This is the free photo or picture example named Screenshot 20210410 103836 for OffiDocs app Gimp, which can be considered as an online image editor or an online photo studio.
Download or edit the free picture Screenshot 20210410 103836 for GIMP online editor. It is an image that is valid for other graphic or photo editors in OffiDocs such as Inkscape online and OpenOffice Draw online or LibreOffice online by OffiDocs.
A reader recently commented that most companies know \u201cwhat to do\u201d when it comes to FCPA anti-bribery compliance training, but that when it comes to FCPA books and records and internal controls compliance training most people \u201cscratch their heads.\u201d
Below, I offer some thoughts on books and records and internal controls compliance training, but by no means does this cover the entire landscape.
I think the reader is correct in that most companies do in fact focus compliance efforts (if they have pro-active compliance efforts \u2013 see here) on the FCPA\u2019s anti-bribery provisions. The FCPA\u2019s other prong \u2013 the books and records and internal control provisions are usually mentioned (if at all) in passing.
An explanation for why likely has to do with the statute itself.
The anti-bribery provisions have specific elements tied to things we can all generally understand such as \u2013 things of value, foreign official, and obtain or retain business \u2013 and companies can easily tailor compliance training to those elements, or it is probably more accurate to say, DOJ and SEC\u2019s interpretations of those elements.
In contrast, the FCPA\u2019s book and records and internal control provisions are rather generic and have key terms such as \u201creasonable detail,\u201d \u201caccurately and fairly,\u201d \u201csufficient,\u201d \u201creasonable assurances, and \u201cgeneral or specific authorization.\u201d
Tailoring compliance training to such general concepts can be difficult. Moreover, the books and records, and internal control provisions apply to issuers in ALL instances, not just those instances in which the company is doing business or seeking business abroad. Thus, it may be more difficult to frame books and records and internal control issues to training, because the provisions apply to everything an issuer does.
Against this backdrop, what works best I think is to view FCPA compliance as not just a task that company lawyers and selected key positions from an anti-bribery perspective (i.e. sales, marketing, business development) need to be concerned with, but rather a task that internal audit and finance should also be concerned with and actively involved in as well.
This means that internal audit and finance personnel must be specifically trained to approach their specific job functions not only in a traditional way, but also with \u201cFCPA goggles\u201d on.
It is clear from recent FCPA enforcement actions that the SEC expects much more from non-legal personnel when it comes to FCPA compliance, including the ability to spot FCPA issues and display a high degree of (I\u2019ll call it) intellectual curiosity as to certain issues.
For instance, in the 2007 York matter, the SEC alleged in its civil complaint (see here at para 51) that (i) \u201cYork International\u2019s management had the ability to review or cause internal audit to review [the problematic contracts] and, had this been done, it would have been immediately apparant that the consultancy agreements were a sham; and (ii) it was \u201cclear that local finance personnel did not provide an independent internal control function, but rather acquiesced in questionable practices and documentation without critical review.\u201d
Again, because the FCPA\u2019s books and records and internal control provisions are rather generic, I think a \u201cbest practice\u201d (not only for issuers, but for any company) is to specifically train internal audit and finance personnel to view their job with \u201cFCPA goggles\u201d on.
This means that internal audit and finance personnel should:
(1) Understand the broad interpretations given to the anything of value, foreign official, and obtain or retain business elements of anti-bribery violation so that they clearly understand that conduct other than a \u201csuitcase full of cash to a government official to get a government contract\u201d is problematic. For instance,
excessive travel and marketing expenses, payment of scholarships, etc. can be things of value. Internal audit and finance personnel also need to understand that employees of state-owned or state-controlled companies are considered \u201cforeign officials\u201d by DOJ/SEC (even if that interpretation has not been tested or challenged). This means that things a company does to \u201cwine and dine\u201d its purely private customers can become problematic when state-owned or state-controlled customers receive the same treatment. In terms of state-owned or state-controlled customers, it is also a good idea for a company to maintain a roster of such entities so that heightened review will be triggered when any corporate personnel deals with such customers or prospective customers. Internal audit and finance personnel also need to understand that payments which result in a company securing a foreign license, permit, or certification can satisfy the \u201cobtain or retain business\u201d element of an anti-bribery violation on the theory that such payments help the company, in the general sense, obtain or retain business.
(2) Pay particular attention to employee reimbursement requests and think about FCPA issues in connection with these requests. For instance, if a specific sales and marketing employee is the designated \u201cwine and dine\u201d person, is there any heightened scrutiny of that individuals reimbursement requests?
(3) Be aware of the FCPA\u2019s third-party payment provisions and be able to spot (and follow-up on) the following issues relevant to engaging and supervising a foreign agent or representative: payments made to personal (rather than company) bank accounts; payments to off-shore bank accounts; payments which could be made in one lump sum but are split up to avoid detection; and payments made to an account in a country different than where the service provider is located. When utilizing third parties, commission payments are obviously a big FCPA risk. Thus, internal audit and finance personnel need to ask what steps the company has taken to assure itself that the commission payments are reasonable. Moreover, such personnel should specifically look for evidence that the third party actually provided legitimate value-added services before payment was made by the company.
(4) Figure out who within the company, the relevant business unit, etc. has the authority to authorize large payments and make sure those authorizations are scrutinized. Because of title, prestige and in some countries \u2013 gender \u2013 certain individuals are subjected to less oversight and scrutiny when it comes to authorizing payments. If any such trends or patterns emerge within a company as to this issue, internal audit and finance personnel must be diligent in understanding why.
(5)Pay particular attention to the following accounts (all of which, per recent FCPA enforcement actions, were used to conceal improper payments) \u2013 \u201cadditional assessments,\u201d \u201cextra costs,\u201d \u201cextraordinary expenses,\u201d \u201curgent processing,\u201d \u201curgent dispatch,\u201d \u201ccustoms processing,\u201d \u201cimportation advances,\u201d . These accounts, and all other accounts described in a vague or ambiguous manner, should be subject to heightened scrutiny by internal audit and finance personnel.
Back to the original issue raised by the reader as to how best to offer FCPA books and records, and internal controls compliance training. Again, because the books and records and internal control provisions are so generic, I think the \u201cbest practice\u201d is to couple such training with anti-bribery training and to make sure that internal audit and finance personnel have the FCPA tools necessary to properly execute their jobs.
Internal audit and finance personnel clearly have an FCPA compliance role to play, and the SEC is clearly expecting them to play that role. However, internal audit and finance personnel can only raise FCPA issues if they first know what FCPA issues to look for. Providing internal audit and finance personnel with a good pair of \u201cFCPA goggles\u201d is a good way to achieve books and records, and internal controls compliance.
Free picture Screenshot 20210410 103836 integrated with the OffiDocs web apps