Brazil enacted the Clean Companies Act (Law No. 12846/13) in August 2013, a law that addressed a significant shortcoming in the country’s anti-bribery system. It established, for the first time, the liability of entities for corrupt acts.
Because of controversies related to the applicability of criminal responsibility in such cases, Brazil adopted the practical approach of imposing administrative and civil sanctions on offending companies instead. The statute has been in full effect since January 2014 and its rules were further detailed in March 2015 through a presidential decree issued to facilitate enforcement (Decree No. 8.420/15).
This new anti-corruption framework is a reflection of Brazilian society’s increasingly vocal demands for transparency and integrity (notably through massive street protests across the country in July 2013 and March 2015). In addition, enforcement efforts have been under close media scrutiny due to a widely publicised, multi-billion dollar bribery scheme at state-controlled energy giant Petrobras.
In this enhanced compliance environment, domestic and foreign companies should be familiar with the applicable anti-bribery rules in order to assess and mitigate the related risks. With that goal in mind, below we examine the main changes in the regime, as well as the current state of compliance in Brazil.
Prohibited conduct: bribery and beyond
Under the new framework, companies are liable for a number of offences related to fraud and corruption against the government. The central one is bribery, which the law describes as “promising, offering, or giving, directly or indirectly, an undue advantage to a public official or a related third party”. While concise, this definition is broadly worded and covers an extensive scope of prohibition.
- Attempt: The mere promise or offer is sufficient to establish the offence, meaning that the conduct is punishable even if the public official declines it
- Consent to solicitation: The law prohibits the promising, offering and giving of an undue advantage, regardless of whether the company acted on its own initiative or in response to a solicitation by the public official
- Use of third parties: Companies are expressly liable for bribes offered or made ‘indirectly’, which means through third parties or intermediaries
- Broad meaning of public official: ‘Public official’ here, includes individuals working within any branch of the government (domestic or foreign), as well as employees of international organisations and state-owned or state-controlled companies (e.g. Petrobras) and any of their relatives
- Anything of value: ‘Undue advantage’ is generic enough to cover anything of value that a public official is not legally authorised to receive, including not only money and other tangible benefits (such as gifts, travel or entertainment), but also moral and personal favours of any kind
- Facilitating payments: The law makes no exception to ‘small payments’ or ‘facilitating payments’ to expedite official acts, making Brazil’s regime stricter than many international anti-corruption frameworks, such as the Foreign Corrupt Practices Act (FCPA)
In addition to bribery, other prohibited conduct includes: (i) defrauding or manipulating public tenders and government contracts (which covers rigging bids and overinflating prices); (ii) using third parties or shell companies as a front to conceal corrupt acts; (iii) obstructing official investigations or government audits; and (iv) aiding or abetting a listed offence.
Liability regime: a stricter standard
The backbone of Brazil’s anti-corruption system is also its most controversial feature: a strict liability standard. Under the new rules, corporations are legally responsible for the corrupt conduct of employees and third parties, regardless of intent and despite any reasonable efforts to prevent violations.
This standard greatly increases companies’ potential exposure and sharply contrasts with other anti-corruption regimes, such as the FCPA. While the UK Bribery Act contains a strict liability standard for the corporate offence of bribing a public official, it also allows for a defence based on adequate compliance procedures, which is not the case in Brazil.
This is particularly concerning in a market where the risk of corruption is perceived as high and the use of agents is seen as a practical necessity. Because of overwhelming regulations across all sectors, it is almost impossible to navigate the bureaucracy related to basic needs (like customs clearance, tax planning, visas, or licenses) efficiently without specialised external assistance. And under the new rules, if a third party makes a small payment to facilitate the process or to obtain privileged treatment, for example, the company must be punished even if it specifically instructed the agent not to break any laws.
Beyond the agency relationship, this same standard applies to third parties in the context of corporate restructuring and associations. The law expressly determines that companies are responsible for conduct occurring prior to mergers and acquisitions, and this is true even where proper due diligence was conducted on the predecessor entity. In addition, parent and subsidiary companies are subject to joint and several liability, as are partners in joint ventures and consortia, regardless of whether internal controls were in place and were unilaterally violated by another party. In such circumstances, however, responsibility is limited to the payment of fines and compensation of damages, not including additional punitive sanctions.
Applicable sanctions: no crime but punishment
While companies cannot be held criminally liable for corrupt acts in Brazil, the law provides for administrative and civil sanctions that have comparable effects.
■ Administrative sanctions are imposed through an official proceeding within the government agency that was affected by the offence. The premier punishment is a monetary fine, which must range from 0.1 per cent to 20 per cent of the company’s most recent revenues, but must never be less than the actual profit from the misconduct.
According to federal sentencing guidelines, the amount must be increased if the company’s executives were aware of the wrongdoing, and if the conduct was continuous or recurrent over time, among other factors. Where applicable, the fine must also be proportionate to the contract secured or attempted by the offending entity. On the other hand, the amount must be reduced if the company cooperated with the authorities (including by self-reporting) and compensated damages and, most significantly, if it had established and implemented an effective compliance programme (as discussed below). In any case, entities receiving monetary penalties must publish this outcome in a newspaper of general circulation and on their website, and must also post it in plain sight at their offices.
■ Civil sanctions result from a lawsuit filed independently from the administrative proceeding. Closely following the OECD guidelines, they include: (i) disgorgement of profits and proceeds of the offence; (ii) suspension or revocation of the commercial license; (iii) judicial winding-up order; and (iv) debarment from participating in public procurement or from receiving public benefits, funds, or aid. Under the law, courts must resort to compulsory dissolution only in extreme circumstances, where an entity was recurrently used to further or facilitate misconduct or was incorporated as a front to conceal its ultimate beneficiaries.
“This new anti-corruption framework is a reflection of Brazilian society’s increasingly vocal demands for transparency and integrity”
Effective compliance programmes: a roadmap
Consistent with global anti-corruption standards, to be considered strong and effective an integrity programme should include the following elements: (i) an appropriate tone at the top; (ii) written standards of conduct, codes of ethics, integrity policies and procedures (as communicated to all directors, employees, and where required, third parties); (iii) periodic compliance training; (iv) periodic risk assessments and corresponding updates to the compliance programme; (v) accurate bookkeeping; (vi) strong financial controls; (vii) specific procedures to prevent fraud and other misconduct in connection with public tenders and any dealings with public authorities; (viii) an independent and structured compliance function; (ix) a whistleblower mechanism open to employees and third parties, as well as whistleblower protection measures; (x) disciplinary measures for engaging in unethical conduct; (xi) mechanisms ensuring prompt discontinuation of misconduct and timely remediation of damages; (xii) due diligence for third parties (including agents, service providers and business partners); (xiii) background checks and exposure assessments prior to mergers, acquisitions and other restructuring activities; (xiv) continuous monitoring and improvement of the compliance programme; and (xv) transparency surrounding donations to political parties and campaigns.
In assessing these criteria, Brazilian enforcement authorities will be more or less strict, depending on the size and complexity of the investigated company or group, as well as the nature of their business activities.
Leniency agreement: the Brazilian plea bargain
Mirroring the strategy of other enforcement agencies (such as the Department of Justice in the US or the Serious Fraud Office in the UK) the Brazilian system strongly encourages offending companies to cooperate with the authorities to resolve corruption charges. The difference here is that the law does not afford the possibility of a deferred prosecution agreement, only authorising a type of settlement that necessarily includes an admission of guilt: the ‘leniency agreement’.
This Brazilian version of a plea bargain must be negotiated directly with the government authority in charge of the administrative proceedings. By cooperating, companies may be able to reduce the monetary fine by up to two-thirds, as well as avoid debarment from public procurement or funding. However, by express provision, entities within the same group or family will only benefit from the deal to the extent that they all sign it and comply with its conditions.
To qualify for a leniency agreement, besides pleading guilty, companies must immediately cease the misconduct, fully and continuously cooperate with the investigations and enforcement proceedings and provide information and documents that prove the offence and identify other wrongdoers. The authorities may also require corporations to implement or enhance their internal controls and compliance programme and impose any other conditions to ensure that the agreement is effective.
The role of compliance: prevention pays
These rules show that Brazil’s anti-corruption approach is heavily focused on deterrence, as they give clear incentives for businesses to invest in compliance and prevention. In and of itself, the strict liability standard induces companies to raise their level of diligence and care in order to reduce bribery risks. Corporations are also specifically encouraged to detect and prevent violations, because repeating an offence or allowing it to continue over time will inevitably lead to larger fines. But even more directly, the law explicitly provides for lighter sanctions where a strong integrity programme is in place, instantly rewarding companies that make serious efforts to comply with the law.
Notably, corporations should not wait for problems to arise before making essential adjustments, as their options after an enforcement action begins are not necessarily cost-effective. Leniency agreements, for example, while potentially reducing the amount of fine, carry risks that must be weighed on a case-by-case basis by any company under investigation. In particular, they require an admission of guilt that may transcend the charges settled with the administrative authority and lead to further consequences in court, including significant civil sanctions against the company and criminal sanctions against its employees.
On the other hand, adopting robust internal controls is a safer and more predictable way to reduce risks. If resources are limited, in light of Brazil’s business culture and newly improved legal framework, the following measures in particular should be prioritised:
- Risk assessment: Companies should identify their main areas of risk under the new law (especially related to bribery, corruption and conflicts of interest) through a thorough review of their operations, including with respect to staff, third parties, joint ventures, and activities involving interaction with public official
- Internal culture and controls: As company personnel adapts to the new anti-corruption rules and enforcement reality, management should set the tone to ensure an internal culture of compliance. This includes adopting written policies that clearly prohibit violations, as well as investing in effective communications, training, and internal controls
- Third party due diligence: Third party relationships are an area of high risk in many countries and Brazil is no exception, particularly considering the strict liability standard. Therefore, companies should implement a rigorous due diligence process and review historical relationships with agents and joint venture partners, including through a full background check and a careful assessment of any red flags related to the relationship (such as lack of commercial purpose, offshore payments, or unusually high fees)
These actions may not provide a universal solution, but they can greatly strengthen a company’s integrity mechanisms and generally reduce liability exposure. While adapting to Brazil’s enhanced compliance environment may be challenging and will require gradual changes, businesses should take this as an opportunity to proactively review and improve their controls. Considering the risks and costs at stake, it pays to prevent.
About The Author:
Felipe Rocha dos Santos is an international specialist in Hughes Hubbard & Reed’s anti-corruption and internal investigations practice group in Washington, DC. The firm counsels multinational clients on issues spanning the full spectrum of anti-corruption matters, including designing and implementing compliance programs, conducting internal reviews, and acting before international regulators.