On 11 July 2016, the SEC reached a settlement with Johnson Controls, Inc. ("Johnson Controls") for alleged violations of the Foreign Corrupt Practices Act of 1977 ("FCPA"). Johnson Controls had to pay $14.3 million to settle the matter even though the company self-disclosed the violations, cooperated extensively with the SEC and DOJ and engaged in significant remedial steps. The DOJ, on the other hand, issued a letter declining to prosecute the matter, in line with its current "Pilot Program," which guides its enforcement of FCPA matters in which the subject provides the type of assistance that Johnson Controls did here.

Johnson Controls is a US-based global provider of automatic temperature control systems, among other businesses. In 2005, Johnson Controls acquired York International ("York") while York was under investigation by the SEC for potential FCPA violations. York entered into a settlement with the SEC in 2007 for improper payments by a York subsidiary called York Refrigeration Marine (China) Ltd. ("YRMC") to Chinese government officials. YRMC is now part of a group of Johnson Controls entities known as "China Marine," which is located within Johnson Controls' "Global Marine" business. After it acquired York, Johnson Controls undertook remediation efforts to correct the problems at China Marine, including hiring additional compliance personnel, conducting extensive training, implementing risk-based internal controls and terminating the employees involved in the alleged bribery. According to the SEC, however, from 2007 to 2013, China Marine employees, despite these compliance efforts, made illicit payments through sham vendors and took steps to evade internal audit procedures. This new fraud was so pervasive that it involved coordination among virtually all of China Marine's employees and was masterminded by its managing director.

In 2012, Johnson Controls discovered the scheme, initiated an internal investigation, and then promptly self-reported the conduct to the SEC and DOJ. The investigation showed that the company had made over $4.9 million in improper payments in order to procure $11.8 million in contracts. Johnson Controls "provided thorough, complete and timely cooperation" and implemented substantial remediation to correct the problems. These remediation efforts included providing supporting evidence, making foreign employees available for interviews, terminating the employees it identified as associated with the scheme, placing suspect vendors on a "do not use" list, enhancing its integrity testing and internal audits and implementing random site audits that might have detected the improper payments. Although the SEC praised Johnson Controls' extensive cooperation and remediation, it still required the company to disgorge $11.8 million in ill-gotten gains, pay a civil monetary penalty of $1,180,000 and pay $1.4 million in prejudgment interest. The SEC also noted several failings in Johnson Controls' internal controls, including its reliance on China Marine's newly hired managing director — who turned out to be the architect of the corrupt scheme — to police China Marine's business operations, and the fact that even where China Marine's transactions were reviewed internally, the office charged with that review did not understand the company's business well enough to detect the corrupt activity.

This matter highlights how US regulators continue to focus on FCPA enforcement. Even though companies are generally given credit for self-reporting FCPA violations, cooperating with regulators and undertaking meaningful remediation measures, those steps will not prevent the SEC from levying fines to penalise the underlying violations and flaws in internal controls.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.