by Michael D. Celock, Featured Contributor
ONCE AN EMERGING COMPANY makes the determination to increase its global footprint, particularly when seeking to expand into high-risk locations, it faces the daunting responsibility of staying compliant with the myriad of U.S. and foreign anti-corruption laws and regulations that will govern its global operations. With its extraordinary broad interpretation and jurisdictional reach, the one law that should strike the most fear into the consciousness of an emerging company is the U. S. Foreign Corrupt Practices Act (FCPA).
No emerging or midsize company should entertain the belief that the limited scope of its international operations will provide it with some sort of magical shield that will keep it off the government’s radar.
The FCPA is no longer a liability exposure nightmare reserved soley for the Fortune 500 and other large multi-nationals. Both the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) have taken the interpretation of income inequality to new levels. Both agencies are now actively targeting mid-size companies. In a number of public comments Assistant Attorney General Leslie Caldwell has stated that it has been the DOJ’s intention to utilize recent FCPA enforcement actions as a “wake-up call” directed towards mid-size companies compelling them to recognize their anti-corruption obligations. Ms. Caldwell’s comments have been repeatedly echoed by senior DOJ and SEC officials. In fact, enforcement of the FCPA and other anti-corruptions laws is second in priority only to the enforcement of homeland and national security laws.
While large transnationals have the resources to expend significant time and financial effort towards FCPA and anti-corruption compliance, emerging companies have to be much more circumspect and observe a focused, risk-based approach towards their anti-corruption compliance obligations.
The development and maintenance of a well-designed, comprehensive, and strong corporate compliance program still remains the best method to prevent or mitigate corporations from engaging in illegal conduct and running afoul of the FCPA. Both the DOJ and the SEC have long advocated the benefits of a proactive compliance program.
Before any organization can create an effective and robust compliance program, it first must have a clear picture of the inherent corruption risks it will be facing. This can be accomplished through a risked based assessment.
The conduction of a comprehensive risk assessment will allow the emerging company to both identify and evaluate the scope of the corruption risks facing its operations. The following quote from the United Kingdom’s Bribery Act sums it up the best:
The fuller the understanding of bribery risks an organization faces,
the more effective its efforts to prevent bribery are likely to be.”
Before drafting a FCPA compliance policy and believing the problem solved, the emerging midsize company needs to take the time to acquaint itself with what regulators believe comprises an effective compliance program.
Both the DOJ and the SEC have a lengthy history of advocating the benefits of a productive customized risk based approach to FCPA compliance. They both have repeatedly stressed that in order for a FCPA compliance program to be considered effective, the compliance program must go beyond eloquent prose. After all, ENRON and a host of other major corporations prosecuted by the government spent significant sums on their collective corporate compliance programs.
Although in order to be effective, a FCPA compliance program must be risk based, there are a number of elements that are common to all FCPA compliance plans.
At a minimum all FCPA compliance programs require the complete and total commitment from all levels within the company. While placing an emphasis on what regulators consider effective elements of a compliance plan is certainly important, Government compliance programs rely heavily on punitive measures. For the emerging or midsize company, a better path towards compliance may be to incorporate an approach that combines the government’s best practices with an integrity based approach that moves beyond the punitive.
In any event the overall commitment of management cannot be overstated and managerial commitment must be effectively communicated across the company, with a particular emphasis placed on the conduct of third party agents, subsidiaries and all company representatives operating in-country or with foreign government officials. It would serve the company well to apply an overly broad interpretation of what constitutes a government official. Including an official’s family in this interpretation would certainly not be over reaching. For instance, in China, “Princelings” pose a significant area of concern. There is no question that when dealing with any foreign official or family member, the U.S. company needs to be much more vigilant in its oversight.
Other elements common to all FCPA compliance programs include strong leadership, effective training programs, as well as a customized risk assessment. This risk based analysis should consider such factors as the geopolitical and legal framework of each area of operations. Does the country have a significant number of government controlled private sector business operations? The country’s infrastructure, and culture are other factors to be considered.
If all protocols are followed, a comprehensive FCPA compliance program can provide an organization with a number of benefits, including a framework that will prioritize the organizations strategic risks. Keep in mind that a company’s FCPA compliance plan should be an ongoing process. The FCPA compliance plan needs to be flexible enough to allow for adjustment to changing circumstances and operating environments.