Dick Cassin, writing in his FCPA Blog, has consistently raised the issue of Anti-Money Laundering (AML) in the wider battle against bribery and corruption. He set out some of his thoughts in a post entitled “9/11 and the FCPA”. He also speaks regularly about AML laws as one component of the ongoing battle against world-wide terrorism since 9/11and how that relates to anti-bribery and anti-corruption compliance. I thought about Dick’s writing and ideas while I was reading the survey released yesterday by KPMG, entitled “Global Anti-Money Laundering Survey 2011”. While this survey focused on the banking industry, there were many issues identified that are applicable to the wider compliance field. The survey is one of the continuing releases by KPMG that gives insight into what compliance practitioners are thinking, some of the challenges that they face and provides a summary of best practices which anti-bribery and anti-corruption practitioners can incorporate into their company’s US Foreign Corrupt Practices Act (FCPA) and UK Bribery Act compliance programs.
The part of the survey which struck me as most applicable to the FCPA and Bribery Act compliance practitioner was ongoing monitoring. My ‘This Week in FCPA’ colleague, Howard Sklar, often speaks that he believes a compliance program must be nimble and agile enough to evaluate new risks as they arise or become known to a company. The KPMG survey noted that “This principle [ongoing monitoring] also applies to wider risk management arrangements. Ongoing risk assessment should include intelligence generated internally as well as externally, and a key source for this data is monitoring tools and activities.” Ryan Morgan, Anti-Corruption Specialist at World Compliance, spoke, at the ACI-FCPA Boot Camp held in Houston this past January, about the need to perform ongoing due diligence on parties on more than an annual basis. This is because such due diligence is simply a snapshot of time going back from the date of the due diligence. Morgan made clear that 3 months, 6 months or 9 months into the future this snapshot might change.
Another reason to do ongoing monitoring relates to Dick Cassin’s work on the connection of compliance programs to anti-terrorism. To assist banks and other financial institutions in the fight against money laundering and terrorist financing KPMG suggests they undertake ‘ongoing monitoring’ of the business relationship with each customer. This ongoing monitoring has two components. First such institutions should monitor all of the transactions involving the customer to ensure that they fall within expectations. This concept has clear resonation in the FCPA compliance area under one of the well-recognized Red Flags regarding third party business partners. If a proposed foreign business partner does not have experience in your company’s field of expectation for the services or products your company offers, or the commission the foreign business partner sought, or has received, do not fall within a range of monetary expectations, these are viewed as ‘Red Flags’.
The second component of ‘ongoing monitoring’ would fall into the category of “Know Your Customer” or as it is known by its acronym ‘KYC’. KPMG notes that this second element of the ‘ongoing monitoring’ requirement is the need to keep relevant KYC data items up-to-date. Without up-to-date data, banks cannot understand their customers, nor screen a company’s principals effectively against sanctions lists. As Ryan Morgan noted in his ACI presentation many times it is difficult to obtain accurate information on officers, directors and related parties in the ownership chain of a foreign business partner because of the inherent inefficiencies in a foreign governments corporate records filing systems. This means that the tools must be in place but those tools must also be utilized on a regular basis.
The KPMG survey is filled with much information for any banking compliance officer but also solid information for the anti-bribery and anti-corruption practitioner. I heartily recommend it to you for your consideration.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2011
FCPA Compliance and Ethics Blog 