Microsoft Corporation (“Microsoft”) is a global software and technology company headquartered in Washington state. Microsoft maintains common stock publicly traded on the NASDAQ and registered with the SEC pursuant to Section 12(b) of the Exchange Act.
Microsoft has wholly-owned subsidiaries globally to assist in its operations. Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft. ("MS Hungary") is Microsoft’s subsidiary in Hungary, Microsoft Ireland Operations Limited (“MIOL”) is Microsoft’s indirect subsidiary in Ireland, Microsoft Arabia (“MS Saudi Arabia”) is Microsoft’s indirect subsidiary in Saudi Arabia, Microsoft Bilgisayar Yazilim Hizmetleri Limited Sirketi (“MS Turkey”) is Microsoft’s indirect subsidiary in Turkey, and Microsoft Thailand Ltd. (“MS Thailand”) is Microsoft’s indirect subsidiary in Thailand.
According to the SEC, Microsoft violated books-and-records and internal accounting controls provisions of the FCPA. The SEC alleged violations by Microsoft’s subsidiaries in the following countries:
· Hungary: MS Hungary allegedly improperly obtained discounts on Microsoft software licenses by representing to Microsoft that it was necessary to win a bid in a public tender to provide Microsoft software licenses held by a government agency. Microsoft approved the discount without sufficiently corroborating the reasons provided by MS Hungary. When the tender was cancelled, MS Hungary requested a third party licensing provider to assist in “influenc[ing]” the agency to re-launch the tender and help secure the bid. The third party provider won the tender shortly after. Rather than selling to that third party provider, MIOL sold it to a separate third party provider. The licenses were eventually “resold” to the government agency by the third party agent that won the tender, but without the discount that was approved. The discount was instead allegedly “used to fund improper payments to government officials to re-launch the tender.” Additionally, the SEC alleged that from 2014 through 2015, the subsidiary paid subcontractors “to provide services in connection with [its] consulting service engagements [for government agencies].” According to the SEC, the subcontractors and subsidiary employees falsified records in Microsoft’s timekeeping system and recorded work that was not actually performed.
· Saudi Arabia: MS Saudi Arabia was alleged to have used funds improperly to provide travel expenses, gifts, furniture and equipment to Saudi government employees. According to the SEC, the money used to pay for the gifts were improperly routed through Microsoft vendors who were paid for their assistance.
· Turkey: A government agency awarded a government tender to a system integrator that was not an “authorized MS Turkey” service provider. MS Turkey allegedly directed an authorized service provider to instead work with the system integrator on the project (which was not properly recorded) and further approved a discount which did not appear to have been provided to the government agency.
· Thailand: A MS Thailand employee provided travel and technological gifts to private-sector banking customers while disguising the funds as training program expenses.
On July 22, 2019, the SEC settled its enforcement action against Microsoft. In consideration of Microsoft’s remedial efforts, which included “enhancing” its internal controls and compliance procedures, terminating employees and licensing providers involved in the scheme, and cooperating with the SEC, among other actions. Microsoft was also required to pay disgorgement of about $13.78 million and prejudgment interest of about $2.78 million. As a result of the criminal fine imposed by the Department of Justice in a related action, the SEC acknowledged it would not impose a civil penalty in addition. Microsoft also agreed to report its remediation efforts to the SEC for a three-year period.
In a related matter, the DOJ entered into a non-prosecution agreement with MS Hungary, citing the company’s engagement and cooperation in the DOJ’s investigation, and Microsoft took remedial action including firing employees who were involved. Microsoft agreed to pay a criminal fine of $8.75 million.