FCPA Compliance Best Practices
We serve as external General Counsel or Chief Compliance Officers on all types of FCPA investigations and compliance matters.Samer B. Korkor – Head of FCPA Group
- Globalization has caused federal law enforcement agencies to increase their efforts in prosecuting those suspected of violating the FCPA.
- This has caused companies to re-evaluate their due diligence and risk assessment procedures. Employing “best practices” is how companies respond to these risks.
- Companies that utilize best practices help ensure the success and continued operations of their business by detecting and responding promptly to suspicious behaviors.
- Examples of key components of company best practices include a code of ethics, leadership from upper management, third party evaluations, due diligence, risk assessment, internal controls, training, and analyzing gift-giving.
- Consider hiring FCPA lawyers to advise you on personalized FCPA compliance best practices.
Experienced Defense Team in FCPA Best Practices
If you need legal advice regarding FCPA compliance best practices or are worried about an investigation into your company for potential FCPA violations, it is time to contact a FCPA defense attorney.
FCPA charges could result in significant civil and criminal penalties, jail time, and reputational harm. Federal regulatory authorities also target companies for employing substandard anti-corruption standards.
In addition to the SEC and DOJ’s investigative efforts, the CFTC is also just beginning to investigate and prosecute FCPA violations. More aggressive enforcement proceedings are likely.
It is critical that you are represented by an experienced team of FCPA defense attorneys who can advise you on evaluating best practices and responding to federal agency allegations.
Do not wait to get in touch with a qualified FCPA defense attorney today. Put Oberheiden, P.C. on your side to fight for your company and reputation.
What are FCPA “Best Practices”?
The Foreign Corrupt Practices Act (“FCPA”) has two important sections: (1) the antibribery provisions and (2) the accounting and recordkeeping provisions.
Simply put, the FCPA prohibits the bribing of foreign officials to obtain or retain business and requires companies to maintain adequate books, records, and internal controls.
Globalization has necessitated an increase in law enforcement efforts to prosecute corruption, which has, consequently, caused companies to re-evaluate their due diligence and risk assessment procedures to avoid benign conduct being classified as bribery.
Employing “best practices” is how companies respond to such risks. Best practices are defined as a technique, mechanism, or other strategic policy that utilizes specific inputs or plans to achieve desired company results.
Companies that are committed to promoting best practices within all areas of their business help ensure the success of their business by promptly detecting and responding to suspicious behvavior, illicit payments, bribery, and other indications of corruption.
Examples of FCPA Best Practices
Below is a detailed list of best practices that companies should employ regarding their FCPA compliance policies:
General Guidance on Company Compliance Programs
- As a very important starting point, a company’s compliance policy should be tailored to its specific needs, identified risks, and business industry.
- The compliance policy should be periodically evaluated and revised to reflect changes in company policies, market conditions, and risks. This ensures that the compliance policy remains up to date with the company’s business operations and allows it to better respond to new risks and possible enforcement proceedings.
- Faults in the compliance policy should be readily analyzed and remedied.
Proper Code of Ethics
- The company should have in place a proper code of ethics that reinforces anti-corruption policies, sets the tone at the top regarding company ethical values, and clearly delineates the law.
- The code of ethics should also give examples and guidance on what is considered permissible behavior in certain transactions. It should also emphasize sensitive issues such as dealings with foreign officials, gift-giving, political contributions, and the pervasive “facilitating payments.”
- These policies should be regularly updated to account for new, sensitive business relationships that the company undertakes as well as changes in market conditions and identified operating risks.
Responsible Leadership from Upper Management
- Upper management and directors should strive to act ethically and set an example for lower level employees to follow.
- This attitude applies not only to best practices, but also to other areas of the business as distinct from the FCPA.
- Proper ethical performance works in and of itself to limit the potential for bribery and corruption and should be encouraged throughout the company.
- Discussions of company values, promotion of the company’s code of conduct and ethics, and open communication between upper and lower level personnel are critical best practices strategies.
Appropriate Disciplinary Actions
- A company should maintain and regularly update procedures for identified instances of personnel misconduct. Such procedures could include disincentives for failing to follow compliance policies.
- Clear and distinct policies should be in place that describe the disciplinary actions that will be taken if a personnel member violates the company’s code of conduct, ethics policy, or otherwise engages in corrupt behavior.
- Red flags or inappropriate conduct that is identified should never be ignored but should instead be reported to company management or the compliance department for immediate corrective action.
Third Party Evaluations
- FCPA violations are often attributed to relationships with third parties.
- The company should make an effort to understand the business reputation and qualifications associated with the third party, including its involvement with any foreign parties.
- Information such as references, business contacts, background checks, public records, etc. should be gathered and scrutinized on the third party.
- Due diligence should be performed with third party transactions both before the deal is finalized and afterwards. Due diligence for the transaction with the third party should also be continuously assessed during the progress of the arrangement.
- The third party should be required to abide by the company’s anti-corruption standards, including U.S. legislation regulating anti-corruption and internal company policies on the same.
- The company should consider requiring annual certifications and FCPA compliance training by the third party.
- Due diligence procedures should be conducted before, throughout, and after many transactions, including mergers and acquisitions (M&A), third party transactions, dealings with foreign officials, takeovers, and other significant contractual arrangements.
- Because M&A require extensive due diligence, companies should take care in constructing appropriate procedures around due diligence execution and monitoring of these transactions. Due diligence should be conducted pre-acquisition with respect to the acquired or merged entity. Information such as that entity’s compliance policies, exposure to foreign countries and foreign officials, and high-risk transactions should be scrutinized before the acquisition/merger. Post-acquisition due diligence should also be conducted that includes an emphasis on monitoring and documenting the progress of the transaction.
- Any red flags identified during due diligence should be documented, analyzed, and promptly acted upon.
- Company policies should set effective risk assessment procedures that includes the identification of risks, evaluation, analysis, and remediation of the flaws uncovered in the process.
- Red flags that are especially troublesome include transactions in a high-risk foreign jurisdiction, unusual or unexplainable payments, the use of shell companies, dealings with other parties or entities that have a poor business reputation or low credit, parties or entities with a track record of corruption, bribery, or other illegal activities, unverifiable information given by the other party, or vague descriptions of the other party’s proposed contract or work to be performed.
- The information gathered during risk assessment should address the key factors of consideration identified in the DOJ’s new guidance on charging decisions such as an ongoing effective compliance policy or special emphasis on third party transactions.
- Risk assessment procedures should be regularly updated because the company’s legal, regulatory, business, risk, and compliance environments are constantly evolving to new internal and external factors.
Robust internal controls, accounting, and documentation standards
- The company should ensure that it employs stringent recordkeeping requirements for all transactions. It is often best to have an independent, single department handling the recordkeeping obligations of the company.
- The internal controls of the company should be up-to-date and sophisticated enough to detect accounting discrepancies in payments and flag any suspicious payments or other suspicious accounting activities.
- The above standards help demonstrate compliance with the law and limit the company’s potential liability.
- This is important because a company’s compliance policies are considered by regulatory agencies when deciding whether to bring an enforcement action.
- Personnel should be regularly trained in anti-corruption policies and requirements as well as how to monitor sensitive company transactions such as third party or foreign official contracts, transactions in high-risk foreign jurisdictions, or gift-giving.
- The training policies should be periodically reviewed and revised to account for updates in the company’s business environment.
- Training should be a simple process that is both mandatory and readily accessible to all company personnel.
- The training should not be a one-size-fits-all approach but should instead be specialized by function, role, location, size, or personnel seniority.
Gifts and Other Entertainment Expenses
- The SEC and DOJ heavily scrutinize a company’s gifts, meals, travel, and entertainment expenses, as they represent a significant potential for corruption and are often the subject of many enforcement actions.
- The company should employ an expense review process that analyzes the purpose of gifts, meals, travel, and entertainment expenses that are flagged as suspicious. Items of a larger value are more likely to attract more scrutiny and be an improper payment.
- There should be a specific mechanism in place whereby company personnel flags certain gifts, meals, travel, and entertainment expenses that are given too many times to the same individual or that exceed the general business standards for the company’s industry.
- Special emphasis should be placed on “cash” payments because cash payments are the most common forms of corrupt payments.
Significance of FCPA Compliance Best Practices
It is critical that companies proactively take prompt action to implement company-wide best practices that are accessible and transparent.
Best practices can help eliminate the risks of corruption and bribery and safeguard the company’s reputation.
These procedures should be specific to the company’s particular business needs and various transactions.
The successful implementation of FCPA compliance best practices serves as evidence that the company is complying with federal legislation on anti-corruption and anti-bribery.
It can also mitigate the possibility that regulatory enforcement authorities will regard the company’s practices as FCPA violations.
Need Advice with FCPA Compliance Best Practices?
Best practices are a critical component of a company’s FCPA compliance strategy. The failure to maintain such policies or the implementation of substandard policies can be the basis for federal enforcement proceedings.
Allegations of FCPA violations can wreak havoc on your business including significant penalties and reputational injuries.
If you are worried about the increased governmental efforts to prosecute individuals and companies who have allegedly violated anti-corruption and bribery legislation, contact Oberheiden, P.C. today and ask for a FCPA defense attorney.
At Oberheiden, P.C., our well-qualified team of FCPA attorneys are ready to advise you on employing successful best practices specialized for your company’s business to help avoid or mitigate enforcement proceedings and reduce the potential for corruption.
Call us today or contact our office for a free consultation to receive advice on these uncertainties.