For corporate executives, corruption risks are real and developing an effective anti-corruption compliance program will yield positive benefits for any company. The leading practices below can provide a good starting point and useful benchmark as companies begin to think about and build anti-corruption compliance programs.
1. Conduct a corruption risk assessment
- Focus on actual risks posed by the nature of a company’s operations, the degree of business with governmental entities, its use of agents and intermediaries, the countries where it does business, the regulatory environment and other factors.
- Identify current policies and controls the company has in place to mitigate corruption risk.
- Produce a plan to build an effective and efficient anti-corruption program.
2. Develop a corporate anti-corruption policy
- The policy should be a clear and unambiguous statement of the company’s position that both governmental and commercial bribery on any scale or level will not be tolerated.
3. Implement specific anti-corruption policies and controls based on risk
- Adopt policies for retaining agents, consultants and other vendors.
- Incorporate anti-corruption into employee travel, gifts and entertainment rules.
- Ban facilitating payments.
- Develop guidance for charitable giving, political contributions and offset commitments.
4. Implement anti-corruption financial controls
- Companies should focus on high-corruption risk areas such as:
- Transactions with consultants, agents and intermediaries
- Gifts, meals and entertainment of government officials
- Customs and cross-border shipping
- Charitable giving
- Offset commitments
5. Conduct anti-corruption compliance training
- Training should highlight the company’s position that it does not tolerate corruption, explain its anti-corruption policies to ensure compliance with the requirements of the FCPA and UK Bribery Act, discuss potential “red flags” or problem situations, and provide guidance for employees to get help.
6. Monitor the program
- Anti-corruption audits
- Anti-corruption certifications
- Anti-corruption analytics
7. Incorporate anti-corruption procedures into mergers and acquisitions and joint venture due diligence
- Background investigation and public database searches of key executives.
- Interviews of key executives relating to past corruption and risks of corruption in the business.
- Review of documents related to acquired company’s anti-corruption compliance program, past incidents of corruption and risks of corruption in the business.
- Forensic accounting and transaction testing procedures related to high-corruption risk transactions.
8. Periodically reassess risk and modify the program
- Comprehensive risk assessments should be conducted every three to five years to make sure that the anti-corruption program is evolving to meet new risks.
About the Author
Bill Henderson is a partner in Ernst & Young’s Fraud Investigation & Dispute Services practice in New York. His practice is focused on business investigations, forensic accounting, corporate fraud prevention, and compliance risk management. Bill is a CPA, attorney, and former federal prosecutor with more than 20 years of experience investigating complex financial matters and providing critical information and solutions to clients.