There are a few early signs that the Trump administration will continue to hold companies to the “way of compliance.” But after the first seven months of his presidency, there are still questions about where enforcement is heading in specific compliance areas. So how can companies plan for enforcement under the Trump administration? Here are five areas of compliance to consider:
Although President Trump and Attorney General Jeff Sessions have each dismissed the Foreign Corrupt Practices Act (FCPA) in the past, Sessions has since indicated that he will continue to enforce the FCPA (the U.S. law prohibiting the payment of anything of value to a foreign official in order to obtain or retain business). Frankly, FCPA penalties are too big a moneymaker for the government, and the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have developed too much infrastructure â€” including labor, guidance and its Pilot Program, which provides for mitigation credit to self-disclosing companies that meet particular cooperation requirements â€” to eliminate all of it quickly.
In any event, so long as the FCPA is on the books, individuals and companies are required to comply with it. The five-year statute of limitations can be tolled for as long as the perpetrators are outside the U.S. So, for international companies, it is unclear whether exposure to an FCPA claim could continue indefinitely if they are not “present” within the U.S. As a result, even if there were a shift in focus away from the FCPA, it would offer, at best, a temporary reprieve â€” given that enforcement can look back five years or more.
In addition, regardless of U.S. enforcement, the UK continues to enforce the UK Bribery Act, which has similar restrictions on payments to foreign officials and others, and other countries have anti-corruption laws on the books as well. As a result, companies must continue to focus on anti-corruption and internal controls compliance.
2. Immigration and Customs
Given President Trump’s tough stance on immigration and his travel ban, which awaits its full hearing in the Supreme Court this fall, it is safe to say that his administration probably will pursue customs and immigration cases just as vigorously, if not more so, than President Obama did in the last few years. This heightened scrutiny will be applied at U.S. Embassies and Consulates, U.S. borders and within the U.S. itself. Recent reports indicate that U.S. Customs and Border Protection is searching the laptops and phones of international travelers, including U.S. citizens, at the border. This includes those with “Global Entry,” the program that allows expedited clearance for preapproved, low-risk travelers.
Individuals who travel with sensitive information on their phones and laptops, including attorney-client privileged or business-sensitive information, should remove that information from their phones and laptops when traveling abroad. At the border, Customs and Border Protection can order you to use your thumbprint to access your smartphone. And although they cannot make you give them your password, they can detain you for a while if you do not (and they may make you think you have to give the password to them). Providing a false password, or falsely stating that you do not know your password, could be considered lying to a federal agent in violation of 18 U.S.C. § 1001.
On the domestic front, management teams should consider having their Forms I-9 audited at a company-wide level to ensure that their employment eligibility verification procedures and records are in compliance. Employers should expect more Form I-9 inspections in the Trump administration’s effort to root out undocumented immigrants employed using invalid work papers. Although companies can be fined when they have not “crossed their t’s and dotted their i’s” in Form I-9 compliance, good-faith efforts to comply can mitigate potential damages and penalties. With the protectionist statements being made by the administration, don’t be surprised if H-1B and other temporary work visas are even harder to get, take longer to secure or are unavailable to individuals from certain countries and subject to higher scrutiny once they’ve been obtained. Companies should be careful to ensure applications for sponsored visas are 100% accurate when filed and seek legal guidance when errors are found or before changes to the terms of employment are made.
3. False Claims Act and Health Care Fraud
President Trump has complained in general about government waste and fraud committed against the government. Additionally, Kenneth Blanco, acting head of the Criminal Division, recently stated that Sessions “feels very strongly” that the DOJ should prioritize attacking schemes that divert funds from Medicare (which are typically pursued through False Claims Act (FCA) cases).
As a result, companies should expect the government to increase its False Claims Act cases, especially those having to do with health care fraud. In fact, President Trump’s proposed budget requests a $24.9 million increase to pursue civil and criminal health care fraud cases. Even if not initiated by the government, whistleblowers are incented to pursue health care fraud and other False Claims Act cases due to 15% to 30% whistleblower rewards. Additionally, whistleblower claims may also be available under state false claims acts.
Companies that do business with the U.S. or state governments, whether at home or abroad, will need to reinforce their compliance programs to avoid civil or criminal False Claims Act actions.
4. Import and Export
Import and export compliance may be areas of concern under the Trump administration as well. Given the administration’s projected focus on national security, exports of ITAR items (defense articles), in particular, may be closely watched. Sanctions and money-laundering compliance will also be a likely focus as the Trump administration tries to keep money out of the hands of terrorists. Import compliance may be a focus given the Trump administration’s threats of import tariffs to level the playing field, especially with China, and its professed intent to tax Mexican-origin goods to pay for Trump’s proposed multibillion-dollar border wall.
On May 10, 2017, President Trump signed an executive order aimed at improving the network security of government agencies, focusing on critical infrastructure upgrades. The order echoes some campaign promises from President Trump to make data security a priority. Comprehensive data security regulation may still be a long way off, as prior congressional attempts to address the issue globally have failed.
Companies should continue to put in place internal protocols to protect their data and ensure the best possible response to breach, including computer use policies and data security and response plans. Companies should promptly respond to any data breach or cybersecurity threat in accordance with applicable state and other laws.
Additionally, entities that are subject to additional regulatory compliance and disclosure rules, such as publicly traded companies, should be mindful of this administration’s increased focus on reducing the cyber threat.
One Final Thought
Attorney General Sessions has also said he will continue to focus on the prosecution of individuals in line with the Individual Accountability Memorandum (a.k.a. the “Yates Memo”). As a result, not only should compliance be important to companies, but also to the individual executives who work for those companies.
Annette K. Ebright and Sarah F. Hutchins are partners at Parker Poe (Charlotte, NC), where they counsel clients involved in government investigations and other compliance matters.
The views expressed in the article are those of the authors and not necessarily the views of their clients or other attorneys in their firm.