Turkish Law Blog
Key Issues to Consider While Doing Business in Emerging Markets: How to Be Compliant?
Emerging markets harbor appealing business opportunities for investors especially from developed countries due to their ever-growing nature. In the World Bank’s Doing Business 2020 Report, Turkey, as an emerging market, ranks 33 out of 190 economies and jumps up 10 places by scoring 76.8 overall in terms of ease of doing business. Turkey has comprehensive laws and regulations regarding corruption and bribery and also ratified the Council of Europe Criminal Law Convention on Corruption of 27 January 1999, the Council of Europe Civil Law Convention on Corruption 4 November 1999, Council of Europe Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime and on the Financing of Terrorism, the United Nations Convention against Corruption etc. Yet, the nature of the conduct keeps the battle going. Thus, combatting corruption and bribery continues to be a necessity and some risks continue to be pitfalls for companies. The complexity of combatting corruption and bribery may arise from (i) existing corruption culture; (ii) weak framework to avoid corruption; (iii) different perceptions on corruption; (iv) absence of the political will to fight; and/or (v) lack of transparency. Therefore, investors should pay particular attention to compliance culture in the jurisdiction and not just in the company itself, to protect the company. In order to do that, the rule of law in the jurisdiction, application of the laws, independence of the judiciary, and society’s trust in the system should be evaluated.
In addition to local applicable laws, international companies that have US nexus should vary of enforcement in other jurisdictions. US Department of Justice (“DOJ”) is relentless in pursuing these matters in general. In 2018, a total of $2.89 billion was sanctioned by the DOJ to resolve cases regarding the Foreign Corrupt Practices Act (“FCPA”). A Brazilian oil and gas company paid a record $1.78 billion to the DOJ, Securities and Exchange Commission (“SEC”) and Ministerio Publico Federal in Brazil. In addition to monetary fines of companies, the DOJ took action against more than 30 individuals for their contribution to corrupt behavior. Turkish companies appeared in several cases of DOJ and SEC. In 2010, a company agreed to pay USD 185 million combined to DOJ and SEC for its Turkish subsidiary’s illicit payments to third parties. A multinational conglomerate company agreed to pay USD 1,6 billion in 2008 for payments made by its subsidiaries in kickbacks.
In this realm, where corruption is a high-risk factor in emerging markets, anti-corruption and bribery enforcement crosses borders (i.e. (i) issuers and their officers, directors, employees, agents and shareholders (ii) domestic concerns and their officers, directors, employees, agents and shareholders and (iii) certain persons and entities other than issuers and domestic concerns acting while in the territory of the US), it is extremely important to avoid corruption schemes which could result in DOJ and SEC imposing substantial sanctions on companies and individuals. In order to avoid prosecution and the inevitable reputational loss, companies should have an effective compliance program. Investors that consider investing in Turkey or international companies doing business in Turkey should apply the following measures in order to minimize the multijurisdictional risks.
Elements of an Effective Compliance Program
With an eye towards developing a comprehensive and effective compliance program, companies should bear in mind both the country’s and the industry’s habits and customs with respect to corrupt behavior. Even, companies that are not subject to the FCPA should pay attention to the measures taken to avoid corrupt behavior before making investments.
According to the FCPA Guideline, an effective compliance program must consist of (i) clear anti-corruption policy and commitment from senior management; (ii) company code of conduct and policies; (iii) oversight by a company executive or executives, autonomy from management and sufficient resources; (iv) risk assessment strategy; (v) effective training; (vi) necessary incentives and disciplinary measures; (vii) third party due diligence; (viii) confidential reporting mediums and internal investigations; (ix) periodic testing and review of the program; and (x) pre-acquisition due diligence and post-acquisition integration. FCPA Guideline states that the DOJ and SEC use a pragmatic approach to evaluate compliance programs and ask the following questions: (i) is the company’s compliance program well designed?, (ii) is it being applied in good faith, and, (iii) does it work?
When preparing a compliance program, the local culture must be taken into consideration since some traditions may hinder to see beyond the actions. For example, in Turkey, it is traditionally accepted to bring a gift when you visit somewhere. The program must make clear that even though this is the tradition, providing a gift to a government official is against the law. Something similar can be stated for whistleblower hotlines. In most cultures, an employee would not want to be the one that makes the call to tell on a co-worker. Therefore, it bears great significance to have confidential hotlines, where the whistleblower does not have to identify herself and/or the company does not reveal the identity of the whistleblower.
Third-party due diligence, pre-acquisition due diligence, and post-acquisition integration have become the most prominent components as investors are now more frequently entering into an emerging market through third parties or acquisitions.
Third parties stipulated in the DOJ and SEC enforcement actions are agents, consultants, distributors, brokers etc. They represent a large risk for companies. Indeed, the OECD Foreign Bribery Report analyzed 427 cases and found that third parties were involved in 75% of the bribery cases. Therefore, when dealing with third parties, it is important that companies:
- use public resources to have a general understanding of who they are dealing with. The basic general information may raise a red flag and this red flag may prevent the company from becoming involved in possible misconduct;
- specify the capability and necessity of the third party to conduct the business; (To do this, managers and auditors must make sure that they have described the services by the third party in their agreement precisely and checked whether the third party has experience in the field)
- look at the required payment method by third parties; (Companies must determine whether the payment method is compliant with the country and/or industry standards. A payment method that is out of the ordinary for the industry and the market must raise a red flag for the company)
- inform the third parties about its compliance and ethics policies, and where necessary, ask for a reciprocal commitment to creating a culture of compliance with third parties;
- not abandon control over third parties when the work starts; and
- repeat due diligence again when deemed necessary, place audit conditions in agreements, exercise these audit rights, and provide trainings to continue the risk-free relationship. This training must be in the local language for every stakeholder to understand and has to be held face to face. One size fit all approach does not work in this scenario. Therefore, a training compliant with the local culture constitutes a necessity.
Besides the third party due diligence, companies should conduct pre-acquisition due diligence and focus on post-acquisition integration when entering an emerging market to confirm that they will not incur liability arising from an ongoing or previous bribery scheme and also to make sure that their values are accepted and understood throughout the new company. Due diligence prior to acquisition helps companies to detect misconducts and to take the misconduct to the DOJ and SEC and mitigate the risk of receiving a robust fine. There are instances where the DOJ and SEC did not take any enforcement actions when the company had adequate due diligence and voluntarily disclosed the misconduct These thorough due-diligence processes and checks are generally handled and conducted by third parties. The checklist questions are designed to understand the target company’s governance, its management, its commitment to integrity and its anti-bribery framework. Post-acquisition integration has an integral role in the adaptation process. The acquirer transmits its own compliance and ethical values to the employees of the acquired company through tailored trainings. In addition to training, in order to fully transform the compliance scene and detect possible misconduct, companies should continuously and thoroughly evaluate the third party risks.
The growth opportunities of emerging markets may draw investors to an unfamiliar corruption culture and might lead to both a local and a cross border enforcement action which will harm the company’s finances and reputation. To diminish these risks, companies should have an adequate and comprehensive compliance program, which might even operate as a mitigating factor for the companies subject to DOJ and SEC jurisdiction in the event of misconduct. It is important to note that a compliance program is a living concept and not a one-time adventure. It must be tailor-designed and it must adapt, develop and change in light of the developments in the company, industry and the market.