Brazil’s Anti-Corruption Act or, the “Clean Company Act,” enacted five years ago this January, significantly altered anti-corruption enforcement in Brazil, making entities vulnerable to liability for the illegal acts of their employees without regard to management’s awareness of those acts. A look back at enforcement actions over the past half-decade shows that the Brazilian government is interpreting this legislation broadly, including what acts constitute a violation of Law no. 12.846/2013. Now more than ever, companies are vulnerable to costly investigations or punitive enforcement actions and fines―even if they have a compliance program in place.

Test, Test and Re-test

As evidenced by recent investigations, developing and adopting compliance procedures and internal controls do not guarantee full compliance with the law; this can only be corroborated through vigilant testing. Oftentimes, companies investigated for violations of the anti-corruption laws, such as the Clean Company Act, did in fact have robust compliance programs. Nonetheless, their failure to enforce and test measures and controls to optimize effectiveness undermined the credibility of the programs and placed those companies in greater jeopardy of receiving severe punishment. Therefore, the existence of a compliance program is no longer satisfactory; companies must prove these programs are complete and effective through periodic and sufficient testing.

Diligence and Cooperation May Be Rewarded

Administrative sanctions resulting from violations of the Clean Company Act can be up to 20 percent of gross revenues of the year prior to the commencement of the investigation, or up to R$60 million (equivalent to US$16 million), if gross revenue cannot reasonably be determined. Civil sanctions could mean the loss of assets or rights, compulsory dissolution, or the prohibition of receiving funds, subsidies or loans from public institutions for up to five years.

Although harsh penalties and fines loom as a possibility, the Clean Company Act does provide targeted companies with the option to enter into so-called “leniency agreements.” Similar to non-prosecution agreements, leniency agreements were introduced as a way to incentivize companies to develop and implement full compliance and risk assessment programs, self-report violations and cooperate with investigations. For example, Odebrecht agreed to pay R$2.73 billion (equivalent to US$733 million) over the course of 22 years a part of its leniency agreement with the Attorney General (AGU), Comptroller General (CGU), and Ministry of Transparency. This amount, to be distributed between Petrobras and other federal government agencies, will be deducted from the company’s leniency agreement with the Federal Prosecution Office of Brazil (MPF), the United States and Switzerland.

Over the past five years, eight companies investigated by Brazil’s Comptroller General (CGU) and Ministry of Transparency for violations of the Clean Company Act successfully received reduced sanctions due to various factors including evidence of strong internal controls, sufficient periodic analysis of risks to make any necessary adaptations, and self-reporting the violation to the appropriate agency.

For example, SBM Offshore―investigated as part of the Lava Jato scandal―was granted a leniency agreement for identifying and self-reporting the violation, cooperating with the performance of an accelerated investigation, and willingly implementing thorough remedial measures, such as enhancing compliance anti-corruption controls. When SBM Offshore’s leniency agreement with the Federal Prosecution Office (MPF) was signed, its stock rose 10.7% percent in one trading day, demonstrating that the Clean Company Act or any anti-corruption law can have a significant impact on stock price and market capitalization.

Multiple Agencies Mean Multiple Settlements

While leniency agreements should be considered an option to address and end a scandal, companies must also consider that Brazil requires separate settlements with each federal government agency, including the Federal Prosecution Office (MPF), Attorney General (AGU) and Comptroller General (CGU), as well as with governments on the state level that are just as intolerant of anti-corruption law violations as the federal government. For example, the Brazilian state of Espírito Santo has established a state fund to investigate corruption allegations and in 2018 issued the most convictions of the 26 states in administrative proceedings for corruption. Oftentimes, companies have settled with foreign jurisdictions and the Federal Prosecution Office (MPF) but remain in settlement discussions with other Brazilian authorities such as the Attorney General (AGU), Comptroller General (CGU) and Ministry of Transparency.

Clearly, Brazil’s complex settlement structure costs companies substantial time and financial commitments and elongates the process of reaching settlement, so companies should not delay testing their compliance and risk assessment programs.

Proactive Risk Management and Minimization

To minimize the risk of a violation occurring, or, to improve the chance that a leniency agreement will be available in the event of a violation, effective risk management and assessments, including their thoroughness and frequency, are primary factors that the Brazilian government will consider when calculating sanctions and considering the offer of a leniency agreement according to the Clean Company Act. Top risk categories might include operational, logistics, third party (subsidiary, contractor, etc.), environmental, procurement or anti-corruption risk, among others. The highest risk areas should be the primary focus, and, in light of Brazil’s broad interpretation of the Clean Company Act, the anti-corruption risk assessments should be performed thoroughly and more frequently than ever.

Further, given the nature of anti-corruption risk and Brazil’s enforcement aggressiveness, retaining an independent, specialized third-party to design, implement, and trouble-shoot an anti-corruption risk management program is necessary to ensure a successful anti-corruption control environment, and a recognized and reputable expert with experience in the field can bring validation to the program. Moreover, the government’s recognition of the integrity and competence of the independent expert will often instill greater confidence in the program and its effectiveness.

However, companies must also carefully design these controls as to not be overly restrictive of the business. Doing so could hurt the company’s ability to remain competitive, as was seen when construction companies involved in Lava Jato encountered difficulty in securing financing and contracts after its investigation, not only because of reputational issues, but also from restrictive remedial controls. Compliance consultants can aid companies in the strategic development of the control programs to ensure that the company has a sufficient risk management program while also maintaining a competitive edge within the industry.

Assess Your Risks Proactively

While it is now clear that in today’s regulatory environment, robust compliance programs are a necessity, companies must go a step further to assess their risks proactively and adjust controls accordingly. As evidenced by the first five years of the Clean Company Act, Brazil is more committed than ever to ethical business practices and the prosecution of those that violate the law. As companies move forward in this increasingly regulated and complex business environment, they must be fully prepared to comply with laws like the Clean Company Act and remain informed on regulatory updates and best practices to mitigate the risk of violation and prosecution.

 

Carrie Meneo, a Consultant at StoneTurn contributed to this article.

Posted In:


About the Authors

Steven Neuman headshot

Steven Neuman

Steven Neuman, a Partner with StoneTurn, has nearly 20 years of experience advising clients and companies on compliance, risk assessments and global investigations. He brings significant expertise in conducting work […]

Read Bio
Patrícia Latorre

Patrícia Latorre

Patrícia Latorre, a Senior Adviser with StoneTurn, has 20 years of external audit and fraud investigations experience. Specifically, she is an external audit specialist in fraud risk assessment and prevention […]

Read Bio