U.S. Department of Justice
United States Attorney
Southern District ofNew York
One St. Andrew's Plaza
New York, New York 10007

Criminal Division
Fraud Section
1400 New York Avenue, NW
Washington, D.C. 20005

July 22, 2019
Kathryn H. Ruemmler
Jonathan C. Su
Latham & Watkins LLP
555 Eleventh Street, NW
Suite 1000
Washington, D.C. 20004
DarrylS. Lew
Courtney Hague Andrews
White & Case LLP
701 Thirteenth Street, NW
Washington, D.C. 20005
Re: Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft.
Criminal Investigation
Dear Ms. Ruemmler and Mr. Lew:
The United States Department of Justice, Criminal Division, Fraud Section and the United
States Attorney's Office for the Southern District of New York (the "Fraud Section and the
Office"), and Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft. ("MS
Hungary"), pursuant to the statutory authority of the MS Hungary General Manager reflected in
Attachment B, enter into thfa Non-Prosecution Agreement ("Agreement"). On the understandings
specified below, the Fraud Section and the Office will not criminally prosecute MS Hungary for
any crimes (except for criminal tax violations, as to which the Fraud Section and the Office do not
make any agreement) relating to any of the conduct described in the Statement of Facts attached
hereto as Attachment A ("Statement of Facts"). To the extent there is conduct disclosed by MS
Hungary or Microsoft Corporation ("Microsoft") that does not relate to any of the conduct
described in the Statement of Facts, such conduct will not be exempt from prosecution and is not
within the scope of, or relevant to, this Agreement. MS Hungary, pursuant to the statutory authority
of the MS Hungary General Manager, and Microsoft, pursuant to authority granted to it by
Microsoft's Board of Directors, also agree to certain terms and obligations of the Agreement as
described below.
The Fraud Section and the Office enter into this Agreement based on the individual facts
and circumstances presented by this case and MS Hungary, including:

l

(a)
MS Hungary did not receive voluntary disclosure credit because it did not
voluntarily and timely disclose to the Fraud Section and the Office the conduct described in the
Statement of Facts;
(b)
MS Hungary received full credit for its cooperation with the Fraud Section and the
Office's investigation, including conducting a thorough internal investigation, making regular
factual presentations to the Fraud Section and the Office, producing documents to the Fraud Section
and the Office from foreign countries in ways that did not implicate foreign data privacy laws, and
collecting, analyzing, organizing, and translating voluminous evidence and information for the
Fraud Section and the Office;
(c)
MS Hungary and Microsoft provided to the Fraud Section and the Office all relevant
facts known to them, including information about the individuals involved in the conduct described
in the Statement of Facts and conduct disclosed to the Fraud Section and the Office prior to the
Agreement;
(d)
MS Hungary and Microsoft engaged in extensive remedial measures, including:
(1) taking disciplinary action against four MS Hungary employees; (2) terminating four Hungarian
licensing partners; (3) enacting new discount transparency and pass-through requirements;
(4) conducting a company-wide initiative to elicit reports of potential anticorruption concerns;
(5) conducting training about business conduct standards based in part on the conduct described in
the Statement of Facts; (6) implementing new controls for high-risk deals; (7) implementing new
controls to prevent third-party intermediaries from placing licensing orders with MS Hungary
before receiving end customer purchase orders; (8) creating an expanded transaction monitoring
initiative at the regional level; and (9) developing and using data analytics to help identify highrisk transactions;
(e)
MS Hungary and Microsoft have enhanced and are committed to continuing to
enhance their compliance programs and internal controls to ensure that their compliance programs
satisfy the minimum elements set forth in the Cotporate Compliance Program attached hereto as
Attachment C;
(f)
based on MS Hungary's and Microsoft's remediation and the state of their
compliance programs, and MS Hungary's and Microsoft's agreement to report to the Fraud Section
and the Office as set forth in Attachment D to this Agreement, the Fraud Section and the Office
determined that an independent compliance monitor was unnecessary as part of this resolution;
(g)
the nature and seriousness of the offense conduct, including the involvement of a
high-level executive at MS Hungary and the extensiveness of the scheme to inflate margins that
were used to make improper payments under the Foreign Corrupt Practices Act ("FCPA"), Title
15, United States Code, Section 78dd- l et seq., and the fact that Microsoft did not exercise
meaningful oversight during the relevant time period to ensure that discounts that Microsoft
approved were passed on to MS Hungary's end customers instead of being used to facilitate the
corrupt scheme described in the Statement of Facts. Although this failure of oversight at Microsoft
did not amount to a criminal violation by the parent company, it was a discretionary factor that the
Fraud Section and the Office considered in entering into a criminal resolution with MS Hungary;
(h)

MS Hungary has no prior criminal history;

2

(i)
MS Hungary and Microsoft have agreed to continue to cooperate with the Fraud
Section and the Office in any ongoing investigation of the conduct of MS Hungary and Microsoft,
their subsidiaries and affiliates, and their officers, directors, employees, agents, business partners,
distributors, and consultants relating to violations of the FCPA;
G)
MS Hungary has agreed to disgorge $13,780,733 in profits and $2,784,417.92 in
prejudgment interest to the Securities and Exchange Commission ("SEC") in connection with the
SEC's parallel investigation of overlapping conduct; and
(k)
accordingly, after considering (a) through G) above, the Fraud Section and the Office
believe that an appropriate resolution of this case is a non-prosecution agreement for MS Hungary
and an aggregate discount of 25% off of the bottom of the applicable United States Sentencing
Guidelines ("U.S.S.G." or "Guidelines") fine range;
MS Hungary admits, accepts, and acknowledges that it is responsible under United States
law for the acts of its officers, directors, employees, and agents as set forth in the Statement of
Facts, and that the facts described therein are true and accurate. MS Hungary also admits, accepts,
and acknowledges that the facts described in the Statement of Facts constitute violations of law,
specifically the FCPA. MS Hungary and Microsoft expressly agree that they shall not, through
present or future attorneys, officers, directors, employees, agents or any other person authorized to
speak for MS Hungary or Microsoft make any public statement, in litigation or otherwise,
contradicting the acceptance of responsibility by MS Hungary set forth above or the facts described
in the Statement of Facts. MS Hungary and Microsoft agree that if they or any of their direct or
·indirect subsidiaries or affiliates issues a press release or holds any press conference in connection
with this Agreement, MS Hungary and Microsoft shall first consult the Fraud Section and the Office
to determine (a) whether the text of the release or proposed statements at the press conference are
true and accurate with respect to matters between the Fraud Section and the Office and MS Hungary
and Microsoft; and (b) whether the Fraud Section and the Office have any objections to the release
or proposed statements.
MS Hungary's and Microsoft's obligations under this Agreement shall have a term of three
years from the date on which the Agreement is executed (the "Term"). MS Hungary agrees,
however, that, in the event the Fraud Section and the Office determine, in their sole discretion, that
MS Hungary has knowingly violated any provision of this Agreement or MS Hungary or Microsoft
has failed to perform completely or fulfill each of their obligations under this Agreement, an
extension or extensions of the Term may be imposed by the Fraud Section and the Office in their
sole discretion for up to a total additional time period of one year, without prejudice to the Fraud
Section and the Office's right to proceed as provided in the breach provisions of this AgTeement
below. Any extension of the Agreement extends all terms of this Agreement, including the terms
of the reporting requirement in Attachment D, for an equivalent period. Conversely, in the event
the Fraud Section and the Office find, in their sole discretion, that there exists a change in
circumstances sufficient to eliminate the need for the reporting requirement in Attachment D, and
that the other provisions of this Agreement have been satisfied, the Agreement may be terminated
early.
MS Hungary and Microsoft shall cooperate fully with the Fraud Section and the Office,
subject to applicable law and regulations, in any and all matters relating to the conduct described
in this Agreement and the Statement of Facts and other conduct related to possible corrupt

3

payments, false books and records, failure to implement adequate internal accounting controls, and
circumvention of internal controls under investigation by the Fraud Section and the Office until the
later of the date upon which all investigations and prosecutions arising out of such conduct are
concluded, or the end of the Term. At the request of the Fraud Section and the Office, MS Hungary
shall also cooperate fully with other domestic or foreign law enforcement and regulatory authorities
and agencies, as well as the Multilateral Development Banks ("MDBs"), in any investigation of
MS Hungary, Microsoft, their subsidiaries and affiliates, or any of their present or former officers,
directors, employees, agents, and consultants, or any other party, in any and all matters relating to
the conduct described in this Agreement and the Statement of Facts and other conduct related to
possible corrupt payments, false books and records, failure to implement adequate internal
accounting controls, and circumvention of internal controls under investigation by the Fraud
Section and the Office, except as otherwise prohibited by law. MS Hungary and Microsoft agree
that their cooperation shall include, but not be limited to, the following:
a.
MS Hungary and Microsoft shall truthfully disclose all factual information not
protected by a valid claim of attorney-client privilege or attorney work product doctrine with
respect to their activities, those of their subsidiaries and affiliates, and those of their present and
former directors, officers, employees, agents, and consultants, including any evidence or allegations
and internal or external investigations, about which MS Hungary or Microsoft have any knowledge
or about which the Fraud Section and the Office may inquire. This obligation of truthful disclosure
includes, but is not limited to, the obligation of MS Hungary and Microsoft to provide to the Fraud
Section and the Office, upon request, any document, record or other tangible evidence about which
the Fraud Section and the Office may inquire of MS Hungary or Microsoft.
b.
Upon request of the Fraud Section and the Office, MS Hungary and Microsoft shall
designate knowledgeable employees, agents, or attorneys to provide to the Fraud Section and the
Office the information and materials described above on behalf of MS Hungary and Microsoft. It
is further understood that MS Hungary and Microsoft must at all times provide complete, truthful,
and accurate information.
c.
MS Hungary and Microsoft shall use their best efforts to make available for
interviews or testimony, as requested by the Fraud Section and the Office, present or former
officers, directors, employees, agents, and consultants of MS Hungary or Microsoft. This obligation
includes, but is not limited to, sworn testimony before a federal grand jury or in federal trials, as
well as interviews with domestic or foreign law enforcement and regulatory authorities.
Cooperation shall include identification of witnesses who, to the knowledge of MS Hungary or
Microsoft, may have material information regarding the matters under investigation.
d.
With respect to any information, testimony, documents, records or other tangible
evidence provided to the Fraud Section and the Office pursuant to this Agreement, MS Hungary
and Microsoft consent to any and all disclosures, subject to applicable law and regulations, to other
governmental authorities, including United States authorities and those of a foreign government, as
well as MDBs, of such inf01mation and materials as the Fraud Section and the Office, in their sole
discretion, shall deem appropriate.
In addition, during the Term, should MS Hungary or Microsoft learn of any evidence or
allegation of conduct that may constitute a violation of the FCPA anti-bribery or accounting
provisions had the conduct occurred within the j urisdiction of the United States, MS Hungary and

4

Microsoft shall promptly report such evidence or allegation to the Fraud Section and the Office. On
the date that the Term expires, MS Hungary, by the General Manager of MS Hungary and the Chief
Financial Officer of MS Hungary, will certify to the Fraud Section and the Office that MS Hungary
has met its disclosure obligations pursuant to this Agreement regarding any reportable matters at
MS Hungary. Each certification will be deemed a material statement and representation by MS
Hungary to the executive branch of the United States for purposes of Title 18, United States Code,
Section 1001.
MS Hungary and Microsoft represent that they have implemented and will continue to
implement a compliance and ethics program designed to prevent and detect violations of the FCPA
throughout their operations, including those of their affiliates, agents, and joint ventures, and those
of their contractors and subcontractors whose responsibilities include interacting with foreign
officials or other activities carrying a high risk of corruption, including, but not limited to, the
minimum elements set forth in Attachment C. In addition, MS Hungary and Microsoft agree that
they will report to the Fraud Section and the Office annually during the Term regarding remediation
and implementation of the compliance measures described in Attachment C. These reports will be
prepared in accordance with Attachment D.
In order to address any deficiencies in their internal accounting controls, policies, and
procedures, MS Hungary and Microsoft represent that they have undertaken, and will continue to
undertake in the future, in a manner consistent with all of their obligations under this Agreement, a
review oftheir existing internal accounting controls, policies, and procedures regarding compliance
with the FCPA and other applicable anti-corruption laws. Where necessary and appropriate, MS
Hungary and Microsoft agree to adopt a new compliance program, or to modify their existing ones,
including internal controls, compliance policies, and procedures in order to ensure that they
maintain: (a) an effective system of internal accounting controls designed to ensure the making and
keeping of fair and accurate books, records, and accounts; and (b) a rigorous anti corruption
compliance program that incorporates relevant internal accounting controls, as well as policies and
procedures designed to effectively detect and deter violations of the FCPA and other applicable
anti-corruption laws. Their compliance programs, including the internal accounting controls
system, will include, but not be limited to, the minimum elements set fo1th in Attachment C.
MS Hungary agrees to pay a monetary penalty in the amount of $8,751,795 to the United
States Treasury no later than five business days after the Agreement is fully executed. The monetary
penalty is based upon profits of at least $14,586,325 as a result of the offense conduct, and reflects
a discount of 25 percent off of the bottom of the Guidelines fine range. This monetary penalty is in
addition to the $16,565,151 disgorgement of profits plus prejudgment interest paid by MS Hungary
in connection with its resolution with the SEC in the SEC's parallel investigation of overlapping
conduct. MS Hungary acknowledges that no tax deduction may be sought in. connection with the
payment of any part of this $8,751,795 penalty. MS Hungary shall not seek or accept, directly or
indirectly, reimbursement or indemnification from any source with regard to the penalty or
disgorgement amounts that MS Hungary pays pursuant to this Agreement or any other _agreement
entered into with an enforcement authority or regulator concerning the facts set fo1th iri the
Statement of Facts, except that it may accept reimbursement from Microsoft.
The Fraud Section and the Office agree, except as provided herein, that they will not bring
any criminal or civil case (except for criminal tax violations, as to which the Fraud Section and the

5

Office do not make any agreement) against MS Hungary relating to any of the conduct described
in the Statement of Facts. To the extent there is conduct disclosed by MS Hungary or Microsoft
that does not relate to any of the conduct described in the Statement of Facts, such conduct will not
be exempt from prosecution and is not within the scope of, or relevant to, this Agreement. The
Fraud Section and the Office, however, may use any information related to the conduct described
in the Statement of Facts against MS Hungary or Microsoft: (a) in a prosecution for perjury or
obstruction ofjustice; (b) in a prosecution for making a false statement; (c) in a prosecution or other
proceeding relating to any crime of violence; or (d) in a prosecution or other proceeding relating to
a violation of any provision of Title 26 of the United States Code. This Agreement does not provide
any protection against prosecution for any future conduct by MS Hungary or any of its present or
former parents or subsidiaries. In addition, this Agreement does not provide any protection against
prosecution of any individuals, regardless of their affiliation with MS Hungary or any of its present
or former parents or subsidiaries.

If, during the Term, (a) MS Hungary commits any felony under U.S. federal law; (b) MS
Hungary or Microsoft provides in connection with this Agreement deliberately false, incomplete,
or misleading information, including in connection with its disclosure of infonnation about
individual culpability; (c) MS Hungary or Microsoft fails to cooperate as set forth in this
Agreement; (d) MS Hungary or Microsoft fails to implement a compliance program as set forth in
this Agreement and Attachment C; (e) MS Hungary or Microsoft commits any acts that, had they
occurred within the jurisdictional reach of the FCPA, would be a violation of the FCPA; or (f) MS
Hungary or Microsoft otherwise fails to completely perform or fulfill each of MS Hungary' s or
Microsoft's obligations under the Agreement, regardless of whether the Fraud Section and the
Office become aware of such a breach after the Term is complete, MS Hungary and Microsoft shall
thereafter be subject to prosecution for any federal criminal violation of which the Fraud Section
and the Office have knowledge, including, but not limited to, the conduct described in the Statement
of Facts, which may be pursued by the Fraud Section and the Office in the U.S. District Court for
the Southern District of New York or any other appropriate venue. Determination of whether MS
Hungary or Microsoft has breached the Agreement and whether to pursue prosecution of MS
Hungary or Microsoft shall be in the sole discretion of the Fraud Section and the Office. Any such
prosecution may be premised on information provided by MS Hungary, Microsoft, or their
personnel. Any such prosecution relating to the conduct described in the Statement of Facts or
relating to conduct known to the Fraud Section and the Office prior to the date on which this
Agreement was signed that is not time-barred by the applicable statute of limitations on the date of
the signing of this Agreement may be commenced against MS Hungary or Microsoft,
notwithstanding the expiration of the statute of limitations, between the signing of this Agreement
and the expiration of the Term plus one year. Thus, by signing this Agreement, MS Hungary and
Microsoft agree that the statute of limitations with respect to any such prosecution that is not timebarred on the date of the signing of this Agreement shall be tolled for the Term plus one year. In
addition, MS Hungary agrees that the statute of limitations as to any violation of U.S. federal law
that occurs during the Term will be tolled from the date upon which the violation occurs until the
earlier of the date upon which the Fraud Section and the Office are made aware of the violation or
the duration of the Term plus five years, and that this period shalJ be excluded from any calculation
of time for purposes of the application of the statute of limitations.

In the event the Fraud Section and the Office determine that MS Hungary or Microsoft has
breached this Agreement, the Fraud Section and the Office agree to provide MS Hungary and

6

Microsoft with written notice of such breach prior to instituting any prosecution resulting from such
breach. Within thirty days of receipt of such notice, MS Hungary and Microsoft shall have the
opportunity to respond to the Fraud Section and the Office in writing to explain the nature and
circumstances of such breach, as well as the actions MS Hungary and Microsoft have taken to
address and remediate the situation, which explanation the Fraud Section and the Office shall
consider in detennining whether to pursue prosecution of MS Hungary.
In the event that the Fraud Section and the Office determine that MS Hungary or Microsoft
has breached this Agreement: (a) all statements made by or on behalf of MS Hungary or Microsoft
to the Fraud Section and the Office or to any court, including the Statement of Facts, the reports
submitted to the Fraud Section and the Office pursuant to Attachment D, and any testimony given
by MS Hungary before a grand jury, a court, or any tribunal, or at any legislative hearings, whether
prior or subsequent to this Agreement, and any leads derived from such statements or testimony,
shall be admissible in evidence in any and all crimiqal proceedings brought by the Fraud Section
and the Office against MS Hungary; and (b) neither MS Hungary, Microsoft, nor their subsidiaries
or affiliates shall assert any claim under the United States Constitution, Rule 11 (f) of the Federal
Rules of Criminal Procedure, Rule 410 of the Federal Rules of Evidence, or any other federal rule
that any such statements or testimony made by or on behalf of MS Hungary or Microsoft prior or
subsequent to this Agreement, or any leads derived therefrom, should be suppressed or are
otherwise inadmissible. The decision whether conduct or statements of any current director, officer,
or employee, or any person acting on behalf of, or at the direction of, MS Hungary or Microsoft,
will be imputed to MS Hungary and Microsoft for the purpose of determining whether MS Hungary
or Microsoft has violated any provision of this Agreement, shall be in the sole discretion of the
Fraud Section and the Office.
Except as may otherwise be agreed by the parties in connection with a particular transaction,
MS Hungary agrees that in the event that, during the Term, it undertakes any change in corporate
form, including if it sells, merges, or transfers business operations that are material to MS
Hungary's consolidated operations, or to the operations of any subsidiaries or affiliates involved in
the conduct described in the Statement of Facts, as they exist as of the date of this Agreement,
whether such change is structured as a sale, asset sale, merger, transfer, or other change in co1porate
form, it shall include in any contract for sale, merger, transfer, or other change in co1porate form a
provision binding the purchaser, or any successor in interest thereto, to the obligations described in
this Agreement. The purchaser or successor in interest must also agree in writing that the Fraud
Section's and the Office's ability to determine there has been a breach under this Agreement is
applicable in full force to that entity. MS Hungary agrees that the failure to include this Agreement's
breach provisions in the transaction will make any such transaction null and void. MS Hungary
shall provide notice to the Fraud Section and the Office at least thirty (30) days prior to undertaking
any such sale, merger, transfer, or other change in corporate form. The Fraud Section and the Office
shall notify MS Hungary prior to such transaction (or series of transactions) if it determines that the
transaction(s) will have the effect of circumventing or frustrating the enforcement purposes of this
Agreement. If at any time during the Term MS Hungary engages in a transaction(s) that has the
effect of circumventing or frustrating the enforcement purposes of this Agreement, the Fraud
Section and the Office may deem it a breach of this Agreement pursuant to the breach provisions
of this Agreement. Nothing herein shall restrict MS Hungary from indemnifying (or otherwise
holding harmless) the purchaser or successor in interest for penalties or other costs arising from any
conduct that may have occurred prior to the date of the transaction, so long as such indemnification

7

..
does not have the effect of circumventing or frustrating the enforcement purposes of this
Agreement, as detennined by the Fraud Section and the Office.
This Agreement is binding on MS Hungary and Microsoft, and the Fraud Section and the
Office, but specifically does not bind any other component of the Department of Justice, other
federal agencies, or any state, local, or foreign law enforcement or regulatory agencies, or any other
authorities, although the Fraud Section and the Office will bring the cooperation of MS Hungary
and Microsoft and its compliance with its other obligations under this Agreement to the attention
of such agencies and authorities if requested to do so by MS Hungary or Microsoft.
It is further understood that MS Hungary, Microsoft, and the Fraud Section and the Office
may disclose this Agreement to the public.
This Agreement sets forth all the terms of the agreement between MS Hungary, Microsoft,
and the Fraud Section and the Office. No amendments, modifications or additions to this Agreement
shall be valid unless they are in writing and signed by the Fraud Section and the Office, the attorneys
for MS Hungary and Microsoft, and a duly authorized representative of MS Hungary.
Sincerely,
ROBERT ZINK
Acting Chief, Fraud Section
Criminal Division
United States Department of Justice

Date:

]/;r;_/J~ B Y : ---==--~=---------:;,,-""
~ ~~ - -=- ' - - - - - - ~~~
?---Della G. Sentilles
Trial Attorneys

GEOFFREY S. BERMAN
United States Attorney
Southern District of New York

Date:

7/11/Jq

BY: _

___:_~J-,t~========-LJR)
--~Lai
Assistant United States Attorney

8.

AGREED AND CONSENTED TO:
Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft.

tt·~

J t< ly ,i &1 ~c> ICl
Date: _ _ ___ By:

Christopher Mattheisen
General Manager
MS Hungary

Date: _ __ __ By:
Kathryn H. Ruemmler
Jonathan.C. Su
Latham & Watkins LLP

Date: _ _ _ _ _ By:
Darryl S. Lew
Courtney Hague Andrews
White & Case LLP

Microsoft Corporation

Date:

1-- J~- /7

By:
Bradford L. Smith
President and Chief Legal Officer
Microsoft Corporation

,

Date: _ __ _ _ By:
Kathryn H. Ruemmler
Jonathan C. Su
Latham & Watkins LLP

Date: _ _ _ _ By:
Darryl S. Lew
Courtney Hague Andrews
White & Case LLP

9

i" '

...

:

AGREED AND CONSENTED TO:
Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft.

Date: _ __ _

By: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ __
Christopher Mattheisen
General Manager
MS Hungary

Date:

By:

:..:1

-----"~=---:...--V~+-'--'H
-_.
-~- Y'A-)'_"1-- l.v_ _ __
Kathryn H. Ruemmler
Jonathan C. Su
Latham & Watkins LLP

Date: _ _ _ _ By: _ _ _ _ _ _ _ _ _ _ _ __ _ _ _ __ _ _ __
Darryl S. Lew
Courtney Hague Andrews
White & Case LLP
Microsoft Corporation

Date: _ _ _ _ By:
Bradford L. Smith
President and Chief Legal Officer
Microsoft Corporation
Date:

1 I/1? 1/JCJ

&(_JA,ir:

b ~r~

By: ----------fr;/-1.
r----K-a_thry_n
_H_
. R_u_e_mm_l-er_ _ _ _ _ __
Jonathan C. Su
Latham & Watkins LLP

Date: _ _ __

By: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ __ __ _
Darryl S. Lew
Courtney Hague Andrews
White & Case LLP

9

. .,
' .

AGREED AND CONSENTED TO:
Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft.

Date: _ _ _ _ By:
Christopher Mattheisen
General Manager
MS Hungary
Date: _____ By:
Kathryn H. Ruemmler
Jonathan C. Su
Latham & Watkins LLP

Date:

'1/1'f //'/

By:

Microsoft Corporation

Date: _ _ __ By:
Bradford L. Smith
President and Chief Legal Officer
Microsoft Corporation
Date: _ _ ___ By:
Kathryn H. Ruemmler
Jonathan C. Su
Latham & Watkins LLP

Date:

?-j,l/12

By:
Courtney Hague Andrews
White & Case LLP

9

ATTACHMENT A
STATEMENT OF FACTS

The following stipulated Statement of Facts ("Statement of Facts") is incorporated by
reference as part of the Non-Prosecution Agreement (the "Agreement") between the United States
Department of Justice, Criminal Division, Fraud Section and the United States Attorney's Office
for the Southern District of New York (the "Fraud Section and the Office"), and Microsoft
Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft. ("MS Hungary"). MS Hungary
hereby agrees and stipulates that the following information is true and accurate. MS Hungary
admits, accepts, and acknowledges that it is responsible for the acts of its officers, directors,
employees, and agents as set forth below:
Relevant Entities

At all relevant times:
1.

MS Hungary was a direct, wholly-owned subsidiary of Microsoft Corporation with

headquarters in Budapest, Hungary. MS Hungary promoted and marketed the sale of licenses for
various Microsoft software and provided services related to those products. MS Hungary's Public
Sector team was responsible for the subsidiary's public sector accounts.
2.

Microsoft Corporation ("Microsoft") was a multinational technology company

headquartered in Redmond, Washington. Microsoft generated revenue by, among other things,
developing, licensing, and supporting a wide range of software and services. Microsoft's shares
were publicly traded on the National Association of Securities Dealers Automated Quotations
("NASDAQ") Stock Exchange. Therefore, Microsoft was an "issuer" as that term is used in the
Foreign Corrupt Practices Act ("FCPA"), Title 15, United States Code, Sections 78dd-l and
78m(b).

A-1

3.

Microsoft Ireland Operations Limited ("MIOL") was an indirect, wholly-owned

subsidiary of Microsoft with headquarters in Dublin, Ireland. MIOL was assigned the right to
license Microsoft software to customers in countries in the Europe-Middle East-Africa region,
including Hungary, through a number of agreements entered into by Microsoft and various
subsidiaries.
4.

Executive 1 was a high-level executive at MS Hungary.

5.

Manager 1 was a manager overseeing the Public Sector team at MS

Hungary.
6.

Employee 1 was a Public Sector Account Executive at MS Hungary.

7.

Agency 1 was a Hungarian government agency that purchased Microsoft

software in 2013.
8.

Agency 2 was a Hungarian government agency that purchased Microsoft

software in 2014.
9.

TPI 1 was an Austrian Licensing Solution Partner ("LSP"), i.e., a reseller

that has met certain criteria established by Microsoft, which purchased Microsoft software and
resold it to its Hungarian affiliate, third party intermediary ("TPI") 2, in certain subject transactions.
10.

TPI 2 was the Hungarian affiliate of TPI 1 and was involved in certain

subject transactions.
11.

TPI 3 was a Hungarian TPI involved in certain subject transactions.
Overview

12.

From approximately 2013 to June 2015, a senior executive and other employees of

MS Hungary participated in a scheme to inflate margins in the Microsoft sales channel, which were
used to fund improper payments under the FCPA. More specifically, a MS Hungary executive and
other employees falsely represented to Microsoft that discounts from Microsoft's estimated retail

A-2

prices for government contracts were necessary to conclude deals with Hungarian government
agencies. The savings represented by the discounts, however, were not passed along in full by TPis
to the Hungarian government customers to reduce the end customer price. Instead, the inflated
margins were used to fund improper payments under the FCPA in connection with the sale of
Microsoft software to Hungarian government agencies. MS Hungary, therefore, knowingly and
willfully caused Microsoft, a U.S. issuer, to falsely record as discounts in its books and records
amounts that were used to fund improper payments under the FCPA. In total, MS Hungary caused
Microsoft to report false discounts for a number of licensing deals. The subject licensing deals
resulted in profits to Microsoft of $14,586,325 attributable to the sales and marketing activities of
MS Hungary.
The MS Hungary Licensing Sales Model
13.

During the relevant time period from 2013 to June 2015, MS Hungary promoted and

marketed Microsoft software to government agencies in Hungary. In Hungary, Microsoft employs
an indirect distribution model whereby TPis resell Microsoft software to end customers, attend to
end customer accounts, and provide other services. As a result, MS Hungary did not contract
directly with government end users. Instead, for the subject licensing deals, a separate Microsoft
subsidiary, MIOL, entered into a framework licensing agreement with the government end user that
set forth the terms and conditions for the government end user's Microsoft license purchases. TPis
would then bid in a tender to sell licenses to the government end user.
14.

During the relevant time-period, the Hungarian central government maintained a

simplified procurement process for purchases of Microsoft software. Under this process, five
consortia of companies pre-qualified by the Hungarian government were invited by the government
to bid in tenders for the purchase of Microsoft software by Hungarian government entities. Each
consortium included an authorized Microsoft LSP, with one TPI (sometimes an LSP) acting on

A-3

behalf of its consortium. The TPI that won the tender would negotiate the final sales price with the
government end user and, typically, sign an agreement with that agency. In certain instances, the
TPI that purchased the licenses from MIOL did not resell the licenses directly to the end customer,
but instead resold the licenses to another TPI for onward sale to the end customer.
15.

Microsoft maintained standard estimated retail prices at which it offered its software

for sale. Government and other large customers often expected discounts from the estimated retail
prices because of their size and negotiating power. While Microsoft was open to considering
discounts from estimated retail prices, Microsoft wanted its prices to remain as consistent as
possible. Microsoft's intent and expectation was that discounts provided by Microsoft were to
reduce end customer prices, not to create additional margin for LSPs.
16.

Microsoft required its employees to record all sales information, including prices

and discounts, accurately. To that end, Microsoft maintained policies and procedures governing the
ability of Microsoft sales personnel to offer discounts below estimated retail prices. These policies
and procedures were intended to ensure consistency in Microsoft pricing and to avoid improper use
of discounts by sales personnel. These policies controlled discounting practices by, among other
things, requiring sales personnel to obtain different levels of approval depending on the size of the
discount that they intended to offer a customer.
17.

Sales personnel who wished to offer a discount above a certain minimum threshold

were required to obtain approval from a member of the Microsoft Business Desk, which was
responsible for reviewing and approving or denying requests for discounts. The Microsoft Business
Desk was managed by Microsoft personnel in Redmond, Washington, but had employees around
the world. Although each licensing deal was different, Microsoft issued guidance to Microsoft
Business Desk employees who reviewed requests for discounts to ensure that they considered
appropriate factors in determining whether to approve a discount.

A-4

18.

Although the final price that government agencies paid for Microsoft software

licenses was negotiated between the TPI that won the tender and the government agency, discounts
requested by MS Hungary personnel and approved by the Microsoft Business Desk should have
been passed through in full to the government end customer by the LSP that purchased the licenses
from MIOL.

The Corrupt Scheme Perpetrated by MS Hungary
19.

From at least 2013 to June 2015, a MS Hungary executive and ce11ain employees,

including Executive 1, Manager 1, and Employee 1, were involved in a bid rigging and bribery
scheme to create inflated margins in the Microsoft sales channel that were used to fund improper
payments under the FCPA in connection with the sale of Microsoft software to Hungarian
government agencies.
20.

Two licensing deals, discussed further below, illustrate the scheme, which generally

worked as follows. MS Hungary personnel obtained information about the Hungarian government
customer's budget, which sometimes was supported by European Union ("EU") funding made
available to Hungary, for a particular licensing deal before the tender. In addition, certain MS
Hungary employees, including Executive 1, Manager 1, and Employee 1, knew in advance of the
completion of the tender which TPI was going to win the tender. MS Hungary would then arrange
to sell the licenses for a substantially discounted price. To do so, MS Hungary personnel made false
representations to the Microsoft Business Desk about the need for, and purpose of, the discounts in
order to obtain the Microsoft Business Desk's approval for the discounts. Such discounts were not
true discounts, however, because they were not passed along in fu ll by TPis to the government
agency end user, which paid at or near the maximum amount available for the licensing deals at
issue. Instead, with knowledge of certain MS Hungary employees, including Executive 1, Manager

A-5

t.

1, and Employee 1, the false discounts created inflated margins in the Microsoft sales channel that

were used to make improper payments under the FCPA.
21.

The inflated margins created through this scheme by MS Hungary personnel were

not used to reduce the end customer price, but instead were used for corrupt purposes and,
moreover, were falsely recorded as "discounts" and stored in various tools and databases on
Microsoft servers in the United States. These false discounts were consolidated into Microsoft's
financial records and were used to support Microsoft's financial reporting to the Securities and
Exchange Commission ("SEC"). As such, MS Hungary caused the inflated margins created
through the scheme to be falsely recorded as legitimate discounts in Microsoft's books, records,
and accounts.
Example 1: The Scheme Involving Agency 1

22.

On or about February 28, 2013, a Hungarian government official working for

Agency 1 sent an email to Employee 1 requesting a price quote for the purchase of 4,000 desktop
licenses for Microsoft software. Thereafter, from in or around February 2013 through in or around
June 2013, Employee 1 discussed various deal structures and different amounts of desktop licenses
for the deal with several officials at Agency 1.
23.

On or about May 2, 2013, another MS Hungary employee requested a 44% discount

from the Microsoft Business Desk for the deal with Agency 1. The MS Hungary employee claimed
that Agency 1 would commit to closing the deal in June, rather than October, if Microsoft reduced
the price to fall within Agency 1's €2 million budget. Executive 1 fu11her supported the request for
the discount by stating: "I was involved in this deal and give[n] the budget available and partner
pre-sales efforts, it is vital we get the 44% discount approved." The Microsoft Business Desk
rejected the request and, among other things, noted that the estimated reseller margin seemed high.

A-6

24.

On or about May 3, 2013, MS Hungary restructured the deal with Agency 1. The

same MS Hungary employee who requested the initial discount sent an email to the Microsoft
Business Desk, copying Executive 1, Manager 1, and Employee 1, requesting a 22.55% discount
in order to, among other things, "fit [Agency l's] given budget." This discount was approved by
the Microsoft Business Desk.
25.

On or about June 4, 2013, about two weeks before the Agency 1 tender was

announced to the public, Employee 1 emailed Manager l regarding various "pending priority
matters," including the Agency 1 deal. The email identified TPI 3 as the "partner" for the deal; the
same information was reflected in a spreadsheet in Manager 1 's possession. The spreadsheet
showed that TPI 3 had already been selected as the intermediary for this licensing deal even though
Agency l ' s procurement tender for the licenses had not yet been publicly announced.
26.

On or about June 17, 2013, Employee 1 sent an email, copying Executive 1 and

Manager 1, to the CEO of Agency 1, proposing a transaction for 4,400 Microsoft software desktop
licenses for a price of approximately €2.36 million, which was outlined in a table in the email. The
CEO responded to Executive 1, Manager 1, and Employee 1, "Thank you everyone, I accept the
price, let's get the order started." That same day, Agency I launched the tender; bids were due on
June 24, 2013.
27.

On or about June 18, 2013, Employee 1 sent TPI 3 the product and price information

that was included in the table he sent to the CEO the day before. That same day, a different TPI
forwarded the tender invitation to Employee 1 by email with the comment, "[W]e will go along
with this." Employee 1 forwarded this TPI's email to Manager 1, who said he had spoken to
someone at that TPI. The timing and substance of these communications demonstrate that the
bidding process was rigged in favor of TPI 3.

A-7

28.

Despite knowing that Agency 1 had already accepted a €2.36 million price for the

deal two days earlier, on or about June 19, 2013, Manager 1 wrote an email to the Microsoft
Business Desk, copying Executive 1, Employee 1, and another MS Hungary employee, in which
Manager 1 provided false justifications for an additional requested discount. Specifically, Manager
1 made the following misrepresentations:
We are in the final stage closing this deal for 4400 desktops and additional servers,
and we have a real chance closing it in FY 13 ! (next week) We just had a meeting
with the customer and we have to give an additional 4-5% discount from the price
in order to fit the achievable budget. We agreed on [sic] with [Executive 1] that we
try to get approval for additional +2% on top of previously approved 22,55% and
the rest should be given by the [LSP]. In this case the final discount would be
24,55% and the net price 1.540.283 EUR (1.933.056 USD)[.]
29.

Despite knowing that Agency 1 had already accepted a €2.36 million price,

Executive 1 replied to Manager 1's email to the employee at the Microsoft Business Desk, copying
Manager 1, Employee 1, and another MS Hungary employee, and stated, "I support [Manager 1's]
request as we share pricing pressure with the partner and can close the deal on time."
30.

Executive 1, Manager 1, and Employee 1 each knew that Agency 1 had already

agreed to the deal for €2.36 million, which was higher than the end customer budget that the MS
Hungary employees had provided to Microsoft Business Desk to justify the discount, making any
additional discount unnecessary.
31.

The Microsoft Business Desk approved the discount, unaware that Executive 1 and

Manager 1 had intentionally misrepresented Agency l 's budget, the status of the negotiations, and
the need for the discount.
32.

On or about July 30, 2013, Agency I and TPI 3 signed an agreement for

approximately €2.36 million, the price agreed to by Agency 1 on June 17, 2013. The difference
between the discounted price TPI 1 paid to MIOL and the price reflected in the agreement between
Agency I and TPI 3 created a margin of approximately €792,000 (approximately 34.1 %). The

A-8

falsely obtained discount was not passed through in full by TPI 3 to Agency 1. Instead, with the
knowledge of MS Hungary employees, including Executive 1, Manager 1, and Employee 1, the
inflated margin was used to fund improper payments under the FCPA in connection with the sale
of Microsoft software to Agency 1.

Example 2: The Scheme Involving Agency 2
33.

In or about early 2014, MS Hungary began working on a deal involving 10,000

desktop licenses for Microsoft software for Agency 2. Employee I was aware of Agency 2's
available budget since at least January 2014, as Employee 1 maintained a spreadsheet from around
I

that time that reflected a net amount of approximately €3 .76 million for a licensing deal.
34.

On or about February 17, 2014, an employee of TPI 3 contacted Employee 1 and

stated that Agency 2's parent entity was seeking approximately €3.76 million in net EU funding to
purchase Microsoft software.
35.

On or about February 20, 2014, an MS Hungary employee sent an email to the

Microsoft Business Desk, copying Manager 1 and Employee 1, requesting to sell different types of
software to Agency 2 at 25% and 30% discounts. The purported justifications for the discounts
were competition, end customer price sensitivity, and the possibility of securing related service
contracts. Those justifications were false because, as explained below, Employee 1 knew in early
2014 that the approximately €3.76 million in requested net EU funding would be sufficient to cover
the cost of the licenses without a discount. The Microsoft Business Desk approved the requested
' discounts based on the false representations of the MS Hungary employee.
36.

On or about June 19, 2014, Employee 1 wrote to another MS Hungary employee,

" [t]he problem is that now another 5% would be needed :-( the idea of our Greats :-(." The five
percent referred to an additional and unnecessary "discount" that would be used to fund improper
payments under the FCPA.

A-9

37.

On or about June 23, 2014, another MS Hungary employee wrote an email to the

Microsoft Business Desk, copying Manager 1 and Employee 1, which stated, "We are still working
to close on the [Agency 2] deal ... . We were focusing on the financial aspects and collected all
the necessary approvals in the Government up to the Prime Minister." The MS Hungary employee
then requested an additional 5% discount on certain licenses in the deal. Based on these false
representations, the Microsoft Business Desk approved the additional discount, which increased
the total discount to approximately 31.5%, on the condition that the deal be closed by the end of
June.
38.

On or about June 28, 2014- approximately two months before the tender for the

Agency 2 deal was publicly announced- TPI 1 placed an order with MIOL for approximately €2.2
million for the software at issue in the Agency 2 deal, which reflected a total discount of
approximately 31.5%. As explained above, sometimes the TPI that was selected to sell the licenses
to the government agency was not the same entity as the TPI (and authorized Microsoft LSP) that
purchased the licenses from MIOL. Here, although TPI 1 purchased the licenses from MIOL, TPI 1
later resold them to its Hungarian affiliate, TPI 2, which in turn resold them to TPI 3, which won
the tender and contracted with Agency 2.
39.

On or about September 1, 2014, Agency 2 announced the tender for the procurement

of 10,000 desktop licenses and related products. But for the scheme, TPI 1 (which did not bid in
the tender) would not have ordered the licenses from MIOL months before the tender was even
announced. After w inning the tender, TPI 3 did not pass along the 31.5% discount to Agency 2.
Instead, on or about October 30, 2014, Agency 2 and TPI 3 signed an agreement for approximately
€3.76 million, which corresponded to the budgeted amount that TPI 3 had shared with Employee 1
on or about February 17, 2014.

A-1 0

40.

The difference between the discounted €2.2 million price that TPI 1 paid to MIOL

and the€3.76 million price reflected in the agreement between Agency 2 and TPI 3 created a margin
of approximately €1.56 million (approximately 41.7%). The false ly obtained discount that helped
create this inflated margin was not passed through in full by TPI 3 to Agency 2. Instead, with the
knowledge of MS Hungary employees, including Manager 1 and Employee 1, the margin was used
to fund improper payments under the PCPA in connection with the sale of Microsoft software. to
Agency 2.
MS Hungary Caused Microsoft to Falsify Its Books, Records, and Accounts

41.

During the relevant time period, MS Hungary knowingly caused Microsoft to record

and maintain false books, records, and accounts in connection with the foregoing corrupt scheme.
42.

As explained above, MS Hungary employees, including Executive 1, Manager 1,

and Employee 1, lied to Microsoft Business Desk employees to obtain approval for discounts on
software licenses to be sold to Hungarian government agencies. The discounts were false because
they were not passed on in full by TPis to the end customers and were used for an illegal purpose.

In securing the subject licensing deals involving discounts approved by the Microsoft Business
Desk, MS Hungary caused records to be created that documented the fraudulent discounts, which
were then falsely recorded and maintained at Microsoft. As a direct, wholly owned subsidiary of
Microsoft, MS Hungary's books, records, and accounts were consolidated into Microsoft's
financial records.
43.

The false records were recorded and maintained by Microsoft in several ways; First,

the false discounts - and in some instances the false justifications for those discounts - were
recorded in a Microsoft on-line tool with a server located in Bellevue, Washington. Second, the
false discounts were included as part of the deal documents that were stored on the same server
located in Bellevue, Washington, and in an online repository of Microsoft business documents with

A-11

a server located in Phoenix, Arizona. Third, false records from the MS Hungary licensing deals at
issue were stored in a Microsoft Business Desk database located in Bellevue, Washington.

A-12

ATTACHMENT B
CERTIFICATE OF CORPORATE RESOLUTIONS

WHEREAS, Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft.
("MS Hungary") has been engaged in discussions with the United States Department of Justice,
Criminal Division, Fraud Section and the United States Attorney's Office for the Southern District
of New York (the "Fraud Section and the Office"), regarding issues arising out of its knowingly
causing Microsoft Corporation ("Microsoft") to make and keep false books, records, and accounts;
and
WHEREAS, in order to resolve such discussions, it is proposed that MS Hungary enter into
a certain agreement with the Fraud Section and the Office; and
WHEREAS, outside counsel for MS Hungary has advised MS Hungary General Manager
Christopher Mattheisen of MS Hungary's rights, possible defenses, the Sentencing Guidelines'
provisions, and. the consequences of entering into such agreement with the Fraud Section and the
Office;
WHEREAS, MS Hungary's General Manager, Christopher Mattheisen, in the exercise of
his statutory authority under Hungarian law, is authorized and empowered in his capacity of
General Manager to enter into this agreement on behalf of and bind MS Hungary, and to ratify any
past actions and take any and all actions now or in the future as may be necessary or appropriate to
approve, on behalf of MS Hungary, the forms, terms or provisions of any agreement or other
documents as may be necessary or appropriate to cany out and effectuate the purpose and intent of
this agreement;
Therefore, MS Hungary per the undersigned signature and authority of the General Manager
agrees to the following:

B-1

1.

MS Hungary (a) enters into this non-prosecution agreement ("Agreement") with the

Fraud Section and the Office; and (b) agrees to accept a monetary penalty against MS Hungary
totaling $8,751,795, and to pay such penalty to the United States Treasury with respect to the
conduct described in the Statement of Facts in Attachment A; and
2

MS Hungary acc~pts the terms and conditions of this Agreement, including, but not

limited to, (a) a knowing waiver for purposes of this Agreement and any charges by the United
States arising out of the conduct described in the Statement of Facts of any objection with respect
to venue in the United States District Court for the Southern District of New York; and (b) a
knowing waiver of any defenses based on the statute of limitations for any prosecution relating to
the conduct described in the Statement of Facts or relating to conduct known to the Fraud Section
and the Office prior to the date on which this Agreement was signed that is not time-barred by the
applicable statute of limitations on the date of the signing of this Agreement.
Date:

Jvd'( /~ 1 'lo{q

~-~-

By: _ _ _ _ _ _ __ _ _ _ _ __ __

Christopher Mattheisen
General Manager
MS Hungary

B-2

ATTACHMENT C
CORPORATE COMPLIANCE PROGRAM

In order to address any deficiencies in its internal controls, compliance code, policies, and
procedures regarding compliance with the Foreign Corrupt Practices Act ("FCPA"), 15 U .S.C. §§
78dd-l, et seq., and other applicable anti-corruption laws, Microsoft Corporation ("Microsoft") on
behalf of itself and its subsidiaries and affiliates, agrees to continue to conduct, in a manner
consistent with all of its obligations under this Agreement, appropriate reviews of its existing
internal controls, policies, and procedures.
Where necessary and appropriate, Microsoft agrees to modify its compliance program,
including internal controls, compliance policies, and procedures in order to ensure that it maintains:
(a) an effective system of internal accounting controls designed to ensure the making and keeping
of fair and accurate books, records, and accounts; and (b) a rigorous anti-corruption compliance
program that incorporates relevant internal accounting controls, as well as policies and procedures
designed to effectively detect and deter violations of the FCPA and other applicable anti-corruption
laws (collectively, the "anti-corruption laws"). At a minimum, this should include, but not be
limited to, the following elements to the extent they are not already part of Microsoft's existing
internal controls, compliance code, policies, and procedures:

High-Level Commitment
1.

Microsoft will ensure that its directors and senior management provide strong,

explicit, and visible support and commitment to its corporate policy against violations of the anticorruption Jaws and its compliance code.

C-1

Policies and Procedures

2.

Microsoft will develop and promulgate a clearly articulated and visible corporate

policy against violations of the anti-corruption laws, which policy shall be memorialized in a
written compliance code.
3.

Microsoft will develop and promulgate compliance policies and procedures

designed to reduce the prospect of violations of the anti-corruption laws and Microsoft's
compliance code, and Microsoft will take appropriate measures to encourage and support the
observance of ethics and compliance policies and procedures against violation of the anti corruption
laws by personnel at all levels of Microsoft. These anti-corruption policies and procedures shall
apply to all directors, officers, and employees and, where necessary and appropriate, outside parties
acting on behalf of Microsoft in a foreign jurisdiction, including but not limited to, agents and
intermediaries, consultants, representatives, distributors, teaming partners, contractors and
suppliers, consortia, and joint venture partners (collectively, "agents and business partners").
Microsoft shall notify all employees that compliance with the policies and procedures is the duty
of individuals at all levels of Microsoft. Such policies and procedures shall address:
a.

gifts;

b.

hospitality, entertainment, and expenses;

c.

customer travel;

d.

political contributions;

e.

charitable donations and sponsorships;

f.

facilitation payments; and

g.

solicitation and extortion.

C-2

4.

Microsoft will ensure that it has a system of financial and accounting procedures,

including a system of internal controls, reasonably designed to ensure the maintenance of fair and
accurate books, records, and accounts. This system should be designed to provide
reasonable assurances that:
a.

transactions are executed in accordance with management's general or

specific authorization;
b.

transactions are recorded as necessary to permit preparation of financial

statements in conformity with generally accepted accounting principles or any other criteria
applicable to such statements, and to maintain accountability for assets;
c.

access to assets is permitted only in accordance with management's general

or specific authorization; and
d.

the recorded accountability for assets is compared with the existing assets at

reasonable intervals and appropriate action is taken with respect to any differences.

Periodic Risk-Based Review
5.

Microsoft will develop these compliance policies and procedures on the basis of a

periodic risk assessment addressing the individual circumstances of Microsoft, in particular the
foreign bribery risks facing Microsoft, including, but not limited to, its geographical organization,
interactions with various types and levels of government officials, industrial sectors of operation,
involvement in joint venture arrangements, imp011ance of licenses and permits in Microsoft's
operations, degree of governmental oversight and inspection, and volume and importance of goods
and personnel clearing through customs and immigration.
6.

Microsoft shall review its anti-corruption compliance policies and procedures no

less than annually and update them as ~ppropriate to ensure their continued effectiveness, taking
into account relevant developments in the field and evolving international and industry standards.

C-3

Proper Oversight and Independence

7.

Microsoft will assign responsibility to one or more senior corporate executives of

Microsoft for the implementation and oversight of Microsoft's anti-corruption compliance code,
policies, and procedures. Such corporate official(s) shall have the authority to report directly to
independent monitoring bodies, including internal audit, Microsoft's Board of Directors, or any
appropriate committee of the Board of Directors, and shall have an adequate level of autonomy
from management as well as sufficient resources and authority to maintain such autonomy.
Training and Guidance

8.

Microsoft will implement mechanisms designed to ensure that its anti-corruption

compliance code, policies, and procedures are effectively communicated to all directors, officers,
employees, and, where necessary and appropriate, agents and business partners. These mechanisms
shall include: (a) periodic training for all directors and officers, all employees in positions of
leadership or trust, positions that require such training (e.g., internal audit, sales, legal, compliance,
finance), or positions that otherwise pose a corruption risk to Microsoft, and, where necessary and
appropriate, agents and business partners; and (b) corresponding certifications by all such directors,
officers, employees, agents, and business partners, certifying compliance with the training
requirements.
9.

Microsoft will maintain, or where necessary establish, an effective system for

providing guidance and advice to directors, officers, employees, and, where necessary and
appropriate, agents and business partners, on complying with Microsoft's anti-corruption
compliance code, policies, and procedures, including when they need advice on an urgent basis or
in any foreign jurisdiction in which Microsoft operates.

C-4

Internal Reporting and Investigation
10.

Microsoft will maintain, or where necessary establish, an effective system for

internal and, where possible, confidential reporting by, and protection of, directors, officers,
employees, and, where appropriate, agents and business paitners concerning violations of the anticorruption laws or Microsoft's anti-corruption compliance code, policies, and procedures.
11.

Microsoft will maintain, or where necessary establish, an effective and reliable

process with sufficient resources for responding to, investigating, and documenting allegations of
violations of the anti-corruption laws or Microsoft's anti-corruption compliance code, policies, and
procedures.

Enforcement and Discipline
12.

Microsoft will implement mechanisms designed to effectively enforce its

compliance code, policies, and procedures, including appropriately incentivizing compliance and
disciplining violations.
13.

Microsoft will institute appropriate disciplinary procedures to address, among other

things, violations of the anti-corruption laws and Microsoft's anti-corruption compliance code,
policies, and procedures by Microsoft's directors, officers, and employees. Such procedures should
be applied consistently and fairly, regardless of the position held by, or perceived importance of,
the director, officer, or employee. Microsoft shall implement procedures to ensure that where
misconduct is discovered, reasonable steps are taken to remedy the harm resulting from such
misconduct, and to ensure that appropriate steps are taken to prevent further similar misconduct,
including assessing the internal controls, compliance code, policies, and procedures and making
modifications necessary to ensure the overall anticon-uption compliance program is effective.

C-5

Third-Party Relationships
14.

M icrosoft will institute appropriate risk-based due diligence and compliance

requirements pe1taining to the retention and oversight of all agents and business partners, including:
a.

properly documented due diligence pertaining to the hiring and appropriate

and regular oversight of agents and business pattners;
b.

informing agents and business pa1tners of Microsoft's commitment to

abiding by anti-corruption laws, and of Microsoft's anti-corruption compliance code, policies, and
procedures; and
c.
15.

seeking a reciprocal commitment from agents and business partners.

Where necessary and appropriate, Microsoft will include standard provisions in

agreements, contracts, and renewals thereof with all agents and business partners that are
reasonably calculated to prevent violations of the anti-corruption laws, which may, depending upon
the circumstances, include: (a) anti-corruption representations and undertakings relating to
compliance with the anti-corruption laws; (b) rights to conduct audits of the books and records of
the agent or business partner to ensure compliance with the foregoing; and (c) rights to tenninate
an agent or business partner as a result of any breach of the anti-corruption laws, Microsoft's
compliance code, policies, or procedures, or the representations and undertakings related to such
matters.

Mergers and Acquisitions
16.

Microsoft will develop and implement policies and procedures for mergers and

acquisitions requiring that Microsoft conduct appropriate risk-based due diligence on potential new
business entities, including appropriate FCPA and anti-corruption due diligence by legal,
accounting, and compliance personnel.

C-6

17.

Microsoft will ensure that Microsoft's compliance code, policies, and procedures

regarding the anti-corruption laws apply as quickly as is practicable to newly acquired businesses
or entities merged with Microsoft and will promptly:
a.

train the directors, officers, employees, agents, and business partners

consistent with Paragraph 8 above on the anti-corruption laws and Microsoft's compliance code,
policies, and procedures regarding anti-corruption laws; and
b.

where warranted, conduct an FCPA-specific audit of all newly acquired or

merged businesses as quickly as practicable.

Monitoring and Testing
18.

Microsoft will conduct periodic reviews and testing of its anti-corruption

compliance code, policies, and procedures designed to evaluate and improve their effectiveness in
preventing and detecting violations of anti-corruption laws and Microsoft's anti-corruption code,
policies, and procedures, taking into account relevant developments in the field and evolving
international and industry standards.

C-7

ATTACHMENT D
REPORTING REQUIREMENTS

Microsoft Magyarorszag Szamitastechnikai Szolgaltat6 es Kereskedelmi Kft. ("MS
Hungary") and Microsoft Corporation ("Microsoft") agree that they will report to the Fraud Section
and the Office periodically, at no less than twelve month intervals during a three-year term,
regarding remediation and implementation of the compliance program and internal controls,
policies, and procedures described in Attachment C. During this three-year period, MS Hungary
shall: (1) conduct an initial review and submit an initial repo1t, and (2) conduct and prepare at least
two (2) follow-up reviews and repo1ts, as described below:
a.

By no later than one year from the date this Agreement is executed, MS

Hungary and Microsoft shall submit to the Fraud Section and the Office a written report setting
forth a complete description oftheir remediation efforts to date, their proposals reasonably designed
to improve MS Hungary's and Microsoft's internal controls, policies, and procedures for ensuring
compliance with the FCPA and other applicable anti-corruption laws, and the proposed scope of
the subsequent reviews. The report shall be transmitted to Deputy Chief - FCPA Unit, Fraud
Section, Criminal Division, U.S. Department of Justice, 1400 New York Avenue, NW, Bond
Building, Eleventh Floor, Washington, .D.C. 20530 and Chief - Criminal Division, United States
Attorney's Office for the Southern DistTict of New York, 1 St. Andrew's Plaza New York City, NY
10007. MS Hungary and Microsoft may extend the time period for issuance of the report with prior
written approval of the Fraud Section and the Office.
b.

MS Hungary and Microsoft shall undertake at least two follow-up reviews

and reports, incorporating the Fraud Section's and the Office's views on the prior reviews and
reports, to fu1ther monitor and assess whether MS Hungary's and Microsoft's policies and

D-1

procedures are reasonably designed to detect and prevent violations of the FCPA and other
applicable anti-corruption laws.
c.

The first follow-up review and report shall be completed by no later than one

year after the initial report is submitted to the Fraud Section and the Office. The second follow-up
review and report shall be completed and delivered to the Fraud Section and the Office no later
than thirty days before the end of the Term.
d.

The reports will likely include proprietary, financial, confidential, and

competitive business information. Moreover, public disclosure of the reports could discourage
cooperation, impede pending or potential government investigations and thus undermine the
objectives of the reporting requirement. For these reasons, among others, the reports and the
contents thereof are intended to remain and shall remain non-public, except as otherwise agreed to
by the parties in writing, or except to the extent that the Fraud Section and the Office determine in
their sole discretion that disclosure would be in furtherance of the Fraud Section's and the Office's
discharge of their duties and responsibilities or is otherwise required by law.
e.

MS Hungary and Microsoft may extend the time period for submission of

any of the follow-up reports with prior written approval of the Fraud Section and the Office.

D-2