Pfizer Inc. (Pfizer) recently announced the resolution of a previously disclosed investigation by the United States government into its relationships with healthcare providers (HCPs) and government officials outside of the U.S. To resolve alleged criminal violations of the U.S. Foreign Corrupt Practices Act (FCPA), Pfizer subsidiary Pfizer H.C.P. Corporation (Pfizer H.C.P.) entered into a two-year Deferred Prosecution Agreement (DPA) with the U.S. Department of Justice (DOJ) and agreed to the filing of a two-count Information charging the company with bribery and conspiracy to violate the FCPA. As part of the agreed-upon criminal settlement, Pfizer H.C.P. admitted the facts of the Information as true, and paid a fine of $15 million.
A recent client alert from the law firm Arnold & Porter, LLP gave an in-depth analysis of the case, future implications, and recommendations for companies moving forward to avoid such penalties and misconduct.
This case is a reminder that “U.S.-based multi-national medical products companies must have meaningful compliance programs that extend to their foreign subsidiaries and partners.” Nevertheless, Pfizer’s settlement provides a “useful guidance to companies in the life sciences sector, as well as other global companies, for the implementation and maintenance of global anti-corruption compliance programs that prevent, detect, and respond to potentially improper interactions with government officials outside of the United States.”
Last year, Johnson & Johnson paid $70 million to resolve improper payments by J&J subsidiaries to government officials in Greece, Poland and Romania in violation of the FCPA.
Pfizer and its Wyeth LLC subsidiary also settled allegations by the U.S. Securities and Exchange Commission (SEC) that both companies made corrupt payments and violated the books and records and internal controls provisions of the FCPA. Neither company admitted nor denied the allegations and each consented to the entry of a final judgment order enjoining each from future violations of the FCPA as a condition of the settlement. As a condition of the Consent Order, Pfizer has also agreed to provide the SEC with a written report describing its FCPA and anti-corruption remediation efforts after 180 days, and to provide two follow-up reviews documenting its monitoring efforts.
Finally, apart from agreeing to pay $15 million in criminal fines, Pfizer has also agreed to pay more than $23.6 million in disgorgement of profits, including pre-judgment interest, while Wyeth LLC has separately agreed to pay $18.8 million.
The alert explains that Pfizer’s case is instructive as to what kinds of activities can give rise to alleged FCPA violations. Pfizer settled allegations (which it neither admitted nor denied) by the SEC that its subsidiaries (including Wyeth LLC) had made corrupt payments in Italy, China, the Czech Republic, Saudi Arabia, Indonesia, and Pakistan. Arnold & Porter pointed out that while the Pfizer case was resolved in the U.S., “regulators in the United Kingdom, Germany, Italy, and other jurisdictions are scrutinizing industry relationships under their local anti-bribery laws, and therefore the concept of a global anti-corruption compliance program is not unique to only U.S.-regulated companies.”
Timely and Meaningful Remediation Measures
This case underscores the “value of early detection, prevention, and correction of alleged unlawful activity.” Pfizer’s Corporate Compliance Division learned of potentially improper payments made by the Croatia office of Pfizer H.C.P. and made a voluntary disclosure of these payments to the SEC and DOJ in October 2004—neither agency had been previously aware of these payments. “Pfizer then used internal and external Legal, Compliance, and Corporate Audit personnel to voluntarily undertake an extensive global review of its operations to analyze its relationships with government officials and government doctors in Pfizer H.C.P. markets and those of other subsidiaries.”
“This review included specific assessments of the results of internal investigations that had uncovered evidence of potentially improper payments. Pfizer disclosed the results of the internal review to the government” and launched “extensive remedial actions, including:
- Implementing enhanced anti-corruption policies and procedures,
- Developing global systems to support employee compliance with those policies and procedures,
- Adding FCPA-specific reviews to its internal audits,
- Performing proactive anti-corruption compliance reviews in approximately ten markets annually, and
- Conducting extensive anti-corruption training throughout the organization.
Pfizer regularly reported to DOJ and the SEC on these activities and sought the government’s input concerning their scope and focus.” As a result:
- The government agreed to resolve the matter “without a criminal plea;”
- “DOJ assessed a 34% reduction off the bottom of the Sentencing Guidelines’ recommended fine range for FCPA violations;” and
- The DPA terms do not require Pfizer to hire a corporate monitor to oversee its compliance with the terms of the DPA in recognition of the extensive enhancements Pfizer made to its global compliance program
Continuing Scrutiny of Physician-Industry Relationships
Arnold & Porter noted that this settlement is “another example of government authorities continuing to take the view that HCPs who are employed by government-run healthcare systems or make purchasing decisions within those systems (e.g., hospital formularies) are “foreign officials” within the purview of the FCPA.” The FCPA defines foreign officials, in part, as “any officer or employee of a foreign government or any department, agency, or instrumentality thereof.” See 15 U.S.C. § 78dd-2(h)(2)(A); see also Pfizer H.C.P. DPA, (“In those countries with national healthcare systems, hospitals, clinics, and pharmacies were generally agencies or instrumentalities of foreign governments, and, thus, many of the healthcare professionals employed by these agencies and instrumentalities were foreign officials within the meaning of the FCPA.”).
Over the past few years, industry has expressed its concern with this definition and asked the government to clarify the scope of this term. Nevertheless, companies “must recognize that their global compliance programs must continue to monitor relationships between their employees and HCPs, regardless of how the foreign official definition may ultimately be construed.” Specifically, “it is necessary to implement effective compliance controls on all interactions with HCPs outside of the United States, regardless of whether or not HCPs may be determined to be foreign officials under the FCPA.”
This is particularly true in light of the Physician Payment Sunshine Act and the French Healthcare Payment Transparency Act, which will track and trace almost all payments from industry to physicians, and will be powerful tools for federal and state prosecutors to use in healthcare fraud cases, including those abroad.
Conference travel and hospitality. “Regulators worldwide require that global companies that choose to provide travel and hospitality only do so for legitimate purposes and monitor both the substance of the programs as well as the financial records documenting associated payments to ensure compliance with applicable laws. While an important part of both customer education and healthcare delivery, such provision of travel for HCPs to medical congresses or product training sessions can be subverted for corrupt purposes if effective controls are not put in place at the local market level, with appropriate global programmatic oversight.” Manufacturers should follow the various industry codes, particularly the international ones.
Here, the government alleged that Pfizer H.C.P. maintained an incentive program for its sales representatives (reps) in Bulgaria, whereby successful sales reps could invite their customers along on recreational trips to locations such as Greece. According to DOJ, these customers included “government doctors” and internal documents indicated that the intent behind the program was to increase product sales by influencing purchasing and prescribing decisions of government doctors. Pfizer also admitted that its subsidiaries in various Central and Eastern European jurisdictions had used expense-paid medical conference travel as an incentive to influence purchasing and prescribing decisions of government doctors.
Product marketing and distribution clearances. While many pharmaceutical and medical device companies now have special policies and procedures in place to govern employee relationships with members of government ministries and other regulatory bodies, the Pfizer case reflects the risks posed by private practice customers who also have regulatory responsibilities.
For example, in Croatia, Pfizer H.C.P. entered into a consulting agreement in 1997 with one such “dual-role” customer—a prominent Croatian doctor and professor of internal medicine at a government-funded university. According to DOJ, the Croatian doctor also had “influence over decisions concerning the registration and reimbursement of Pfizer products marketed and sold in the country” and at various times was involved with government committees that made marketing registration and clearance decisions in Croatia.
Formulary decision-making responsibilities or work with quasi-governmental clinical guidelines committees. Between 2003 and 2005, Pfizer Russia, Pharmacia Croatia, and Pfizer H.C.P. Croatia employees allegedly used travel, hospitality, and bonus payments to influence formulary placement decisions. In another instance in 2004, a Pfizer Russia employee requested a “sponsorship” for a local department of health employee who was assisting the chief pharmacologist of a regional pediatric hospital to compile algorithms for antibiotic therapy. In an internal document, the employee noted that “in return for this” the department of health employee and the chief pharmacologist would include Pfizer products in the algorithms which constituted a list of official government-recommended treatments.
Due diligence, including anti-corruption reviews, of distributors in high-corruption-risk markets. According to DOJ, Pfizer H.C.P. Kazakhstan entered into an exclusive distribution agreement with a Kazakh company that was valued at a minimum of $500,000. According to DOJ, all or part of the value of the agreement was intended to be shared with Kazakh government officials. In 2003, a regional supervisor at the Pfizer subsidiary sent a memorandum to his supervisor explaining that the controller of the Kazakh company was very close to government officials and that the company in question had likely been responsible for past problems in getting product approvals.
Discounting arrangements with government hospitals and other institutions. While they serve an important business and healthcare delivery need (and are often required by the government-run entity subject to its tender rules), such arrangements can present compliance risks, particularly in high-corruption risk markets. According to DOJ, Pfizer Russia maintained a “Hospital Program” which appeared to be a legitimate indirect price discounting program for Russian government hospitals. However, Pfizer admitted that Pfizer Russia had used the program to corruptly reward past purchases and prescriptions of Pfizer products, and to corruptly influence future purchases and prescriptions by HCPs employed by the hospital. Similarly, in Croatia, Pfizer admitted that its subsidiaries had created discounting arrangements with hospitals which included “bonus” terms whereby sales reps would share a percentage of product sales and provide travel and other items of value to senior doctors at public hospitals.
Government Expectations for Industry Anti-Bribery Compliance Programs
Arnold & Porter noted that Pfizer’s DPA appears to contain the most specific requirements of any pharmaceutical FCPA settlement and is quickly becoming synonymous with “enhanced compliance obligations” that set the standard for effective compliance programs. The Pfizer H.C.P. DPA contains a four-part Attachment C which is tailored to Pfizer’s business and the facts giving rise to the settlement. Attachment C.1 sets out DOJ’s expectations for an effective compliance program, which includes:
Requiring Pfizer to maintain mechanisms for preventing, detecting, and correcting potential FCPA bribery and books and records violations, such as written policies and procedures, executive oversight, training, due diligence procedures, contractual certifications, periodic testing and other general requirements.
Attachment C.3 sets out Corporate Compliance Reporting requirements, according to which Pfizer agreed to provide status reports to DOJ on the implementation of its compliance program at least once every nine months. Pfizer promises to report any credible evidence of questionable or corrupt payments, or credible evidence that relates to a violation of the books and records provisions of the FCPA. These reports will be provided through periodic, scheduled communications between Pfizer and DOJ. Pfizer also agreed to perform three reviews and reports, detailing the anti-corruption remedial efforts performed and proposing improvements to its anti-corruption policies and procedures.
The most detailed part of the Pfizer DPA is contained in Attachment C.2, which describes the compliance measures that Pfizer promises that it has taken or will take for the duration of the approximately two-year term of the DPA. These obligations fall into six categories: (1) general; (2) complaints, reports, and compliance issues; (3) risk assessments and proactive reviews; (4) acquisitions; (5) relationships with third parties; and (6) training. In addition to common requirements to address risk areas, DOJ has required Pfizer to maintain controls over gifts, speaker fees, travel, honoraria, donations, and other areas which are more specific to the medical products industry.
For example, in addition to its anti-bribery policies, DOJ expects Pfizer to maintain its “Global Policy on Interactions with Healthcare Professionals.” Given that legitimate HCP education, consulting, promotional speaking, and advisory relationships are an important part of the global pharmaceutical and medical device business, the recognition of industry-specific policies and procedures is important. The Alert noted that “certain requirements appear to synthesize existing Pfizer policies, best practices from voluntary pharmaceutical association codes (such those adopted by the International Federation of Pharmaceutical Manufacturers and Associations), and concepts typically seen in domestic pharmaceutical settlements with DOJ and other authorities.”
Pfizer has agreed to maintain procedures to limit the provision of items of value—gifts, hospitality, travel, grants, donations, consulting fees, speaker fees, honoraria—to government officials. Similarly, Pfizer has promised to maintain policies and procedures that require all gifts or hospitality for government officials to be reasonable in nature and given only to relevant officials.
Arnold & Porter also noted that Attachment C.2 provides a roadmap for how Pfizer is expected to monitor compliance with the written standards and structural elements it has agreed to maintain. “This section of Attachment C.2 is an important source of information for industry legal and compliance personnel as they formulate and implement their company-specific compliance work plans, particularly for high-corruption risk markets.” Attachment C.2 requires Pfizer to:
- Continue its program of identifying five high-risk markets for annual FCPA proactive reviews. These reviews will include, among other things, on-site visits by an FCPA review team and review of a representative sample of contracts involving high-risk transactions.
- Continue to implement FCPA trend analysis, tracking and reviewing certain categories of interactions with foreign government officials and due diligence performed on third parties.
- Perform due diligence on acquisition targets, applying anti-corruption policies and procedures to acquired businesses.
- Perform risk-based due diligence on third parties before engaging the third parties, and update the due diligence at least once every three years.
- Perform due diligence on third parties that includes reviewing the third parties’ qualifications, analyzing the rationale for engagements, and identifying relevant FCPA risk areas.
- Require that trained members of the compliance or legal divisions review red flags raised during third party due diligence.
- Train directors, officers, executives, and those employees whose positions require performance of activities covered by Pfizer’s FCPA policies once every two years.
- Provide enhanced FCPA training to internal audit, financial, compliance, and legal personnel.
- Train relevant third parties at least once every three years, when appropriate.
Conclusion
Ultimately, Arnold & Porter recommended that multi-national life sciences company should become familiar with the facts of the Pfizer settlement “and take note of the benefits of maintaining a robust compliance program as a defensive measure in the event of a government investigation.” The alert maintained that “the strength of Pfizer’s pre-existing compliance program, combined with timely self-reporting of potential violations, and aggressive and extensive remediation efforts were key factors in the government’s decision not to pursue a criminal plea, maximize fines and damages, or impose monitoring requirements.” Nevertheless, companies “must monitor employee-HCP relationships, particularly where they involve provision of travel and hospitality, or interactions with ‘dual role’ government officials.”