Anti-Corruption Compliance

What a Lovely Bribe

NOTE: This article originally appeared in the July 2008 issue of Flawless Compliance, under the "Hello Rubber, Meet the Road" section. The link to the actual issue is at the bottom of this article.

Anti-corruption policies like the Foreign Corrupt Practices Act (FCPA) are making big waves these days. Companies like AGA Medical Corp and Faro Technologies are getting hit with fines in the millions of dollars, because their business practices with foreign officials are coming into question.

The existence of an anti-corruption compliance program is unequivocal these days. Trying to operate a global business without one is like walking a tight-rope without a net. One wrong move, and you could see yourself facing a lot of trouble.

I’d like to show you how easy it can be to put together an FCPA compliance program, exploring some ideas that will bring into reality. As usual, I must disclose that I am not a lawyer, so this is not legal advice. Furthermore, if you know anything about me you know what I’m about to say, as FCPA is no different than any other type of compliance.

If you are having problems getting started or maintaining an FCPA compliance program, the law aspects of it are not your problem. Of course, you need a lawyer that understands the FCPA laws, but to be honest, that’s the easy part. The hard part is organizing a system that works. Hopefully, I can help you get a little traction on this.

Step # 1 : Find Good Legal Guidance

As I said, this is an easy first step. Your lawyer is going to drive the requirement, making sure that all your activities lead to an effective program. If you don’t have this in-house, you will need to outsource. Plan to spend a good amount of involvement with your legal guidance. If possible, find a lower-cost paralegal that understands the regulations well, and has the time and availability to work closely with your team. Avoid the situation where legal guidance has limited involvement at targeted periods of time. On the surface it may sound like a reasonable and inexpensive option, however this will backfire, causing the rest of your resources to spin unnecessary cycles in wasted work.

Step # 2 : Assemble a Good Project Team and Create a Project Charter

A good project team will include a project manager, your legal representative, and a number of good process analysts. If you will be using technology ( highly recommended ), you also need a number of good developers including application programmers and database specialists. Your project team should be Championed by an executive that has a stake in the outcome. If that is not you, make sure you assign somebody that will be willing to provide guidance, support, and clear obstacles in the organization.

As with any project, start off with a solid Project Charter. Your project charter should explain the business case, opportunity for increased compliance, the goal and scope of the project, a high-level timeline, and the team members.

Step # 3: Know the FCPA Basics

Make sure everybody on your team ( not just the lawyers ) knows the basics of FCPA compliance. It’s really not that hard. According to the DOJ, an FCPA violation is composed of five different parts:

• Who – The person benefiting from the corrupt act. That’s you – don’t overthink it.
• Corrupt Intent – Intent is a difficult thing to quantify, but any representative of the Who part of the equation, that has the intention of committing a corrupt act, is on their way to a violation. It’s important to understand that the act doesn’t need to succeed – just the mere intent is enough to qualify.
• Evidence of Payment – Of course for a violation to exist, there must be some sort of evidence of pay-off, however as stated above even a promise to pay, or evidence of an offering can constitute a violation.
• Recipient – The recipient must be a foreign official. This is where your legal guidance will come in handy. A “foreign official” can mean many things, and needs contextual interpretation based on the country in question. Don’t just arbitrarily assume it’s somebody in government office. In China for instance, any head of a government-controlled commercial enterprise would still be considered a “foreign official.”
• Business Purpose Test – For what reason is the payment? If it was a pay-off for obtaining or retaining business, or directing business toward the Who, bingo – violation. Like the Corrupt Intent component, this is a “smell test” component that you should not ride the fence with. Keep it real clean with no grey area, to stay out of trouble.

It’s also worthwhile to note, that trying to route bribes through a third party is a no-no as well, so this needs to be communicated, and acknowledged. As noted below, this will be a significant risk area that you will want to concentrate on. Even if a corrupt act is committed by a third party without your knowledge, you can still be held liable.

Step # 4 : Build and Execute Your Plan

As noted above, third parties will be a key risk, so take extra care to control it. Ensure that your channel partners and distributors are not in violation of FCPA regulations by making it part of your project plan to inspect their FCPA compliance program. Also, consider building a third party control monitoring program to ensure continued compliance.

Also, plan to create a policy that addresses FCPA concerns. Spell out in detail what your compliance guidelines are, and why they are important to the company. Include project milestones that include training and education of all employees that will be dealing with foreign officials.

Since foreign officials is a vague and risky area, consider maintaining a database of known officials. Business that is conducted with these entities should be flagged as high-risk, and appropriate controls should be exercised to limit exposure. As business with a new entity is encountered, a screening process should be in place to identify potential risks with the recipient. These screens must be extremely proactive, as the mere intent of a corrupt act can put you in violation.

FCPA, and other anti-corruption policies are serious business. By getting good legal advice, assembling a good project team, and communicating the basics, you can effectively construct a solid compliance program. Finding legal counsel is a good starting place, and can be done immediately. Don’t waste time with this one.