Motion To Dismiss Filed In Eastern District Of New York Case Could Provide Opportunity For Clarity On Scope Of FCPA’s “Internal Accounting Controls” Provisions
On November 20, 2020, lawyers for a former investment banker, indicted in the United States District Court for the Eastern District of New York for his alleged role in the 1MDB matter, filed a Motion to Dismiss (“MTD”) the indictment against him, which includes charges of conspiracy to launder money and conspiracy to violate the U.S. Foreign Corrupt Practices Act (“FCPA”). Motion to Dismiss the Indictment and Other Relief, U.S. v. Ng Chong Hwa a.k.a. Roger Ng, 1:18-cr-00538-MKB (Nov. 20, 2020). While the MTD raises a number of issues—including whether EDNY is a proper venue given that the only allegations relate to wires that were transmitted through the EDNY, and whether the banker was an “employee” or “agent” of an “issuer” for purposes of the FCPA—the most interesting argument may be one that squarely challenges the scope of the FCPA’s internal accounting controls provisions. The question of whether the FCPA’s internal accounting controls provisions can be stretched to cover more traditional risk and compliance controls has long been debated, and even spurred a rare dissent from two SEC Commissioners last month, so a decision on the MTD could provide a much-needed opportunity for clarity.
In the MTD, in addition to raising a host of other arguments, defendant’s lawyers focused on two key aspects of the FCPA’s internal accounting controls provisions.
First, they argue that the FCPA’s language specifically refers to the “transactions and dispositions of the assets of the issuer.” In this regard, they argue that the alleged bribes involved were paid from funds of another entity (1MDB) involved in the underlying fraud scheme, and not from the assets of the issuer, i.e., the bank for which defendant worked. Defendant’s lawyers argue that the indictment failed to “identify any funds, assets or transactions of or relating to [the issuer] that were falsified, altered or impacted in any way so as to [affect] the company’s accounting controls.” They essentially argue that since the bribes were allegedly taken from 1MDB’s assets, at most it was 1MDB’s internal accounting controls that were circumvented, and not the bank’s, and because 1MDB is not an issuer, allegedly circumventing those controls cannot violate the internal accounting controls provisions of the FCPA.
Second and relatedly, defendant’s lawyers argue that to the extent the Government did try to tie the violation more directly to controls within the issuer, the focus was entirely on “compliance and legal groups within” the bank, and not on the type of accounting controls required under the FCPA’s language. Specifically, defendant’s lawyers argue that an accounting control “is a protocol concerning the identification, management and disposition of the issuer’s assets” and the term should not be rendered “endlessly expansive” by allowing it to cover an issuer’s compliance preferences.
These arguments, and the second aspect in particular, squarely raise a hotly debated point as to what constitutes an “internal accounting control” for purposes of the FCPA, and thus what breakdowns within an issuer’s controls can constitute a violation. In the Resource Guide to the U.S. Foreign Corrupt Practices Act (the “Resource Guide”), jointly issued by the U.S. Department of Justice (“DOJ”) and the U.S. Securities and Exchange Commission (“SEC”), the DOJ and SEC have stated that “issuers must devise and maintain a system of internal accounting controls sufficient to assure management’s control, authority, and responsibility over the firm’s assets.” The Resource Guide also states that while a company’s internal accounting controls “are not synonymous with a company’s compliance program, an effective compliance program contains a number of components that may overlap with a critical component of an issuer’s internal accounting controls.” The Resource Guide thus signaled an expansive reading but did little to delineate where an accounting control stops and where a compliance program begins, even though where one draws the line can spell the difference between conduct that is a violation and conduct that is not.
In an unrelated matter, on November 13, 2020, two SEC Commissioners (Hester Pierce and Elad Roisman) issued a statement in relation to their dissent in an enforcement action due to precisely this issue. Statement of Commissioners Hester M. Peirce and Elad L. Roisman – Andeavor LLC (Nov. 13, 2020). That action involved alleged violations of Section 13(b)(2)(B) of the Securities Exchange Act of 1934 due to the issuer having allegedly mismanaged a stock repurchase plan—according to the SEC order initiating the action, the issuer repurchased its stock from shareholders after its legal department concluded that it did not possess material nonpublic information about a merger, which the SEC concluded was in error. SEC Order Against Andeavor LLC (Oct. 15, 2020). Commissioners Pierce and Roisman stated that the SEC’s finding that this conduct reflected a failure of “internal accounting controls” entailed an unduly broad interpretation of the term. The Commissioners cautioned against the temptation to view internal accounting controls as a “generic ‘internal controls’ requirement,” and against blurring the lines between accounting controls and administrative controls.
The MTD thus provides an opportunity for a court to weigh in on this important issue. Indeed, if the Court agrees with defendant, the FCPA’s breadth could be meaningfully curtailed, and even if it does not, any increased clarity would be welcome. We do not expect any decision to significantly alter behavior in any event, however. Even if the Court agrees with defendant, companies should recognize that maintaining effective compliance programs and controls beyond “internal accounting controls” have benefits far beyond avoiding technical liability under the FCPA.