Certified Public Accountants
& Business Consultants

Focus On Internal Audit: Foreign Corrupt Practices Act Compliance

Contact Our Team

What risks facing your company keep you up at night?

If your company conducts business beyond the US borders, the Foreign Corrupt Practices Act (FCPA) should be close to the top of the list.
January 18, 2011

What risks facing your company keep you up at night?

If your company conducts business beyond the US borders, the Foreign Corrupt Practices Act (FCPA) should be close to the top of the list.

Below, RubinBrown revisits key 2010 events, as well as upcoming events that may impact your compliance program for 2011.

As enforcement continues to increase, your only protection may be the implementation or enhancement of an “effective compliance and ethics program.”

Below are strategies to consider incorporating into your compliance program. These are based on the U.S. Federal Sentencing Guidelines and guidance from the recent $236.5 million joint settlement between the Justice Department (DOJ) and seven companies as a result of alleged FCPA violations.

Recent Trends In FCPA And Bribery Related Enforcement

Current trends in enforcement and additional legislative factors introduced during 2010 – the whistleblower provisions of the Dodd-Frank Act and the UK Bribery Act 2010 – have many executives expecting to see exponential growth in an already burgeoning area of FCPA enforcement.

Enforcement Continues to Increase

Companies settling FCPA-related charges in 2010 paid a record $1.8 billion in financial penalties to the DOJ and the Securities & Exchange Commission (SEC). That compares with $641 million in 2009. Of the 22 corporate enforcement actions resolved in 2010, eight are now among the ten biggest FCPA settlements of all time.


Individual prosecutions have also increased significantly. Individuals charged in 2006 for FCPA violations were 9 versus 42 in 2009.

Additionally, the U.S. continues to conduct industry-wide “sweep” investigations, investigating similar companies in an industry when a issue is identified at one company.

Whistleblowers May Be Financially Incentivized

One little known provision of the Dodd-Frank Act will incentivize whistleblowers, rewarding individuals who assist the SEC to uncover securities violations, including violations of the FCPA. This recent legislation further protects whistleblowers and provides that a whistleblower may receive 10-30 percent of the total penalties. While such protection of whistleblowers will be seen as a great provision by many, it should put fear into the management of any company doing business overseas, especially with business in higher risk countries where bribery is second nature.

The Impact of the UK Bribery Act (effective in 2011)

The UK is in the process of instilling its own framework for prosecuting bribery as well via the UK Bribery Act, replacing a number of older statutory offenses related to bribery. While the details are still being worked out, the specific inclusion of commercial bribery (giving or receiving) is one of the major differences between the UK Bribery Act and the FCPA. Additionally, it appears the UK Bribery Act will hold corporations conducting business in the UK strictly liable for bribery committed by sales agents; regardless of whether it was committed without the corporations’ involvement or knowledge. Furthermore, the UK Bribery Act differs from the FCPA in that it currently does not offer exceptions for facilitating payments or “bona fide business expenditures.”

Establishing An Effective Compliance Program

The latest guidance on FCPA compliance can be found in a sweeping joint settlement reached in late 2010, dropping plenty of strong hints about what the Justice Department wants to see in an FCPA compliance program.

A $236.5 million settlement was reached with global freight forwarding company Panalpina World Transport and six of its customers. Most notable, however, was the uniform language for FCPA compliance improvements that all seven companies agreed to incorporate.

Based on this language, and based on the language in the U.S. Federal Sentencing Guidelines (Chapter 8, Part B), RubinBrown derived the following questions which can be used to assess your current compliance program:

  1. Does your leadership promote a culture that encourages ethical conduct and a commitment to compliance with the law? Does senior management provide strong, explicit, and visible support and commitment to its corporate policy against violations of the anti-corruption laws and its compliance code?
  2. Does a clearly articulated and visible corporate policy against violations of the FCPA, including its anti-bribery, books and records, and internal control provisions exist as a written compliance code?
  3. Are compliance standards and procedures communicated through training programs appropriate to the listeners’ respective roles and responsibilities? Does the training include your organization’s agents where necessary and appropriate (i.e. sales partners, distributors, intermediaries, consultants, representatives, contractors, suppliers, etc.)?
  4. Does the organization use due diligence to prevent and detect criminal conduct? Does it know its own employees, partners, agents, and suppliers? Is the due diligence documented and evidence maintained?
  5. Has overall and day-to-day responsibility for the program been assigned to high-level and specific individuals? Do they know and understand the content and operation of the compliance and ethics program?
  6. Does the executive responsible for implementing and overseeing the anti-corruption policies and procedures have direct reporting to “independent monitoring bodies,” such as internal audit, the board of directors, or a board committee--as well as have an “adequate level of autonomy from management”?
  7. Does the program take steps to ensure that the organization’s compliance and ethics program is followed, including monitoring and auditing to detect criminal conduct?
  8. Is there a system in place to handle anonymous whistleblower complaints from employees and other stakeholders, without fear of retaliation?
  9. Is the program promoted and enforced consistently throughout the organization, with rewards for compliance and punishment for non-compliance?
  10. Are the anti-corruption compliance standards and procedures reviewed at least annually, taking into account relevant developments in the field and evolving international and industry standards?

If you answered “no” or a hesitant “yes” to any of the above, an immediate investment may be required to adequately reduce your current risk exposure.

As the Federal Sentencing Guidelines Manual states: “… the prior diligence of an organization in seeking to prevent and detect criminal conduct has a direct bearing on the appropriate penalties and probation terms for the organization if it is convicted and sentenced for a criminal offense.”

With the rise of FCPA cases, laws, and incentives for whistleblowers, it may be just a matter of time before your compliance program is being highly scrutinized.

You cannot control every employee action or every divisional decision with regards to ethics. Compliance is not about math, but human behavior. However, an “effective compliance and ethics program” will at minimum reduce your corporation’s culpability score under the U.S. Federal Sentencing Guidelines and could possibly provide an affirmative defense if an issue arises.

Please contact us at RubinBrown if you would like to discuss FCPA compliance further or if we can assist you in implementing, evaluating, or improving your FCPA compliance program.

For further information, contact:

Michael T. Lewis, CFA

Chelle Adams, CPA

Rick Feldt, CPA

Audrey Katcher, CPA, CISA

Todd Pleimann, CPA
Kansas City Managing Partner

Meyer Saltzman, CPA, CFF, DABFA

Mike A. Ramirez, CPA