combating corruption: best practices in fcpa … studies (cont.) 2. morgan stanley: why did they get...
TRANSCRIPT
Today’s Speakers
Bruce RomneySenior Director Solution MarketingSAP
Evelyn SuarezPartnerWilliams Mullen
Yousr KhalilDirectorForensic Risk Alliance
Eric KulischTrade and Transportation EditorAmerican Shipper
Agenda
– Introduction– The legal landscape– Enforcement trends– Lessons learned from recent
investigations– Key elements of an effective
compliance program– Technology as a fundamental
support
3
FCPA
• Intended to deter bribery of foreign officials to obtain an improper business advantage
• Two Parts:– Anti-Bribery Provisions (enforced
by DOJ)– Books & Records Provisions and
Internal Accounting Controls (enforced by SEC)
5
FCPA
www.justice.gov/criminal/fraud/fcpa/guide.pdf
• What’s the message that the DOJ & SEC are giving us?
6
It’s All About Risk• Enterprise risk
– For Shippers– For Transportation and Logistics companies
• Countries: Emerging Markets– Transparency International’s Corruption
Perception Index– Emerging Markets present the biggest
opportunities and the greatest risk
• Third parties such as agents, distributors • DOJ & SEC expect a risk-based approach to
compliance
7
Compliance Challenges to Consider
• Third parties– Shipper’s perspective– Transportation and logistics providers’ perspective
• Facilitating or "grease" payments• Importance of compliance with local law• A paper compliance program is not enough! How do
you get the message across to your global operations?
8
10 Hallmarks of an Effective Compliance Program1. Commitment by senior management with clearly articulated policy against
corruption2. Code of conduct and compliance policies and procedures. Must be current
and effective and outline responsibilities, detail internal controls, set forth auditing practices, documentation policies and disciplinary procedures
3. Oversight by senior management with sufficient autonomy and resources4. Risk assessment and internal audit procedures5. Regular training and continuing advice6. Incentives and disciplinary measures7. Comprehensive, risk-based due diligence for third parties and transactions8. Mechanisms for employees to confidentially report potential violations and
for internal investigations9. Updating compliance program through periodic testing and review10. Pre-acquisition due diligence and post-acquisition integration for mergers
and acquisitions9
Guiding Principles of Enforcement
• Self-disclosure• Cooperation• Remedial efforts• Common elements of declinations
include: (1) self-disclosure; (2) internal investigation; (3) remedial action; and (4) enhanced compliance program.
• Case studies: Ralph Lauren, Morgan Stanley and Panalpina
10
Case Studies
11
1. Ralph Lauren (RL)
– Violations involved payment of bribes totaling $580,000 through customs broker in Argentina for customs clearance for prohibited goods and to avoid customs inspections.
– Described bribes as “loading & delivery expenses” and “stamp tax/ label tax”
– Discovered during adoption of compliance program– No compliance program at the time of the violations– Both DOJ and SEC entered into NPA’s with RL– Agreed to pay disgorgement, interest & penalties totaling $1.6m.
Cooperated, adopted enhanced compliance program, took remedial action and agreed to report back to DOJ for 2 years
Case Studies (cont.)
2. Morgan Stanley: why did they get a declination?
– Had a solid compliance program which took a holistic approach and was not just a paper program. Gave them credibility with enforcers.
– Retained counsel immediately upon discovering the problem– Thorough investigation – Identified weaknesses in their compliance program– Moved quickly to fix compliance problems with program enhancements
even during internal investigation– More training– Reported the violation– Kept detailed records on steps taken– Good roadmap even though case does not involve shipper or
transportation intermediary
12
Case Studies (cont.)
3. Panalpina
– On Nov. 4, 2010, Panalpina and five customers in the oil & gas industry settled with the DOJ & SEC paying a total of $156.5m in criminal fines & $80m in civil disgorgement
– Investigation lasted 3 years– Panalpina investigation came to light in 2007 when a subsidiary of Vetco
pled guilty to bribing Nigerian officials through the logistics company– Involved more than $49m in bribes to Customs officials– Found to violate accounting provisions by describing payments as “local
processing,” “special intervention,” “special handling”– Statement by then Assistant Attorney General Lanny Breuer: “Whenever
possible, the department seeks to find and hold accountable all the players in corrupt deals – from customers who know that bribes are being paid on their behalf to those actually making the payments.”
13
Case Studies (cont.)
3. Lessons learned from Panalpina
– Was credited for “exemplary” cooperation with investigation from mid-2007 but didn’t voluntarily disclose; cooperation got it a DPA
– Expanded the scope of FCPA enforcement to a company not an “issuer” but an independent third party acting as an agent for US issuers
– Continued focus on third party service providers– Extended to subcontractors making improper payments which adds
another set of entities that compliance departments need to worry about– Started a trend of industry sweeps– Last but not least: showed the risks associated with “Facilitating
Payments” exception. Easy to confuse unlawful payments with facilitating payments. Need to closely monitor.
14
Key Points for Compliance Programs
1. Robust compliance program not a paper tiger
2. Training3. Frequent reminders4. Certifications5. Audit rights
15
Avoid Corrupt Practices with Compliance Testing and AnalyticsYousr KhalilDirectorForensic Risk Alliance
• § 78dd-1&2 - Prohibits foreign bribery by issuers and domestic concerns
• § 78dd-3 - Prohibits foreign bribery by persons other than issuers or domestic concern
• §§ 78m - This section contains the accounting provisions
• § 78ff - Deals with penalties for bribery
Foreign Corrupt Practices Act 1977
Anti Bribery Provisions
Accounting Provisions
17
Accounting Records• Make and keep books, records, and
accounts, which, in reasonable detail, accurately, and fairly reflect the transactions and dispositions of the assets of the issuer.
• Records includes “accounts, correspondence, memorandums, tapes, discs, papers, books, and other documents or transcribed information of any type.”
• Devise and maintain an adequate system of internal accounting controls so that transactions are executed in line with management’s authorisation.
18
Compliance Testing
An effective compliance and ethics program requires a company to establishing monitoring, auditing, and reporting systems, to ensure the business and persons associated with it, is complying with its policies and procedures, and can identify and remediate any issues as they arise.
19
An ABC Compliance Review
20
Contractual & Financial Document
Review
Interviewing
Financial Data Analytics
Audit Analytics –The Steps
22
Obtaining Raw Data• Accounting Systems• Management Reports
Understanding the Data• Familiarity with the particulars of each data set• Organizing the data sets for useful analysis
Data Mining & Interpretive Analysis• Standard and Bespoke algorithms for identifying “Red Flags”• Comparing data analysis to other information and
expectations
Transaction Testing• Manual verification of compliance tests and “Red Flag” areas• Judgmental selection of sample transactions
Foren
sic accoun
ting
Tie in the Data Extracts
23
Audited Accounts
Management Reports /
Trial BalanceAccount Extracts
Administrative Expenses Marketing Costs
2435654 - Paris 14,658 2435655 - Rome 2,358 2435656 - Barcelona 6,434
23,450
Administrative Expenses Travelling 26,578 Post and Stationery 98,742 Marketing 23,450 Office Costs 4,730
153,500
Administrative Expenses 153,500
Cost Code Analysis
• Gifts and entertainment• Travel and trips• Freight and logistics• Tendering and marketing costs• Charitable and Political
Donations• School fees and scholarships• Consultant expenses• Commissions
24
Effective Anti-bribery and Anti-corruption Compliance ProgramsBruce RomneySenior Director Solution MarketingSAP
Hallmarks of effective anti-bribery and anti-corruption compliance programs*
Commitment from Senior Management
Risk Assessment
Continuous Improvement through Periodic Testing and Reviews**
Training and Continuing Advice
Oversight, Autonomy, and Resources
Code of Conduct and Compliance Policies and Procedures
Mergers and Acquisitions: Pre‐Acquisition Due Diligence and Post‐Acquisition Integration
Confidential Reporting and Internal Investigating
Review and Continuous Improvement
Clearly Articulated Policy Against Corruption
* Source: A Resource Guide to the U.S. Foreign Corrupt Practices Act by the Criminal Division of the U.S. Department of Justice and the Enforcement Division of the U.S. Securities and Exchange Commission** Includes continuous monitoring 27
Organization / Tone / Procedures
How can technology for Governance, Risk, and Compliance align to these tenets
Commitment from Senior Management
Risk Assessment
Continuous Improvement through Periodic Testing and Reviews
Training and Continuing Advice
Oversight, Autonomy, and Resources
Code of Conduct and Compliance Policies and Procedures
Mergers and Acquisitions: Pre‐Acquisition Due Diligence and Post‐Acquisition Integration
Confidential Reporting and Internal Investigating
Review and Continuous Improvement
Clearly Articulated Policy Against Corruption
Automation withRisk
Management
Automation withCompliance Management
Automation with Fraud
Management
28
Management of anti-bribery and anti-corruption responses
Automating policy management lifecycle including creation, review, approval, distribution, acknowledgement, and confirmation of policies such as “code of conduct”
Automating periodic bribery and corruption risk assessments
Ensuring proper segregation of duties
Screening parties against PEP/OFAC (politically exposed persons and office of foreign asset control) and other lists
Due diligence / surveys with automatic generation and distribution of key reports for subsequent review (control or risk owners) or due diligence via automated surveys and questionnaires for internal or external (3rd) parties
Monitoring transactions meeting certain criteria such as 1) payments in high-risk countries 2) abnormal expense items meeting established thresholds 3) overpaid purchase orders 4) invoices paid greater than goods or services performed or received 5) split payments
Monitoring master data for 1) payments executed using alternate payee fields 2) unauthorized vendor data changes 3) monitoring key fields in payment transactions for questionable or “hot” words such as cash, donation, services, facilitate, hospitality, gift, etc…
Configuration monitoring to detect 1) duplicate invoice setting changes, enabling or disabling of alternate payee field, adjusting three-way match criteria
29
Q&AThank you for participating in this session. We would like to take your questions now.For more information, you can contact today’s speakers:
Bruce [email protected]
Evelyn [email protected]
Yousr [email protected]
Eric [email protected]