Certain company processes might not constitute traditional notions of “internal controls,” but FCPA enforcement officials have taken the position that a wide range of activities is covered by the term.
For example, in Orthofix, the SEC found that the company failed to maintain adequate internal controls when the company’s FCPA compliance policy and FCPA-related training in Mexico were provided only in English and not in Spanish. In Eli Lilly, the SEC found that the company lacked sufficient controls when it failed to have a due diligence and monitoring process in place to ensure its Brazilian distributors were not paying bribes on its behalf.
NON-ACCOUNTING CONTROLS. Part One of this series discusses five essential accounting controls under the FCPA. Below, we offer five other important areas that should be captured in a company’s internal controls framework.
1. Vendor Relationships. Companies reduce the risk that their third parties will pay bribes on their behalf by placing controls over the selection and performance of vendors. A vendor selection process should require that multiple providers be considered and compared, that selection is based on quality and price and that decisions are made according to delegations of authority. Companies should conduct risk-based third-party due diligence and monitoring. (FCPAméricas has previously discussed due diligence and monitoring, such as how to control third parties and how much due diligence is enough.) In addition, vendor selection and use should be periodically and randomly audited to ensure that processes are followed and that no red flags are present. FCPAméricas has discussed auditing for “phantom” vendors.
2. Gift-Giving. Companies implement specific policies to ensure that gifts are given for legitimate purposes, such as to promote general goodwill, visibility or reputation, and not to improperly influence an official to secure an improper advantage. Specific policies should prohibit cash gifts, establish pre-authorized value and frequency limits, create special authorization requirements for higher valued gifts, track aggregate amounts, consider local laws and ensure thorough supporting documentation, with the names of recipients and business purposes.
3. Charitable Donations and Political Contributions. Controls should ensure that a company’s charitable donations and political donations are not, in fact, disguised bribes. Policies should require such disbursements to be reviewed by senior compliance officials. Processes should confirm that recipients are legitimate and do not create integrity concerns, that principals and officers of charitable organizations are not linked to public officials and that recipients of political contributions are not positioned to improperly benefit the company.
4. Human Resources. A company’s HR Department has an important role to play in its anti-corruption program. For example, it can conduct background checks on new employees for integrity-related issues, identify when employees are related to public officials and ensure that new employees receive anti-corruption compliance training. HR can help administer both incentive and disciplinary measures related to employee compliance. It can also probe compliance issues during exit interviews.
5. Training. Companies should effectively communicate their anti-corruption policies and procedures to their employees and, where necessary, to their third parties, too. Trainings should be documented and repeated periodically. Training programs should convey appropriate compliance lessons to targeted audiences. They can provide examples of practical cases and common red flags.
The opinions expressed in this post are those of the author in his or her individual capacity and do not necessarily represent the views of anyone else, including the entities with which the author is affiliated, the author`s employers, other contributors, FCPAméricas or its advertisers. The information in the FCPAméricas blog is intended for public discussion and educational purposes only. It is not intended to provide legal advice to its readers and does not create an attorney-client relationship. It does not seek to describe or convey the quality of legal services. FCPAméricas encourages readers to seek qualified legal counsel regarding anti-corruption laws or any other legal issue. FCPAméricas gives permission to link, post, distribute or reference this article for any lawful purpose, provided attribution is made to the author and to FCPAméricas LLC.
Matteson Ellis serves as Special Counsel to the FCPA and International Anti-Corruption practice group of Miller & Chevalier in Washington, DC. He is also founder and principal of Matteson Ellis Law PLLC, a law firm focusing on FCPA compliance and enforcement. He has extensive experience in a broad range of international anti-corruption areas. Previously, he worked with the anti-corruption and anti-fraud investigations and sanctions proceedings unit at The World Bank.
Mr. Ellis has helped build compliance programs associated with some of the largest FCPA settlements to date; performed internal investigations in more than 20 countries throughout the Americas, Asia, Europe and Africa considered “high corruption risk” by international monitoring organizations; investigated fraud and corruption and supported administrative sanctions and debarment proceedings for The World Bank and The Inter-American Development Bank; and is fluent in Spanish and Portuguese.
Mr. Ellis focuses particularly on the Americas, having spent several years in the region working for a Fortune 50 multinational corporation and a government ethics watchdog group. He regularly speaks on corruption matters throughout the region and is editor of the FCPAméricas Blog.
He has worked with every facet of FCPA enforcement and compliance, including legal analysis, internal investigations, third party due diligence, transactional due diligence, anti-corruption policy drafting, compliance training, compliance audits, corruption risk assessments, voluntary disclosures to the U.S. government and resolutions with the U.S. government. He has conducted anti-corruption enforcement and compliance work in the following sectors: agriculture, construction, defense, energy/oil and gas, engineering, financial services, medical devices, mining, pharmaceuticals, gaming, roads/infrastructure and technology.
Mr. Ellis received his law degree, cum laude, from Georgetown University Law Center, his masters in foreign affairs from Georgetown’s School of Foreign Service, and his B.A. from Dartmouth College. He co-founded and serves as chairman of the board of 
