United States: Top 10 Anti-Corruption Red Flags In Latin America (Video)

The article by Rajal Dubal and Adam Tymowski, AlixPartners LLP, and Nicholas Berg and David Rojas, Ropes & Gray LLP, was originally published in Law360 on July 5, 2016.

Latin American countries continue to be a source of potentially lucrative investment opportunities for U.S. and multinational corporations. At the same time, operating in Latin America may present corruption-related challenges under the U.S. Foreign Corrupt Practices Act.1 Identifying corruption under the FCPA, however, is often not as easy as catching culprits in a red-handed exchange involving envelopes teeming with cash. Rather, symptoms of these issues are often identified through commonly observed violations of the FCPA's books-and-records and internal-controls provisions.2

This article highlights 10 red flags related to the FCPA's accounting provisions, as well as enforcement actions undertaken by the U.S. Securities and Exchange Commission and U.S. Department of Justice for conduct occurring in the region. Although these red flags are not exhaustive, they may help serve as a guide to evaluating risk under the FCPA while operating in high-risk Latin American markets.

Books-and-Records Red Flags

First, we have identified five common warning signs related to the FCPA's books-and-records provision. The books-and-records provision requires companies to "make and keep books, records, and accounts" that "accurately and fairly" reflect its transactions and to "devise and maintain a system of internal accounting controls."3 There are several ways in which companies may come up short:

1. Inadequate Supporting Documentation

Problematic recordkeeping is a common red flag for potential FCPA accounting violations. One key to maintaining proper books and records is ensuring that transactions are supported by complete documentation.

There is a wide spectrum of issues that may be encountered with supporting documentation for transactions. Sometimes, it is as simple as incomplete forms. In other instances, companies may make large payments that are supposedly "consulting fees" without attaching documents that show work was done. This potential violation may also involve vendor documents, such as invoices or bills of lading, where the address used was fake, a residential home, or simply vacant.

These types of violations appear to be on the government's radar, as shown by recent enforcement actions involving instances where improper payments were disguised as legitimate transactions using inadequate or falsified supporting documentation. Last August, Vicente E. Garcia, a former software executive, pleaded guilty to conspiracy to violate the FCPA for allegedly using "sham contracts" and "false invoices" to disguise bribes to Panamanian officials.4

2. Misreporting Payments

A second way for noncompliant employees to pass off improper payments as legitimate is by mischaracterizing or misreporting transactions. Transactions recorded in cost accounts which are not product-related (e.g., commissions, employee advances, travel and entertainment, marketing or "other") may be analyzed to identify such transgressions. Improper payments may be misclassified under such accounts.

This warning signal seems to appear often in Latin America-focused actions by government agencies. For example, former top executives at brokerage firm Direct Access Partners, who were charged by the SEC and DOJ in April 2014, had disguised reimbursements for bribes paid to an executive at a state-owned Venezuelan bank out of their and other employees' personal funds.5  

Executives at aerospace corporation Embraer SA similarly concealed bribes to a Dominican official by booking them as consulting fees in a separate transaction that never happened. These executives now face criminal charges by the Brazilian government, at the same time that Embraer is subject to an ongoing investigation in the United States.6

Another example of this issue can be found in a March 2016 settlement between the SEC and Novartis AG for $25 million.7 Novartis' subsidiary allegedly made improper payments to induce foreign officials to prescribe or recommend Novartis products, which were then falsely recorded as legitimate selling and marketing costs in its books.

3. Transactions Lacking a Business Purpose

Another method for making potentially improper payments is the provision of benefits to nonemployees without a legitimate business purpose. This may include holiday gifts, extravagant entertainment, travel expenses for family members, or even extended visits or tours added on to "business trips." In order to win government contracts, Dallas Airmotive Inc., an aircraft engine service provider, allegedly provided Latin American officials with vacations and other benefits and faced a $14 million criminal penalty.8

In fact, one need look no further than Operation Car Wash, the largest corruption scandal in Brazil's history — and perhaps the largest bribery scandal in modern times.9 Officials at Brazil's state-owned oil company, Petrobras, allegedly received inappropriate or extravagant gifts and inappropriate benefits of all kinds, from Rolex watches to $3,000 bottles of wine, and from yachts to prostitutes.10

4. Off-the-Books Records or Transactions

Companies should also be on the lookout for activity which is "off the books," a possible indicator that something improper may be hidden. Common examples of this in Latin America are debt that is not recorded on a balance sheet, reconciliations reflecting inflated sales, and fictitious inventory.11 These "off-the-books" transactions can be used to hide improprieties or obscure the actual financial performance of a company.

An example of this misconduct is the December 2010 charge against French telecommunications company Alcatel-Lucent SA for paying bribes to win business in Honduras, Costa Rica and elsewhere. To hide these payments, Alcatel's subsidiaries allegedly either improperly recorded them as consultant fees or simply left them "undocumented."12  Alcatel paid more than $137 million in the settlement.

5. Pricing Discrepancies

Large differences in pricing — especially when prices do not match a written agreement — are another sign of potentially improper transactions. Excess funds resulting from large discounts, premium charges, or commissions might be used for bribes.

For example, as Kara Brockmeyer, chief of the SEC Enforcement Division's FCPA Unit, explained, Garcia, the software executive, "falsified internal approval forms and disguised his bribes as discounts."13 Similarly, in April 2016, the SEC entered into settlements with seven individuals for their alleged roles in the kickback scheme involving Direct Access Partners described above; the funds for the improper payments were procured in part through large markups and markdowns.14 As the FCPA guide notes, companies should be wary of large commissions provided to sales agents or discounts to distributors.15

Red Flags for Internal-Controls Violations

Beyond simply prohibiting bribes and requiring proper books and records, the FCPA requires that companies devise and maintain a system of internal controls. Below are five potential indications of violations of the FCPA's internal-controls provision.

6. Override of Internal Controls

Regulators continually emphasize that an effective compliance program is only as strong as the response of and adherence by company management. As Stephen L. Cohen, associate enforcement director of the SEC, urged in October 2013, "A strong compliance and ethics program must start with proper governance, including a tone at the top built on actions rather than words."16 Internal controls which are ignored by management are meaningless in the eyes of government regulators.

To that end, it is a troubling red flag when management or others override or intentionally circumvent established internal controls. For instance, management might approve manual expense reports without sufficient documentation or change prices for customers outside of a company's enterprise system. Further, payments may be made outside of the general ledger system or multiple payments may be made to the same third party which are just below established mandatory review amounts.

It appears that regulators are focused on this red flag, as shown by recent actions and investigations. For example, Embraer's executives allegedly recorded bribes paid to a middleman as consulting fees in an effort to get around its compliance department, which had originally prevented the full transfer of the bribes.17

7. Inadequate Screening of Third Parties

One key to developing an effective compliance program is implementing controls to ensure proper oversight over third parties, including a third-party due diligence program. Without a program to screen third parties for legitimacy, a company may be paying vendors or agents that pay bribes, circumvent import and export laws, or even do not exist.

A due diligence program should identify whether a prospective third-party business partner does business with or is a government official, in order for a company to understand the level of FCPA risk. The FCPA covers payments to a much broader group than what is customarily considered government officials. For instance, employees of public medical facilities — which are common in Latin America — are considered by SEC and DOJ to be foreign officials.18 Reviewing and categorizing payment recipients to identify employees of state-owned medical facilities in Latin America are important ways for a company to oversee its third-party business partners.

An inadequate due diligence program can have substantial FCPA risks. According to Brockmeyer, a company cannot "possess[] a 'check the box' mentality when it [comes] to third-party due diligence" or "simply rely on paper-thin assurances by employees, distributors, or customers."19

8. Failure to Internally Assess Compliance Programs

A core aspect of developing a comprehensive system of effective anti-corruption internal controls and policies is a risk assessment to determine whether the controls are adequate.20 Many of the FCPA issues identified in this article occurred not because companies lacked good policies on paper but, rather, because the companies' employees or third-party partners did not have an awareness of, and an emphasis and structure to ensure, FCPA compliance.

An internal-control failure could subject a company to substantial financial consequences. Tyson Foods Inc. entered into a multimillion-dollar settlement in 2011 for, according to the SEC, its "lax system of internal controls that failed to detect or prevent" illegal payments to government-employed inspection veterinarians in Mexico.21 Financial consequences may involve not only direct penalties, but also requirements to implement extensive new compliance initiatives and years of engaging a third party to act as a compliance monitor.

9. An Inadequate Internal Audit Program

A rigorous self-monitoring program, including a robust internal audit function, is a crucial part of a system of effective internal accounting controls. A company's internal audit team should test transactions and supporting documentation, and follow up on negative findings. In order to be equipped to address anti-corruption risks, a company's internal audit team should be trained on the FCPA and other applicable anti-corruption laws.

The importance of self-monitoring is underscored by statements from the SEC. Brockmeyer has emphasized the importance of implementing internal controls to stop patterns of illegal payments to win business in Latin America and elsewhere, including detecting improper payments and gifts.22 It is important for companies to maintain an adequate internal audit function to detect and remediate corruption-related risks and issues.

10. Use of Shell Companies

Companies subject to the FCPA should also be wary of the use of shell companies by their Latin American subsidiaries. Shell companies can be another tool to facilitate "off-the-books" transactions, a red flag described above, which can include payments to foreign officials.

The recently released "Panama Papers" have turned a spotlight on this issue by providing examples of individuals, governments, and corporations (including ones in Latin America) using shell companies to hide assets from tax and regulatory authorities. While analysis of these documents is ongoing, to date more than 10 million released records from the Panamanian law firm Mossack Fonseca name over 200,000 anonymous offshore companies around the globe.23 Given the reality of conducting business in Latin America, it may be prudent for a corporation subject to the FCPA to require information on the beneficial owners of third parties to whom payments are made, depending on the type of company and its interactions with other third parties.

It is clear that the U.S. government takes these risks seriously. One of the Direct Access executives who pleaded guilty allegedly paid kickbacks to a shell entity controlled by the Venezuelan official.24 Likewise, Terra Telecommunications Corp. paid almost $1 million to shell companies to be used for improper payments to officials at Haiti's state-owned telecommunications company, leading to convictions of Terra's former executives.25


The FCPA mandates that companies maintain accurate books and records and a robust system of internal accounting controls. While not as attention-grabbing as the anti-bribery provision, a company's failure to deal with these 10 red flags could be a signal of — or result in — FCPA violations in Latin America and beyond. Even in the absence of charges related to the anti-bribery provision, the U.S. government continues to investigate and prosecute companies and individuals for violations of the accounting provisions of the FCPA as a result of their operations in Latin America.26

Given the region's history and current risk profile, companies seeking to take advantage of business opportunities in Latin America should ensure they develop accounting processes and controls designed to reduce corruption-related risk and to identify and prevent red flags under the FCPA.

Republished with permission from Law360.


[1] While the primary focus of this article is on investigations or enforcement actions by the U.S. Securities and Exchange Commission ("SEC") or the U.S. Department of Justice ("DOJ"), governments in Latin America seem to have also ramped up their own anti-corruption laws and efforts. Many, if not all, of the areas addressed by this article are being identified as anti-corruption issues in local Latin American investigations and enforcement actions. In addition, these considerations are not just important in terms of evaluating FCPA risk; issues in any of these areas may also be indicative of exposure to fraud or other types of accounting misconduct.

[2] Specifically, in addition to prohibiting the payment of bribes, the FCPA requires companies to (1) "make and keep books, records, and accounts" that "accurately and fairly" reflect its transactions and (2) "devise and maintain a system of internal accounting controls." 15 U.S.C. § 78dd-1, et seq. Another prominent anti-corruption statute, the UK Bribery Act, does not have explicit provisions on books and records and internal controls, but does offer an "adequate [compliance] procedures" defense to liability. See UK Bribery Act 2010 c. 23, § 7.

[3]"Recordkeeping and Internal Controls Provisions Section 13(b) of the Securities Exchange Act of 1934," United States Securities and Exchange Commission, May 28, 2003, https://www.sec.gov/spotlight/fcpa/fcpa-recordkeeping.pdf.

[4] http://www.sec.gov/news/pressrelease/2015-165.html; http://www.justice.gov/opa/pr/former-executive-pleads-guilty-conspiring-bribe-panamanian-officials

[5] http://www.justice.gov/opa/pr/2014/April/14-crm-381.html; https://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541487258#.U0x32cd2eou

[6] http://www.wsj.com/articles/brazil-files-bribery-charges-in-embraer-aircraft-sale-to-dominican-republic-1411502236.

[7] https://www.sec.gov/litigation/admin/2016/34-77431.pdf.

[8] http://www.justice.gov/opa/pr/dallas-airmotive-inc-admits-foreign-corrupt-practices-act-violations-and-agrees-pay-14.

[9] Donna Bowater, "Brazil's continuing corruption problem," BBC.com, September 16, 2015, http://www.bbc.com/news/business-34255590.

[10] http://www.nytimes.com/2015/08/09/business/international/effects-of-petrobras-scandal-leave-brazilians-lamenting-a-lost-dream.html; http://www.wsj.com/articles/brazils-petrobras-reports-nearly-17-billion-impairment-on-assets-corruption-1429744336.

[11] https://www.justice.gov/sites/default/files/opa/legacy/2008/12/19/siemens-venezuela-info.pdf

[12] https://www.sec.gov/news/press/2010/2010-258.htm.

[13] https://www.sec.gov/news/pressrelease/2016-17.html; http://www.sec.gov/news/pressrelease/2015-165.html; http://www.justice.gov/opa/pr/former-executive-pleads-guilty-conspiring-bribe-panamanian-officials.

[14] https://www.sec.gov/litigation/litreleases/2016/lr23513.htm; https://www.sec.gov/litigation/complaints/2013/comp-pr2013-84.pdf

[15] FCPA Guide, at 22.

[16] https://www.sec.gov/News/Speech/Detail/Speech/1370539872783

[17] http://www.wsj.com/articles/brazil-files-bribery-charges-in-embraer-aircraft-sale-to-dominican-republic-1411502236

[18] FCPA Guide, at 20 (https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf)

[19] http://www.sec.gov/News/PressRelease/Detail/PressRelease/1365171487116

[20] FCPA Guide, at 58–59.

[21] https://www.sec.gov/news/press/2011/2011-42.htm

[22] http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541453075

[23] http://www.fcpablog.com/blog/2016/4/5/panama-papers-who-are-the-winners-now.html

[24] https://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541487258

[25] http://www.justice.gov/opa/pr/executive-sentenced-15-years-prison-scheme-bribe-officials-state-owned-telecommunications

[26] See, e.g., https://www.sec.gov/litigation/admin/2016/34-77057.pdf; https://www.sec.gov/news/pressrelease/2016-17.html.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.