Tuesday, January 26, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home FCPA

Certifying Third-Party FCPA Compliance Under New SEC/DOJ Requirements

Building a Robust FCPA Certification Program

by Frank Orlowski
February 4, 2020
in FCPA
illustration of two hands holding an FCPA document

How can I possibly certify that 100 percent of my third parties, including all customers and vendors, are 100 percent FCPA compliant based on the new SEC/DOJ requirements? Frank Orlowski outlines a solution.

Now that the SEC has gotten involved with FCPA, along with the DOJ, they have interpreted the FPCA statute to mean that a company must maintain a system of internal accounting controls that monitors FCPA compliance not only internally, but also for all its third parties, including customers and suppliers.

With the average Fortune 50 company having over 75,000 suppliers and 300,000 large customers, the enforcement is nearly impossible and deemed as “sneaky.”

Even former DOJ leadership acknowledges the incredible challenge around FCPA compliance, especially now that the SEC has stepped up enforcement. (See video below at around 14:40).

However, there is a solution to avoid or mitigate FCPA fines/actions, as well as damaging public press releases by the DOJ/SEC due to third-party violations. A robust, but straightforward certification program can significantly mitigate this risk!

A certification program is primarily an attestation or assertion document that is acknowledged or signed by an employee and all third parties delivered by email, a simple workflow software or even through the mail. It is generally language-specific, but if translators are not available, an English-only document works. The attestation or assertion document is asking an individual, entity or official to certify that they understand the FCPA, are FCPA compliant and are unaware of any violations.

You might be thinking, there is no way all of my hundreds of thousands of suppliers, customers and colleagues will comply. What kind of exposure will we have?

In the case of colleagues, it’s a more straightforward answer: The certification process should be mandatory and use internal email or workflow tools. In the case of third parties, where there is less control, the recommendation is to send the certification communication (via email or mail) up to three times in 90 days. It is OK if there is no response.

The key to the entire certification process is robust documentation and controls, including for third parties that have not responded despite three attempts.

Essential elements to an FCPA certification process include:

  • An emphasis on full disclosure, awareness and an understanding of the FCPA statute and any potential violations in the written certification
  • A process for disseminating to third parties and internal employees
  • Tracking and reporting
  • Frequency

It has been proven: A robust certification program, when implemented in advance of a certification program, has led to reduced or even eliminated penalties, not to mention damaging PR from the announcement of an SEC/DOJ investigation.

A robust FCPA certification program may be the most significant solution you can implement within your organization in terms of minimizing costs and avoiding reputational harm.


Tags: DOJdue diligenceSEC
Previous Post

How to Grow Your Compliance Practices as You Scale

Next Post

Smarsh and Brainspace to Provide Advanced Analytics and Visualization Tools

Frank Orlowski

Frank Orlowski is the founder of Ation Advisory Group. He is an accomplished senior finance executive and board member with more than 25 years of success in the pharmaceutical, medical devices, contract manufacturing and health care industries. Leveraging extensive experience leading manufacturing, operational and financial strategies across 35 countries, Frank partners with organizations seeking market access growth strategies and country-specific organizational and cost optimization programs. Frank has also implemented over 30 FCPA compliance/controls remediation and certification programs across 25 countries. He can be reached on LinkedIn at www.linkedin.com/in/frankorlowskiusa.

Related Posts

The Vitol Enforcement Action

The Vitol Enforcement Action

January 7, 2021
J&F FCPA Resolution

J&F FCPA Resolution

November 11, 2020
The Criminal FCPA Plea by Sargeant Marine

The Criminal FCPA Plea by Sargeant Marine

October 26, 2020
The Herbalife FCPA Enforcement Action

The Herbalife FCPA Enforcement Action

October 1, 2020
Next Post
man selecting magnifying glass icon on smartphone

Smarsh and Brainspace to Provide Advanced Analytics and Visualization Tools

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights