How to Conduct FCPA Due Diligence and Audits
“Do you have questions about FCPA? I would love to help. I formerly prosecuted FCPA cases at the DOJ as a trial attorney. I now serve as external Counsel and CCO on all types of FCPA investigations and compliance matters for governments and corporations.”Samer B. Korkor – Head of FCPA Group
Click here to view Samer’s bio or send a text to 714-294-2000 to setup a call with Samer and Dr. Nick Oberheiden.
- FCPA due diligence and audits reduce a company’s risk exposure to bribery and corruption and demonstrate compliance with federal anti-corruption legislation.
- Due diligence is important so that companies are assured that their pending transaction with the other party have an acceptable level of risk. It helps companies manage risks, assess proportionality, and detect the possibility of bribery.
- Due diligence should assess red flags such as a history of civil and/or criminal enforcement actions, negative business reputation, poor financial history, or unexplained travel expenses.
- The consequences of failing to maintain FCPA due diligence include criminal and civil penalties, imprisonment, debarment, injunctions, disgorgement, prejudgment interest, cybersecurity risks, and reputational injury.
- Companies should actively engage in conduct that mitigates risk and enhances due diligence and should continually monitor due diligence.
- Consider hiring an experienced defense team to advise you on these complexities.
Our FCPA Defense Team
If you are concerned about the process of FCPA due diligence and audits, it is never too early or too late to contact a team of FCPA lawyers specialized in these laws.
Regulatory agencies such as the DOJ and the SEC have stressed the need for companies to routinely conduct due diligence in a variety of situations and have sought to impose stringent penalties on companies that have failed to adhere to such mandates both before and after FCPA violations are discovered.
This could result in severe penalties that may damage your business contacts, customer base, and wreak needless reputational harm on your company.
It is critical that you are represented by an experienced group of FCPA attorneys who are knowledgeable about due diligence and audits.
Do not wait to get in touch with a qualified FCPA attorney today. Put Oberheiden, P.C. on your side to fight for your reputation, guide you through due diligence, and defend your company.
Introduction to FCPA Due Diligence and Audits
Due diligence and audits reduce a company’s risk and exposure to bribery and provide strong evidence of compliance with anti-bribery legislation as well as protection from federal investigations.
At a minimum, they should document how the company performed the due diligence process, what information was used, who collected it, the red flags that were uncovered, the means of resolving those red flags and other resulting risks (if resolution is desirable), and suggestions for continuous monitoring and improvement.
Every major transaction should undergo a due diligence process and audit, including takeovers, mergers, acquisitions, auctions, investments, foreign business partnerships, etc.
For instance, anti-bribery due diligence helps companies manage their investment risks effectively, asses proper proportionality, and more easily detect the risk of bribery.
This is also important so that companies are assured that their target company, for instance, is complying with anti-corruption statutes and represents a low acceptable risk. If the risk is too high, the company should not proceed with the transaction or deal.
The consequences for failing to undergo proper due diligence could be severe such as civil and criminal penalties, disgorgement, prejudgment interest, imprisonment, disqualification from doing business with certain entities such as the U.S. government, and reputational harm.
Steps of the Due Diligence Process
A company’s due diligence process should generally proceed in the following manner:
- The due diligence process is initiated, whereby the company will identify the information that will be requested from the other party to the transaction or deal. Sometimes the company will use a third party to gather this information, which is generally represented in the form of a questionnaire.
- Then, there is typically an initial review. The initial review will consist of self-reported data from the party being evaluated as well as independently verified data accumulated by the company. The simpler information gathered includes company details such as board of directors and shareholders, while the more complex information will consist of information about the party’s source of funds or other affiliations that are relevant based on the nature of the proposed transaction.
- The more detailed review will entail checks with law enforcement authorities to determine if there are any sanctions against that party or prior criminal charges. It may also include an analysis of published lists of debarred companies for misconduct.
- Any red flags are identified and analyzed. The company then performs risk assessment to determine whether or not to proceed with the proposed transaction. A prominent example of a high-risk transaction includes a politically exposed person (“PEP”). A PEP maintains a prominent public status and influence and is therefore associated with greater risks of bribery and corruption.
- The company makes the decision of whether or not to proceed with the transaction or deal with the evaluated party.
- The company continues the process by performing post-transaction due diligence and post-transaction monitoring.
Red Flags Identified in the Due Diligence Reviews and Audits
Examples of red flags that could be identified in due diligence reviews and audits include the following:
- The evaluated party has a history of civil and/or criminal enforcement actions, unethical conduct, improper payments, or a negative business reputation.
- The company is unable to verify data received on the other party.
- The party had vague or unrealistic plans.
- The party insists on an unusually excessive budget.
- There are unusual requests from the party such as advance payments, bonuses, or other inflated measures.
- The party makes other requests such as insisting on secrecy or refusing to have audits of its operations conducted.
- There is a poor financial history or credit associated with the party.
- The party has a material conflict of interest with a foreign official.
- There are unexplained travel expenses, multiple private meetings, and large amounts of political contributions made by the party.
- For international dealings, the party proposes conduct that is illegal in the other country.
While some of these above instances are not illegal in and of themselves, they represent some serious red flags that warrant further scrutiny before the transaction is approved.
Consequences of Failing to Maintain Due Diligence Procedures
There are many significant consequences and penalties that could result from the failure to maintain due diligence procedures:
- Regulatory risks such as criminal and civil penalties, debarment from future contracts, injunctions, disgorgement, and sometimes imprisonment. These risks are heightened if the company transacts globally because there are more international partners involved, thus exposing the company to more regulatory consequences.
- Financial consequences including failed business contracts or theft from partners, employees, or management who engage in bribes and corruption. Significant jail time of these individuals is also a possibility.
- Business and cybersecurity risks, which entail possible disruptions to company operations, obstacles to company growth, and other internal and external threats that fail to detect corruption risks in the first place.
- Reputational consequences from being associated with parties who have committed bribery and corruption scandals. The company’s reputation could also be impacted by insufficient ethical standards and poor internal controls.
What Companies Can Do to Mitigate Risk and Enhance Due Diligence
Due diligence depends upon repeated evaluations and monitoring.
Below we provide several tips as to what companies can do to mitigate risks and increase the effectiveness of due diligence:
- Routinely monitor changes in markets, contracts, and parties and document such changes.
- Use detailed questionnaires, published lists, and other public information to evaluate the profile on the other party.
- Verify the information collected.
- Provide education and training to everyone working for your company to ensure that there is a general understanding of compliance, risk assessment, and the requirements of the FCPA.
- Make sure the company has a FCPA risk assessment process whereby risk factors that identify a potential for bribery are identified and promptly addressed.
- Structure compliance so that risk exposure is minimized.
- Thoroughly analyze any red flags uncovered from due diligence procedures.
- Establish a monitoring system that continually assesses new risks and highlights new red flags.
A Company’s Continual Duties to Conduct and Monitor Due Diligence
It is important for companies to understand that the need to continually assess risk does not end when the transaction is over, when the merger is completed, or when the third party is cleared from all avoidable risks.
Instead, due diligence is an ongoing process that companies should continue to apply and monitor as long as those companies maintain such relationships.
Approaches to monitor performance and assess due diligence include the following:
- stay abreast of market changes in assessing the need to adjust compensation
- communicate compliance expectations with parties
- document work performance in all ongoing contracts
- ensure employees and all relevant parties are updated on due diligence procedures on a regular basis
- assess current due diligence to determine if adjustments are necessary based on new risks
- consider utilizing more audits to focus on third parties and transactions with a high risk of bribery and corruption
- have a system in place where employees can easily identify red flags and report them internally within the company for resolution
- obtain a compliance certification each year to foster an environment where bribers and corruption are not permitted
Need Advice on Conducting FCPA Due Diligence and Audits?
The high risk of corruption and bribes demand a robust due diligence process. It is imperative that your company is counselled by an experienced team of attorneys that can provide advice on FCPA due diligence and audits.
The defense attorneys at Oberheiden, P.C. have the experience and knowledge needed to prepare your company in enhancing due diligence, preparing for an audit, and responding to allegations of insufficient anti-corruption standards.
The risks of failing to maintain proper due diligence within your company could be severe. Call 888-680-1745 today or contact our office for a free consultation.