On September 27, 2022, the Securities and Exchange Commission (SEC) issued a cease-and-desist order and a significant fine against Oracle Corporation after the two sides reached a settlement over corruption charges. Oracle has yet to admit or deny the SEC’s findings, but has agreed to pay a $15 million penalty and approximately $8 million in disgorgement stemming from alleged violations of the anti-bribery, books and records, and internal accounting controls provisions of the Foreign Corrupt Practices Act (FCPA). This marks the second time that Oracle has been charged with violating the FCPA.
In this most-recent action against Oracle, the SEC alleges that, between 2014 and 2019, employees of Oracle subsidiaries based in India, Turkey, and the United Arab Emirates (UAE) used discount schemes and sham marketing reimbursement payments to finance slush funds held at Oracle’s channel partners in those markets.1 The slush funds were used “both to (i) bribe foreign officials, and/or (ii) provide other benefits such as paying for foreign officials to attend technology conferences around the world in violation of Oracle’s internal policies.”2
Overview of Oracle’s Latest FCPA Violations
Improper Use of Discounts
Oracle is alleged to have created improper slush funds by using their indirect sales model, which conducted transactions with various categories of distributors, including value added distributors (VADs) and value added resellers (VARs).3 According to Oracle’s policies, a discount from a product’s list price was only supposed to be approved for a legitimate business reason.4 Using a three-tier system for approving discount requests above designated amounts, discounts at the highest tier required a subsidiary employee to obtain approval from an Oracle approver designated by Oracle’s headquarters.5 Per Oracle policy, certain high level discounts did not require documentary support. According to the SEC, this allowed Oracle subsidiary employees to implement “a scheme whereby larger discounts than required for legitimate business reasons were used … to create slush funds with complicit VADs or VARs … [with] [t]he channel partners profit[ing] from the scheme by keeping a portion of the excess deal margin.”6
Improper Use of Marketing Reimbursements
In addition to the improper discounts discussed above, Oracle’s policies permitted sales employees to request purchase orders up to $5,000, which were meant to reimburse VADs and VARs for certain expenses associated with marketing Oracle’s products.7 The SEC alleges that Oracle subsidiary employees in Turkey and UAE requested sham marketing reimbursements to VADs and VARs “as a way to increase the amount of money available in the slush funds held at certain channel partners … [with] direct supervisors of these sales employees [approving] the fraudulent requests.”8 In addition, subsidiary sales representatives have been charged with paying significant amounts in bribes to foreign clients in return for various contract deals.9
Prior FCPA Violations Alleged Against Oracle
This is not the first time Oracle has faced allegations from the SEC regarding violations of the FCPA. The company agreed to pay a $2 million fine back in 2012 to settle SEC charges arising out of its failure to prevent its India subsidiary from using secret side funds to make unauthorized payments to fictitious vendors. From 2005 to 2007, Oracle was alleged to have structured transactions with India’s government that allowed local distributors to “park” $2.2 million of proceeds outside Oracle’s books and records, thus “creating the potential for bribery or embezzlement.”
Oracle’s Cooperation and Remedial Efforts
When charging both the current and former FCPA violations, the SEC considered Oracle’s cooperation and remedial efforts. In reaching the current settlement, Oracle’s cooperation included “sharing facts developed in the course of its own internal investigations, voluntarily providing translations of key documents, and facilitating the staff’s requests to interview current and former employees of Oracle’s foreign subsidiaries.”11 Oracle undertook a variety of remedial acts, including, inter alia: terminating employees and distributors involved in the misconduct, strengthening and expanding its global compliance functions, increasing transparency and oversight in the product discounting process, and implementing a compliance data analytics program.12 In reaching the 2012 settlement, the SEC took into consideration Oracle’s cooperation with the SEC investigation, their voluntary disclosure of the conduct in India, and their commitment to improving FCPA compliance through new remedial measures.
Why the Oracle Enforcement Action Matters
This SEC enforcement action against Oracle highlights the critical need for effective company compliance protocols, as well as strong internal accounting controls throughout the entirety of a company’s operations. For companies with subsidiaries or for those that conduct business through third parties, efforts should be made to enhance training and communications surrounding company compliance issues, anti-corruption, and internal controls.
To that end, Buchanan’s coordinated team of international trade and national security attorneys stand ready to help your compliance officers and departments navigate the FCPA and compliance best practices.
- Oracle Corporation, Exchange Act Release No. 95,913, (September 27, 2022).
- Id. at ¶ 1.
- Id. at ¶ 5.
- Id. at ¶ 7.
- Id. at ¶ 8.
- Id. at ¶ 9.
- Id. at ¶ 10.
- Id. at ¶ 20.
- Id. at ¶ 27.
- Id. at ¶ 28.