MoFo Global Procurement Quarterly: Winter 2015

MoFo Global Procurement Quarterly: Winter 2015

In This Issue:

– Protection of Security Relevant Information vs. Enhancement of Global Competition – Germany’s “No Spy Decree” for Public Tenders under Continuous Scrutiny

– RWIND Tenderer Test: Objective or Subjective?

– Recent Anti-Corruption Trends and Developments

– DOJ Kicks Off 2015 with an FCPA Enforcement Action Against a Former President of a Philadelphia Consulting Company

– Update: German and UK Governments Move Further Along the Path Towards Transposition of Overhauled EU Procurement Regime

– United States Lawmakers Pass Appropriations Bills for Fiscal Year 2015

– Those German Authorities Awarding Public Contracts Cannot Hold Tenderers from Other EU States to National Minimum Wage Requirements

– United States Lawmakers Pass an Array of Information Technology and Cybersecurity Legislation

– Excerpt from Protection of Security Relevant Information vs. Enhancement of Global Competition – Germany’s “No Spy Decree” for Public Tenders under Continuous Scrutiny:

In Spring 2014, the German Federal Ministry of the Interior (“BMI”) issued a decree directed to its awarding authority that quickly became known as the “No Spy Decree.” The Decree is intended to prevent vendors from disclosing, to the benefit of foreign security agencies or intelligence bodies, security-relevant information gathered when carrying out contracts concluded with German public authorities. Nevertheless, the Decree could impede competition because the measures required to prevent disclosure of security-relevant information will be difficult to meet for non-domestic bidders and for German bidders that are wholly owned, or controlled, by a foreign parent or that have other affiliated companies incorporated under a foreign jurisdiction.

Please see full issue below for more information.

 Download PDF

9 MoFo Global Procurement Quarterly, Winter 2015
By Paul T. Friedman, Stacey M. Sprenkel, and
Julie A. Nicholson
The U.S. Department of Justice (“DOJ”) wasted no time
announcing its first Foreign Corrupt Practices Act (“FCPA”)
case of 2015. On January 6, 2015, just two days into the
first full week of the new year, Dmitrij Harder, the former
owner and President of Chestnut Consulting Group Inc. and
Chestnut Consulting Group Co. (generally referred to as the
“Chestnut Group”), was indicted by a federal grand jury.1
Harder was charged with violating the FCPA and Travel Act
and participating in a scheme to launder the proceeds of
those crimes. This case continues the trend of enforcement
actions against individuals. It also involves the rarely-used
“public international organization” element of the FCPA’s
definition of “foreign official.”
The allegations
Between 2007 and 2009, Harder allegedly engaged in
a scheme to pay approximately $3.5 million in bribes
to an official of the European Bank for Reconstruction
and Development (“EBRD”) in order to obtain favorable
reviews of clients’ financing applications.2
Harder and the Chestnut Group provided consulting
services to companies seeking financing from multilateral
development banks like the EBRD.3 As described in the
indictment, “[t]he EBRD was a multilateral development
bank headquartered in London, England, and was owned
by over 60 sovereign nations. Among other things, the
EBRD provided debt and equity financing for development
projects in emerging economies, primarily in Eastern
Europe. On or about June 18, 1991, the President of the
United States signed Executive Order 12766 designating
the EBRD as a ‘public international organization.’ The
EBRD was thus a ‘public international organization,’ as
that term is defined in the FCPA.”4
At issue in the indictment are the services provided
by the Chestnut Group to two corporate clients. The
clients entered into financial services agreements with
the Chestnut Group for consulting and other services,
including assistance in obtaining project financing.5
The agreements, signed by Harder, included a “success
fee” of a certain percentage of the funds obtained by the
companies from the EBRD.6
Harder allegedly knew a senior banker working in the
EBRD Natural Resources Group (“EBRD Official”)
from prior business dealings.7 The EBRD Official was
responsible for the review of applications submitted to
the EBRD for project financing. In this role, the EBRD
Official allegedly was responsible for the applications
of Harder’s two corporate clients, as well as negotiating
the terms and conditions of their financing.8 Based on
the recommendation of the EBRD Official, the EBRD
ultimately approved the companies’ applications for
project financing, including an $85 million equity
investment with a 90 million Euro senior loan for one
company and a $40 million equity investment with a
$60 million convertible loan for the other company.9
After receipt of the success fees, Harder allegedly
caused wire transfer payments to be made to a bank
account belonging to the EBRD Official’s sister.10 The
transfers to the EBRD Official’s sister were purportedly
for payment of consulting and other business services
to the Chestnut Group, but it is alleged that no such
services were provided.11 Instead, it is alleged that the
payments were bribes paid for the benefit of the EBRD
Official to corruptly influence actions taken with regard
to the clients’ financing applications and to corruptly
influence the EBRD Official to direct business to Harder
and the Chestnut Group.12 To cover up the alleged corrupt
payments, Harder and the EBRD Official’s sister created
false paperwork, including invoices for the sister’s
purported services provided to the Chestnut Group.13
In total, Harder and the Chestnut Group earned
approximately $8 million in “success fees” and paid the
EBRD Official’s sister more than $3.5 million for alleged
consulting services.14 Harder faces a maximum possible
statutory sentence of 190 years in prison and fines of up to
$1.75 million, twice the value of the property involved in
the transaction, or twice the value gained or lost.15
Key takeaways
As an initial matter, this action reflects DOJ’s tenacity
and determination in bringing cases against individuals.
DOJ has been pursuing this matter for years, and this
indictment comes less than two months after the Supreme
Court denied certiorari in an appeal in the matter.16 That
certiorari petition challenged the Third Circuit’s decision
to apply the crime-fraud exception to the attorney-client
privilege. And after a blockbuster month in December, the
quick announcement of this matter will surely keep the
FCPA front of mind for many.
The Harder case also presents yet another opportunity to
challenge DOJ in a courtroom and generate much needed
case law concerning the FCPA and related statutes. For
example, in the Harder case, DOJ chose to charge the
identical five wire transfers as violating both the FCPA
10 MoFo Global Procurement Quarterly, Winter 2015
(Counts 2-6) and the Travel Act (Counts 7-11). DOJ was
faced with a serious challenge to its Travel Act charges
previously in the Eastern District of Pennsylvania in
United States v. Nguyen, and it will be interesting to see
how this case develops.17
Finally, the Harder case should be a reminder to
companies and businesspeople that: (1) officials at
public international organizations18 like multilateral
development banks (e.g., EBRD, World Bank) and other
international organizations like the United Nations qualify
as foreign officials under the FCPA; and (2) DOJ continues
to use the Travel Act to pursue commercial bribery as
a backstop to FCPA charges. As such, it is important to
include the concept of “public international organization”
in employee training and as part of third-party due
diligence. It is also worth remembering that, via the Travel
Act, DOJ has the ability to charge bribery under state
commercial bribery statutes.
1 Indictment, United States v. Harder, Case No. 15-cr-00001-PD (E.D. Pa. Jan. 6, 2015)
(hereinafter “Harder Indictment”), available at
pdf; DOJ Press Release, Former Owner and President of Pennsylvania Consulting
Companies Charged with Foreign Bribery (Jan. 6, 2015), available at http://
2 Harder Indictment ¶ 2.
3 Id. ¶ 1.
4 Id. ¶ 3.
5 Id. ¶¶ 6-7, 13, 26.
6 Id. ¶¶ 13, 26.
7 Id. ¶ 4; U.S. Attorney’s Office, Press Release, Former Owner of Bucks County
Financial Consulting Firm Charged with Bribing Foreign Official (Jan. 6, 2015)
(hereinafter “USAO Press Release”), available at
pr/former-owner-bucks-county- financial-consulting-firm-charged-bribing-foreign-
8 Harder Indictment ¶ 4, 10.
9 Id. ¶¶ 14, 19, 27.
10 Id. ¶¶ 18, 22-23, 28-29.
11 Id. ¶¶ 23, 29.
12 Id.
13 Id. ¶ 31.
14 Id. ¶¶ 21, 23, 28-29; USAO Press Release.
15 USAO Press Release.
16 In re Grand Jury Subpoena, 745 F.3d 681 (3d Cir. 2014), cert. denied sub nom.
Corp. & Client v. United States, 135 S. Ct. 510 (2014). Although the target of the
investigation was not named, the allegations in that matter as set forth in the
Third Circuit decision, which involve potential FCPA violations by a consulting firm
headquartered in Pennsylvania, and reference, for example, success fees of $8
million and improper payments of $3.5 million to a bank official’s sister, id. at 685,
seem clearly to relate to Harder.
17 United States v. Nguyen, Case No. 08-CR-522-TJS (E.D. Pa).
18 Under the FCPA, a “public international organization” is defined as, “an organization
that is designated by Executive order pursuant to Section 1 of the International
Organizations Immunities Act (22 U.S.C. § 288); or any other international
organization that is designated by the President by Executive order for the purposes
of this section, effective as of the date of publication of such order in the Federal
Register.” See 15 U.S.C. §§ 78dd-1(f)(1)(A)-(B), 78dd-2(h)(2)(A)-(B), 78dd-3(f)(2)(A).
By Felix Helmstädter, Christoph Nüßing,
Alistair Maughan, and Sarah Wells
As outlined in our Winter 2014 edition, in early 2014
the European Union (EU) adopted a package of three
directives containing amended rules for the awarding of
public contracts and a harmonized scheme for competitive
tendering of concession contracts.
Procedurally, EU directives need to be transposed into
the national laws of each Member State. On January 7,
2015 – being halfway through the transposition period –
the German Federal Government identified the key points
for the transposition of the EU directives and published
a corresponding paper outlining the principal intentions
and aspects of the reform on a national level.
The German Federal Government is proposing not only
to transpose the advanced EU rules, but to also use this
opportunity for a general reform of the rather complex
set of German public procurement laws and regulations.
Germany’s aim is to create an easy-to-use and modern
framework, providing enhanced legal certainty and
safeguarding an efficient use of public funds.
At the same time, the German procurement regime will
be designed to serve specific additional functions related
to public procurement, such as guaranteeing compliance
with minimum wage laws and protecting the interests of
small and medium-sized enterprises (SMEs). Further, the
German government emphasizes the need to enhance the
means available for electronic tender procedures (digital
procurement), one of the key aspects of the EU framework
in the context of modernizing tender procedures.
While the German Government, in substance, intends
to transpose the standards and requirements set by
the amended EU procurement law framework, the new
German legislation (as described in the Government
paper of January 7, 2015) will modify the structures
of the current German public procurement legislation,
which consists of three levels of statutory laws and sub-
legal regulations. In particular, the role of the mid-level
regulations will be enhanced by incorporating additional
provisions related to public service contracts and by
adding a new regulation on concession contracts.
11 MoFo Global Procurement Quarterly, Winter 2015
Currently, the German Government is still on schedule
to meet the deadline for the transposition of the EU
directives on April 18, 2016. A first draft of the new
legislation is due to be finalized by Spring 2015. As far as
the amendment to the most important federal legislation
(the Act of Restraints against Competition (Gesetz gegen
Wettbewerbsbeschränkungen, GWB)) is concerned, the
new set of rules needs to be adopted by both legislative
bodies, Bundestag and Bundesrat. That is scheduled to take
place in Autumn 2015 and Winter 2015/2016, respectively.
In its January 7, 2015 paper, the German Government
stated that it will rely on the expertise of industry
organizations and contracting authorities during the
legislative process. While the main focus of the reform
and transposition seems to be clear, in this context, details
of the new German procurement regime are still open to
some degree of discussion and consultation.
By Bradley Wine and Steve Cave
In December 2014, Congress passed various
appropriations bills funding almost all of the United
States executive agencies for fiscal year 2015.1 The
2015 Omnibus Appropriations Bill is a consolidation
of appropriations bills that respond to agencies’ budget
requests. Although agency budgets and corresponding
appropriations are tailored to each agency’s specific needs
and governing functions, some themes are prominent
throughout the 2015 appropriations.
The 2015 Omnibus Appropriations Bill reflects the Federal
Government’s continuing focus on information technology
(IT) and cybersecurity. A number of agencies’ budgets
requested significant funding for IT and cybersecurity
measures, and Congress generally did not disappoint. For
example, the Department of Justice was given $722 million
for cybersecurity;2 $15 million goes to the development of
the National Cybersecurity Center of Excellence (within the
National Institute of Standards and Technology);3 major
investments are being made in personnel and equipment
at the U.S. Cyber Command;4 and, not surprisingly, the
Department of Defense (DoD) received significant funding
for cybersecurity and IT measures.5
The Federal Information Technology Acquisition
Reform Act of 2014 (FITARA) is a major piece of IT and
cybersecurity legislation that was passed as part of the 2015
National Defense Authorization Act. As enacted, FITARA
changes IT program acquisitions in measurable ways.
For example, FITARA greatly expands the role of chief
information officers in IT acquisitions, contains provisions
articulating minimum efficiency and effectiveness
requirements, and limits funding opportunities for IT
programs that are deemed “high risk.”6
As usual, various appropriations bills also contain
procurement policy reforms. Many of the most notable
procurement policy changes are contained in the National
Defense Authorization Act.
One of the major reforms is a requirement that
“operationally critical” contractors report “cyber
incidents” (hacking) within the contractor’s network or
information systems.7 Another announced reform is the
DoD’s policy to take necessary steps, including modifying
its acquisition guidance, to ensure that IT acquisitions
include open system approaches.8 The policy reform
reflects the overall effort to avoid establishing programs
that are tied to one IT vendor because changing vendors
would prove too costly. The policy is also intended to
increase competition for IT program acquisitions and
mandates that acquisition officials justify an acquisition
for non-open systems.
Apart from the general advancement of IT and
cybersecurity and various procurement reforms, the 2015
Omnibus Appropriations Bill addresses other issues as well.
For example, in response to Ebola issues arising in 2014,
the Bill provides a total of $5.4 billion in funding to prepare
for, and respond to, an Ebola outbreak.9 In response to
ongoing overseas threats and issues, the Bill provides
roughly $74 billion for Overseas Contingency Operations.
Congress denied some budget requests. The Internal
Revenue Service saw its budget decline by roughly
$346 million.10 Although the IRS has had its budget cut
in prior years, the FY 2015 decline is particularly hefty
and must be absorbed over the span of only nine months.
Congress also failed to agree on appropriations for one
agency – the Department of Homeland Security (DHS).
Instead, Congress agreed to fund DHS with a continuing
resolution that is effective through February 2015. The
debate regarding DHS funding beyond February 2015 is
Overall, the Bill provides $1.014 trillion in discretionary
spending. Members of both the House of Representatives
and the Senate praised the Bill’s compliance with the
bipartisan Murray-Ryan budget reduction agreement.

1 Pub. L. 113-235.
2 H.R. 4660; see also CJS Subcommittee Summary, available at: http://www.
3 S. 2437; see also S. 2437 Committee Report, available at:
12 MoFo Global Procurement Quarterly, Winter 2015
4 2015 National Defense Authorization Act.
5 Id.
6 Id. at Sections 801-837.
7 Id. at Section 1632.
8 Id. at Section 801.
9 H.R. 4800; National Defense Authorization Act; see also Senate Omnibus Summary,
available at:
10 H.R. 5016.
By Dr. Lawrence Rajczak, MoFo Berlin
The Court of Justice of the European Union has recently
decided that the principle of freedom to provide services
under Art. 56 TFEU (“Treaty on the Functioning of the
European Union”) precludes the application of legislation
that requires a tenderer for services under a public contract
to pay a fixed minimum wage if the company that will
provide the services is based in another Member State.
(“Bundesdruckerei GmbH v. Stadt Dortmund,” C-549/13)
In the case at hand, a German government authority had
issued a call for tenders for a public contract regarding
the digitalization of documents. The tendering procedure
was subject to a state law that required all tenderers to
pay a minimum wage of at least EUR 8.62 per hour to all
employees involved in performing the contract, regardless
of by whom and where those employees were actually
employed. One of the tenderers intended to perform the
services through a wholly owned subsidiary located in
Poland. The tenderer refused to commit to the requested
minimum wage and argued that the requirement could not
be applicable if the services are performed in another EU
Member State where the average wages and cost of living
are considerably lower than in Germany.
The CJEU has subsequently decided that legislation
requiring the tenderer to pay a minimum wage constitutes
an unjustified restriction on the freedom to provide services
within the meaning of Art. 56 TFEU. It therefore held the
legislation to be in breach of EU law, insofar as it applies
to services that are performed in other member states that
have lower or no minimum wage requirements at all.
The CJEU reasoned that, even though, in principle, measures
aiming to ensure reasonable wages may generally be justified
in light of the legitimate goal of protecting employees
and preventing so-called “social dumping,” imposing the
minimum wage was, nevertheless, not an appropriate
measure in this case to achieve these objectives. By trying
to impose an across-the-board minimum wage requirement
that did not relate to the actual average cost of living of the
Member State in which the services would eventually be
performed, the legislation – in the Court’s opinion – went
well beyond the means necessary to ensure an appropriate
social standard. In doing so, it illegitimately hindered
subcontractors and competitors from other Member States
from gaining a competitive advantage out of the differences
of the respective rates of pay in the Member States.
The CJEU’s decision will apply to the state law in question
and to similar legislation that thirteen out of the sixteen
states in Germany have passed, each requiring tenderers
for public contracts to pay differing minimum wages. As a
result of the CJEU decision, these laws may not be applied,
insofar as they require minimum wages for services that
are performed in other Member States. Also, although the
scope of the present decision was limited to a tenderer that
was planning to use a wholly owned subsidiary to perform
the required services, based on the reasoning of the CJEU,
it seems highly likely that the same rules would also apply if
the tenderer itself was based in another Member State.
All in all, the decision of the CJEU is not very surprising. Its
rationale flows directly from one of the core principles of the
European internal market: the freedom to provide services in
other Member States without restrictions. Notably, however,
the decision clarifies that this freedom also consists of the
possibility to legitimately exploit the differences between
the wage levels in different Member States in order to gain a
competitive advantage. Also, the decision further establishes
the general principle that the authority of a member state to
enforce a minimum wage is strictly limited to its own territory.
By Bradley Wine and Steve Cave
In the final months of 2014, Congress passed several
important pieces of legislation aimed at reforming
the government’s information technology (IT) and
cybersecurity requirements and policies. The legislation
reforms IT acquisition strategies and strengthens the
Department of Homeland Security’s (DHS) role in
safeguarding federal IT networks.
13 MoFo Global Procurement Quarterly, Winter 2015
We are Morrison & Foerster — a global firm of exceptional credentials. Our clients include some of the largest financial institutions, investment
banks, and Fortune 100, technology, and life sciences companies. We’ve been included on The American Lawyer’s A-List for 11 straight years, and
the Financial Times named the firm number six on its 2013 list of the 40 most innovative firms in the United States. Chambers USA honored the
firm as its sole 2014 Corporate/M&A Client Service Award winner, and recognized us as both the 2013 Intellectual Property and Bankruptcy Firm
of the Year. Our lawyers are committed to achieving innovative and business-minded results for our clients, while preserving the differences that
make us stronger.
© 2015 Morrison & Foerster LLP
National Cybersecurity Protection Act
In December 2014, lawmakers passed the National
Cybersecurity Protection Act of 2014 (NCPA).1 NCPA
amends the Homeland Security Act of 2002 by codifying
the establishment of a national cybersecurity and
communications integration center (the “Center”) under
DHS to assist DHS with oversight of critical IT infrastructure
and cybersecurity. The NCPA establishes the Center as the
platform for civilian agencies to share cybersecurity risks,
exchange information about cybersecurity incidents, and
provide cybersecurity warnings.
The NCPA requires the Center to (1) enable real-time,
integrated operations for federal agencies and certain non-
federal entities; (2) facilitate cross-sector coordination
to address risks and cybersecurity incidents that could
impact multiple government sectors; (3) conduct and
share analysis; and (4) provide technical assistance, risk
management, and security measure recommendations to
other government entities. The NCPA requires that DHS
file various reports and recommendations with Congress
and that the Government Accountability Office (GAO)
audit the Center and its effectiveness.
The NCPA also requires data breach notification policies
and procedures to be established. The NCPA will not
result in agency rulemaking and does not permit DHS to
establish cybersecurity standards for private sector IT or
cybersecurity infrastructure. Likewise, DHS cannot use
the NCPA as the basis of authority to require a private
entity to implement IT or cybersecurity recommendations.
Federal Information Security Modernization Act of 2014
The Federal Information Security Modernization Act of
2014 (FISMA)2 amends the 2002 version of FISMA. The
2014 version of FISMA delegates authority over federal
civilian agency information security policies to the Office
of Management and Budget but provides implementation
responsibilities to the DHS Secretary. The bill delegates
implementation of information security policies for
defense-related and intelligence-related information
security to the Secretary of Defense and the Director of
National Intelligence, respectively.
The bill also requires executive agencies to have
“automated security tools to continuously diagnose and
improve security” and gives DHS the authority to scan
other federal civilian government agencies’ networks for
issues and/or security incidences. Lastly, FISMA requires
various reports to be filed and authorizes GAO to play
a role in developing procedures for testing information
security controls.
Cybersecurity Workforce Assessment Act
In December 2014, Congress also passed the
Cybersecurity Workforce Assessment Act (CWAA).3 The
CWAA directs DHS to assess its cybersecurity workforce
on a recurring basis. The CWAA provides details about the
type of information that DHS should consider, including:
whether DHS’s cybersecurity workforce is ready and
able to meet its missions; which workforce positions
are vacant; whether DHS employees are performing
cybersecurity tasks instead of employees from another
agency and/or contractors; and whether its cybersecurity
workforce is receiving necessary training.
The CWAA also instructs DHS to continually improve
and maintain the quality of its cybersecurity workforce.
The bill addresses salary issues for DHS’s cybersecurity
workforce and requires DHS to formulate strategies
to enhance recruitment and training of top-quality
cybersecurity employees.
Key Takeaways
Agencies’ roles in acquiring IT and cybersecurity
services and products are changing. Agencies are taking
a more active role in managing IT acquisitions and
existing hardware, software, and networks. These bills
will further change IT acquisitions, particularly for
DHS. Furthermore, the competition for recruiting and
retaining IT and cybersecurity professionals is increasing
and will affect contractors’ ability to satisfy acquisition
1 Pub. L. 113-282.
2 Pub. L. 113-283.
3 Pub. L. 113-246.

Download PDF[781KB]

Note close

Firefox recommends the PDF Plugin for Mac OS X for viewing PDF documents in your browser.

We can also show you Legal Updates using the Google Viewer; however, you will need to be logged into Google Docs to view them.

Please choose one of the above to proceed!

LOADING PDF: If there are any problems, click here to download the file.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *