On February 17, 2022, KT Corporation (KT, formerly known as Korea Telecom) resolved a Foreign Corrupt Practices Act (FCPA) enforcement action with the Securities and Exchange Commission (SEC) related to corruption schemes in South Korea and Vietnam. Without admitting or denying the SEC’s allegations, KT consented to the SEC’s order and agreed to pay $3.5 million in civil penalties and another $2.8 million in disgorgement. This matter comes shortly after South Korean officials indicted KT and 14 executives for criminal violations related to illegal political contributions from slush funds in November 2021.
Although KT is the first FCPA resolution of 2022, the underlying misconduct revisits a number of well-known areas of compliance risk and highlights ongoing enforcement priorities.
- Slush funds and off-the-books accounts. “From at least 2009 through 2017, high-level executives of KT maintained slush funds, comprised of both off-the-books accounts and physical stashes of cash, in order to provide items of value to government officials, among others. These included gifts, entertainment and, ultimately, illegal political contributions to members of the Korean National Assembly serving on committees relevant to KT’s business.”1 Specifically, from 2009 to 2013, the off-the-books accounts were funded via a scheme to pay inflated bonuses to company officers and executives, who then held the excess cash either in personal bank accounts or in a safe at the company’s corporate headquarters. In October 2013, media reports uncovered the bonus scheme, resulting in resignations and, subsequently, criminal charges in 2014. KT employees then devised a new method to continue the slush funds by using gift cards (see below).2
Slush funds and off-the-books accounts hark back to the origins of the FCPA. Congress enacted the FCPA in 1977 after Watergate investigations identified widespread corporate misconduct, including an SEC finding that more than 400 U.S. companies had paid hundreds of millions of dollars in bribes to foreign government officials in order to win business mandates and that those companies were falsifying their books and records to conceal the illegal payments. The SEC further found that companies were making illegal political donations through slush funds and off-the-books accounts.3 As a result, slush funds, off-the-books accounts, and related accounting controls have been FCPA compliance concerns and SEC enforcement priorities since the FCPA’s inception. Accordingly, companies should design compliance and accounting controls that promptly identify and close any off-the-books accounts.
- Gift cards and cash equivalents. From 2014 to 2017, KT’s Corporate Relations Group purchased gift cards, which then were converted to cash. A KT manager would meet the gift card vendor in a van in a parking lot next to KT’s corporate headquarters, where the vendor would hand over a manila envelope of cash corresponding to the amount of gift cards purchased, less the vendor’s commission. The KT manager then distributed the cash to other KT officers and managers with the understanding that they would distribute the funds to the political contribution accounts of various Korean lawmakers. The purpose of this scheme was to evade the Korean Political Funds Act, which prohibits corporate political donations, and to curry favor with members of the Korean National Assembly who sat on committees with oversight over the Korean telecommunications industry. KT incorrectly recorded the gift card purchases on its books and records as either “research and analysis” or “entertainment,” when, in fact, the gift cards were used to fund off-the-books accounts and to make illegal political contributions.4
Gift cards, pre-paid credit cards, coupons, and vouchers have long been an area of FCPA compliance concern because they function as cash equivalents and often have a limited audit trail. For example, in China, it is customary to give mooncakes, a pastry-like food item, as a gift to business contacts for the Mid-Autumn Festival. Often, the gift takes the form of a voucher to retrieve mooncakes at a bakery, which is logistically more practicable than mailing perishable items. However, some commercial bakers in China will provide the voucher holder with cash or a store credit in lieu of mooncakes. In addition, there is a secondary market for mooncake vouchers, and the voucher holder may be able to sell the voucher for cash. Accordingly, what may seem to be an efficient manner to extend a simple business courtesy—a gift of holiday pastries—in practice can be a way to provide cash corruptly to government officials and thus raises a significant compliance risk. As a compliance best practice, gift cards, pre-paid credit cards, coupons, and vouchers should be used in limited circumstances, if not avoided entirely.
- Charitable contributions. Between 2015 and 2016, KT made $1.6 million in donations to three foundations at the behest of high-ranking Korean executive branch officials. “Despite the circumstances—direct requests for payment coming from or on behalf of high government officials—KT took no steps to determine if the payments were legitimate donations, rather than illicit payments made at the behest of government officials. Further, neither Foundation A nor B was established when the donation request was made or when KT managers agreed to make the payments.”5
Charitable donations have been a known-area of FCPA compliance risk for at least 20 years. For example, from 2000 to 2003, Eli Lilly and Company’s Polish subsidiary donated $39,000 to a small charity in Poland that was the pet project of a Polish government official who exercised influence over a state-run medical facility’s procurement decisions.6 As a compliance best practice, charitable contributions should be thoroughly diligenced, and the rationale for the donation should be contemporaneously documented.
- Employment decisions. “In 2015 and 2016, a Blue House7 official urged, and KT senior management agreed, to hire two advertising executives with personal connections to the Blue House and then, once hired, transferred them to more desirable positions … The requesting Blue House official was clear with KT senior management that ‘the VIP’ – whom KT officials understood was the Blue House official’s ultimate boss – ‘had major concerns about KT’s advertisements’ and that these moves were ‘important to the VIP.’ Notwithstanding these circumstances, and without conducting due diligence on the individuals or the agency, KT paid the two individuals a total of $454,009 in salaries and the advertising firm a total of $5.88 million in fees.”8
For more than 20 years, hiring and employment opportunities have been an ongoing area of FCPA compliance risk and enforcement.9 Indeed, there have been numerous recent FCPA enforcement actions related to the hiring of family, friends, and associates of government officials in order to obtain business or to gain a business advantage.10 As a compliance best practice, any request from a government official to hire a particular individual or company should be carefully scrutinized, and a decision to engage any such individual or company should be well-documented and based on objective criteria, such as price, ideally established through a competitive selection process.
- Use of third party intermediaries. Between 2014 and 2018, KT employees in Vietnam engaged third parties connected to government officials to pay bribes in order to win contracts for two government projects. A Vietnamese government official introduced KT to one of the third party agents, and KT learned from its consortium partner that the agent would be paid ten percent of the project cost and would pass seven percent of the project cost back the government official. The third-party payments in Vietnam were recorded on KT’s books and records as “consulting services.” According to the SEC, KT lacked sufficient internal accounting controls regarding payments to third parties and had no compliance policies or procedures relating to third-party due diligence.11
Since the FCPA’s enactment in 1977, approximately 90 percent of all FCPA enforcement actions have involved the use of corrupt third party intermediaries, such as consultants, sales agents, distributors, lobbyists, public relations firms, expediters, and consortium or joint venture partners.12 Accordingly, third parties arguably are the single largest source of FCPA compliance risk, and compliance programs should devote resources to third-party diligence, onboarding, and monitoring.
- Not charging a “corruption” violation. Although KT allegedly was involved in numerous acts of corruption in South Korea and Vietnam, the SEC did not charge the company with a substantive corruption violation under Section 30A of the Exchange Act; rather, the SEC charged a violation of Section 13(b)(2)(A) of the Exchange Act (failure to maintain accurate books and records) and a violation of 13(b)(2)(B) of the Exchange Act (failure to maintain a system of internal accounting controls to prevent books and records errors).
This disposition is consistent with an SEC enforcement trend of resolving FCPA cases by charging violations of the FCPA’s books and records provisions but not charging violations of the anti-corruption provisions.13 Accordingly, issuers of securities trading on a U.S. exchange should be mindful that the SEC can and will bring an enforcement action that solely charges bookkeeping and internal accounting controls failures while nevertheless describing a much wider-range of corporate misconduct, and therefore issuers would be well served to continually assess and enhance their accounting controls.
1 In the Matter of KT Corporation, Admin. Pro. File No. 3-20780 (Feb. 17, 2022) (the “SEC Order”) at para. 3, https://www.sec.gov/litigation/admin/2022/34-94279.pdf.
2 See SEC Order at paras. 4-5.
3 Dep’t of Justice and SEC, “A Resource Guide to the U.S. Foreign Corrupt Practices Act,” Second Edition (July 2020) at page 2 https://www.justice.gov/criminal-fraud/file/1306671/download.
4 SEC Order at paras. 4-9.
5 SEC Order at para. 11.
6 See SEC v. Eli Lilly and Company, Case No. 1:12-cv-02045 (Dec. 20, 2012) (Complaint at paras. 7-15) https://fcpa.stanford.edu/fcpac/documents/3000/001962.pdf.
7 South Korea’s official presidential residence and office.
8 SEC Order at para. 12.
9 See, e.g., SEC v. Tyson Foods, Inc., Case No. 1:11-cv-00350 (D.D.C. Feb. 10, 2011) (Complaint) (providing “no show” jobs to the wives of Mexican government officials responsible for inspecting the company’s meat processing facilities); SEC v. BellSouth Corp., Case No. 1:02-cv-0113 (N.D. Ga. Jan. 15, 2002) (Complaint) (hiring the wife of an influential Nicaraguan legislator to lobby for changes to Nicaraguan law so that Bell South could fully acquire a local Nicaraguan telecommunications company).
10 See, e.g., In the Matter of Deutsche Bank AG, Admin. Pro. File No. 3-19373 (Aug. 22, 2019); In the Matter of Credit Suisse Group AG, Admin. Pro. File No. 3-18571 (July 5, 2018); In the Matter of JP Morgan Chase & Co., Admin. Pro. File No. 3-17684 (Nov. 17, 2016).
11 See SEC Order at paras. 13-24.
12 See Stanford Law School Foreign Corrupt Practices Act Clearing House, “Third-Party Intermediaries Disclosed in FCPA-Related Enforcement Actions” https://fcpa.stanford.edu/statistics-analytics.html?tab=4.
13 See, e.g., In the Matter of Credit Suisse Group AG, Admin. Pro. File No. 3-20629 (Oct. 19, 2021) (charging violations of Section 10(b) of the Exchange Act (securities fraud), Section 17(a)(1) of the Securities Act (securities fraud), Section 13(b)(2)(A) of the Exchange Act (failure to maintain accurate books and records), and a violation of 13(b)(2)(B) of the Exchange Act (failure to maintain a system of internal accounting controls to prevent books and records errors)); In the Matter of Deutsche Bank AG, Admin. Pro. File No. 3-20200 (Jan. 8, 2021) (charging violations Section 13(b)(2)(A) of the Exchange Act (failure to maintain accurate books and records) and a violation of 13(b)(2)(B) of the Exchange Act (failure to maintain a system of internal accounting controls to prevent books and records errors)); In the Matter of Herbalife Nutrition, Ltd., Admin. Pro. File No. 3-19948 (Aug. 28, 2020) (same).