Foreign Corrupt Practices Act: Don’t wait until it’s too late to formalize your program

I was really excited to have an opportunity to learn more about the Foreign Corrupt Practices Act recently through our Resources Global Professionals’ webcasts.  Not only was it an area of compliance that was relatively new to me, but it was of particular interest.  I had spent a summer in Russia during college studying business practices of US companies working in the Russian business environment.  At the time, many US companies were just starting to see opportunities in the emerging economy, but found themselves struggling to operate in an environment marred by organized crime, corrupt officials and poor government oversight.

FCPA_cashWhat is the Foreign Corrupt Practices Act?

The FCPA is not new legislation.  It has been around since 1977, but recent increases in enforcement and lawsuits have brought it back up into the spotlight for many US organizations.  In a nutshell, the FCPA states that:

1.) It’s a crime to bribe non-US officials in order to obtain or continue business activity in that region.

2.) Organizations must have proper records of all transactions, and controls in place to prevent bribery of non-US officials.

(If you want a much more detailed explanation, check out the Department of Justices’ “Lay Person’s Guide”.)

I am by no means an expert, but here’s a few of the things I’ve learned recently that I found interesting:

    • FCPA is enforced by both the Department of Justice and the Securities and Exchange Commission. The SEC is responsible for civil action against corporations (or individuals), while the DOJ is responsible for criminal prosecution of individuals.
    • There aren’t any guidelines or standards for the internal controls (structure, documentation, etc) that US companies must keep, but many experts (including Tom Fox, RGP consultant and legal expert in the area of FCPA) seem to point to the 6 Principles in the UK Anti-Bribery Act as a good place to start.
  • Violations of the FCPA can mean up to $5 million in fines and 20 years in prison.

Put your FCPA Compliance Program in policyIQ!

If you are doing business internationally, your organization is required to comply with FCPA – and you probably already have a program in place.  But if you don’t have it well-documented and easily accessible, you are increasing your risk.   As I see it, the keys to a successful FCPA program are the same as any compliance program:

1.) Assess the risk – where in the organization might you be at risk of violations and how significant is that risk?

2.) Document (and communicate!) controls that mitigate those risks

3.) Periodically test those controls to confirm that they are designed and operating effectively, and

4.) Keep an auditable set of documentation to prove that you’ve done all of this

If you follow these four steps, you’ll be in a great position to quickly respond to any inquiry – and avoid the high cost of lengthy, invasive investigations.  This is where policyIQ shines!  Not only can you retain all of your Risk, Control, and Testing documentation in one place – but using policyIQ forms, you can also have key employees review and sign-off on your FCPA controls on an annual basis.  You’ll have an audit-able record of their agreement to follow the controls and policies as they are laid out by the compliance department.  Any areas of concern can be documented, with mitigating action plans assigned and due dates set – all within policyIQ.

While we certainly hope that none of our policyIQ clients face an SEC or DOJ investigation for violations to FCPA, with a strong program documented in policyIQ, you can keep those investigations shorter, less expensive, and put yourself in a great position to come out the other side with no violations or findings.

Check out some of these great resources to learn more about FCPA:

Get started today! 

If you are already using policyIQ for another compliance program, you are just a few minutes away from getting started.  You already have Risk, Control and Test Templates (or something very similar) – that can be used for FCPA or copied and altered just slightly to accommodate the new usage.  Create a Folder, import or create the Risks and Controls – and make the information visible to your employees.

Don’t know where to start?  Contact us.  You can’t afford to wait until an audit is pending – and we’re happy to help you get moving!  If you don’t have FCPA controls in place – or you aren’t sure if your program is strong enough – contact us and we’ll put you in touch with a local expert who can get you on the right path.

This entry was posted in Industry News, Solutions and tagged , , by Chris Burd. Bookmark the permalink.

About Chris Burd

Chris is the Managing Director of the policyIQ group at RGP. She gets geeky about compliance and technology, and gets to spend every day working at the crossroads of the two. With policyIQ since 2005, Chris has worked with hundreds of policyIQ clients to implement technology and enhance their internal compliance environment. In the past few years, she's focused on enhancing policyIQ's offering as a Conflict Minerals and Anti-Corruption tool. In past lives, Chris worked as a system implementation consultant, a e-commerce specialist, a customer service call center manager, and - for one short but memorable summer during high school - a machine operator on midnight shift in a plastics factory. In her free time, she spoils her nieces, volunteers at her local food bank, and spends more time than she should taking photos of her cats. She would like to be a rock star when she grows up.

3 thoughts on “Foreign Corrupt Practices Act: Don’t wait until it’s too late to formalize your program

  1. Pingback: Anti-Corruption, Anti-Bribery and the Foreign Corrupt Practices Act: Are your bases covered? | policyIQ Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s