June 24-26, 35th Annual ACFE Global Fraud Conference

Schedule a Demo

Lessons From the Gunvor FCPA Action

In March 2024, the Department of Justice (DOJ) announced the resolution of a FCPA enforcement action involving the Swiss trading firm Gunvor S.A. The enforcement action comes in with a $661 million penalty against the company, which has pleaded guilty to bribing Ecuadorian government officials through the 2010s in exchange for intelligence about upcoming business contracts with the state-owned oil company of Ecuador. The matter was resolved via a Plea Agreement. An Information detailing the company’s conduct was also issue.


According to the DOJ Press Release, “Gunvor entered into a plea agreement with the government and pleaded guilty to an information charging the company with conspiracy to violate the anti-bribery provisions of the FCPA. Following the plea, the court sentenced Gunvor to pay a criminal monetary penalty of $374,560,071 and to forfeit $287,138,444 in ill-gotten gains. The sentence includes credits of up to one-quarter of the criminal fine each for amounts Gunvor pays to resolve investigations by Swiss and Ecuadorean authorities into the same misconduct.”


The Information found that between 2012 and 2020, Gunvor and its co-conspirators paid more than $97 million to intermediaries knowing that some of the money would be and in fact was used to bribe Ecuadorean officials, including a high ranking official at country’s national energy concern, Petroecuador. As part of the scheme, Gunvor managers and agents attended meetings in the United States and elsewhere. The bribe payments were routed through banks in the United States using shell companies in Panama and the British Virgin Islands controlled by Gunvor’s co-conspirators. 

In exchange for these bribe payments, high-level Ecuadorian officials front companies for Gunvor, win the rights to a series of oil-backed loan contracts with Petroecuador. This structure allowed Gunvor and its co-conspirators to avoid a competitive bidding process and to obtain contractual terms that it could not have obtained otherwise. Gunvor also received confidential Petroecuador information in exchange for the bribes. In total, Gunvor earned more than $384 million in profits from the contracts it obtained corruptly from Petroecuador. 

In spite of substantial violations of the FCPA and its extending up into the corporate offices, Gunvor did receive the 25% discount noted above.  The company clearly made multiple changes which should be studied by compliance professionals. We conclude with key lessons learned from the Gunvor enforcement action for the compliance professional.


The company did an excellent job in its remedial efforts. The company took major steps to create an effective, operationalized compliance program which met the requirement of the Hallmarks of an Effective Compliance Program as laid out in the 2020 FCPA Resource Guide, 2nd edition and the 2023 Evaluation of Corporate Compliance Programs (23 ECCP). 

The remedial actions by Gunvor can be grouped as follows.

  1. Implemented a control framework for internal business developers, as well as additional levels of review and approval for counter-party payments;
  2. Enhanced the independent compliance committee with responsibility for reviewing high-risk transactions;
  3. Updated its incentives to more fully align with the 23 ECCP; 
  4. Tested and enhanced its compliance program, including compliance culture reviews, testing new third-party due diligence process and payment controls, and evaluating controls around business development activities; and
  5. Implemented a business communications policy that addresses the use of ephemeral and encrypted messaging applications. 


Change in Business Model

As we saw in the Albemarle and SAP enforcement actions, SAP eliminated its third-party sales commission model globally, and prohibiting all sales commissions for public sector contracts in high-risk markets and enhanced compliance monitoring and audit programs,  including the creation of a well-resourced team devoted to audits of third-party partners and suppliers. Albemarle changed its approach to sales and their sales teams. The company moving away from third-party agents to a direct sales force.

Moving to a direct sales force does have its own risks which must be managed but those risks can certainly be managed with an appropriate risk management strategy, monitoring of the strategy and improvement; those risks can be managed. Yet there is another reason, and more importantly a significant business reason to move towards a direct sales business model. Every time you have third-party agent or anyone else between you and your customer, you risk losing that customer because your organization does not have a direct relationship with the customer. By having a direct sales business model, your organization will more direct access to your customers.

Another interesting aspect of this approach used by Albemarle, SAP and Gunvor is that it is not an approach laid out in either the 2020 FCPA Resource Guide, 2nd edition or the 23 ECCP.  These are all approaches developed by the companies based upon their own analysis and risk models.  It may have been from a realization that the risk involved with 3rd party sales models were simply too great, the companies wanted more control over their own sales or another reason. Whatever the reason for the change, clearly the DOJ took note in each organization and viewed it affirmatively.


While this factor was not present in the Gunvor enforcement action, the message sent by the DOJ could not be clearer on not simply the expectation of the DOJ for self-disclosure but also the very clear and demonstrable benefits of self-disclosure. Under the Corporate Enforcement Policy, Gunvor’s failure to self-disclose cost it an opportunity of at least 50% and up to a 75% reduction off the low end of the U.S. Sentencing Guidelines fine range. Its actions as a criminal recidivist, resulted in it not receiving a reduction of at least 50% and up to 75% from the low end of the U.S.S.G. fine range but rather at 40% from above the low end. Gunvor’s failure to self-disclose cost it an estimated $40 million under the Sentencing Guidelines. It’s failure to self-disclose and recidivism cost it a potential $150 million in discounts under the Corporate Enforcement Policy. The DOJ’s message could not be any clearer.


While most of the cooperation listed in the Plea Agreement was standard actions previously seen, there are two I believe were note worth. The first was that the company produced documents to DOJ from multiple foreign countries expeditiously while navigating foreign data privacy and criminal laws. This language clearly indicated that there were data privacy issues to overcome and that the company did so. It means the DOJ expects any company to do so going forward.

The second was its imaging the phones of relevant custodians at the beginning of Gunvor’s internal investigation, thus preserving business communications sent on mobile messaging applications.  As with the SAP enforcement action, this is clear instruction around messaging apps in FCPA enforcement actions.

Forward-Leaning Steps

Acting Assistant Attorney General Nicole M. Argentieri, said in her speech, “As part of their resolutions with the Criminal Division, each of these trading companies was required to make critical enhancements to their compliance programs to prevent future violations of the FCPA. Companies that take forward-leaning steps on compliance will be better-positioned to certify that they have met their compliance obligations at the end of the term of their agreements, as is now required in corporate resolutions with the Criminal Division. These prosecutions also help set the tone for the energy trading industry as a whole — they show that a robust compliance function is critical.”

This perhaps may be the most significant lesson to be garnered from the Gunvor enforcement action. By taking these “forward-leaning” steps, a company that finds itself in this situation can make a comeback even when home office officials look the other way or are directly involved in the bribery and corruption.

Tom Fox KonaAI

Tom Fox