Monday, March 8, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home FCPA

The 10 Most Important FCPA Internal Controls (Part One: Accounting Controls)

by Matteson Ellis
April 16, 2019
in FCPA
The 10 Most Important FCPA Internal Controls (Part One: Accounting Controls)

10 most important internal controls for FCPA compliance

Updated in 2019

Under the FCPA, companies can be punished not only for the wrongful things they do, like paying bribes, but also for certain things they don’t do. In particular, the FCPA’s accounting provisions require companies to have internal controls in place. When companies do not have certain protections, such as appropriate  accounting systems and anti-corruption policies, procedures and processes, they risk violating the law.

Specifically, the FCPA’s accounting provisions require issuers (both U.S. and non-U.S. companies that are publicly traded in the United States) to establish and maintain a system of internal controls sufficient to assure that (1) transactions are executed in accordance with management’s authorization, (2) access to assets is permitted only with the proper authorization and (3) the accounting records reflect the existing assets.

Below and in part two, we provide our list of the 10 most important internal controls for FCPA compliance. We arrange them into two categories – the first five are accounting-specific safeguards, and the next five are other types of processes for high-risk business activities.

ACCOUNTING CONTROLS. Accounting controls help ensure that company funds are not used for bribery. At a very basic level, this means that:

  • Individuals with approval power for expenses are independent and have properly delegated authority,
  • Approvals are based on supporting documentation,
  • Transactions are properly and accurately recorded,
  • Processes are regularly monitored, audited and tested and
  • Finance personnel are trained to spot red flags.

It is important for companies to ensure such controls for the following types of payment processes.

1. Accounts Payable. Controls should be designed to ensure that types and amounts of the items and services invoiced to the company are legitimate and correctly correspond to the values and descriptions in written contracts, as well as the supporting documentation. Payments should be authorized against original invoices, and invoice numbers should be checked against files to prevent duplicate invoicing. Companies can require special approvals for payments to account numbers not on the master file, manual payments and unusual or unfamiliar vendors. The monitoring and testing program should give particular attention to variations in the normal purchasing process, unusual vendors, split payments to avoid authorized payment thresholds amounts, duplicate payments and frequent payments to the same vendor.

2. Expense Reimbursement. Written travel and hospitality policies should establish standard expense reimbursement rules. They can require approvals from management, the submission of original backup documentation and the timely entry of expense reports. Companies should keep records of the identities of recipients of funds, the business purposes of the expenses and internal authorizations required and received. Heightened oversight should be applied to expenses made on behalf of non-employees, which can include pre-approvals and special value and frequency limits,.

3. Payroll. Payroll responsibilities should be segregated for activities like data entry of employee details, authorizations and payments. Any changes to payroll files, such as salary increases, should include supporting documentation and be approved by someone other than the person inputting the information. Department heads should regularly review and approve payment reports to ensure that salary recipients currently work for the company.

4. Petty Cash. Companies should adopt written policies governing the disbursement of petty cash that dictate appropriate and authorized uses. Policies should ensure that access to petty cash is limited and subject to approvals and that reimbursements are based on supporting documentation and sufficient detail about use. Companies should frequently conduct reconciliations of petty cash disbursements.

5. Claims. Written policies for management of claims, such as returned goods or disputed services, should establish consistent methods for handling these issues. This can include requiring claims to be supported by documentation, recorded properly and approved by someone not involved in the original transaction.

This article was republished with permission from FCPAméricas Blog, for which Matteson Ellis is founder, editor and regular contributor.

 The opinions expressed in this post are those of the author in his or her individual capacity and do not necessarily represent the views of anyone else, including the entities with which the author is affiliated, the author`s employers, other contributors, FCPAméricas or its advertisers. The information in the FCPAméricas blog is intended for public discussion and educational purposes only. It is not intended to provide legal advice to its readers and does not create an attorney-client relationship. It does not seek to describe or convey the quality of legal services. FCPAméricas encourages readers to seek qualified legal counsel regarding anti-corruption laws or any other legal issue. FCPAméricas gives permission to link, post, distribute or reference this article for any lawful purpose, provided attribution is made to the author and to FCPAméricas LLC.


Tags: internal controlstone at the top
Previous Post

How Organizations Can Manage Regulatory Change In an Era of Hyper-Regulatory Scrutiny

Next Post

Threat Horizon 2021: The Cyber Attacks Businesses Need to Prepare for Now

Matteson Ellis

Matteson Ellis serves as Special Counsel to the FCPA and International Anti-Corruption practice group of Miller & Chevalier in Washington, DC.  He is also founder and principal of Matteson Ellis Law PLLC, a law firm focusing on FCPA compliance and enforcement. He has extensive experience in a broad range of international anti-corruption areas. Previously, he worked with the anti-corruption and anti-fraud investigations and sanctions proceedings unit at The World Bank. Mr. Ellis has helped build compliance programs associated with some of the largest FCPA settlements to date; performed internal investigations in more than 20 countries throughout the Americas, Asia, Europe and Africa considered “high corruption risk” by international monitoring organizations; investigated fraud and corruption and supported administrative sanctions and debarment proceedings for The World Bank and The Inter-American Development Bank; and is fluent in Spanish and Portuguese. Mr. Ellis focuses particularly on the Americas, having spent several years in the region working for a Fortune 50 multinational corporation and a government ethics watchdog group. He regularly speaks on corruption matters throughout the region and is editor of the FCPAméricas Blog. He has worked with every facet of FCPA enforcement and compliance, including legal analysis, internal investigations, third party due diligence, transactional due diligence, anti-corruption policy drafting, compliance training, compliance audits, corruption risk assessments, voluntary disclosures to the U.S. government and resolutions with the U.S. government. He has conducted anti-corruption enforcement and compliance work in the following sectors: agriculture, construction, defense, energy/oil and gas, engineering, financial services, medical devices, mining, pharmaceuticals, gaming, roads/infrastructure and technology. Mr. Ellis received his law degree, cum laude, from Georgetown University Law Center, his masters in foreign affairs from Georgetown’s School of Foreign Service, and his B.A. from Dartmouth College. He co-founded and serves as chairman of the board of The School for Ethics and Global Leadership in Washington, D.C. He is a member of the District of Columbia, Texas, New York, and New Jersey bar associations. Mr. Ellis is also author of The FCPA in Latin America: Common Corruption Risks and Effective Compliance Strategies for the Region.

Related Posts

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

February 25, 2021
Hogan Lovells: Global Bribery and Corruption Outlook 2021

Hogan Lovells: Global Bribery and Corruption Outlook 2021

February 16, 2021
invisible man in black on neutral background

The Curious Absence of Corporate Monitors

January 27, 2021
Vitol logo broken in half

The Vitol Enforcement Action

January 7, 2021
Next Post
illustration of businessman looking at the horizon

Threat Horizon 2021: The Cyber Attacks Businesses Need to Prepare for Now

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights