FCPA Compliance and Ethics Blog

June 30, 2011

Creating a “Gap” Analysis and Sharing Issues with Management

Our colleague, Michael Portorti continues his series on risk assessments from a CPA perspective. He has previously provided guest posts on The Auditor’s Role in FCPA and UK Bribery Act Compliance and  Performing a Risk Assessment for FCPA and UK Bribery Act Compliance .

A formalized risk assessment should be completed to identify the areas where the Company is exposed under the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act (UKBA). Subsequent to this identification, specific and detailed questions should be asked of relevant risk area management/employees to determine if “Best Practice” controls are in place. 

Interviews should be scheduled between responsible parties and an objective interviewer. A tool that can be used by the interviewer to track responses would be a document containing the following:

• Area Being Investigated
• Model Control Description
• Control Risk
• Actual Control
• Individual Responsible
• Deficiencies Identified

The deficiencies identified should be accumulated in a “Gap Analysis” document. This document should contain the following:

• Area Being Investigated
• Description of Deficiency
• Action Plan to Remediate Deficiency
• Individual Responsible
• Action Plan Due Date

The Gap Analysis document can then be used to track status of deficiencies and used as a source to update Executive Management as necessary. It also can expose bottlenecks and identify potential revisions for controls that need additional tailoring to fit in with the Company’s operational environment.

Accumulating deficiencies in this manner keeps all parties up-to-date on remediation progress so overall compliance efforts can move along at an acceptable rate.

Micheal Potorti can be reached at mpotorti@mp-audit.com. 


Episode 9 of This Week in the FCPA is now up and available for viewing. Check out Howard Sklar and myself with our weekly commentary on all things FCPA.

This Week’s Show Notes include the following topics:

1.  Three Articles on FCPA and International Rule of Law issues
2.  Tyson Foods case (one of the three articles)
3.  Private Equity and the UK Bribery Act
4.  Niko Resources

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: