The Long Arm of U.S. Law: Extraterritorial Application of the Foreign Corrupt Practices Act

Introduction

The Foreign Corrupt Practices Act of 1977 (“FCPA”) imposes sweeping prohibitions on bribery and demands rigorous accounting controls. What continues to surprise many business leaders is the exceptional breadth of the FCPA’s jurisdictional reach. Through a carefully constructed set of jurisdictional hooks, U.S. prosecutors and the SEC can and do pursue individuals and companies for conduct that occurs entirely on foreign soil, is conducted by foreign nationals, and involves payments made entirely in foreign currencies to officials of foreign governments.

The Statutory Framework

The FCPA has two primary substantive components. The anti-bribery provisions (15 U.S.C. §§ 78dd-1, 78dd-2, and 78dd-3) prohibit the payment, offer, authorization, or promise of anything of value to a foreign official for the purpose of obtaining or retaining business. The accounting provisions (15 U.S.C. §§ 78m(b)(2) and 78m(b)(5)) require issuers to maintain accurate books and records and devise adequate internal accounting controls. The 1998 amendments, enacted to bring the statute into conformity with the OECD Anti-Bribery Convention, added 15 U.S.C. § 78dd-3, extending liability to any person who acts “while in the territory of the United States” in furtherance of a corrupt payment, regardless of any other U.S. connection.

The Three Jurisdictional Bases

U.S. authorities pursue FCPA enforcement under three distinct jurisdictional theories: (1) territorial jurisdiction, based on some nexus between the prohibited conduct and U.S. territory; (2) nationality jurisdiction, based on the status of the defendant as a U.S. person or issuer; and (3) “dd” jurisdiction, based on the use of U.S. mails or instrumentalities of interstate commerce. In practice, these bases frequently overlap and prosecutors plead them in the alternative.

Territorial Jurisdiction: The “While in the Territory” Hook

Section 78dd-3 confers jurisdiction over “any person”—expressly including foreign nationals and foreign entities not otherwise subject to U.S. jurisdiction—who, while physically present in the territory of the United States, acts in furtherance of a corrupt scheme. Courts have interpreted the “in furtherance” element broadly, encompassing preparatory acts, approvals, and communications that advance the corrupt scheme even indirectly. Attending a meeting at which a bribery scheme is discussed, signing off on a transaction during a U.S. layover, or reviewing a fraudulent invoice while present in the United States have each been treated as potentially sufficient territorial contacts.

Nationality Jurisdiction: U.S. Persons and Issuers

Section 78dd-1 governs “issuers”—companies whose securities are registered on a U.S. national exchange or which are required to file reports with the SEC. This provision contains no territorial limitation. A French company whose ADRs trade on the NYSE is an issuer for FCPA purposes, and its employees anywhere in the world are potentially subject to prosecution or civil enforcement for bribery of foreign officials.

Section 78dd-2 extends similar treatment to “domestic concerns”—U.S. citizens, nationals, residents, and companies organized under U.S. law. Third-party liability is critical: the FCPA imposes liability not only for direct payments to foreign officials, but also for payments through intermediaries where the issuer or domestic concern knows, or consciously disregards a high probability, that the third party will pass the money on to a foreign official. Willful blindness satisfies the “knowledge” standard.

The “Instrumentalities of Commerce” Hook

Courts and prosecutors have interpreted “instrumentalities of interstate commerce” to encompass virtually any use of U.S. banking infrastructure, wire transfers passing through U.S. correspondent banks, email servers located in the United States, and telephone calls routed through U.S. networks. Given the centrality of New York to global dollar-clearing operations, any transaction denominated in U.S. dollars that passes through the U.S. financial system—even momentarily—may supply a sufficient jurisdictional nexus. Foreign companies that assume their operations are insulated from U.S. law because they lack a U.S. parent, U.S. listing, or U.S. personnel should consider whether their international transactions routinely transit the U.S. financial system.

Parent-Subsidiary Liability and the Accounting Provisions

For issuers, the FCPA’s accounting provisions require maintaining books and records that accurately and fairly reflect transactions, and maintaining adequate internal accounting controls. These obligations extend to consolidated subsidiaries. Where a foreign subsidiary falsifies its records to conceal a bribe, the issuer itself can be held liable for a books-and-records violation regardless of whether parent-level management had any knowledge of the subsidiary’s conduct.

The anti-bribery provisions also extend to conduct by subsidiaries where the issuer or domestic concern authorized, directed, or controlled the misconduct, or had the requisite knowledge (including conscious disregard or willful blindness) of the subsidiary’s corrupt activities. Willful ignorance of widespread corrupt practices within a subsidiary is not a defense.

Significant Enforcement Cases Illustrating Extraterritorial Reach

In United States v. Siemens AG (2008), the German engineering giant paid over $800 million in fines—then the largest FCPA settlement in history—arising from a systemic global bribery scheme. Siemens had no particular U.S. connection beyond its NYSE listing, but that listing sufficed to bring the entirety of its global conduct within the FCPA’s scope.

In Hoskins v. United States (2d Cir. 2018), the Second Circuit held that the statute’s carefully crafted jurisdictional structure precluded the government from using general conspiracy doctrine to extend liability to individuals who would not otherwise fall within the three defined categories of covered persons. However, the court left intact the ability to prosecute foreign nationals who act as agents of domestic concerns or issuers, and those physically present in the United States in furtherance of a corrupt scheme.

The enforcement actions against Alstom (2014), VimpelCom (2016), and Odebrecht (2016) illustrate the increasing trend toward parallel enforcement—simultaneous proceedings in the United States and multiple other jurisdictions—which can multiply the penalties imposed and scrutiny applied to a company’s global operations.

The “Foreign Official” Definition and Its Breadth

The FCPA defines “foreign official” to include not only government ministers and civil servants, but also officers and employees of state-owned or state-controlled enterprises (SOEs), candidates for political office in foreign countries, and officials of public international organizations. The DOJ and SEC have taken an expansive view of what constitutes an SOE or instrumentality of a foreign government. In many emerging market economies, state-owned enterprises dominate entire industries—oil and gas, telecommunications, banking, mining, and utilities—meaning that a substantial proportion of commercial counterparts in those markets may qualify as “foreign officials” for FCPA purposes.

Compliance Implications for Multinational Businesses

Third-Party Due Diligence. The greatest source of FCPA liability for most multinational corporations is corruption committed by agents, distributors, joint venture partners, and other commercial intermediaries. Red flags including unusually large commissions, requests for payment to offshore accounts, recommendations from foreign government officials, and lack of verifiable business operations should trigger enhanced scrutiny and, where not satisfactorily resolved, termination of the relationship.

Accounting Controls and Record-Keeping. The FCPA’s accounting provisions extend to a parent issuer’s consolidated subsidiaries. Companies must ensure that their internal controls framework operates globally—not just at the parent level. Subsidiary-level controls, internal audit programs with international reach, accurate expense reporting, and robust review of payments to agents and consultants are all critical.

Mergers and Acquisitions. An acquirer can inherit FCPA liability for pre-acquisition conduct of a target company even if unaware of that conduct at the time of the transaction. Pre-closing FCPA due diligence has become standard in cross-border M&A. Where due diligence reveals potential violations, counsel should assess the risk, consider whether voluntary disclosure is appropriate, and ensure prompt post-closing remediation.

Training and Tone from the Top. A compliance program that exists on paper but is not supported by genuine commitment from senior management, adequately resourced, or effectively communicated to employees and agents across jurisdictions will afford limited protection. Regular training, clear policies, anonymous reporting mechanisms, and demonstrated enforcement of standards through meaningful discipline are hallmarks of a program likely to be viewed favorably by prosecutors.

Voluntary Disclosure and the Benefits of Cooperation

The DOJ’s Corporate Enforcement Policy offers significant incentives for companies that voluntarily disclose violations, fully cooperate with investigations, and timely remediate the underlying misconduct. A company satisfying these requirements will receive at minimum a 50% reduction off the bottom of the applicable fine range, and in many cases may be eligible for a declination rather than a formal resolution. Companies that choose not to disclose and are subsequently investigated face a much less favorable posture.

Conclusion

The FCPA’s extraterritorial reach is among the most far-reaching jurisdictional frameworks in U.S. federal law. For companies operating across borders—whether as U.S. issuers, domestic concerns, or foreign businesses with any connection to U.S. territory, U.S. currency, or U.S. capital markets—the statute cannot safely be treated as a domestic U.S. concern of limited relevance. A robust, well-designed compliance program grounded in accurate legal analysis, genuine institutional commitment, and practical operational implementation can dramatically reduce both the risk of violations and the consequences of any violations that do occur.

This advisory has been prepared for general informational purposes only and does not constitute legal advice. Readers should consult qualified legal counsel with respect to any particular situation or legal question.