The Ralph Lauren FCPA Case: Are There Any Limits to Parent Corporation Liability?

Bloomberg Law®, an integrated legal research and business intelligence solution, combines trusted news and analysis with cutting-edge technology to provide legal professionals tools to be...

By Philip Urofsky, Shearman & Sterling LLP

Much of the coverage of the recent Foreign Corrupt Practices Act case against Ralph Lauren Corp. (RLC) focused on the fact that both the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) awarded it a Non-Prosecution Agreement (NPA) due to its prompt voluntary disclosure and subsequent cooperation. The facts of the case, however, point to the steady entrenchment of a more ominous prosecution theory: an approach that appears to approximate strict criminal and civil liability of parent corporations for their subsidiaries' corrupt acts. Although this disregard of corporate structures has been hinted at in previous SEC matters—and the theoretical underpinnings discussed in last year's DOJ/SEC Resource Guide—the RLC case puts both agencies firmly in the camp of this aggressive and unprecedented expansion of corporate liability.


On April 22, 2013, the DOJ and the SEC simultaneously announced that they had concluded their investigations of RLC and resolved the matters through NPAs. In the NPAs, the agencies alleged (and in the DOJ NPA, RLC admitted) that RLC's Argentine subsidiary paid bribes to customs officials to clear goods through customs that either lacked the proper paperwork or were outright prohibited by Argentine law. Pursuant to the NPAs, RLC agreed to pay a criminal fine of $882,000 and disgorgement and pre-judgment interest of $734,846, toll the criminal and civil statutes of limitations, and submit periodic self-monitoring reports.

According to the agencies' pleadings, all of the bribes were authorized by RLC Argentina's general manager and spanned a four-year period. Both agencies characterized the general manager as RLC's “agent,” apparently based solely on his position as general manager of the subsidiary and the fact that RLC had appointed him to that position. Neither agency included any allegation of any authorization, direction, or control by RLC of its subsidiary's corrupt conduct, or even its knowledge of such conduct.

Strict Liability

The FCPA, of course, includes both anti-bribery provisions applicable to all companies—both U.S. and non-U.S. companies and both issuers and privately-held corporations—and books-and-records provisions applicable only to issuers. Issuers have long grown accustomed to being held strictly liable in SEC civil cases for books-and-records violations and failures of internal controls at their subsidiaries; liability being premised on the idea that the subsidiaries' inaccurate books are consolidated into the parent's financials rendering them, too, inaccurate.

Liability under the anti-bribery provisions, however, carries much more significant reputational risks and, particularly in criminal cases, substantial collateral consequences, such as debarment from public contracting. It has, thus, always required some proof that the parent was involved in its subsidiary's corrupt conduct. For example, The Lay-Person's Guide to the FCPA, published jointly by the Departments of Justice and Commerce in the early 1990s and available on their websites until November 2012, stated, “U.S. parent corporations may be held liable for the acts of foreign subsidiaries where they authorized, directed, or controlled the activity in question.”1 Further, the U.S. government, in repeated submissions to the OECD Working Group on Bribery, has stated, “the United States does not apply strict liability in the case of criminal liability.”2 Moreover, in its 2004 Report to Congress, the Department of Commerce reported that after a “horizontal” review of corporate liability amongst the Parties to the OECD Convention,

No party, including the United States, holds parent corporations strictly liable for the criminal acts of their subsidiaries. However, in the United States and in other convention countries that impose liability on legal persons, parent corporations may be held liable for the acts of their subsidiaries that are authorized, directed, or controlled by the parent corporation.3

Even today the DOJ's Criminal Resource Manual provides, “Individuals and firms may also be prosecuted if they order, authorize, or assist someone else to violate the anti-bribery provisions, or if they conspire to violate those provisions” and, echoing the Lay-Person's Guide, “U.S. parent corporations may be held liable for the acts of their foreign subsidiaries where they authorized, directed, or controlled the activity in question.”4

Despite these clear expressions of the government's previous interpretation of the statute and its enforcement policy, we have noted that a number of SEC cases over the past several years reveal a practice of charging parent corporations with anti-bribery violations based on the acts of their subsidiaries, without pleading any involvement by the parent in those violations.5 This trend is particularly disconcerting since the SEC unquestionably has jurisdiction in these cases under the books-and-records and internal controls provisions, and still resorts to an unseemly stretching of the anti-bribery provision in the absence of well-articulated facts. Although we initially suggested that the absence of allegations of culpable actions by the parent corporation suggested overreaching or even sloppy pleading by the SEC—unchallenged by corporations who were permitted to settle without admitting to the SEC's allegations—it gradually became clear that the SEC was exploring a more expansive theory of parent corporate liability.

The earliest example came in the United Industrial Corp. case in which the SEC charged the parent company for acts by its subsidiary in bribing an Egyptian official.6 In that case at least, the parent corporation approved the retention and payment of the agent, although there is no allegation that it was aware of or approved any corrupt act by that agent. Several cases expanded this looser approach by failing to provide even that amount of involvement. In Smith & Nephew,7 the SEC flatly alleged that the parent issuer had, “through its subsidiaries” violated the FCPA, but nowhere substantiated or supported this claim in its factual allegations (which described a complex scheme of payments orchestrated solely by the subsidiaries and their employees.) Similarly, in Tyco,8 the SEC characterized a (now-divested) subsidiary of Tyco International as its agent, based on the fact that some of Tyco International's officers served as the subsidiary's officers or directors. Even though none of the dual-listed officers had any involvement in or, by the SEC's own admission, even any knowledge of the bribery, the SEC claimed that this tenuous linkage demonstrated “control” of the subsidiary, thereby charging the parent with bribery. If control through factors such as ownership and appointment of directors suffices, the government will rarely, if ever, falter in its quest to hold a parent liable for its subsidiary's actions.9

In the Resource Guide to the Foreign Corrupt Practices Act, published by the DOJ and SEC in November 2012, the government's departure from its previous enforcement policy was made explicit. Although “authorization, direction, and control” remained one basis for liability, the government made clear that a pure agency theory would also be used. As stated in the Resource Guide,10

Second, a parent may be liable for its subsidiary's conduct under traditional agency principles. The fundamental characteristic of agency is control. Accordingly, DOJ and SEC evaluate the parent's control—including the parent's knowledge and direction of the subsidiary's actions, both generally and in the context of the specific transaction—when evaluating whether a subsidiary is an agent of the parent. Although the formal relationship between the parent and subsidiary is important in this analysis, so are the practical realities of how the parent and subsidiary actually interact.

If an agency relationship exists, a subsidiary's actions and knowledge are imputed to its parent. Moreover, under traditional principles of respondeat superior, a company is liable for the acts of its agents, including its employees, undertaken within the scope of their employment and intended, at least in part, to benefit the company. Thus, if an agency relationship exists between a parent and a subsidiary, the parent is liable for bribery committed by the subsidiary's employees… .

To the government, this appears to be a natural extension of traditional principles of corporate liability for employees and agents. Such liability is premised on the principle that a corporation is responsible for the acts of its employees and agents when acting within the scope of their duties and at least in part for the corporation's benefit.11 This essentially results in strict respondeat superior liability, and applies in both civil and criminal cases.

There are almost no limits to this theory. Both on the face of its policy statement in the Resource Guide and in the RLC case, it appears that in the government's view, a subsidiary is virtually always an agent of its parent, and thus the parent is strictly liable for those acts of subsidiaries which are “within the scope of their duties” and intended to benefit the parent company. Although every corporation is subject to some degree of control by its shareholders, whether natural persons or parent companies, this legal control is distinguishable from a principal-agent relationship.

Here, RLC admittedly had no effective compliance policies at the time of its subsidiary's corrupt conduct, which is certainly an aggravating factor for the government. However, the government—and case law—has held that a corporation's code of conduct and procedures forbidding certain conduct does not mean that an employee or agent is acting outside the scope of their duties if they violate those corporate directives. For example, as in this case, if RLC Argentina's scope of duties included exporting or importing goods for the benefit of its parent, then any acts in furtherance of those duties could be attributable to the parent under the government's new theory.

This approach, however, fails to honor the corporate form and the black-letter rule that to “pierce the corporate veil” the government and other litigants must show that the parent operated the subsidiary as an alter ego, and itself paid no attention to the corporate form. Moreover, it is contrary to the language of the statute's original legislative history, which stated,

[T]he conferees recognized the inherent jurisdictional, enforcement, and diplomatic difficulties raised by the inclusion of foreign subsidiaries of U.S. companies in the direct prohibitions of the bill. However, the conferees intend to make clear that any issuer or domestic concern which engages in bribery of foreign officials indirectly through any person or entity would itself be liable under the bill.12

It is significant that when Congress wants to hold a parent liable for subsidiaries, it knows how to do it. For instance, Section 218 of the Iran Threat Reduction and Syria Human Rights Act of 2012 (ITRA) imposes sanctions liability on a U.S. company for any act by its foreign subsidiary that contravenes prohibitions against dealings by a “U.S. person” with Iran. The U.S. company is liable regardless of whether any U.S. person actually participated in the conduct or even whether the U.S. parent had knowledge of it. ITRA thus expressly imposes a form of strict liability on the U.S. parent for its subsidiary's conduct.

Does This Matter?
To date, most of the examples of expansive enforcement have been SEC cases. Without in any way denigrating or minimizing the gravity of an SEC enforcement action, the plain fact is that companies in such cases recognize that they are already on the hook for books-and-records violations, regardless of what they did or didn't know about their subsidiaries' conduct. As a result, since the companies didn't have to admit to the SEC's factual allegations, nor did an additional anti-bribery count increase the SEC's penalties (since the SEC, despite criticism, collects disgorgement in books-and-records cases), the companies were apparently not overly concerned about the incremental and somewhat muddled pleading of another cause of action.

The DOJ, on the other hand, had thus far exercised greater circumspection. For instance, on the same facts, the DOJ charged only Smith & Nephew’s U.S. subsidiary and not the parent company given the absence of parent culpability in that matter. The RLC case is significant in that the DOJ has now adopted the same approach as the SEC, but with potentially more significant consequences:

  • First, what the SEC does affects only issuers, companies who by availing themselves of the US financial markets have already submitted to the effective strict liability of the books-and-records provisions; what the DOJ does, however, affects all companies, including non-issuer domestic concerns and foreign companies—a much broader universe of companies who will now face the specter of strict criminal liability for the unknown acts of downstream subsidiaries and affiliates.

  • Further, a criminal case—even one settled without a judicial finding of guilt—raises more concerns because, unlike the SEC, the DOJ requires companies in such cases to admit to the facts, thus forcing them to concede to a somewhat problematic legal and factual theory or face the risk, expense, and drumbeat of publicity attendant upon a trial.

  • Finally, by doing so, companies admitting—at the parent level—to bribery risk substantial collateral consequences in the form of debarment from public contracting, not only in the United States but also in the EU and elsewhere, not to mention having their hands tied by having to contest spurious shareholders and derivative lawsuits.

In the past, we have been critical of the SEC overreaching to charge an issuer with bribery violations, particularly when such charges are unnecessary in light of undisputed civil liability for books-and-records and internal controls violations (which certainly would have been the case here as well, in light of RLC's apparent lack of any anti-corruption controls for most of the four-year period in which bribes were paid by its Argentine subsidiary).

Indeed, the DOJ's own Principles of Federal Prosecution of Business Organizations direct prosecutors to consider “the adequacy of remedies such as civil or regulatory enforcement actions”13—a factor certainly satisfied in this case by the SEC action, even if limited to books-and-records and internal controls violations.

It is disquieting, therefore, that in this case the DOJ appears to have jumped on the charge-the-parent bandwagon, bringing a bribery case against a parent without alleging any involvement by the parent in those violations. One can only speculate that it did so because it had no jurisdiction over the foreign subsidiary itself, given that it also did not allege any act by the subsidiary in U.S. territory.

However, as always, the maxim that bad facts make bad law applies, and evidentiary weaknesses cannot excuse the distortion of the statute's previously clear and reasonable allocation of responsibility.

Philip Urofsky, a Washington, D.C.-based partner in the Litigation Group at Shearman & Sterling LLP, is a former federal prosecutor who now advises clients on conducting internal investigations, designing and implementing compliance programs, and responding to and defending against investigations, prosecutions, and trials on behalf of both business entities and individuals. Sushila P. Rao, a law clerk in Shearman & Sterling's New York office, assisted in the preparation of this article.

©2014 The Bureau of National Affairs, Inc. All rights reserved. Bloomberg Law Reports ® is a registered trademark and service mark of The Bureau of National Affairs, Inc.

This document and any discussions set forth herein are for informational purposes only, and should not be construed as legal advice, which has to be addressed to particular facts and circumstances involved in any given situation. Review or use of the document and any discussions does not create an attorney-client relationship with the author or publisher. To the extent that this document may contain suggested provisions, they will require modification to suit a particular transaction, jurisdiction or situation. Please consult with an attorney with the appropriate level of experience if you have any questions. Any tax information contained in the document or discussions is not intended to be used, and cannot be used, for purposes of avoiding penalties imposed under the United States Internal Revenue Code. Any opinions expressed are those of the author. The Bureau of National Affairs, Inc. and its affiliated entities do not take responsibility for the content in this document or discussions and do not make any representation or warranty as to their completeness or accuracy.