Establishing a Foreign Corrupt Practices Act Compliance Program

In a recent post I discussed enforcement actions taken by US government regulators under the anti-bribery provisions of the Foreign Corrupt Practices Act (FCPA) with respect to certain improper payments made by (or on behalf of) US companies to secure government licenses, permits or certifications in a foreign country that may be necessary to launch or continue business operations in that country.  I suggested that company compliance programs designed to prevent and detect any improper payments by employees and agents that would violate the FCPA must be carefully reviewed to ensure that the appropriate level of scrutiny is applied whenever the company, or one of its affiliates, discovers that a license, permit or certificate must be obtained from a foreign government to launch or continue business activities in that government’s country.  In this post I wanted to highlight the following key steps that companies can and should take to bolster their FCPA compliance profile:

  • The first step is preparation and adoption of a written corporate policy on FCPA compliance applicable to all employees, agents and consultants of the company and distribution of the policy to all covered parties, particularly persons working in foreign countries.  The policy should be customized to the specific business operations of the particular company and should include illustrations of payments and activities that might run afoul of the FCPA based on scenarios that typically occur in the course of the company’s business activities. 
  • Formal acknowledgement of the company’s responsibilities in this area should be obtained through presentations to the board of directors and other senior managers.  The policy referred to above should be approved by the board of directors or an appropriate committee of the board and dissemination of the policy to employees should be accompanied by a letter from the company’s chief executive officer that admonishes employees to take the policy seriously and adhere to its requirements. 
  • One member of the company’s in-house legal department should be given the responsibility of regularly monitoring developments in this area, including U.S.enforcement actions, progress with adoption of multilateral codes of conduct such as the OECD Convention on Combating Bribery and changes in anti-bribery laws in foreign countries.  If the company lacks the in-house resources to do this job, outside counsel with appropriate expertise should be selected and tasked with keeping the company updated.
  • The board of directors or the chief executive officer should establish a formal institutional solution for handling FCPA issues.  In many cases, an FCPA review or compliance committee will be assembled to deal with FCPA matters and will include an FCPA Compliance Officer with responsibility for overseeing the activities of the committee and representatives from other departments as well as the authority to engage outside counsel and consultants to conduct audits and investigations.  It is also probably a good idea to designate an ombudsman who can serve as the contact for employees wishing to report potential violations of the FCPA on a confidential basis.
  • Various departments should be enlisted to standardize certain business tools and practices that can be disseminated throughout the company in order to ensure that FCPA compliance is smoothly and efficiently integrated into the company’s normal business operations.  For example, screening methods, questionnaires and checklists can be created so properly trained employees can isolate FCPA issues early on in relationships with third parties.  Particular attention should be paid to due diligence on foreign agents retained for business development purposes in their jurisdictions.
  • Counsel should draft contract language that addresses FCPA concerns for inclusion as a standard practice in all relevant company agreements.  For example, agents and contractors in foreign countries engaged in local business development efforts on behalf of the company should be required to warrant that no payments of money or anything else of value will be made or offered to any local government official to induce the official to use his influence with the government to obtain an improper business advantage for the company.  Such agents and contractors should also be prohibited from retaining sub-agents without the consent of the company, thereby allowing the company to perform its own due diligence on the proposed sub-agent.
  • All employees likely to come into contact with FCPA compliance issues should be provided with adequate training regarding the policies and procedures developed by the company.  An executive summary of FCPA compliance issues should also be prepared and distributed to employees and posted on the company’s intranet. 
  • The designated compliance officer should make regular reports on the compliance program to the board of directors, including policy violations and disciplinary actions taken against employees.  Based on the requirements imposed by regulators in recent enforcement actions, it also appears that companies should seriously consider engaging independent consultants to audit the effectiveness of their FCPA policy and procedures.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s