In a recently released White Paper by the Wolfsberg
Group, entitled "Wolfsberg
Anti-Corruption Guidance", a group of internal banks, together
with Transparency Internal and the Basel Institute on Governance, issued
guidance on anti-corruption and anti-bribery procedures which financial
institutions should institute to ensure that their employees "adhere to high
standards of integrity." The White Paper is designed to provide banks and other
financial institutions with a process and procedure which they can follow which
will create a "best practices" anti-corruption and anti-bribery
compliance program. However, the White Paper is also designed to prevent
"misuse of financial institutions" and take a "multi-party approach to
combating corruption." This last statement may portend a greater involvement by
financial institutions in evaluating a company's anti-bribery and
anti-corruption program. Finally, the Wolfsberg Group White Paper lays out
excellent principles outlining the general parameters of a best practices compliance
program which any non-financial institution may draw upon to create or enhance
its own compliance program.
The Wolfsberg Guidance provides the full component of a
minimum anti-corruption and anti-bribery program. Such a program should include
The White Paper notes that the overall compliance program
framework should be informed by a Risk Assessment. However, more than simply an
initial risk assessment should be performed. A financial institution should
regularly re-assess their internal corruption and bribery risks in connection
their client risk. This means, for a non-financial institution, such a
re-assessment should also be performed to evaluate ongoing and new geographic
risks, transactional risks, third party risks, along with any new laws,
regulations or new best practices should also be evaluated.
The White Paper recognizes that third parties pose a
serious risk for corruption and bribery. Therefore, an appropriate level of due
diligence should be performed prior to retaining such entities. However,
ongoing monitoring should also be performed, which should include transactional
monitoring and management, remuneration monitoring and, finally, monitoring of
the third parties' activities and expenses. This third party monitoring should
extend to vendors in the procurement process and joint ventures principal
investments and acquisitions.
The White Paper states that accurate policies and
procedures should be maintained for political contributions and charitable
donations. These should include pre-approval for such activities and full
transparency with such contributions and donations are made. One of the key
factors is to avoid the appearance of impropriety and to mitigate any risk of
conflict of interest.
The White Paper makes it clear that a key component of
any compliance program is clear procedures for gifts, entertainment and travel.
Recognizing that financial institutions operate in an atmosphere where a wide
variety of business entertainment is routinely offered, the White Paper
emphasizes that business hospitality should take into account the recipient's
role and responsibility but most importantly be proportional. Further, when a
governmental official is involved, there must be an accounting for the
"applicable laws and regulations to which the public official is subject, but
domestically and those which have an extra-territorial reach." When such
arrangements involve road shows or other events occurring over several days,
"it behooves financial institutions to ensure that they have clear contractual
arrangements with their clients and any third parties participating in the road
show" [for payment arrangements]. Lastly, a clear escalation procedure should
be created, delineated and communicated to relevant employees before certain
gifts, entertainment or travel can be offered.
The White Paper states that financial institutions should
establish a whistleblowing system, as an integral part of a compliance program.
The system should be fully confidential, where legal. All whistleblower reports
should be "diligently acknowledged, recorded, screened" and investigated.
All of the components of a compliance program should be
communicated "effectively both internally and to appropriate third parties."
Obviously this starts with "Tone at the Top" with messages from senior
management, including the Board of Directors. Substantively, the White Paper
suggests that training should also include reference to applicable internal
policies and procedures, present potential scenarios that may arise and a clear
explanation of employees' duties under applicable laws, regulations and the
The White Paper suggests that a rigorous system of
internal controls be implemented to serve as the "four eyes principle" of
monitoring and surveillance. Monitoring should be ongoing as business
circumstances change. Such monitoring should not include institution employees
only but also third parties, where appropriate. Post transaction monitoring is
appropriate to assess adherence to internal processes and procedures. Lastly,
there should be a general prohibition against cash payments.
The White Paper identifies compliance terms and
conditions with third parties as one of the mechanisms to manage risk, going
forward. Generally speaking a contract should not be entered into unless an
appropriate level of due diligence is performed; thereafter, key stakeholders
should be queried to determine if the risk profile is acceptable to them. Only
then should such a contractual arrangement be entered into with robust
compliance terms and conditions.
The Wolfsberg Group White Paper is an important addition
to the compliance world of thought leadership on what should constitute a
minimum best practices compliance program. While it focuses on bank and
other financial institutions, it cannot help but be adapted as a guide for all
other businesses. For such non-banks, it can also be used as a checklist that
companies can used when presenting their compliance programs to banks or other
financial institutions during the loan or refinancing process. This final point
may be its most useful in the long run.
Visit the FCPA Compliance and Ethics Blog,
hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and
other forms of risk management for a worldwide energy practice, tax issues
faced by multi-national US companies, insurance coverage issues and protection
of trade secrets.
This publication contains general information
only and is based on the experiences and research of the author. The author is
not, by means of this publication, rendering business, legal advice, or other
professional advice or services. This publication is not a substitute for such
legal advice or services, nor should it be used as a basis for any decision or
action that may affect your business. Before making any decision or taking any
action that may affect your business, you should consult a qualified legal
advisor. The author, his affiliates, and related entities shall not be
responsible for any loss sustained by any person or entity that relies on this
publication. The Author gives his permission to link, post, distribute, or
reference this article for any lawful purpose, provided attribution is made to
the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2011
For more information about LexisNexis
products and solutions connect with us through our corporate site.