By David W. Simon, Partner and Chair of the Government Enforcement Defense & Investigations International Practice, Rohan Virginkar, Partner in the Government Enforcement Defense & Investigations Practice, Co-Chair of the Cannabis Industry team, James Peterson, Partner in the firms Private Equity & Venture Capital, Transactional & Securities and International Practices, Kristen Maryn, Associate and litigation attorney in the firm’s Government Enforcement Defense & Investigations and Busines Litigation & Dispute Resolution Practices, Stephanie Cash, Associate and business lawyer in the Transactions Practice.
Despite the current worldwide economic displacement, many expect that cross-border mergers and acquisitions activity will ultimately rebound as companies use M&A as a critical driver of future growth and strategic planning, especially outside of the United States. Many potential acquirers will look for opportunities which have become more affordable as a result of the current economic difficulties. Other acquirers will look for opportunities to address a strategic need highlighted in the current environment, such as the need to reduce dependency on a single jurisdiction source of supply.
Regardless of the factor driving M&A activity, one constant will be the heightened risk associated with acquiring non- or extra-U.S. targets, particularly the significant risks under the United States Foreign Corrupt Practices Act (“FCPA”). The dynamic is a familiar: a U.S. company acquires a non-U.S. business or a U.S.-based business with international operations and gets more than it bargained for by also acquiring FCPA liability for pre-closing bribes paid by the employees or agents of the acquired entity. In one recent example, the Wall Street Journal reported that John Wood Group reserved $46 million to cover potential government settlements arising out of bribes paid by an engineering firm it had acquired in 2017.
By now, experienced dealmakers understand there may be FCPA risks in an acquisition and have adopted procedures designed to identify and address these issues as part of the M&A diligence process. Most acquirers ask the right questions, conduct risk-based probes of the target’s compliance program and operations, take steps to allocate the risk of compliance issues in the transaction documents and, in some circumstances, structure the transaction as an asset purchase rather than as a stock purchase or merger. Where FCPA issues are discovered in the due diligence process, there is an increasingly well-established playbook for addressing and mitigating the exposure created by these issues, including mitigating the resulting risks by taking advantage of the Department of Justice’s (DOJ’s) Corporate Enforcement Program (CEP), requiring voluntary self-disclosure by the target, and thus avoiding a carry-over enforcement action against the acquirer.
Mitigating FCPA risks can be trickier where the opportunity to conduct due diligence is limited or where bribery risk is identified, but no specific violation uncovered. Acquirers can still invoke the principles of the DOJ CEP to minimize risk, but that requires identification of violations in relatively short order following closing. That is not always achievable. Under such circumstances, an acquirer should also consider another FCPA-risk mitigation strategy: structuring the deal as an asset purchase rather than a stock purchase or merger. An asset purchase, when combined with the other M&A-related risk-mitigation strategies described below, is a preferred approach to mitigate FCPA and anti-corruption risk associated with the pre-closing activities of the target. Unfortunately, an acquirer should not assume that such a structure will provide a bullet-proof shield.
Deal Structure and Successor Liability – General Corporate Law Principles
The asset purchase risk-mitigation strategy is founded on well-established corporate law principles. Under state and common law, the general rule is that an acquirer that purchases a business via the acquisition of assets can determine which, if any, of the target’s liabilities it assumes as part of the transaction. Thus, FCPA liabilities, like most other liabilities, can be left behind with the target. There are, of course, exceptions to the general rule, which exist by common law, statute, and general equitable principles, whereby asset acquirers are deemed to assume certain of the target’s obligations, such as those related to certain tax matters, environmental conditions, product liability claims and employee benefits claims.
Whether an asset purchaser will be deemed responsible generally for the liabilities of the target will depend on the facts and circumstances of a given transaction and applicable state law and federal law. Although the particulars may change based on the specific jurisdiction, the following factors are among those commonly considered by courts examining successor liability absent a specific contractual assumption of a liability: 
- Whether there was an implied assumption of the target’s liabilities such as by public disclosures as to the transaction or by performance of contracts which were not specifically assumed in the transaction;
- Whether there was a “de facto” merger of target and acquirer as a result of the asset purchase, which requires “continuity of ownership” (an equity owner of target becomes an equity owner of the acquirer in some manner), continuity of management, personnel and business operations of target, dissolution of target soon after closing and acquirer’s assumption of ordinary course liabilities as part of the purchase transaction;
- Whether the acquirer is a mere continuation of the target (followed in only a few states); and
- Whether the transaction was entered into fraudulently to escape the obligations of creditors of the target.
These factors may also be considered by the DOJ and the Securities and Exchange Commission (“SEC”) in determining whether to separately investigate or charge an acquirer in connection with FCPA violations of the target. Acquirers that are able to structure a transaction to avoid triggering the questions above in the affirmative will be better situated to challenge a future claim that they should be responsible as successors of the seller’s obligations, including FCPA-related liabilities of the target.
The Enforcement Authorities’ Approach to Successor Liability Under the FCPA
State corporate law notwithstanding, it is not clear that the DOJ and SEC will respect these corporate law successor liability principles in determining the extent of an acquirer’s liability for a target’s potential FCPA violations.
Neither DOJ nor SEC have ever issued explicit public guidance on how the structure of an acquisition impacts enforcement of the FCPA. The Second Edition of the DOJ and SEC’s A Resource Guide to the U.S. Foreign Corrupt Practices Act (the “FCPA Guide”), sets forth the agencies’ view that successor liability for FCPA purposes is based on the premise that “when a company merges with or acquires another company, the successor company assumes the predecessor company’s liabilities [where that company was subject to the FCPA’s jurisdiction].”
Nothing in the FCPA itself prevents an acquirer from limiting its successor FCPA liability by structuring the deal as an asset sale and by explicitly excluding FCPA liability. However, the limited guidance promulgated by the enforcement agencies—and their aggressive pursuit of FCPA violations—suggests that they may not automatically follow state corporate law principles and that acquirers would be wise not to assume that acquisition structure alone will completely defeat the charges DOJ or SEC could seek in pursuing in an FCPA enforcement action. Nowhere in the FCPA Guide do the agencies note the practical and legal differences between stock purchases and mergers on the one hand, and asset purchases on the other. Indeed, the FCPA Guide contains no meaningful discussion of asset purchases at all. Instead, the agencies’ focus in the FCPA Guide is on the conduct of the parties and notes that enforcement action against successors will generally follow where (1) the violations are egregious or sustained, (2) the successor directly participated in the violations, or (3) the successor failed to stop the misconduct from continuing. But the relatively simplistic ways in which the FCPA Guide discusses transactions – the hypothetical and generic description of “Company A  considering acquiring Foreign Company” fails to account for the differences in the types of M&A transactions generally, let alone the intricacies of complex cross-border transactions.
Rather than focus on the form of transaction as a means of mitigating liability, DOJ and SEC have instead consistently emphasized the benefits of robust due diligence, through which companies can identify and address any FCPA issues prior to closing. Remarks by senior DOJ officials have emphasized that DOJ does not want “the specter of enforcement to be a risk factor that impedes such activity by good actors,” meaning that it does not intend for its enforcement program to discourage cross-border transactions. Ignoring the real-world business issues that often drive the form of a transaction, DOJ officials have instead focused on encouraging self-reports to enforcement authorities and cooperation with any subsequent government investigation of other actors.
As law enforcement and regulatory agencies, DOJ and SEC necessarily focus on the facts surrounding the misconduct under investigation. Corporate structure and provisions in purchase agreements will inform their analysis, but are rarely dispositive in and of themselves. In observing the trends and patterns of FCPA enforcement actions in recent years, it would appear that DOJ and SEC have become more analytical in their approach – paying increased attention to factors such as indicia of control and corporate structure, rather than simply pursuing charges because “something bad happened.”
Indeed, DOJ officials have recently acknowledged “that through acquisitions, otherwise law-abiding companies can sometimes inherit problems that are not of their own making.” This acknowledgement suggests that DOJ, at least, considers successor liability less of a bright line than it had in the past.
However, guidance from the agencies and their officials is of course not legally binding and companies should be wary of the practical limits of such guidance. Despite the indications that successor companies may avoid liability for the acts of predecessor entities, and the trend in recent enforcement actions to pursue the predecessor entity rather than the successor, it would be foolish to assume that this means that neither DOJ nor SEC will be interested in investigating potential historical violations. Where the predecessor entity no longer exists, DOJ will still attempt to resolve matters consistent with its programmatic and policy objectives: accountability, deterrence, and avoidance of ill-gotten gains. Thus, without a predecessor entity, the government may look to the successor, regardless of how the transaction was structured. This is particularly true if either agency has the impression that a transaction was structured in a way to specifically avoid FCPA liability. Note the similarity between this approach and the general equitable principle applied in corporate law to consider “whether the transaction was entered into fraudulently to escape the obligations of creditors of the target.” Though successor liability law may limit exposure in many instances, the facts of any particular case will always control and DOJ or SEC will try to find a way to hold bad actors responsible via enforcement actions. Of course, acquiring companies can always litigate with DOJ and SEC, presenting the successor liability issues to a court for resolution. But, for a variety of reasons, this is rarely the course chosen by companies who find themselves in the crosshairs of FCPA enforcement authorities.
Pages from the standard M&A best practices playbook can be applied to targets with increased FCPA and anti-bribery exposure, which should be identified through targeted pre-acquisition due diligence to assess anti-corruption risks. Where due diligence uncovers actual FCPA violations, acquirers should consider insisting on voluntary disclosure to take advantage of the DOJ Corporate Enforcement Policy and similar practices of the SEC.
Where no actual violation is identified but FCPA risks are present, acquiring entities should consider strong and detailed representations and warranties, indemnities, use of a newly-formed acquisition subsidiary to acquire the purchased assets and robust post-acquisition compliance integration planning to help ensure that problematic activities do not continue post-closing.
There are also less standard clauses which may be added to a purchase agreement to help improve an acquirer’s position relative to pre-closing FCPA violations. First, “losses” which are covered by the indemnification provisions of the acquisition agreement should include the amounts of any actual fines or penalties imposed, the costs of any investigation, legal fees, forensic experts, as well as other possible expenses such as the costs associated with any compliance monitoring or reporting DOJ or SEC may require as part of resolving an investigation and compliance program remediation. It is also important that post-closing covenants accommodate payment and conduct obligations to cover additional investigations and disclosures to governmental entities if there are concerns that bribery-related conduct is still taking place as of the time of the acquisition. In addition, the purchase agreement should contain detailed covenants which describe how the parties will respond to any questions, investigations or claims, including how each party will assist with responding to a claim and whether joint defense will be considered.
Where diligence identifies heightened concerns as to potential bribery or corruption issues of the target, an asset purchase affords an acquirer better protection from successor liability than a stock purchase or merger. But it should not be considered a complete defense. At worst, such approach leaves the buyer in the same position as to these liabilities as if it had acquired the equity of the target entity. The steps above may provide some measure of protection, but it is important to note that the specifics of a given transaction may require a more bespoke solution or accommodate guidance provided by the U.S. government for a previously self-reported activity. And, the real trick with any acquisition and how an M&A practitioner delivers value, is to create a workable solution that mitigates risk without killing the deal or impacting the post-closing value of the target.
 Mark Herndon & John Bender, What M&A Looks Like During the Pandemic, Harvard Business Review (June 10, 2020), https://hbr.org/2020/06/what-ma-looks-like-during-the-pandemic; Steve Krouskos, How Do You Find Clarity in the Midst of the COVID-19 Crisis?, EY (Mar. 30, 2020), https://www.ey.com/en_gl/ccb/how-do-you-find-clarity-in-the-midst-of-covid-19-crisis; J.P. Morgan, 2020 Global M&A Outlook: Navigating a Period of Uncertainty 6–15 (Jan. 2020).
 Dylan Tokar, John Wood Group Earmarks $46 Million for Bribery Settlements, Wall Street J. (Mar. 11, 2020), https://www.wsj.com/articles/john-wood-group-earmarks-46-million-for-bribery-settlements-11583884544.
 U.S. Dep’t of Justice, FCPA Corporate Enforcement Policy, available at https://www.justice.gov/criminal-fraud/file/838416/download.
 This article applies the test under New York law. See New York State Elec. & Gas Corp. v. FirstEnergy Corp., 766 F.3d 212, 227 (2d Cir. 2014); PCS Nitrogen Inc. v. Ashley II of Charleston LLC, 714 F.3d 161, 173 (4th Cir. 2013)(discussing the general rule under New York law for successor liability and stating, “[A]s at common law, a corporation that acquires the assets of another corporation typically does not acquire its liabilities, unless ‘(1) the successor expressly or impliedly agrees to assume the liabilities of the predecessor; (2) the transaction may be considered a de facto merger; (3) the successor may be considered a ‘mere continuation’ of the predecessor; or (4) the transaction is fraudulent.’”)(quoting United States v. Carolina Transformer Co., 978 F.2d 832, 838 (4th Cir.1992)); New York v. Nat’l Serv. Indus., Inc., 460 F.3d 201, 209 (2d Cir. 2006).
 Criminal Div. of the U.S. Dep’t of Justice and Enf’t Div. of the U.S. Sec. and Exch. Comm’n, A Resource Guide to the U.S. Foreign Corrupt Practices Act (2d Ed.) available at https://www.justice.gov/criminal-fraud/file/1292051/download (updated in July 2020).
 Id. at 29.
 Id. at 30.
 Id. at 32.
 Matthew S. Miner, Deputy Assistant Att’y Gen., U.S. Dep’t of Justice, Deputy Assistant Attorney General Matthew S. Miner Remarks at the American Conference Institute 9th Global Forum on Anti-Corruption Compliance In High Risk Market Markets, 18-975 (July 25, 2018), https://www.justice.gov/opa/pr/deputy-assistant-attorney-general-matthew-s-miner-remarks-american-conference-institute-9th [hereinafter Miner Remarks].
Id.; see also U.S. Dep’t of Justice, Justice Manual § 9-47.120, https://www.justice.gov/criminal-fraud/file/838416/download (updated Mar. 2019).
 Remarks by Matthew S. Miner, supra note 8.
 Id. at 30.