Levi Strauss and Auditing of Third Parties

This article was republished with permission from Tom Fox’s FCPA Compliance and Ethics Blog.

Today we celebrate innovation. On this day in 1873, a patent to create work pants reinforced with metal rivets was granted. This marked the birth of one of the world’s most famous garments: blue jeans. Jacob Davis, a tailor in Reno, Nevada, presented the idea to Levi Strauss in 1872 when he wrote Strauss a letter about his method of making work pants with metal rivets on the stress points to make them stronger. Davis didn’t have the money for the necessary paperwork and proposed that Strauss provide the funds and that they get the patent together. Strauss agreed and the patent for “Improvement in Fastening Pocket-Openings,” the innovation that would produce blue jeans, was granted.

Until Strauss opened a factory in 1880, the “waist overalls,” as the original jeans were known, were manufactured by seamstresses working out of their homes. Levi’s 501s, previously known as “XX,” were soon a bestseller, and by the 1920s they were the top-selling work pants in the U.S. Over the decades, the fad has grown and today they are a firm staple in closets around the globe.

I thought about this innovation and sustained excellence when I sat through a presentation at Compliance Week 2015 by two ladies from BakerHughes Inc. (BHI), Jennifer Ellison, Senior Legal Compliance Manager, and Marianne Ibrahim, Senior Counsel, on Audits and Investigations. They focused on three aspects of the company’s audit program in its compliance function: types and purpose of Foreign Corrupt Practices Act (FCPA) audits, planning for the audit and interviewing all in conjunction with your audit program for third parties.

When planning for such an audit, they laid out the following steps: You should plan out four to six weeks in advance, perform the audit with your legal counsel’s lead to preserve privilege; work with the business sponsor to establish key business contacts; discuss audit rights and processes with the third party; prepare initial document request lists for financial information queries; take the time to review findings from previous audits and resolutions and also review details of opened and closed internal investigations; if there are any Code of Conduct questionnaires available, take care to review those; and finally, be cognizant of any related Department of Justice (DOJ) and Securities and Exchange Commission (SEC) enforcement actions.

They also noted that you should try and determine the entry points of foreign government involvement. They broke this down into direct involvement and indirect involvement. In the direct category, they listed the following areas: customs and duties, corporate taxes and penalties, social security or national insurance issues for employees, obtaining in-country visas and work permits, public official gifts and entertainment, training of and attendant travel for employees of government owned entities, procurement of business licenses and permits to perform work and, finally, areas around police escort and security. In the indirect category, some of the key areas to review are: customs agents and freight forwarders, visa processors, commercial sales agents, including distributors and, finally, those who might be consultants or other channel partners.

Document review and selection is important for this process. They said that you should ask for as much electronic information as possible well in advance of your audit. They did recognize that it is much easier to get database records for internal audits than audits of third parties. One item they made sure to ask for in advance was records in database or Excel format and not simply in pdf. They suggested you ask for the following categories of documents: trial balance, chart of accounts, journal entry line items, financial and compliance policies, prior audited financial statements, bank records and statements, a complete list of agents or intermediaries and revenue by country and customer.

When you are ready to commence your interviews, they emphasized that the lead interviewer needs to be culturally sensitive, patient and able to negotiate a good working relationship with auditors, who will be reviewing the documents from the forensic perspective. Regarding potential interviewees, they related that you should focus on those who interact with government entities, foreign government officials or third parties, including those personnel involved with:

• Business leadership
• Sales/marketing/business development
• Operations
• Logistics
• Corporate functions, including human resources, finance, health, safety and environmental, real estate and legal.

For the interview topics, they suggested several lines of inquiry. Initially they noted that you should conduct the audit interview as precisely that: an audit interview and not an investigative interview. You should not play “gotcha” in this format. They said you should avail yourself of the opportunity to engage in training while you are interviewing people. The topics to interview on included:

• General policies and procedures
• Books and records pertaining to FCPA risks
• Test knowledge of FCPA and the UK Bribery Act, including facilitating payments and their understanding of your company’s prohibitions
• Regulatory challenges they may face
• Any payments of taxes, fees or fines
• Government interactions they have on your behalf
• Other compliance areas you may be concerned about or that would impact your company, including trade, anti-boycott, anti-money laundering and anti-trust.

Ellison and Ibrahim went into detail regarding the review you should make around the General Ledger (GL) accounts. They suggested you review commission payments to agents and representatives; any facilitating payments made; all payments around travel, meals and entertainment; payments made around training; gifts; charitable contributions; political donations; and sales and promotion expenses. If there were payments made for customs or freight forwarders and other processing agents, permits, licenses, taxes and other regulatory expenses should be reviewed. Additionally, any entries pertaining to community contributions and social responsibility payments should be assessed. finally, they suggested that a review of any security payments, extortion payments, payments to legal consultants or tax advisors or fines and penalties should be considered.

Regarding bank accounts and cash disbursement controls, you should do the following:

• Review controls around bank accounts and cash disbursements
• Identify and review authorized signers, approval levels and bank reconciliations
• Ensure all bank accounts are included in the general ledger
• Identify and review certain bank and cash disbursement transactions
• Identify offshore bank accounts

In the area of cash funds, take the following actions:

• Review controls around petty cash funds
• Ascertain processes in place regarding disbursement and reconciliation of cash funds
• Identify and review payments to government officials, agents or any unusual or suspicious activities
• Identify and review certain bank transactions and test for any improper payments.

For gifts, travel and entertainment, you should explore payments made through employee-reimbursed expenses; scrutinize for any suspicious expenses submitted, expenses lacking adequate documentation and incorrect postings; and identify and review accounts associated with gifts, meals, entertainment, travel or promotion. In the area of payroll, consider the risks around the use of ghost employees, hiring of relatives of government employees and the use of bonus payments, and be sure to request a payroll listing and review for any such persons.

Around training, you should determine whether your company provides industry-specific training to government entities and review GL accounts and expenses for related items. In taking a look at payments under local law, you should obtain a list of payments to the government required by local laws and identify and review payments to government authorities or employees, customs authorities or agents, income tax authorities or license requirements. For payments made to third parties, you should review commission and expense payments for compliance with company policy and also trace payments to the third party’s bank account.

Ellison and Ibrahim not only provided solid, detailed information on what your audit protocol should be, but also material on what you should look for and how you should do it. It was an excellent presentation.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business advice, legal advice or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author gives his permission to link, post, distribute or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.