payment of bribers purely or even chiefly for their own benefit, but rather for the benefit of a corporation. The bribe money may come from the corporation, with the intent of securing business for the corporation, and the employees may at best want to be rewarded in their careers at the corporation. The corporation may create the environment that encourages employees, officers, and agents to pay bribes to secure business. The corporation itself must be deterred from promoting bribery. The corporation may also be in the best position to adopt measures to prevent bribery in the future. Employees may be fired or prosecuted, but their replacements will continue the same practices if the corporation does not change its own policies and culture.
For those reasons, punishing only individuals may not affect the incentives and the culture that the corporation created. That said, corporations need not be punished criminally if civil alternative suffice to deter bribery. Whether civil fines and civil injunctions are adequate to do so, may depend on what penalties are available to civil enforcers and whether they have the investigative resources to effectively uncover and penalize bribery schemes. In many countries, civil regulators cannot impose punitive fines. If a company, for example, need only disgorge its gains from bribery when it is caught, there is little incentive not to continue paying bribes to secure profitable business. However, if civil regulators can impose punitive fines (for example fines up to twice the gains to the company or the losses to victims – the standard under the criminal Alternative Fines Act in the US) then the outcome may not be much different than if the case was denominated as criminal. The only difference may be the reputational threat of a criminal case, the collateral consequences of a criminal action, and requirements in criminal cases that a company cooperate in any investigations of individuals. Each of those features of criminal enforcement in the US could in theory be made part of a civil enforcement scheme – even cooperation in any pending criminal investigations of individuals. Collateral consequences such as debarment or suspension can also (and often are) be associated with civil enforcement.
The main reasons to denominate penalties and sanctions (such as monitoring or compliance) as criminal would be that civil authorities in a given country might not have the enforcement resources, investigative resources, or penalties and sanctions available to sufficiently deter and punish foreign bribery.
Procedure may enhance or limit the ability to adopt corporate criminal liability in a jurisdiction. For example, if entities have self-incrimination rights, then an entity target will be able to resist providing documents and information about wrongdoing – corporate criminal liability will make it more difficult for enforcers to secure information about what transpired. Or if corporate criminal liability better incentivizes cooperation in investigation of individual offenders, it may enhance accountability in such cases.
Jurisdictional obstacles to bringing bribery cases against employees of a multi-national corporation may not exist for corporations that have an operating presence in a country. As a result, jurisdiction may be another practical reason to have corporate criminal liability (however, civil liability could also be premised on the same concept of jurisdiction).
Form of Corporate Criminal Liability
Some countries adopt modified forms of corporate criminal liability in which prosecutors must prove involvement of high level officials, for example, or that the criminal actions were endorsed or ratified by top-level officers. Such approaches make it far too difficult to impose liability and they lead to complex investigation and litigation of questions regarding knowledge of particular actors within a company. Individual accountability can and should be investigated separately, but to intermingle such questions with the question of corporate liability hinders effective enforcement.
A strict or respondeat superior standard imposes liability on a company for the actions of agents acting with the scope of their employment and at least in part to benefit the corporation. That broad standard, adopted in federal court in the United States, makes it clear that a company cannot avoid liability for actions of employees, or of contractors or subsidiaries acting at least in part in the interests of the corporation. If a jurisdiction is to adopt corporate criminal liability, that liability standard is preferable, in my view. All conduct by agents, including hired intermediaries, contractors, broadly defined, should support liability. Nor are such agents “unrelated” if they are hired by the corporation.
There is no reason to excuse bribery when it is a “low-level” employee that commits it. The problem is not a mere failure to supervise; the low level employee has no reason to engage in bribery except to benefit the corporation. If there is a low-level employee exception to bribery law then corporations can tacitly encourage the most dispensable low-level employees to violate bribery laws.
Nor is there any reason to excuse successors from the criminal actions of the entity they acquired. A sale or merger should not wipe the criminal slate clean. Otherwise, companies would play a shell game, engaging in mergers or sales simply to avoid consequences of their crimes. Companies should be expected to do due diligence regarding criminal exposure before making a purchase, and that potential liability and need to do due diligence will further encourage compliance to detect and prevent bribery.
More nuanced questions concerning whether the corporation should be fully blameworthy can be addressed as a matter of sentencing or through settlement with prosecutors. Whether to credit corporate cooperation and self-reporting or existing compliance efforts, for example, can be considered as a matter of sentencing, or in negotiation of settlement agreements. Keeping such case-specific questions separate from the question of the liability standard, however, has real advantages.
Settlements and Remedies
There is much to discuss regarding how settlements can or should occur and options for guiding and structuring corporate settlements. I have argued that having judicial involvement in the approval and supervision of settlements enhances the legitimacy of the process and permits the public interest to be better considered. Purely out-of-court settlements should be avoided.
Compliance may be important to reforming a corporation going forward, and as a condition of resolving a bribery case. Prospective compliance is more important, in my view, than the question whether to reward retrospective compliance. It is problematic to excuse penalties based on pre-existing compliance – which was by definition ineffective in detecting bribes – and because assessing compliance from the outside is challenging. It is important to carefully assess a company’s compliance, and if it truly did everything it could to prevent bribers, then it should be mitigating factor, but not a shield from liability.
There should also be clear incentives to audit and assess compliance, even if the result uncovers self-critical information. Indeed, there should be incentives to share best practices across industry. Enforcers and prosecutors should make the rewards for sharing best practices clear and they should promote sharing of best practices.
More important will be imposition of deterrent fines – and on the detection side of the equation, rewarding self-reporting by companies, since it can be very difficult for enforcers to know whether bribes were paid. Enforcers should also reward whistleblowers who report bribery.
General Corporate Criminal Liability
Having a general standard for corporate criminal liability has the advantage that bribery crimes may be accompanied by other corporate crimes, like money laundering, fraud, or antitrust violations, to name just a few examples. Adopting anti-corruption crimes but not having mechanisms to address accompanying criminal conduct can weaken enforcement. That said, as with any crime, it is far better for bribery crimes to be detailed in statutes to provide clear notice as to what conduct is prohibited.
Finally, I note that as more countries adopt corporate criminal liability for bribery and other crimes, it will be important to develop coordination rules, including double jeopardy norms, so that corporations do not face multiple overlapping punishments for the same conduct.
These comments on corporate criminal liability are a contribution to a public consultation being conducted by the OECD Working Group on Bribery in the lead-up to a Roundtable being held on International Anti-Corruption Day on 9 December. This will provide inputs to the fourth round of Working Group monitoring of the Anti-Bribery Convention, which will include a focus on corporate liability.