FCPAméricas Blog
The Ten Most Important FCPA Internal Controls (Part 2: Other Processes)
4.18.2014
Certain company processes might not constitute traditional notions of “internal controls,” but FCPA enforcement officials have taken the position that a wide range of activities is covered by the term.
For example, in Orthofix, the SEC found that the company failed to maintain adequate internal controls when the company’s FCPA compliance policy and FCPA-related training in Mexico were provided only in English and not in Spanish. In Eli Lilly, the SEC found that the company lacked sufficient controls when it failed to have a due diligence and monitoring process in place to ensure its Brazilian distributors were not paying bribes on its behalf.
NON-ACCOUNTING CONTROLS. Part 1 of this series discusses five essential accounting controls under the FCPA. Below we offer five other important areas that should be captured in a company’s internal controls framework.
1. Vendor Relationships. Companies reduce risk that their third parties will pay bribes on their behalf by placing controls over the selection and performance of vendors. A vendor selection process should require that multiple providers are considered and compared, selection is based on quality and price, and decisions are made according to delegations of authority. Companies should conduct risk-based third party due diligence and monitoring. (FCPAméricas has previously discussed due diligence and monitoring, such as how to control third parties, and how much due diligence is enough.) In addition, vendor selection and use should be periodically and randomly audited to ensure processes are followed and no red flags are present. FCPAméricas has discussed auditing for “phantom” vendors.
2. Gift-Giving. Companies implement specific policies to ensure that gifts are given for legitimate purposes, such as to promote general goodwill, visibility, or reputation, and not to improperly influence an official to secure an improper advantage. Specific policies should prohibit cash gifts, establish pre-authorized value and frequency limits, create special authorization requirements for higher valued gifts, track aggregate amounts, consider local laws, and ensure supporting documentation with the names of recipients and business purposes. FCPAméricas summarizes FCPA actions involving gifts here.
3. Charitable Donations and Political Contributions. Controls should ensure that a company’s charitable donations and political donations are not, in fact, disguised bribes. Policies should require such disbursements to be reviewed by senior compliance officials. Processes should confirm that recipients are legitimate and do not create integrity concerns, principals and officers of charitable organizations are not linked to public officials, and recipients of political contributions are not positioned to improperly benefit the company.
4. Human Resources. A company’s HR Department has an important role to play in its anti-corruption program. For example, it can conduct background checks on new employees for integrity-related issues, identify when employees are related to public officials, and ensure that new employees receive anti-corruption compliance training. HR can help administer both incentive and disciplinary measures related to employee compliance. It can also probe compliance issues during exit interviews.
5. Training. Companies should effectively communicate their anti-corruption policies and procedures to their employees and, where necessary, their third parties too. Trainings should be documented and repeated periodically. Training programs should convey appropriate compliance lessons to targeted audiences. They can provide examples of practical cases and common red flags. FCPAméricas has described in-person versus on-line training, overviewed effective training in Latin America, and listed the “don’t forgets” of FCPA training.
The opinions expressed in this post are those of the author in his or her individual capacity, and do not necessarily represent the views of anyone else, including the entities with which the author is affiliated, the author`s employers, other contributors, FCPAméricas, or its advertisers. The information in the FCPAméricas blog is intended for public discussion and educational purposes only. It is not intended to provide legal advice to its readers and does not create an attorney-client relationship. It does not seek to describe or convey the quality of legal services. FCPAméricas encourages readers to seek qualified legal counsel regarding anti-corruption laws or any other legal issue. FCPAméricas gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to FCPAméricas LLC.
© 2014 FCPAméricas, LLC
Post authored by Matteson Ellis, FCPAméricas Founder & Editor
Comments
May 31st, 2018 at 12:16 pm
[…] http://fcpamericas.com/english/anti-corruption-compliance/ten-important-fcpa-internal-controls-part-… […]