FCPAméricas Blog
Four To-Dos before Seeking Outside FCPA Help
5.10.2012
General Counsel and Internal Compliance Officers get approached regularly by outside FCPA service providers. Lawyers, accountants, technology consultants, due diligence and investigation groups, and on-line trainers are all available to help. And we constantly remind you of this.
Each day the number of options seems to grow, and there is good reason. With every prosecution, press article, whistleblower tip, sanction and cross-debarment action, shareholder derivative lawsuit, new signatory to the OECD Anti-Bribery Convention, and statement from enforcement, more companies learn the benefits that flow from compliance and the risks to ignoring it.
Given so many options, companies that are ready to enhance their compliance programs often do not know where to start. Here are four recommendations of things companies should do before seeking outside assistance.
1. Assign Responsibility. Outside compliance experts are of little help if there is not a person at the company in charge of directing and overseeing their work. When outside providers take direction from multiple people, communication lines get crossed. Bills can quickly add up. Whether it is the General Counsel or a specific compliance officer, companies are wise to appoint one person with responsibility for managing compliance enhancements. This is important to communications, information-gathering, and decision-making during the process.
2. Ensure Broad-Based Commitment. The Board and management should understand what compliance enhancement will entail. They should be informed of the things that will be expected of the company as the program is built. They should also have a sense of what a compliant company will ultimately look like. Without commitment up front, companies can waste time and resources. For example, situations occur where experts are well into conducting a risk assessment and designing a program when a senior officer suddenly decides to pull the plug. Such actions might even create greater risk for the company. Imagine how enforcement would see a company that takes initial steps to better understand its risks and enhance its program, and then affirmatively decides to stop.
3. Have a Comprehensive Plan. A “scattershot” approach to compliance can be a waste of time and resources. All too often, companies hire outside help in ways that area not timely, are misdirected, and might even undermine ultimate compliance objectives. I have seen a company hastily hire experts to conduct FCPA trainings in an operational area of concern when its policies on which to train are outdated. I have also seen companies decide to design and roll out a due diligence program before employees understand why they needed to prioritize this work or are equipped to interpret the data obtained. I have been asked to help build controls on an ad hoc basis around specific hospitality instances rather than develop a broad policy to guide such interactions when they arise. Instead, companies should use outside assistance pursuant to a comprehensive approach, analyzing where they currently are, where they need to be, and creating a roadmap to get there. Enforcement officials want to know that a company has a plan for achieving minimum compliance expectations, and they want to see evidence that the company is advancing pursuant to that plan. By seeking outside help pursuant to a comprehensive plan, companies help ensure they get maximum value for their investment of resources.
4. Do Your Homework. Before you start spending your compliance dollars, take some time to do your homework. There is ample publicly available information out there. Depending on a company’s internal capacities, there is much they can do before seeking help. One helpful starting point is to reach out to industry peers to understand how they approach compliance. FCPA attorney Nathan Lankford at Miller & Chevalier says, “Best practices don’t just come from official guidance, they often arise out of what companies in particular industries are actually doing. So it is key to know how your friends at similar companies face issues. They can probably give good recommendations for outside firms with depth of experience in your industry.”
The FCPAméricas blog is not intended to provide legal advice to its readers. The blog entries and posts include only the thoughts, ideas, and impressions of its authors and contributors, and should be considered general information only about the Americas, anti-corruption laws including the U.S. Foreign Corrupt Practices Act, issues related to anti-corruption compliance, and any other matters addressed. Nothing in this publication should be interpreted to constitute legal advice or services of any kind. Furthermore, information found on this blog should not be used as the basis for decisions or actions that may affect your business; instead, companies and businesspeople should seek legal counsel from qualified lawyers regarding anti-corruption laws or any other legal issue. The Editor and the contributors to this blog shall not be responsible for any losses incurred by a reader or a company as a result of information provided in this publication. For more information, please contact Info@MattesonEllisLaw.com.
The author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author.
© 2012 Matteson Ellis Law, PLLC
Post authored by Matteson Ellis, FCPAméricas Founder & Editor
Comments