Last week, Pfizer Inc. settled several matters with the Department of Justice and the SEC regarding alleged violations of anti-bribery laws, including the FCPA.  In addition to monetary fines, one of Pfizer’s subsidiaries entered into a two-year Deferred Prosecution Agreement (“DPA”) with Justice.  The DPA offers companies a great roadmap of the type of corporate compliance program that the SEC and Justice look for when considering charges against a company.  Documented compliance efforts and self-reporting can greatly reduce civil and criminal penalties, and in some cases absolve a company of wrongdoing.

Under the DPA, Pfizer must implement a corporate compliance program that includes the following minimum requirements:

  1. a clearly articulated anti-corruption policy
  2. compliance standards and procedures to help avoid potential violations, which applies to all directors, officers, employees, and outside parties acting on behalf of a company in a foreign jurisdiction
  3. a compliance officer(s) tasked with overseeing anti-corruption compliance, who reports to the Board of Directors or an appropriate committee
  4. mechanisms to effectively communicate anti-corruption policies, including training and certifications for employees, agents, and business partners
  5. an effective system for reporting violations of the company’s anti-corruption measures
  6. disciplinary procedures to address violations of the anti-corruption policy
  7. due diligence regarding the retention and oversight of agents and business partners
  8. mandatory contract provisions with agents and business partners to prevent violations of anti-corruption laws
  9. periodic testing of anti-corruption measures to evaluate effectiveness in identifying and limiting violations of anti-corruption laws. 

In addition to the minimum requirements, Pfizer also agreed to take additional measures to ensure a thorough anti-corruption compliance program, including:

  1. appointing a Chief Compliance and Risk Officer with anti-corruption experience
  2. identifying compliance officers responsible for each business unit
  3. establishing an “Executive Compliance Committee” to oversee the anti-corruption compliance program
  4. maintaining specific policies and procedures to address gifts, hospitality, and travel when dealing with foreign government officials
  5. creating an international investigations group to investigate anti-corruption law violations
  6. establishing an anti-corruption program office to offer centralized assistance and training
  7. conducting annual risk-based reviews of programs in high risk markets.

Pfizer’s DPA provides an excellent roadmap for a global and thorough compliance program aimed at identifying high-risk areas, reducing the potential for FCPA and other anti-corruption violations, and limiting a company’s exposure to civil and criminal liability.