30 Oct 2023
Recent Regulatory Enforcement Actions Show the Rising Risks of a Failure of Due Diligence
Alleged compliance breaches have led to combined fines and settlements worth hundreds of millions of dollars in Q2 of 2023. Regulators have taken enforcement action against companies over their activities in jurisdictions spanning four continents.
In this blog, we look at some of the most significant regulatory interventions in recent months and suggest how companies should retool their compliance approach to mitigate growing legal, financial, reputational, and strategic risks.
Round-up of recent major enforcement actions taken against alleged compliance failures
Regulators continue to proactively enforce ever-stronger anti-bribery and corruption legislation. The latest major fines and settlements include:
- US, UK, Singapore, and North Korea: In April, the US Treasury’s Office of Foreign Assets Control (OFAC) announced its largest ever settlement with a non-financial institution. A UK-based multinational tobacco company will pay $508 million to resolve alleged violations of US sanctions against North Korea. The company was alleged to have circumvented sanctions by using US banks, North Korean banks, its Singaporean subsidiary, and other intermediaries to move funds.
- US, Netherlands, and China: In May, the US Securities and Exchange Commission (SEC) announced that a company based in the Netherlands would pay more than $62 million over alleged violations of the Foreign Corrupt Practices Act (FCPA) over sales of medical equipment in China. The SEC said that the company’s subsidiary in China offered discounts which “created a risk” that distributors would make “improper payments to government employees” in state-run hospitals.
- US, Netherlands, and Angola: In April, the SEC also announced a settlement with a Dutch company in the extractives sector over alleged payment of bribes to public officials in Angola in exchange for contracts. The company will pay around $8 million in relation to the allegations.
- UK and Turkey: A UK-based gambling firm declared in May that it expects to pay a “substantial financial penalty” over an investigation by UK regulators into alleged bribery at its Turkish division, according to a report by Citigroup.
- South Africa and US: In May, the SEC announced that a US-based technology company would pay nearly $2.5 million to settle allegations of bribery in South Africa. The regulator claimed that the company made payments in South Africa even though it “knew or consciously disregarded the possibility” that money would go to public officials to influence the award of lucrative contracts.
Three trends in recent enforcement actions
The cases above reinforce the need for companies to constantly review and strengthen their due diligence and compliance processes.
Each of these alleged failures of due diligence and compliance not only carried significant financial and legal implications for the companies involved, but they also inflicted repuational damage through widespread media coverage and strategic costs of dealing with the investigation and applying remediation.
Three trends stand out from these recent regulatory actions, which should inform how companies approach compliance:
Risk levels vary across company sectors
It is no surprise that some of the major enforcement actions in recent months took place in the extractive sector and medical/pharma industry. These carry higher risks of bribery and corruption, especially where firms are seeking to expand or win contracts internationally.
Firms should review sector-specific risks for their current and prospective third parties and apply enhanced due diligence where relevant.
Extraterritorial reach of anti-bribery and corruption legislation
All the cases above involved a regulator taking enforcement action against a company based on alleged actions which happened outside its home jurisdiction. Companies’ due diligence must therefore cover global data, regardless of where they are based.
Sanctions risk is growing
The rise of global sanctions against Russian entities over the last year is well-documented, but the US OFAC’s enforcement against alleged sanctions breaches in North Korea shows that sanctions risks are much broader.
In relation to the sanctions case involving North Korea, the US Under Secretary of the Treasury for Terrorism and Financial Intelligence, Brian E. Nelson, issued a stark warning to companies. Nelson said: “Companies that seek to profit from circumventing sanctions by obscuring their involvement will be discovered and will pay a price … Firms that deal with blocked persons, even indirectly, will be penalized when their schemes implicate the U.S. financial system.”
Firms must therefore regularly review sanctions lists at national and supra-national level for potential exposures.
MORE: The six types of datasets critical to your due diligence investigations
Cut through the noise to surface insights to mitigate regulatory risks
In response to growing regulatory interventions, companies must make it a priority to mitigate the financial, legal, reputational, and strategic risks of a compliance failure. The best way to do that is to leverage data and technology to strengthen your due diligence process
This will help you to better detect any indication of wrongdoing happening within your business or by a customer, supplier or other third party
Programs like Nexis Diligence+ and Nexis® Data as a Service help firms to implement a more efficient and effective due diligence process to identify and mitigate third party risk by providing companies with authoritative data from the most relevant sources, including:
- News data to identify reputational risk of third parties.
- PEPs and sanctions data to identify third parties which may require enhanced due diligence.
- ESG data to assess third parties’ compliance with growing expectations from regulators and the public around human rights and environmental due diligence.
- Company data to help to build a picture of a company’s structure, directors, and beneficial owners.
Get started exploring solutions for due diligence with our “Due Diligence Checklist” to ensure you maintain compliance and mitigate risk.