The healthcare industry has been under increased SEC and DOJ scrutiny lately for potential FCPA violations. What has been described as an “industry sweep,” has focused primarily on medical device and pharmaceutical companies. These companies are particularly vulnerable to FCPA violations because the DOJ and the SEC have taken the stance that employees of state-owned and state-controlled hospitals or health care providers are considered “foreign officials” under the FCPA. For example, in 2012, enforcement actions against Smith & Nephew, Biomet, Orthofix, and Pfizer were all partly based on this enforcement theory. Enforcement actions such as these typically arise from the efforts of a company, its subsidiaries, or its distributors to influence doctors and other officials to purchase, prescribe, or obtain government regulatory approvals and registrations for a company’s products.

The Pfizer settlement with the DOJ and the SEC, announced on August 7, 2012, is the latest FCPA settlement in the medical device industry. The enforcement action against Pfizer arose, in part, out of improper payments, including hospitality and travel expenses, made to doctors and health care professionals employed by government-controlled or owned healthcare providers in countries such as Bulgaria, Croatia, Kazakhstan, Italy, China, Serbia and Russia. As part of this settlement, Pfizer H.C.P., a Pfizer subsidiary, agreed to pay a $15 million criminal fine. Wyeth LLC, another Pfizer subsidiary, also agreed to pay $18.8 million in disgorgement of profits, including pre-judgment interest, to resolve concerns involving the conduct of Wyeth subsidiaries. Pfizer Inc. agreed to pay more than $23.6 million in disgorgement of profits, including prejudgment interest, to resolve concerns involving the conduct of its subsidiaries. The government did not pursue a criminal plea.

Importantly, Pfizer had a pre-existing compliance program in place, it self-reported potential violations, and undertook extensive remedial efforts to assess and investigate the company’s relationships with doctors and employees of government-owned hospitals and healthcare providers. Nonetheless, the DOJ’s Deferred Prosecution Agreement with Pfizer (DPA) imposed specific and detailed requirements to bolster Pfizer’s compliance programs.

For example, Pfizer is required to improve upon its existing compliance procedures to prevent potential FCPA violations such as by conducting biannual training of employees and executives as well as triennial training of third parties whose activities may bring them under the reach of the FCPA. Similarly, Pfizer is required to continue to maintain controls over its compliance policies such as those addressing gift-giving and hospitality expenditures to government officials and to closely monitor compliance with these policies. Pfizer is also required to conduct periodic testing of compliance efforts and institute due diligence procedures for acquisition targets and third parties. Because of the high level of detail in the DPA, the requirements imposed on Pfizer are a helpful guide for drafting, implementing, and improving FCPA compliance programs.

The SEC and the DOJ further emphasized the importance of effective compliance programs in the recent FCPA Resource Guide released on November 14, 2012. A presentation discussing the “hallmarks of effective compliance programs” as identified in the Resource Guide is available here.