Understanding FCPA compliance Germany requirements is increasingly critical for German companies with international operations. The U.S. Foreign Corrupt Practices Act (FCPA) has long arms — and German companies that do business with U.S. parties, use U.S. financial infrastructure, or have U.S.-listed securities may come within the reach of the FCPA. This guide explains FCPA jurisdiction, enforcement risk for German companies, the requirements of an adequate compliance programme, and how to handle DOJ/SEC cooperation scenarios.
FCPA Compliance Germany: Does the FCPA Apply to German Companies?
Yes — under certain circumstances, the FCPA can apply to German companies even if they have no operations in the United States. The FCPA extends to:
Issuers (Section 78dd-1)
Any company that has securities listed on U.S. stock exchanges or that is required to file reports with the U.S. Securities and Exchange Commission (SEC) qualifies as an „issuer“ under the FCPA. A German company with securities listed on U.S. exchanges or required to file SEC reports can be an Issuer. Subsidiaries are not automatically Issuers, but may become relevant through agency relationships, consolidated books and records, internal controls obligations, or participation in the underlying conduct.
Domestic Concerns (Section 78dd-2)
This provision covers U.S. persons and entities. German companies are not themselves domestic concerns, but German individuals or entities can be subject to this provision as agents, representatives, employees, or participants acting on behalf of a domestic concern in furtherance of a corrupt scheme.
The Territorial Jurisdiction (Section 78dd-3)
This is where FCPA compliance Germany becomes most relevant for non-listed companies. Under Section 78dd-3, any person — including non-U.S. companies — who takes acts in furtherance of an FCPA violation while in the territory of the United States can be prosecuted. Using the U.S. banking system (e.g., USD wire transfers clearing through New York), U.S. email servers, or conducting meetings in the U.S. may create FCPA exposure and are important jurisdictional risk factors, but whether they are sufficient to establish jurisdiction depends on the specific facts and conduct at issue.
Note: The DOJ has consistently taken an expansive view of FCPA jurisdiction. German companies should not assume they are safe simply because they are not listed in the U.S.
FCPA Enforcement Risk for German Companies: Recent Trends
Germany has historically been the home country of several of the largest FCPA enforcement actions in history. Siemens AG’s 2008 settlement — comprising approximately USD 450 million in DOJ criminal fines and USD 350 million in SEC disgorgement, totalling USD 800 million in U.S. sanctions, plus additional German sanctions — remains a landmark case. More recently, German companies across the automotive, pharmaceutical, and industrial sectors have faced FCPA scrutiny.
Key enforcement trends include:
- Parent company liability: U.S. authorities have pursued parent companies for the conduct of subsidiaries where exposure arose through participation, authorization, knowledge, conscious disregard, agency, control failures, or issuer-level accounting issues. There is no automatic parent liability for the conduct of a subsidiary.
- Individual accountability: The DOJ’s focus on individual prosecution has increased. Senior executives of German companies have faced personal FCPA charges.
- Books-and-records violations: FCPA enforcement often focuses not only on bribery itself but on the accounting provisions — falsified invoices, sham consultancy agreements, and off-the-books payments.
- Multi-jurisdictional coordination: The DOJ and SEC increasingly coordinate with German authorities (BaFin, StA Frankfurt, StA Munich) in parallel investigations.
The FCPA Anti-Bribery Provisions: What Is Prohibited?
The FCPA Anti-Bribery provisions prohibit corruptly offering, paying, promising to pay, or authorizing the payment of anything of value to a foreign official, foreign political party or party official, candidate for foreign public office, or official of a public international organization, in order to obtain or retain business or to secure an improper advantage.
Key concepts for German companies to understand:
Foreign Official
The definition of „foreign official“ under the FCPA is broad. Employees of state-owned enterprises (SOEs) can qualify as foreign officials if the SOE is considered an instrumentality of a foreign government — but this requires a fact-specific analysis; not every SOE employee is automatically a foreign official. The definition also covers foreign political party officials, party candidates, and officials of public international organizations. Given that many industries in key markets (energy, telecommunications, healthcare) involve SOE counterparties, German exporters in these sectors face elevated FCPA risk.
Anything of Value
Like its German counterparts (§ 299 StGB, §§ 331 ff. StGB), the FCPA uses a broad concept of „anything of value.“ This includes cash, gifts, hospitality, travel, internships for relatives, and political or charitable contributions used as a vehicle for bribery.
Third-Party Liability
Paying bribes through agents, consultants, or distributors does not shield the principal. A company can be held liable under the FCPA if it had actual knowledge, was aware of a high probability, or consciously disregarded or deliberately ignored red flags that a third party was using funds for improper purposes. Mere negligence is not sufficient.
FCPA Compliance Programme Requirements
The DOJ and SEC have published a resource guide („A Resource Guide to the FCPA“) that outlines the hallmarks of an effective FCPA compliance programme. While there is no formal safe harbor, a robust programme is one of the most important tools for preventing violations and for achieving favourable treatment in enforcement actions.
Core elements of an FCPA-compliant programme include:
- Tone at the top: Clear, visible commitment from senior leadership to zero-tolerance for bribery
- Risk assessment: Country-by-country, customer-by-customer risk mapping with documented methodology
- Policies and procedures: Anti-bribery policy, gifts and hospitality policy, political contributions policy, charitable donations policy
- Third-party due diligence: Tiered due diligence process for agents, distributors, and consultants based on risk level
- Training: Regular anti-corruption training tailored to risk levels, including country-specific training for high-risk markets
- Internal controls and accounting: Robust invoice verification, dual-signature requirements, payment controls
- Whistleblower channel: Anonymous reporting system with anti-retaliation protections
- Monitoring and auditing: Periodic compliance audits and transaction testing
- Investigation and remediation: Clear process for investigating potential violations and implementing corrective action
Practical note: German companies should ensure their FCPA compliance programme is integrated with — and not duplicative of — their obligations under German law (§§ 30/130 OWiG, GwG, HinSchG). A unified compliance framework addressing both German and U.S. requirements is more efficient and more effective.
DOJ/SEC Cooperation and Voluntary Disclosure
When a potential FCPA violation is discovered, German companies face a difficult strategic decision: whether to voluntarily disclose to U.S. authorities. The DOJ’s Corporate Enforcement and Voluntary Self-Disclosure Policy (CE-VSD Policy, updated March 2026) creates significant incentives for voluntary self-disclosure:
- Companies that voluntarily self-disclose, fully cooperate, and remediate may receive a declination or a significantly reduced penalty
- Full cooperation and remediation without voluntary self-disclosure may still result in reduced penalties, though generally not as favourable as voluntary self-disclosure
- A company that does not voluntarily disclose but cooperates and remediates may still receive a reduced penalty, but not as large a reduction
Practical note: The decision whether to voluntarily disclose to U.S. authorities must be made carefully and in close coordination with U.S. counsel. Disclosure to the DOJ/SEC may trigger parallel investigations in Germany by the Staatsanwaltschaft or BaFin. The legal privilege landscape differs significantly between Germany and the U.S., which adds complexity to internal investigations conducted for disclosure purposes.
FCPA and German Law: Interaction and Overlap
German anti-corruption law — particularly §§ 299, 331-335 StGB and the obligations under Germany’s OECD Anti-Bribery Convention implementation — covers much of the same ground as the FCPA. However, key differences exist:
- The FCPA focuses exclusively on bribery of foreign government officials; German law also covers private-sector corruption (§ 299 StGB)
- The FCPA accounting provisions (books-and-records) have no precise German law equivalent, though tax law and HGB requirements apply
- FCPA penalties — particularly for large companies — have historically been much higher than German penalties
- U.S. enforcement may involve investigative tools less familiar to German companies (grand juries, FBI resources, parallel civil proceedings by the SEC)
Facilitation Payments: A Narrow Exception — Not a Safe Harbour
The FCPA contains a narrow statutory exception for facilitation payments — small payments to low-level foreign officials to expedite or secure routine governmental actions (e.g., processing permits, providing utilities). However, German companies should not treat this exception as a practical safe harbour:
- The exception is narrow and requires the payment to be for a routine governmental action, not to obtain or retain business
- Such payments may violate German anti-corruption law (§§ 331 ff. StGB, § 299 StGB), local law in the recipient country, the UK Bribery Act or other applicable regimes
- Facilitation payments may cause books-and-records and internal controls issues for Issuers
- Many FCPA compliance programmes prohibit facilitation payments entirely as a matter of policy
Related U.S. Development: The Foreign Extortion Prevention Act (FEPA)
The Foreign Extortion Prevention Act (FEPA), enacted in December 2023, targets the demand side of foreign bribery: it makes it a federal offence for foreign officials to accept or solicit bribes from U.S. issuers, domestic concerns, or persons in U.S. territory. FEPA is distinct from the FCPA but reinforces the U.S. commitment to prosecuting international corruption at both ends of the transaction. German companies should monitor developments, as FEPA enforcement may affect counterpart officials in transactions involving U.S. nexus.
Frequently Asked Questions: FCPA and German Companies
Are facilitation payments allowed under the FCPA?
There is a narrow statutory exception for certain routine governmental action payments, but it is not a practical safe harbour. Such payments may still violate German law, local law, other anti-corruption regimes, or internal compliance policies. Most international FCPA compliance programmes prohibit them entirely.
Does USD clearing automatically create FCPA jurisdiction?
No. USD wire transfers clearing through New York are an important jurisdictional risk factor — and U.S. courts and the DOJ have taken an expansive view — but whether they are sufficient to establish FCPA jurisdiction depends on the specific facts, the nature of the conduct, and the applicable jurisdictional basis. USD clearing alone does not automatically trigger jurisdiction.
Häufige Fragen
Does the FCPA apply to German companies that are not listed in the U.S.?
Yes, potentially. Under the territorial jurisdiction provision (Section 78dd-3), any company that uses U.S. territory, banking infrastructure, or communication systems in furtherance of an FCPA violation can be prosecuted. USD wire transfers clearing through New York or using U.S. email servers can create sufficient nexus.
What is a ‚foreign official‘ under the FCPA?
The FCPA definition is very broad. It includes employees of state-owned enterprises (SOEs) and international organizations — not just politicians or civil servants. For German companies operating in markets where key industries are state-controlled, this means that many business counterparties may qualify as foreign officials.
What are the penalties for FCPA violations?
Criminal penalties for companies can reach USD 2 million per violation, but courts can impose up to twice the gain or loss derived from the violation. Civil penalties can also be substantial. In major cases (like Siemens in 2008), total U.S. penalties have exceeded USD 800 million.
Should a German company voluntarily disclose an FCPA violation?
This is a complex strategic decision requiring experienced U.S. counsel. The DOJ’s Corporate Enforcement Policy offers significant penalty reductions for voluntary disclosure combined with full cooperation and remediation, but disclosure may trigger parallel German investigations. Each situation must be assessed on its specific facts.
