FCPA compliance auditing: Don't let red flags go undetected

Foreign Corrupt Practices Act (FCPA, or “The Act”) enforcement continues to be one of the top priorities for the U.S. Department of Justice (DOJ) and the U.S. Securities and Exchange Commission (SEC), and the Biden administration has been vocal about its commitment to Anti-Corruption/Anti-Bribery (ACAB) efforts. Recent remarks made by DOJ Deputy Attorney General Lisa Monaco are succinctly described in Sidley’s white paper, “Making Sense of DOJ’s New Monaco Memo on Corporate Enforcement,” as a “substantial shift toward a more aggressive approach in corporate crime matters,”[1] especially in terms of the expectations for corporate internal investigations, which include:

  • “cooperation credit and the ‘timely’ disclosure of information learned in internal investigations”;

  • scrutiny of discrete corporate policies—including executive compensation policies—in assessing compliance programs;

  • delaying corporate resolutions until DOJ’s investigation of individuals is completed; and

  • guidance for corporations with prior misconduct resolutions.

Furthermore, in December 2021, the Biden administration released its United States Strategy on Countering Corruption.[2] This strategy consists of five “pillars” as follows:

  • “modernizing, coordinating, and resourcing U.S. Government efforts to fight corruption;

  • “curbing illicit finance;

  • “holding corrupt actors accountable;

  • “preserving and strengthening the multilateral anti-corruption architecture; and

  • “improving diplomatic engagement and leveraging foreign assistance to advance policy goals.”

Additional DOJ and SEC publications include A Resource Guide to the U.S. Foreign Corrupt Practices Act (“The Guide”), which states in the introduction that “The Act was intended to halt corrupt practices, create a level playing field for honest businesses, and restore public confidence in the integrity of the marketplace.”[3] The Guide also describes how The Act contains accounting provisions applicable to public companies designed to “strengthen the accuracy of the corporate books and records and the reliability of the audit process which constitute the foundations of our system of corporate disclosure.”[4]

These past and present efforts have resulted in record-breaking criminal and civil fines, penalties, and sanctions for FCPA violations. Thus, it is imperative that organizations take steps to understand their specific risks related to FCPA and other ACAB violation prevention, mitigation, investigation, and remediation. These steps must lead to an understanding of your FCPA risk profile, including:

  • organizational vulnerabilities;

  • compliance (and noncompliance) history; and

  • business partners and other third parties.

Regulatory scrutiny, investigation, and enforcement because of lax ACAB controls can be costly, disruptive to your business operations, and damaging to your reputation. Understanding, monitoring, and managing these risk factors means reduced risk of incidents and control over the response in the event of noncompliance.

Once the risks have been assessed, they must be monitored, and the corresponding internal controls periodically audited. In this article, we will look at how to develop an FCPA/ACAB compliance audit of your books and records for red flags that may have gone undetected by traditional financial audits.

This document is only available to members. Please log in or become a member.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field