Ericsson’s New $206mn Bribery Fine: Will They Ever Come Clean?

Regular Commsrisk readers will know I’ve been monitoring stories about Ericsson’s corruption since 2017.  Global media coverage of the latest Ericsson bribery news was factual, but pretty bland. Whilst reporting covered the official announcements, I didn’t see any insight or analysis. This article examines and questions Ericsson’s statements and probes the reality behind its claims that ‘the matter of the breaches is now resolved’.

This Month’s Guilty Plea

On 2nd March, the US Department of Justice (DoJ) announced that Ericsson…

…has agreed to plead guilty and pay a criminal penalty of more than USD206mn after breaching a 2019 Deferred Prosecution Agreement (“DPA”).

From at least 2000 Ericsson used third-party agents and consultants to bribe government officials and manage off-record slush funds in multiple locations including Djibouti, China, Vietnam, Indonesia, and Kuwait.  Third-party agents were given fake contracts. False invoices were raised to cover the payments in Ericsson’s books and records.

In December 2019, Ericsson entered into a DPA in relation to criminal information filed in New York.  As part of that deal, Ericsson paid over USD1bn in penalties and agreed to the imposition of an independent compliance monitor for three years.  Ericsson Egypt Ltd, a subsidiary, also admitted conspiring to violate anti-bribery provisions in the Foreign Corrupt Practices Act (FCPA).

In February 2022, the International Consortium of Investigative Journalists (ICIJ) published the ‘Ericsson List’, an investigation that identified a pattern of bribery and corruption in multiple countries, but which had not been included in the 2019 DPA. ICIJ’s investigation — based on leaked internal reports from Ericsson’s compliance department — included allegations of misconduct in Iraq, where the company made tens of millions of dollars in suspicious payments from 2011 to 2019.  Some of those payments may have gone to Islamic State terrorists.

The latest DoJ announcement says:

Ericsson breached the DPA by failing to truthfully disclose all factual information and evidence related to the Djibouti scheme, the China scheme, and other potential violations of the FCPA’s anti-bribery or accounting provisions.  Ericsson also failed to promptly report and disclose evidence and allegations of conduct related to its business activities in Iraq that may constitute a violation of the FCPA.

Under the terms of the plea agreement, Ericsson will also be required to serve a term of probation through June 2024 and has agreed to a one-year extension of the independent compliance monitor.  Ericsson was previously allowed a ‘co-operation credit’ in relation to the DPA settlement, however, this has been reversed and is included in the proposed USD206mn penalty.

How Ericsson Tells Their Story

Ericsson’s press release, as you might expect, minimises the negative aspects of its latest punishment and tries to promote a positive view.  Ericsson CEO Börje Ekholm (pictured) commented:

Taking this step today means that the matter of the breaches is now resolved.


This resolution is a stark reminder of the historical misconduct that led to the DPA.  We have learned from that and we are on an important journey to transform our culture.

The Ericsson press release also states:

Since the start of the DPA, the DoJ has not alleged or charged Ericsson with any new criminal misconduct.


What is Ericsson paying for this time?

The DoJ says Ericsson has…

…agreed to plead guilty and pay a criminal penalty of more than USD206mn after breaching a 2019 Deferred Prosecution Agreement…

…whilst Ericsson says it has…

…reached a resolution with the U.S. Department of Justice (DOJ) regarding non-criminal breaches of its 2019 Deferred Prosecution Agreement (DPA). Under the agreement, and as provided for by the DPA, LM Ericsson will enter a guilty plea regarding previously deferred charges relating to conduct prior to 2017. In addition, Ericsson will pay a fine of USD206,728,848.

Ericsson usefully clarifies that the guilty plea and ‘criminal penalty’ relates to criminal conduct prior to 2017.  This means anything after 2017 is still fair game for US investigators.

No new criminal misconduct

Ericsson says the DoJ has not alleged or charged Ericsson with any new criminal misconduct.  That may be true, but the DoJ has also told us why.

Ericsson also failed to promptly report and disclose evidence and allegations of conduct related to its business activities in Iraq that may constitute a violation of the FCPA.  These disclosure failures prevented the United States from bringing charges against certain individuals and taking key investigative steps.

So whilst Ericsson tries to highlight the absence of further criminal charges, the reality is that its lack of co-operation prevented the DoJ from bringing charges against individuals.   I’m sure Ericsson took legal advice before deciding not to disclose its investigation reports, but we don’t know what advice was given or who took the decision not to disclose.  Could that decision have been taken by the same individuals who might otherwise be facing charges?

Mr Ekholm talks about driving continued cultural change across the company with integrity at the centre of everything it does.

…we continue to implement stringent controls and improved governance, ethics and compliance across our company

But if that is the case, those stringent controls should be detecting criminal activity which is then investigated and reported.  I reserve judgement on the effectiveness of Ericsson’s cultural change until we finally see some individuals prosecuted, as well as the company.

In relation to Iraq, Ericsson says it is co-operating fully with the DoJ, but that’s what it said last time!

With respect to the historical conduct in Iraq, the Company continues to thoroughly investigate the facts in full cooperation with the DOJ and the U.S. Securities and Exchange Commission. As previously disclosed, the Company’s 2019 investigation did not conclude that Ericsson made or was responsible for any payments to any terrorist organization; and the Company’s significant further investigation over the course of 2022 has not altered this conclusion.

It’s hard to reconcile Ericsson’s inference that it didn’t make payments to any terrorist organisation with ICIJ’s quote from Ericsson CEO Börje Ekholm, who said:

We can’t determine where money sometimes really goes, but we can see that it has disappeared.

The DoJ is investigating allegations of misconduct in Iraq, and ICIJ reported previously that it had reviewed two documents which detailed payments made in Lebanon and Portugal in 2020, so further criminal proceedings are still possible.

Lesson Learned?

Börje Ekholm has been President and CEO of the Ericsson Group since 16th January 2017.  He says Ericsson has learned from its historical misconduct, but what is the reality behind that statement?  Does he mean Ericsson learned how to stop its corrupt behaviour or it learned how to avoid being caught again? And exactly when did Ericsson learn from its historical misconduct? In 2019, whilst Ekholm was CEO, it went on to breach that DPA by…

…failing to truthfully disclose all factual information and evidence.

US District Attorney Damian Williams is pretty clear on this issue:

Ericsson engaged in significant FCPA violations and made an agreement with the Department of Justice to clean up its act.  The company’s breach of its obligations under the DPA indicate that Ericsson did not learn its lesson.

Mr Ekholm said of the recent settlement:

Taking this step today means that the matter of the breaches is now resolved.

Ericsson’s corruption issues were supposed to be resolved by the 2019 DPA, until we learned of Ericsson’s undisclosed investigations through the work of the ICIJ.  Maybe Mr Ekholm means Ericsson has learned the lesson now.  The lesson has been learned now it has been caught out again.

What Did Ericsson Choose Not to Say?

It was reasonable for Ericsson to defer questions on the suspected DPA breaches whilst the DOJ was investigating.  Now the ‘breaches are resolved’, nothing prevents Ericsson explaining the circumstances, what went wrong and how it has been remedied. However, Ericsson has said nothing about these matters to the public.

In particular, Ericsson has not said:

  • if its board of directors were aware of the Iraq investigation reports; and
  • if there is any reason to expect further charges from the DoJ.


In February 2022, Ericsson issued a press release in response to media enquiries about Iraq.  It provided some details of the Iraq investigation. They also said:

We are committed to transparency

At the time I pointed out that ‘transparent’ means both open and honest. We have still not seen openness and honesty from Ericsson’s leaders.  The ‘matter of the breaches’ may be resolved, but this is not the end of the story.  Ask yourself, what one simple thing has the ‘transparent’ Ericsson not said?

We have disclosed all known misconduct to the DoJ

Over to you, Ericsson.

David Morrow
David Morrow
Dave has 35 years of law enforcement, investigation and fraud management experience including multiple international assignments. He is a recognised telecoms fraud expert and for a number of years chaired the GSMA workgroup responsible for Security & Fraud Risk Assessments.

Dave now provides fraud management support as an independent consultant.