This is a follow-up post to my recent proposal for banning corporations from paying ransom.
Let’s think about another possible law, enacted to deal with the following scenario. Suppose that a US corporation has the best proposal to build a project in another country. Unfortunately, the government of that country won’t grant the contract unless a bribe is paid to a top official. The victimized company reluctantly pays the bribe, because paying the bribe reduces the market value of the company by less than losing the contract to another firm.
That’s a pretty simple and straightforward example, isn’t it? Governments have been demanding bribes since the beginning of civilization. Should we pass a law banning such bribes?
If you read the comment section to my previous post, you’d assume that either nothing could be done about this problem, nothing should be done, or both. Why blame the victim, the poor company that is being squeezed by the powerful foreign company? After all, it’s only natural that it would want to pay the bribe, to avoid losing millions in potential profits. You certainly should not ban the paying of bribes, and in any case, corporations would simply ignore a law that did so. At least that’s the implication of the arguments they used against my proposed law banning corporations from paying ransom.
In fact, back in 1977 the US passed a law banning companies from bribing foreign governments, and many other countries have followed suit. So this sort of law is certainly not inconceivable.
Interestingly, the argument for banning the payment of ransom is far, far stronger than the argument for banning bribery. It’s all about “externalities”, which work in opposite directions in these two cases.
One criticism of the Foreign Corrupt Practices Act is that it needlessly hampers US companies, and contracts are then diverted to companies with less ethical home governments. Corrupt governments would naturally prefer to do business with countries that have weak controls on bribery.
The “diversion” argument also applies to extortion, but in this case it works in favor of the ethical country. If one country threatens to imprison corporate officials for 20 years if they pay ransom, extortionists will naturally seek out victims in less ethical countries that have not passed such a ban.
Corporations are already banned from paying bribes because these payments fuel criminal corruption, which hurts the entire world, not just the parties directly involved. Paying a ransom also fuels criminal corruption, hurting the entire world, not just the parties directly involved. If you don’t believe me, ask a motorist in Florida that is unable to buy gasoline. We ‘d be better off if corporations were not subject to such demands. Making it illegal for US corporations to pay ransom would discourage extortionists from picking on US companies.
Even today, institutions often refuse to pay ransom, and instead accept losses that are much larger than they would incur if they did pay ransom. It can be done. In the long run, US corporations might thank us for such a law.
I understand that my proposal to ban corporations from paying ransom seems utterly crazy to many people, but don’t assume that it won’t happen some day. Indeed we may already be inching in that direction:
The U.S. Treasury Department is now stepping in with official guidance. In an advisory published October 1, it warns that a victimized organization that makes ransomware payments to certain identified notoriously high-profile cybercrime organizations, or entities in certain countries, could be subject to fines from the Office of Foreign Assets Control (OFAC). Any companies or contractors that a hacked organization works with—including those providing insurance, incident response, and digital forensics, as well as all financial services that help facilitate or process ransom payments—could likewise be subject to fines.
In the comment section, Luc Mennet suggested an alternative to prison, a 1000% tax on ransom payments. That tax would serve two purposes. It would make extortion 90% less profitable, and it would divert the gains from extortion from the criminals to the government.
READER COMMENTS
Jonathan S
May 16 2021 at 2:12pm
+1 on taxing bribes rather than making illegal
If policies are going to be put in place to restrict negative externalities, taxation will at least capture some tax revenue. Otherwise, you’ll just have a black market emerge with even more deadweight loss.
Fazal Majid
May 16 2021 at 3:56pm
FCPA does not apply only to US companies. It has been used against Siemens, Airbus and others. In fact 9 of the top 10 fines were all levied against non-US companies:
Airbus SE (Netherlands/France): $2.09 billion in 2020.
Petróleo Brasileiro S.A. – Petrobras (Brazil): $1.78 billion in 2018.
Telefonaktiebolaget LM Ericsson (Sweden): $1.06 billion in 2019.
Telia Company AB (Sweden): $1.01 billion in 2017.
MTS (Russia): $850 million in 2019.
Siemens (Germany): $800 million in 2008.
VimpelCom (Netherlands): $795 million in 2016.
Alstom (France): $772 million in 2014.
Société Générale S.A. (France): $585 million in 2018.
KBR / Halliburton (United States): $579 million in 2009.
Thus FCPA is competitively neutral, although of course it is much easier for the DOJ to get evidence on an American company than one abroad, but that does not seem to have hindered them that much, and of course the US used its intelligence agencies to collect evidence of bribery.
Regarding ransomware, insurer AXA recently moved to exclude ransomware from its coverage, and more insurers are likely to follow. I’m quite surprised that it wasn’t the rule, as cutting corners on IT security is a common externality, and in fact a rational one if you consider the slap on the wrist Equifax received for one of the worst breaches ever despite its unconscionable negligence in the matter.
Scott Sumner
May 16 2021 at 7:11pm
Thanks for that info.
Alan Goldhammer
May 16 2021 at 5:20pm
What about corporations demanding tax rebates and other favorable terms to locate facilities in states/localities? Is this bribery in another guise?
Scott Sumner
May 16 2021 at 7:12pm
It would be in the interest of states to ask for a constitutional amendment banning that sort of thing, but it would be tough to enforce as there are so many subtle ways to help a company.
Roger Sparks
May 16 2021 at 5:33pm
To my mind, taxes, ransom, and bribes all have one thing in common: each is a coerced transfer of wealth away from rightful owner(s). In the case of taxes, we can hope for a ‘common good’ benefit.
So, in the case of ransom and bribes, should the payer be penalized by government? Well, does the recipient of ransom or bribes pay taxes on these income items? I think not. Other than the recipient, who knows how much was transferred? The payer knows. Therefore, I think it logical that a forced payment should be treated as wages are treated for social security taxes; pay the wage and then pay the social security tax.
If we did that, I think we would need to decide if ransom or bribes (plus tax) would still be deductible for Federal Income Tax purposes.
Frank
May 16 2021 at 7:01pm
A bribe is not the same as a ransom. The first is freely paid; the second is extorted.
Bribery, if necessary and when illegal, will merely resort to different contract terms, including price. The bribee gains at the expense of his employer.
Worries me not.
Scott Sumner
May 16 2021 at 7:15pm
You said:
“The first is freely paid; the second is extorted.”
I disagree. There’s no meaningful difference between the two, whatever terms you want to use for both. Both are paid reluctantly to avoid a loss in profits.
Frank
May 16 2021 at 7:56pm
No: A bribe is part of a projected project’s cost. If I don’t pay, I lose the profits from the project. Extortion is a payment to allow an existing project to keep functioning. The projecteer did not calculate the effect on his profits ahead of time. So it wasn’t voluntary.
If we knew ahead of time that there would be extortion, then bribery would be like extortion — harmless, except for the question of property rights.
Scott Sumner
May 16 2021 at 8:28pm
Bribery is certainly not harmless, regardless of whether it is expected or not. And I have no idea how you define the term ‘voluntary’. Companies don’t have to pay ransom; many choose not to.
Jens
May 17 2021 at 3:15am
Good points.
It would be interesting to know where these expectations come from.
Why isn’t the project calculated with probabilites/risks for extortion and for bribery ?
It is also not always easy to clearly separate planning and implementation of a project. What if you have to “buy” a permit for phase 2, but phase 2 is essential ?
Frank
May 17 2021 at 6:42pm
Much bribery is efficient: How about bribing a government official to not assess the huge tariff on something I want to import. Great, so long as the bribe is less than the tariff. 🙂
Andrew_FL
May 16 2021 at 10:54pm
A tax on ransom payments seems unworkable since either the paying parties would have to disclose payment or the receiving parties receipt. However, assuming it was in fact workable I’d be very concerned about a government that sees people paying bribes as a non trivial source of revenue.
Scott Sumner
May 17 2021 at 12:19pm
If you had 20 year prison terms for corporate officials who conceal ransom payments, I’m pretty sure they would be disclosed.
Thomas L Knapp
May 17 2021 at 7:41am
Why apply it only to foreign countries? The US government’s entire revenue model is based on demanding ransoms and/or bribes.
Peter Gerdes
May 17 2021 at 4:25pm
The criticism you raise of the FCPA is compelling but even besides that it’s a misguided law that undermines the ability of a country to run their legal system as they see fit.
On paper it might seem to be just the opposite. After all, the FCPA only bans those payments that are corrupt, i.e., are illegal in that country. However, law consists not only of what is technically written on the books but also the practical expectations and consequences.
For instance, most of us in the US break federal laws all the time. There are a ton of laws and regulation and we understand that those laws aren’t really meant for that situation and (perhaps unwisely) accept that some degree of overbreadth is necessary to catch bad actors and count on prosecutorial discretion to bridge the gap. If another country came in and started seriously prosecuting any corporation with substantial ties to their mainland who breached the laws we see as either not a big deal (speeding etc..) or inappropriate to enforce in that situation.
Much of the conduct dealt with by the FCPA has a similar status in other countries. Yes, technically bribery might be generally illegal but it’s understood that won’t be enforced against the cop who takes a few bucks to avoid the red tape of a traffic violation or against the official who takes money to bump processing some form up in the queue. Yet the US decides it knows better than the country whose laws are in question when it applies the FCPA. Still, it does provide some benefits but I fear it mostly just means the US companies need to hire local affiliates to do the bribery for them (and without their knowledge).
raja_r
May 17 2021 at 6:14pm
When I lived in India, I used to see 2 kinds of demand for bribes:
Without a bribe, the govt. official will not approve your new factory/building/project/etc. You have options here – you can wait, complain, pay a smaller bribe to another official, move the project to a different location, etc.
Without a bribe, the govt. official shuts down your factory/shop. (This was more common in the 80s and 90s.). Here, you pretty much have no choice* – pay up or you are going to be ruined.
I don’t think you can equate both these cases. In one case, you don’t have a property right in the new project/factory/whaever. It is not “yours”. In the second case, it is your property that you will lose. The recent crypto-ransom attacks are more like (2) above.
(And, thinking out loud here, if paying a ransom is a negative externality, isn’t having insecure systems in the first place also a negative externality? “If Corp.A didn’t have insecure systems, the hackers would never put in the effort to find Corp.B’s insecure systems.“)
* – yes, you have a choice of not complying, in the same way you have the choice of not paying a mugger and getting stabbed.
Comments are closed.