The Foreign Corrupt Practices Act (FCPA) is a federal anti-bribery statute that makes it “unlawful for certain classes of persons and entities to make payments to foreign government officials to assist in obtaining or retaining business,” according to the U.S. Department of Justice website.
The FCPA has been around since 1977, and has received greater attention and increased enforcement in the past few years, leading to increased corporate penalties for violations. Consequences of violating the FCPA include:
- SEC and DOJ criminal investigations for organizations and individuals
- Criminal and civil penalties, including multimillion-dollar fines for both corporations and individuals, and prison terms for individuals
- Government-mandated external FCPA compliance monitoring personnel
- Inability to be considered for future government contracts
- Permanently tarnished reputation
What can your organization do to protect itself? Start by implementing or refining your FCPA compliance program.
Know your own business — what types of business and transactions your company engages in, who your company engages with, where these transactions take place, the amount of interaction your organization has with government officials and agencies and your industry’s regulatory environment. Segment this information by level of risk and the amount of control you have over each situation. Be sure to do your homework (due diligence) before entering an agreement with a new business partner. Know the laws of each country you do business in and which anti-bribery laws may apply to your organization.
Have someone in an executive leadership position spearhead the program to show your organization’s dedication to compliance and serve as a guide when other managers have questions or concerns. Not only should the senior employee oversee the program, but he/she should be personally involved in the creation of written policies and procedures, as well as the communication and education of employees on important policies.
There’s no use in creating policies that no one follows or references. Have a plan for how policies should be researched, drafted, scrutinized, implemented, evaluated and improved. Give policy drafters guidelines for how policies should be structured, formatted and styled so they’re readable, easily understood, practical, effective and enforceable. Set goals for each policy, and show drafters how unclear policies can affect processes and create inefficiencies within the organization.
More specifically, the policies and procedures should cover your entire workforce — U.S.-based and overseas employees — and address working with foreign officials and representatives, particularly gifts, payments and bribes. They should also cover how to keep accurate, detailed records, and how to report suspected violations anonymously.
Simply creating and having policies is not enough — your organization needs an implementation strategy. Determine how policies will be communicated to your workforce and business partners. Establish what kind of training employees (especially sales, legal, internal auditing, finance and accounting departments, as well as management) need on policies and what steps your organization can take to ensure their attestation and compliance.