No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

Managing Corruption Risk

by Jim DeLoach
September 15, 2014
in Risk
Managing Corruption Risk

Fighting corruption has become a major global initiative. The consequences of corruption violations can be severe. Firms that were found to have violated the Foreign Corrupt Practices Act (FCPA) in the United States and paid bribes to foreign officials have been subjected to criminal and civil enforcement actions, resulting in disgorgement of profits obtained through the illicit payments, large fines reaching into the hundreds of millions of dollars and suspension from federal procurement contracting. In addition, their employees and officers have gone to jail.

The FCPA is not the only game in town. In 2010, the United Kingdom passed the first major overhaul of its anti-corruption laws in more than a century, putting companies operating in that country under even more stringent regulations than set down by the FCPA by prohibiting commercial bribes in addition to bribes to foreign officials. Since then, several other countries, including Russia and China, have issued new anti-corruption regulations.

For multinationals, the proliferation of new requirements raises the compliance bar. The point is that reputational damage due to negative headlines revealing egregious violations can devastate the bottom line and impair business relationships and shareholder value.

To avoid these consequences, firms should ensure their compliance program is effective in preventing, deterring and detecting improper payments by employees and agents. A robust corruption risk management program typically includes the following elements:

  • Risk assessment: The risk identification process should inventory the applicable legal and regulatory requirements and explicitly consider the risk of corruption involving foreign officials and employees or agents who operate out of the home country, especially at foreign locations known for unethical business practices, as well as the risk of commercial bribery as applicable under relevant laws and regulations. For example, when assessing corruption risk, consider the risk profile of the countries in which the company operates (including the cultural, political and regulatory environment), foreign and commercial relationships and the nature of payments made in order to conduct business (e.g., business licenses, permits, certifications and inspections), among other things.
  • Board oversight: The board of directors should make it a priority to understand potential corruption risks and oversee the enterprise’s anti-corruption compliance program.
  • Executive management supervision: A designated senior executive should coordinate and manage the compliance program. That executive should be supported by appropriate resources and his or her efforts should be reinforced through consistent and ongoing “tone at the top” messages about the importance of compliance.
  • Policies, standards, procedures and reporting mechanisms: The organization must document the global anti-corruption policies and standards and communicate them to employees. Also, effective mechanisms for individuals to report criminal conduct and other concerns involving potential anti-corruption violations should be in place. There isn’t an authoritative “one-size-fits-all” approach to designing policies, standards, procedures and reporting mechanisms as part of implementing an anti-corruption risk program – implementation will vary depending upon the nature of a company’s business. However, there were several key points made by the U.S. Department of Justice (DOJ) that led it to decide not to prosecute a large global financial services firm even though one of the firm’s employees violated the FCPA:
    • The firm’s policies prohibited bribery and addressed corruption risks associated with the giving of gifts, business entertainment, travel, lodging, meals, charitable contributions and employment.
    • The firm updated its policies on a frequent basis to reflect new regulatory developments and specific emerging risks.

Other points contributing to the DOJ’s conclusion are provided below.

  • Due diligence activities: Ensure appropriate due diligence is performed on employees, vendors, suppliers, potential business partners, representatives and third-party agents.
  • Effective internal controls and monitoring: Internal controls should be in place for books and records, as well as proper accounting, including effective controls over cash accounts. Active monitoring of anti-corruption controls within financial and operational processes should identify and report potential red flags. Periodic audits of the anti-corruption program policies, procedures and controls should assess their effectiveness at ensuring compliance at all levels and across the entire organization. With respect to its decision not to prosecute the global financial services firm, the DOJ acknowledged:
    • The firm’s compliance department included anti-corruption experts in various high-risk areas where the company operated.
    • Compliance personnel regularly monitored transactions, tested transactions and randomly audited particular employees, partners, transactions and business units to identify illicit payments.
    • The program’s inclusion of transaction monitoring provided a sure sign that the firm understood that the need for due diligence is ongoing.
  • Communication, training and awareness programs: Internal communications should convey that bribery and corruption will not be tolerated. Anti-corruption awareness education and training should be provided for employees, third-party agents and consultants conducting business on behalf of the organization to ensure they are knowledgeable of the appropriate behavior and legal requirements. With respect to the global financial services firm that was not subjected to a DOJ enforcement action even though one of its employees went rogue:
    • The firm trained various groups of Asia-based personnel on anti-corruption policies over 50 times during the six-year period in which the employee’s FCPA violations occurred.
    • During the same period, the firm trained the executive in question seven times on the requirements of FCPA.
    • In addition, the company’s compliance officer warned the executive that he was dealing with a foreign official, and reminders of the company’s code of conduct prohibiting bribery of foreign officials and requiring FCPA compliance were sent to the executive at least 35 times during the six-year period.

In effect, training should spell out the company’s expectations for compliance with its corporate policies and procedures, as well as the applicable anti-corruption or anti-bribery laws and regulations. Retraining should occur periodically, and all employees and third parties should certify that they comply with the company’s compliance policies. Whenever policies and procedures are updated, the updated information should be recirculated to employees and employees should be retrained with emphasis on the updated information.

Training sessions should be well documented, and records of when employees received training, as well as the corresponding materials, should be kept in employees’ personnel files. The date, time and location of each training session conducted should be tracked, along with compliance communications delivered. A copy of the training programs each employee attends and each compliance policy communication sent to the employee should be archived and stored.

  • Investigation and disciplinary mechanisms: The organization must conduct thorough investigation and remediation of reported potential corruption violations. Disciplinary mechanisms must be enforced consistently for those who violate the company’s global corruption compliance policy.

While it is not feasible for a company to monitor every transaction of every amount by every employee, companies should establish risk-based policies, procedures and systems of internal controls that provide reasonable assurance that the organization is adhering to the provisions of applicable anti-corruption laws. That said, no large company can ever protect itself entirely from the actions of rogue employees who engage in collusion. If that occurs, an effective compliance program can not only help prevent compliance violations, but can also – as demonstrated by the case involving the global financial services firm – help mitigate the fallout from a serious corruption violation.

With this example as a benchmark, companies in all industries can take practical steps to improve their compliance processes to reduce the risk of prosecution.

To learn more, click to see Scott Moritz, Protiviti’s Investigations and Fraud Risk Management leader, discussing fraud risk and anti-corruption measures.

Understanding Fraud Risk Enables You to Better Manage It

Overcoming Roadblocks to Effective Anti-Corruption Measures


Previous Post

Pro Football and the FCPA Professor

Next Post

Hot Buttons in Executive Compensation

Jim DeLoach

Jim DeLoach

Jim DeLoach, a founding Protiviti managing director, has over 35 years of experience in advising boards and C-suite executives on a variety of matters, including the evaluation of responses to government mandates, shareholder demands and changing markets in a cost-effective and sustainable manner. He assists companies in integrating risk and risk management with strategy setting and performance management. Jim has been appointed to the NACD Directorship 100 list from 2012 to 2018.

Related Posts

boris johnson resigns as UK prime minister

Report: Most Countries Failing to Stop Corruption

by Staff and Wire Reports
February 2, 2023

Denmark remained the least corrupt country in the world for the fifth year running, according to the recently released Transparency...

exec fired

44% of Companies Say They’ve Disciplined Execs for Ethics Breaches

by Staff and Wire Reports
February 2, 2023

More than two-fifths of companies (44%) say they have fired or disciplined senior leadership for unethical conduct in the past...

clausematch ai

Clausematch Releases Knowledge Graph to Drive Digitization of Regulation With AI

by Corporate Compliance Insights
February 2, 2023

Global RegTech provider Clausematch has released its digital knowledge graph in open source, allowing regulators and financial service companies to...

logicgate_climbchannel

LogicGate Hopes to Expand RiskCloud’s EMEA Reach

by Corporate Compliance Insights
February 2, 2023

Risk and compliance provider LogicGate is expanding its international presence thanks to a new partnership with Climb Channel Solutions, a...

Next Post
Hot Buttons in Executive Compensation

Hot Buttons in Executive Compensation

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT