At the recent Compliance Week 2010 Annual Conference one
of the issues discussed by Assistant Attorney General, for the Criminal
Division of the US Department of Justice, Lanny Breuer, was what the Department
of Justice (DOJ) might consider as an "effective compliance and ethics program"
under the Foreign Corrupt Practices Act (FCPA), if a FCPA violation occurs and a
company's compliance program comes under scrutiny from the Criminal Division of
the DOJ. We believe that Breuer gave the conference attendees quite a bit of
information that can be utilized by companies in crafting and evaluating their
compliance policies.
Breuer noted that the most
effective type of compliance program is one that "prevents fraud and corruption
in the first place but when such compliance program has not done so, there are
defined policies in place to "quickly detect, fix and report the [FCPA]
violations." Additionally, an effective compliance program should not be static
but dynamic to meet changing business circumstances, such as when a company
might move to doing business in a high risk country. Effective compliance
programs should also be ever-evolving through continued assessments, as the
compliance world grows and matures. Breuer cited two source material references
as benchmarks; he listed (1) the Principles of Federal Prosecution of Business Organization and
its full section on corporate compliance programs and (2) the OECD Good
Practice Guidance on Internal Controls, Ethics, and Compliance.
Breuer then delineated
several elements that the Criminal Division would evaluate in assessing a
company's compliance program, should a FCPA violation occur.
-
Does
your company have an effective compliance "Tone at the Top"; so that the Board
and CEO are demonstrated to be fully committed to an effective compliance
program?
-
A
company's compliance program should not only punish compliance violations,
through termination, other disciplinary actions or reduction in or denial of
bonus but should also reward good ethical behavior in a corporation by
promotion of ethical employees or other rewards such as a significant component
of an overall bonus program. Regarding employee discipline, Breuer emphasized
the DOJ would review all circumstances surrounding a company's decision
regarding discipline but that any "superficial steps" would not impress the
DOJ.
-
A
company should have a strong whistle-blower program through a hotline or other
appropriate mechanism and protection for any employee who reports such conduct
through anonymous reporting and a clear no-retaliation policy.
-
The
compliance function led by a person with senior level management authority, the
overall compliance function should have clear reporting lines to such senior
level employee and such person should have a direct reporting by a company's
compliance officer to the company's Board of Directors.
-
There
should be periodic reviews of a company's compliance program, utilizing
internal resources such as a company's Internal Audit function and outside
professional consultants.
-
A
company's effective compliance program should be extended directly into foreign
business partners, such as agents, distributors, reseller and joint venture
partners.
Breuer ended this portion
of his talk by re-emphasizing that the DOJ was not only interested in your
company's compliance program but also other companies with whom you might be
doing business with and the effectiveness (or lack thereof) of their compliance
program. This would not only extend to foreign business partners but also those
companies in your Supply Chain and conceivably down to your customer base.
So do you have an
"effective compliance program" as outlined by Lanny Breuer?
For a copy of the full text
of Breuer's remarks, click here.
Visit the FCPA Compliance
and Ethics Blog, hosted by Thomas Fox, for more commentary on FCPA compliance,
indemnities and other forms of risk management for a worldwide energy practice,
tax issues faced by multi-national US companies, insurance coverage issues and
protection of trade secrets.
This publication
contains general information only and is based on the experiences and research
of the author. The author is not, by means of this publication, rendering
business, legal advice, or other professional advice or services. This
publication is not a substitute for such legal advice or services, nor should
it be used as a basis for any decision or action that may affect your business.
Before making any decision or taking any action that may affect your business,
you should consult a qualified legal advisor. The author, his affiliates, and
related entities shall not be responsible for any loss sustained by any person
or entity that relies on this publication. The Author gives his permission to
link, post, distribute, or reference this article for any lawful purpose,
provided attribution is made to the author. The author can be reached at
tfox@tfoxlaw.com.
© Thomas R. Fox, 2010