Regulators in many parts of the globe have increased enforcement of anti-corruption laws. Anti-corruption experts offered the following tips on how companies doing business overseas can step up vigilance to reduce corruption risks.
Assess internal and external risks. Enforcement
actions by the Department of Justice and the SEC highlight the most
likely trouble spots: Overseas activities and engagement of third
parties—such as distributors, sales agents, intermediaries, or
suppliers—tend to increase a business’s corruption risks, especially
when the activities and parties operate in developing economies.
Potential risks are noteworthy when engaging in hospitality activities
and when offering gifts and donations.
Conduct thorough background checks. Thorough
background checks can reveal red flags, including close relationships
between third parties and foreign officials; third parties whose fees
are contingent upon sales going through and customers paying; third
parties with a history of corruption issues; and a third party’s
desire to keep the representation of the company or the terms of the
retention secret. A third party’s hesitancy or unwillingness to
promise in writing to observe applicable anti-corruption laws is also
a red flag.
Get commitment from top management. A company’s
board of directors, senior executives, or owners should develop the
company’s policy against corruption and bribery and lead by example.
This is commonly referred to as establishing the appropriate “tone at
the top.” Top management’s tone can be reflected and reinforced in,
for example, an ethics code, employee training, a compliance program,
annual certifications, and other communications.
Develop comprehensive policies and guidelines that are
proportionate to the risks. A robust compliance program
should include a code of conduct, written policies, a confidential
hotline to report potential instances of improper conduct, a
nonretaliation policy, a rapid response plan, tracking of compliance
incidents, regular compliance training programs, monitoring and
auditing programs, disciplinary policies, annual recertification of
employees, and a risk assessment process. Corporate compliance teams
should be staffed with senior, qualified people and headed by a chief
compliance officer. Someone at the parent company should oversee
compliance at subsidiaries and joint ventures.
Establish controls over promotional expenses, travel,
entertainment, sponsorships, and gifts. Provide training to
sales and marketing and other personnel who are authorized to offer or
provide gifts or other items to current or potential customers and
business partners. Establish policies and procedures governing
management’s authorization of promotional expenses, travel,
entertainment, sponsorships, donations, and gifts.
Make sure everybody knows the procedures. The
company’s principles and policies need to be stated clearly and rolled
out in a manner—face-to-face sessions, intranet messages, or
e-learning—that is most suitable for the business. It is important to
not overlook overseas operations and third parties. Business and
geographic risks should dictate the depth of the training and the
prudence of offering or providing training to business partners.
Monitor compliance and review procedures regularly.
The business should conduct regular, region-specific risk assessments
and monitor closely payments to third parties to ensure that there are
no cash payments, that commission percentages are reasonable and based
on work performed, and that invoices and receipts are available for
all requested payments and reimbursements. Revisit procedures
regularly and adjust them as the business and its risks change.
—By Sabine Vollmer (
svollmer@aicpa.org
), a JofA senior editor, based on presentations by Joseph
E. Decilveo Jr., a McGladrey partner in New York City; Andrea
Deegan, a fraud investigator and financial accountant with RSM Tenon
in the U.K.; and Paul Solomon, a litigator with the law firm Skadden
in Washington.