The FCPA Report

The definitive source of actionable intelligence covering the Foreign Corrupt Practices Act

Articles By Topic

By Topic: Monitoring Compliance Programs

  • From Vol. 6 No.5 (Mar. 15, 2017)

    DOJ’s Guidance Shows That Compliance Programs Still Matter

    Critical comments of the FCPA by President Trump, coupled with a general policy position of lessening regulatory oversight of U.S. companies, have caused speculation as to whether the new administration will curtail FCPA enforcement. Recently, the DOJ Fraud Section quietly released this administration’s first guidance setting out its position on the contours of an effective corporate compliance program. In a guest article, Paul Hastings partners Tara Giunta and Palmina Fava, and their associate Brian Wilmot, explain that this guidance does not signal any easing of enforcement – rather, the Fraud Section is signaling an incisive review of companies and their compliance programs, functions, resources and effectiveness. See “Top FCPA Officials Encourage Strong Compliance Programs and Remediation, the Defense Bar Responds” (Dec. 21, 2016).

    Read Full Article …
  • From Vol. 5 No.24 (Dec. 7, 2016)

    A Dish of Cream? Some Caviare? Or Strassburg Pie? How to Properly Respond to Bribery Requests  

    “Before a Cat will condescend to treat you as a trusted friend, some little token of esteem is needed, like a dish of cream,” T.S. Eliot wrote in his Book of Practical Cats. Ensuring that an employee properly responds to a bribe request is no easy task because providing the soliciting individual with a “little token of esteem” may be the path of least resistance for employees. In a guest article, Hogan Lovells attorneys Peter Spivack and Rafael Ribeiro discuss how a company can strengthen all aspects of its compliance program to minimize the risk that bribes will be requested and ensure that their employees respond appropriately when they are. For further insights from Hogan Lovells, see “How Companies Can Use Enhanced Auditing Techniques to Address the Government’s Increasing Focus on Internal Controls” (May 13, 2015).

    Read Full Article …
  • From Vol. 5 No.23 (Nov. 23, 2016)

    Developing Key Performance Indicators and Tracking Metrics Using ISO 37001 (Part Two of Two)

    The International Organisation for Standardisation’s new standard for anti-bribery management systems – ISO 37001 – provides a useful frame of reference for companies developing management tools such as key performance indicators (KPIs) and tracking metrics to address anti-corruption compliance. In the first part of this guest article series, Matthew Herrington, a partner at Steptoe & Johnson, Jonathan Drimmer, vice president and deputy general counsel at Barrick Gold Corp., and Leslie Benton, vice president of advocacy and stakeholder engagement of CREATE.org, explained how to use ISO 37001 to develop management tools such as KPIs and tracking metrics to address anti-corruption compliance, and provided an example of a KPI strategy mapped to the training requirement. In this second part, they examine additional areas of ISO 37001 that naturally lend themselves to KPI and/or metrics. See “Developing Key Performance Indicators and Tracking Metrics for an Anti-Corruption Program” Part One of Two)” (Feb. 24, 2016); Part Two (Mar. 9, 2016).

    Read Full Article …
  • From Vol. 5 No.21 (Oct. 26, 2016)

    EY’s Rick Sibery Outlines a Seven-Step Process for Monitoring Third Parties

    Despite consistent warnings about the corruption risks associated with engaging third parties in foreign locations, the vast majority of FCPA settlements continue to involve such relationships. Moving beyond traditional due diligence to a more robust, ongoing approach to third-party management is one of the best ways to show regulators that the company is serious about compliance. Effectively monitoring third parties requires more than just performing data analytics, EY partner Rick Sibery said during a recent interview with The FCPA Report. He suggested that a company adopt a holistic approach to monitoring, considering not only its full third-party compliance process but also leveraging other areas of its anti-corruption compliance program. During our conversation, Sibery outlined a seven-step process for optimizing a company’s third-party monitoring program. See “Using Data Analytics to Meet the Government’s Anti-Corruption Compliance Expectations” (May 4, 2016).

    Read Full Article …
  • From Vol. 5 No.19 (Sep. 28, 2016)

    Experts from PwC Discuss Compliance Audits and Common Missteps

    Compliance auditing is a critical component of an effective anti-corruption compliance program, recognized both by the U.S. Sentencing Guidelines and the government’s FCPA Resource Guide. A recent Strafford program, “FCPA Compliance Audits: Lessons From Recent Investigations,” discussed regulators’ expectations regarding compliance auditing, the process for scoping and conducting a compliance audit and common audit pitfalls. David A. Wilson, a partner at Thompson Hine, led the discussion, which featured Sulaksh Shah, a partner at PwC, and James Gargas, a director at that firm. This article discusses some of the key takeaways from the program. See also our interview series, “Best Practices for Performing Compliance Program Assessments: Pamela Passman of CREATe.org” (Apr. 6, 2016); “Susan Markel of AlixPartners” (Feb. 24, 2016); and “Jeffrey Kaplan of Kaplan & Walker” (Nov. 4, 2015).

    Read Full Article …
  • From Vol. 5 No.9 (May 4, 2016)

    Using Data Analytics to Meet the Government’s Anti-Corruption Compliance Expectations

    The SEC and DOJ’s FCPA Resource Guide outlines ten “Hallmarks of an Effective Compliance Program” that provide prescriptive guidance about what the DOJ and the SEC consider to be critical components of an effective compliance program. But, what are compliance officers and chief audit executives to do in response to this regulatory “perfect world” of compliance? With limited resources and competing priorities in the real world, where should compliance officers and chief audit executives focus their efforts to meet this guidance? The answer is data analytics, Grant Thornton’s Bill Olsen, Dan Reynolds and Alex Koltsov say in a guest article. They argue that when used properly, data analytics is proactive, risk-based, scalable, repeatable and defensible against after-the-fact scrutiny. The article focuses on how two regulatory program “hallmarks,” ABAC risk assessment and continuous improvement and monitoring, can be addressed by data analytics. See also “Ernst & Young Experts Reveal How Forensic Data Analytics Can Transform Anti-Corruption Compliance” (Apr. 30, 2014).

    Read Full Article …
  • From Vol. 5 No.7 (Apr. 6, 2016)

    Best Practices for Performing Compliance Program Assessments: An Interview With Pamela Passman of CREATe.org

    One of the greatest challenges companies face when performing a program assessment is measuring the strength of the program. The Center for Responsible Enterprise And Trade, also known as CREATe.org, is a non-governmental organization that has a novel approach to helping companies assess their programs. They have developed what they refer to as “leading practices” based on proven anti-corruption strategies from numerous multinational organizations and U.S. and other governmental organizations. For more insights on this unique approach to program assessments, The FCPA Report spoke with Pamela Passman, founder, president and CEO of CREATe, about their process and how it can help companies improve their programs. See also “Best Practices for Performing Compliance Program Assessments: An Interview With Susan Markel of AlixPartners” (Feb. 24, 2016).

    Read Full Article …
  • From Vol. 5 No.4 (Feb. 24, 2016)

    Best Practices for Performing Compliance Program Assessments:  An Interview With Susan Markel of AlixPartners

    Last week, both the SEC and DOJ settled with Massachusetts-based software firm PTC and, as part of the non-prosecution agreement, the DOJ once again outlined what it expects from compliance programs, including a “periodic risk-based review.” The DOJ recommended that such reviews assess the risks the company faces but also look at the anti-corruption policies and procedures to ensure their continued effectiveness. These program assessments can take different shapes and forms, and can involve a variety of in-house and outside experts. To get an auditor’s perspective on program assessments, The FCPA Report spoke with Susan Markel of AlixPartners about the benefits of program assessments and how teams of lawyers and auditors can work together to perform such assessments effectively and efficiently. See “Best Practices for Performing Compliance Program Assessments: An Interview With Jeffrey Kaplan of Kaplan & Walker” (Nov. 4, 2015).

    Read Full Article …
  • From Vol. 4 No.23 (Nov. 4, 2015)

    Best Practices for Performing Compliance Program Assessments: An Interview with Jeffrey Kaplan of Kaplan & Walker

    Continuous improvement, achieved by ongoing testing and monitoring, is one of the hallmarks of an effective compliance program.  The FCPA Report’s series on compliance program assessments illuminates how companies can use such assessments to meet their ongoing monitoring responsibilities.  In this first interview in the series, The FCPA Report spoke with Jeffrey Kaplan, a partner at Kaplan & Walker with more than 25 years of experience assisting companies in assessing their compliance programs.  He discussed how program assessments differ from general risk assessments, the basic steps for such an assessment and when a company should specifically target the anti-corruption program for assessment.  For more on risk assessments in general see “Conducting Effective Anti-Corruption Risk Assessments: An Interview with David Simon, Partner at Foley & Lardner,” The FCPA Report, Vol. 2, No. 23 (Nov. 20, 2013); and “An Interview with Kevin Bennett, Managing Director, Forensic and Valuation Services, at Grant Thornton,” Vol. 2, No. 24 (Dec. 4, 2013).

    Read Full Article …
  • From Vol. 4 No.20 (Oct. 7, 2015)

    Eight Ways Compliance Officers Can Build Relationships with the “Middle”

    The much-talked-about “tone at the top” is often cited as crucial for an effective compliance program.  Ensuring that that tone is conveyed throughout the organization, however, is equally important.  Getting the compliance message across typically falls on an organization’s middle managers.  A recent Society of Corporate Compliance & Ethics program featuring Charlotte Nafziger, director of compliance of T-System, Inc., explored the importance of middle management in developing an effective ethics and compliance program and the ways compliance officers can engage middle management in doing so.  See also The FCPA Report’s three-part series, “How to Build a Compliant Culture and Stronger Company from the ‘Middle,’” Part One (Apr. 1, 2015); Part Two (Apr. 15, 2015); and Part Three (Apr. 29, 2015).  

    Read Full Article …
  • From Vol. 2 No.18 (Sep. 11, 2013)

    Best Practices for Reviewing Anti-Corruption Compliance Programs: Implementation, Remediation and Documentation (Part Three of Three)

    In an effort to provide concrete, practical advice on the critical but ambiguous task of reviewing anti-corruption compliance programs, The FCPA Report is publishing a series of three articles on the topic.  This, the third and final article in the series, provides four strategies for conducting the actual review; discusses three steps a company should take post-review; outlines issues surrounding documentation of the review; and examines how FCPA settlement agreements, including monitorships and self-reporting requirements, affect reviews.  The first article in the series discussed the importance of regular anti-corruption compliance reviews; detailed the government’s expectations for reviews; outlined how to create an efficient and effective compliance review schedule; and specified how companies should staff their compliance reviews.  The second installment discussed the chief obstacles companies face when conducting a review; provided strategies for creating management buy-in; described four steps a company should take when preparing for a review; and outlined what risk areas the review should address.

    Read Full Article …
  • From Vol. 2 No.17 (Aug. 21, 2013)

    Best Practices for Reviewing Anti-Corruption Compliance Programs: Challenges, Preparation and Risk Evaluation (Part Two of Three)

    As the recent joint DOJ/SEC FCPA Resource Guide makes clear, for a company to earn meaningful credit with the government in an anti-corruption investigation, its compliance program must not only be robust, but also periodically reviewed and improved.  However, neither the Guide nor any other government resource provides specific direction on the appropriate frequency or depth of reviews.  In lieu of specific authority, companies typically turn to best practices and industry norms when deciding how frequently to review and update their compliance programs.  Best practices, though, can be hard to discern and difficult to apply.  Recognizing the challenge and importance of actionable information on this topic, The FCPA Report is publishing a series of three articles on best practices for reviewing anti-corruption compliance programs.  This article, the second in the series, discusses the chief obstacles companies face when conducting a review; provides strategies for creating management buy-in; describes four steps a company should take when preparing for a review; and outlines what risk areas the review should address.  The first article in the series discussed the importance of regular anti-corruption compliance reviews; detailed the government’s expectations for reviews; outlined how to create an efficient and effective compliance review schedule; and specified how companies should staff their compliance reviews.  See “Best Practices for Reviewing Anti-Corruption Compliance Programs: Government Expectations, Scheduling and Staffing (Part One of Three),” The FCPA Report, Vol. 2, No. 16 (Aug. 7, 2013).  The third and final article in the series will provide strategies for conducting the actual review; discuss what a company should do post-review; outline issues surrounding documentation of the review; and examine how FCPA settlement agreements affect reviews. 

    Read Full Article …
  • From Vol. 2 No.16 (Aug. 7, 2013)

    Best Practices for Reviewing Anti-Corruption Compliance Programs: Government Expectations, Scheduling and Staffing (Part One of Three)

    The recent joint DOJ/SEC Guidance reflects the government’s view that, in order to be effective, an FCPA compliance program must be periodically reviewed and improved.  However, neither the Guidance nor any other authority specifies how frequently such reviews should be conducted, how expansive such reviews should be or what steps companies should take to improve discovered shortcomings.  In the absence of concrete and authoritative direction on this topic, how should companies approach the ambiguous but critical task of reviewing and improving their compliance programs?  This article is the first in a three-part series addressing this question.  Specifically, this article discusses the importance of regular anti-corruption compliance reviews; details the government’s expectations about reviews; outlines how to create an efficient and effective compliance review schedule; and specifies how companies should staff their compliance reviews.  The second installment will discuss the biggest challenges companies face when conducting a review; what a company should consider when preparing for a review; how a company should prepare to perform a review; and what areas the review should address.  The third and final article in the series will provide strategies for conducting the actual review; discuss what a company should do post-review; outline issues surrounding documentation of the review; and examine how FCPA settlement agreements affect reviews.  See also “Insight from Top Companies and Practitioners on How They Are Addressing Current Anti-Corruption Issues, from Self-Reporting to Risk Assessments to Training,” The FCPA Report, Vol. 2, No. 10 (May 15, 2013).

    Read Full Article …