Today is a great day for Brits everywhere. Not only did Bradley Wiggins become the first Brit to win the Tour de France but fellow Team Sky rider Christopher Froome came in second making it the first British 1-2 finish in the 99 year history of the Tour as well. Wiggins ended his masterful three weeks of cycling by leading in yet another Team Sky member, Mark Cavendish, the "Mann Manx", to his fourth consecutive win on the final day of the Tour, down the Champs-Elysees. It was a fabulous finish to an incredible 20 stages of riding. So a tip of my cycling helmet to Mr. Wiggins and to all of Team Sky.
One question which I sometimes ask in conjunction with the Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act is what are some of the specific questions that should be reviewed by auditors in an internal audit which focuses on bribery, corruption and fraud? Last October the US Public Company Accounting Oversight Board (PCAOB) issued "Staff Audit Practice Alert No. 8 Audit Risks in Certain Emerging Markets" (Staff Alert No. 8). While Staff Alert No. 8 "focuses on risks of misstatement due to fraud that auditors might encounter in audits of companies with operations in emerging markets" I found it to be a useful guide for auditors who are also tasked with anti-bribery and anti-corruption focused audits, particularly internal auditors who may be asked to review such practices in the ongoing internal audits. Staff Alert No. 8 begins with a list of "conditions and situations indicating a heightened fraud risk", which I cite in full because it is an excellent list of Red Flags.
Staff Alert No. 8 makes clear that an auditor cannot accomplish a task unless he or she understands both the company and its environment. An auditor should have an understanding of the following:
From these factors, Staff Alert No. 8 advises that "incentives, pressures and opportunities" may lead to a heightened risk of corruption. Regarding incentives and pressures, the Staff Alert warns that companies which are looking to raise money for international markets may have an incentive to "manipulate financial statements rather than report poor results". Providing a more detailed example the Staff Alert says that one technique used to accomplish such fraud would be consolidating the financial reports of a joint venture with a foreign state-owned enterprise, even if the company does not have a controlling interest in the partnership. Another example the Staff Report provides is the situation where a company repatriates large amounts of cash back to the US. Such foreign legal requirements can create a situation which could lead to bribery or corruption.
In the areas of opportunities, Staff Alert No. 8 focuses on weak internal controls as such deficiencies can provide opportunities for management or employees in such foreign jurisdictions to engage in bribery and corruption. In circumstances where a company is a dominant player in a geographic region, management might be able to dictate terms or conditions to local suppliers or customers, which might result in non-arm's length transactions. Another example may well be where management could "pressure personnel of a local bank or other third parties to provide fraudulent information to the auditor." Lastly, the PCAOB noted that there may be situations where employees are "not be willing to report instances of fraud for cultural reasons or fear of retribution from management" even where the company has a whistleblower program. The Staff Alert cautions that auditors should look for evidence of "undisclosed side agreements" and other evidence of collusion with third parties to "create false documentation to support fictitious transactions."
Staff Alert No. 8 specifies that an auditor must exercise professional skepticism which requires an auditor to obtain and critically evaluate independent evidence from outside sources, rather than simply relying on "management representations about the company's performance." To accomplish this, the Staff Alert speaks to receipt of and review of independent confirmations and test and review revenue to ascertain that it is recognized correctly. Particular attention should be paid to transactions with related parties and to identify their materiality to financial statements.
I found Staff Alert No. 8 a very useful piece of guidance. Not only does it speak to the auditor looking at FCPA or Bribery Act issues but it is important for the compliance practitioner to understand what a regulator might expect to see. As most people you have heard me speak and know my FCPA and Bribery Act mantra is "Document Document Document". This Staff Alert No. 8 lists what documentation a company should keep in order to help prove that it is doing business in compliance with these anti-bribery and anti-corruption laws.
So, congratulations, once more, to Bradley Wiggins. And for those of you cycling fans out there, seven of this year's Tour de France stage winners will be riding in the London Olympics beginning this weekend. It should be great.
Visit the FCPA Compliance and Ethics Blog, hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at email@example.com.
© Thomas R. Fox, 2012
For more information about LexisNexis products and solutions connect with us through our corporate site.