The FCPA Compliance Audit: A Market Approach to Moving the Bar Forward

The issue of audit rights in compliance terms and conditions is one that leads to debates both pro and con. My This Week in FCPA colleague Howard Sklar and I have sparred on this issue. Usually the debates centers around the threshold question of if you have the rights must you audit the contractual counter-party which has agreed to allow itself to be audited. I argue that if you have audit rights that you must, at least selectively use them. However, if you do not ever use these audit rights, it may put you in a worse position than if you did not have the rights. The next argument is usually along the lines that the counter-party will never allow your company to audit them. The third argument is that auditing takes too much time and is too costly.

In my discussions with Howard I usually respond that it is always better to have audit rights. The concept of the compliance audit of counter-parties is in the US Sentencing Guidelines for organizations accused of violating the Foreign Corrupt Practices Act (FCPA); the Department of Justice’s (DOJ) best practices for effective compliance programs which have been released with each Deferred Prosecution Agreement (DPA) over the past year; the UK Bribery Act’s Six Principles of Adequate Procedures; and the OECD Good Practices. The reason all of these guidelines incorporate it into their respective practices is that it is one of the key tools to utilize in managing any business relationship from the compliance perspective going forward.

In response to the second argument, I think the answer is more straight-forward. Under any reputable commercial contract, the party paying the money ALWAYS has the right to audit the company which receives the money. While this audit is typically limited to auditing invoices, backup documentation and other evidence of services provided or product delivered, it is nevertheless a standard clause that almost every company has seen in a contract. I believe that good communication with a counter-party, to explain the genesis of the compliance audit and why it has become a best practice, is an important part of the ongoing dialogue between the parties, both before, during and after contract negotiations.

I believe that the response to the third objection is also straight-forward. I previously wrote about the Apple 2011 Supplier Responsibility Report. Apple looked at a variety of issues that affect its business relationships with its suppliers, these areas included training, protecting of workers, use of underage labor and social responsibility. One of the areas that Apple audited and reported about was compliance. I believe the Apple example shows that companies can successfully audit their suppliers, channel ops partners and any others in their sales or distribution chains. I understand that people will respond that this is Apple, one of the biggest and most visible US companies around. However, my point is that Apple is a concrete example of a successful and transparent compliance audit.

While not in the compliance area, I recently read about two US companies, Proctor & Gamble and Kaiser Permanente, who grade their suppliers on their environmental practices. In an article in the November 2010 issue of FastCompany, author Damian Joseph quotes Dean Edwards, VP and chief procurement officer at Kaiser Permanente, “We’re sending a message to vendors loud and clear…Green up your act today, lest you lose a huge client tomorrow.” Author Joseph posed the question to Jeff Erikson, an expert in supply chain management as “How do you control distant suppliers and enforce new standards?” Erikson answered, “There are no easy answers but asking the question is a positive change in behavior.”

I think that the final two quotes encapsulate the strongest reasons for the compliance audit. Nothing changes company or business behavior like market based factors. The (FCPA can and does change behavior to move companies and countries toward the rule of law. That is certainly an advantage of the Act and something that should be considered when amendments to the FCPA are bandied about under the claim that the FCPA costs US company’s jobs.

=============================================================================================

Episode 14 of This Week in FCPA is upheld. Howard Sklar and I discuss several issues including:

1. Business Roundtable in DC
2. Diageo
3. Lindsey allegations of prosecutorial misconduct
4. Carson jury instructions
5. National Strategy to Combat Transnational Organized Crime
6. Niger now has a “High Commission”
7. Diebold has no news, but we report on it anyway
8. Travel Act gets challenged, nobody notices
9. RBS gets hit for AML, without actually violating anything

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Opinion Release 11-01: Lessons Learned on the Opinion Release Procedure

As most of the readers of this blog will recall, I recently discussed the substance of Opinion Release 11-01 and had some additional comments regarding the relative ease by which a lawyer or compliance office should have been able to research the question posed. I also opined that the issue posed in Opinion Release 11-01 was not a question which needed to be submitted to the Department of Justice (DOJ) for comment upon, as it was a waste of the DOJ’s resources and no doubt had a high cost in time and/or dollars for either an in-house lawyer or outside counsel to formulate and submit.

However my “This Week in the FCPA” colleague, Howard Sklar, speaking in our Episode 12, suggested that there might be another aspect to this specific Opinion Release that I had not considered. While I had discussed the above points from the perspective of an outside counsel, in-house lawyer or compliance office who specialized in FCPA compliance work; the Opinion Release Procedure is designed so that any person or company may submit a query to the DOJ. Howard suggested that the Opinion Release Procedure could be utilized by a company which does not have either an in-house compliance practitioner or even a General Counsel. A question can be submitted to the DOJ as straight forwardly as with a one page document setting forth the information required under the Opinion Release Procedure.

In his testimony before the House Judiciary Committee, DOJ Representative Greg Andres spoke about the Opinion Release Procedure as one of the mechanisms by which the DOJ can not only bring transparency to the area of information relating to Foreign Corrupt Practices Act (FCPA) but also can allow businesses with substantive questions seek and receive specific answers to queries regarding factual scenarios which they may face. So what are the requirements under the Opinion Release Procedure? Initially I would note that DOJ has posted on its website, the Foreign Corrupt Procedures Opinion Procedure, (28 C.F.R. part 8).

The stated purpose of the Opinion Procedures is “These procedures enable issuers and domestic concerns to obtain an opinion of the Attorney General as to whether certain specified, prospective–not hypothetical–conduct conforms with the Department’s present enforcement policy regarding the antibribery provisions of the [FPCA]” (§80.1). The requirements of the Opinion Release Procedure are (1) the submission must be in writing; (2) an original and copies must be provided; and (3) must be sent to address provided. (§80.2) In addition to these specific requirements there are certain general requirements listed. (§80.6) They include that complete copies of all operative documents and detailed statements of all collateral or oral understandings. The request must be signed by an appropriate senior officer.

While there is additional language in the Opinion Release Procedure that it only relates to the query submitted to the DOJ, does not bind any other agency or department and can change if different facts occur or that the DOJ can ask for additional information from the party making the request, it is required under the terms of the Opinion Request Procedure “within 30 days after receiving a request that complies with the foregoing procedure, respond to the request by issuing an opinion that states whether the prospective conduct, would, for purposes of the DOJ’s present enforcement policy, [violate the FCPA].” (§80.8)

So there may be an addition Lesson Learned from Opinion 11-01. This lesson is that the Opinion Release Procedure can be straight forward. The DOJ can be available to assist in interpreting the FCPA based upon the facts and circumstances which a company faces in the real world. I have argued for greater transparency by the DOJ in providing information for companies and the compliance practitioner and the Opinion Release Procedure is one of the mechanisms by the DOJ does provide transparency and information.

————————————————————————————————–

Vive le RESIST. The ToolKit RESIST is now available in Spanish and French, see here.

Episode 12 of This Week in the FCPA, Part I, is now up and available here.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Opinion Release 11-01: A Good Reason To Do Some Research

The first Opinion Release of 2011 is out, No. 11-01, and it certainly may leave compliance practitioners scratching their heads. However, this collective head scratching is not because the Opinion Release is so difficult to understand and has no application to the everyday business of compliance, but for a polar opposite reason – the question posed to the Department of Justice (DOJ) is so straight-forward, and has been previously asked and answered, that it is difficult to understand how any first year compliance practitioner did not know the answer to it. So while I generally try not to skewer such matters the way my ‘This Week in the FCPA’ colleague Howard Sklar occasionally does, I do have to admit to some befuddlement.

The background facts are as follows: a US Company wants to bring some foreign governmental officials over to the US to learn more about the US Company in question. The foreign government selected the officials to travel, the travel is economy class and it involves no WAGs (wives and girlfriends). The trip is scheduled to be for two days and the US Company will pay all the vendors, airlines, hotels, local transportation and food service providers directly. No cash will be provided to the traveling officials and any gifts will be branded and of nominal value.

Based upon all of these representations the DOJ indicated that it would take no enforcement action. So why am befuddled by all this? For the same reason that Howard Sklar noted in his blog posting entitled, “Gifts and Opinion Release” which is that “any reasonably competent anti-corruption compliance officer could have given them [the answer] on day 1. This tells me that the Company does not have reasonably competent compliance personnel. This is a question that should never have gone to the DOJ.”

With my bewilderment in mind, I decided to review the underlying Opinion Releases discussed in 11-01. Based upon re-reading these I thought it might provide a good opportunity to discuss this area of a compliance program.

A. Opinion Releases

In 2007, the DOJ issued two Foreign Corrupt Practices Act (FCPA) Opinion Releases which offered guidance to companies considering whether to, and if so how to, incur travel and lodging expenses for government officials. Both Opinion Releases laid out the specific representations made to the DOJ, which led to the Department approving the travel to the US by the foreign governmental officials. These facts provided strong guidance to any company which seeks to bring such governmental officials to the US for a legitimate business purpose.

07-01

In Opinion Release 07-01, the Company was desired to cover the domestic expenses for a trip to the US for a six-person delegation of the government of an Asian country for an educational and promotional tour of one of the requestor’s US operations sites. In Opinion Release 07-01 the representations made to the DOJ were as follows:

• A legal opinion from an established US law firm, with offices in the foreign country, stating that the payment of expenses by the US Company for the travel of the foreign governmental representatives did not violate the laws of the country involved;
• The US Company did not select the foreign governmental officials who would come to the US for the training program;
• The delegates who came to the US did not have direct authority over the decisions relating to the US Company’s products or services;
• The US Company would not pay the expenses of anyone other than the selected official;
• The officials would not receive any entertainment, other than room and board from the US Company;
• All expenses incurred by the US Company would be accurately reflected in this Company’s books and records.

The response from the DOJ stated: “Based upon all of the facts and circumstances, as represented by the requestor, the Department does not presently intend to take any enforcement action with respect to the proposal described in this request. This is because, based on the requestor’s representations, consistent with the FCPA’s promotional expenses affirmative defense, the expenses contemplated are reasonable under the circumstances and directly relate to “the promotion, demonstration, or explanation of [the requestor’s] products or services.”

07-02

In Opinion Release 07-02 the Company desired to pay certain domestic expenses for a trip within the US by approximately six junior to mid-level officials of a foreign government for an educational program at the Requestor’s US headquarters prior to the delegates attendance at an annual six-week long internship program for foreign insurance regulators sponsored by the National Association of Insurance Commissioners (NAIC).

In Opinion Release 07-02 the representations made to the DOJ were as follows:
• The US Company would not pay the travel expenses or fees for participation in the NAIC program.
• The US Company had no “non-routine” business in front of the foreign governmental agency.
• The routine business it did have before the foreign governmental agency was guided by administrative rules with identified standards.
• The US Company would not select the delegates for the training program.
• The US Company would only host the delegates and not their families.
• The US Company would pay all costs incurred directly to the US service providers and only a modest daily minimum to the foreign governmental officials based upon a properly presented receipt.
• Any souvenirs presented would be of modest value, with the US Company’s logo.
• There would be one four-hour sightseeing trip in the city where the US Company is located.
• The total expenses of the trip are reasonable for such a trip and the training which would be provided at the home offices of the US Company.

As with Opinion Release 07-01, the DOJ ended this Opinion Release by stating, “Based upon all of the facts and circumstances, as represented by the Requestor, the Department does not presently intend to take any enforcement action with respect to the planned educational program and proposed payments described in this request. This is because, based on the Requestor’s representations, consistent with the FCPA’s promotional expenses affirmative defense, the expenses contemplated are reasonable under the circumstances and directly relate to “the promotion, demonstration, or explanation of [the Requestor’s] products or services.” 15 U.S.C. § 78dd-2(c)(2)(A).

B. Travel and Lodging for Governmental Officials

What can one glean from these two 2007 Opinion Releases? Based upon them, it would seem that a US company can bring foreign officials into the US for legitimate business purposes. A key component is that the guidelines are clearly articulated in a Compliance Policy. Based upon Releases Opinions 07-01 and 07-02, the following should be incorporated into a Compliance Policy regarding travel and lodging:
• Any reimbursement for air fare will be for economy class.
• Do not select the particular officials who will travel. That decision will be made solely by the foreign government.
• Only host the designated officials and not their spouses or family members.
• Pay all costs directly to the service providers; in the event that an expense requires reimbursement, you may do so, up to a modest daily minimum (e.g., $35), upon presentation of a written receipt.
• Any souvenirs you provide the visiting officials should reflect the business and/or logo and would be of nominal value, e.g., shirts or tote bags.
• Apart from the expenses identified above, do not compensate the foreign government or the officials for their visit, do not fund, organize, or host any other entertainment, side trips, or leisure activities for the officials, or provide the officials with any stipend or spending money.
• The training costs and expenses will be only those necessary and reasonable to educate the visiting officials about the operation of your company.

Incorporation of these concepts into a compliance program is a good first step towards preventing any FCPA violations from arising, but it must be emphasized that they are only a first step. These guidelines must be coupled with active training of all personnel, not only on the Compliance Policy, but also on the corporate and individual consequences that may arise if the FCPA is violated regarding gifts and entertainment. Lastly, it is imperative that all such gifts and entertainment are properly recorded, as required by the books and records component of the FCPA.

It is always good to review the parameters of your compliance program. However, whoever the compliance officer is at the US Company which requested Opinion Release 11-01, next time do some research. If you do not know how to research DOJ Opinion Releases, it is a straight-forward exercise. You can go to the DOJ, Fraud Section, FCPA website and look for “Opinion Procedure Releases”. If the answer is already out there, do not waste your company’s money and the DOJ’s time by asking a question to which every compliance practitioner knows the answer to or is readily accessible in the public domain.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2011

Creating a “Gap” Analysis and Sharing Issues with Management

Our colleague, Michael Portorti continues his series on risk assessments from a CPA perspective. He has previously provided guest posts on The Auditor’s Role in FCPA and UK Bribery Act Compliance and  Performing a Risk Assessment for FCPA and UK Bribery Act Compliance .

A formalized risk assessment should be completed to identify the areas where the Company is exposed under the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act (UKBA). Subsequent to this identification, specific and detailed questions should be asked of relevant risk area management/employees to determine if “Best Practice” controls are in place. 

Interviews should be scheduled between responsible parties and an objective interviewer. A tool that can be used by the interviewer to track responses would be a document containing the following:

• Area Being Investigated
• Model Control Description
• Control Risk
• Actual Control
• Individual Responsible
• Deficiencies Identified

The deficiencies identified should be accumulated in a “Gap Analysis” document. This document should contain the following:

• Area Being Investigated
• Description of Deficiency
• Action Plan to Remediate Deficiency
• Individual Responsible
• Action Plan Due Date

The Gap Analysis document can then be used to track status of deficiencies and used as a source to update Executive Management as necessary. It also can expose bottlenecks and identify potential revisions for controls that need additional tailoring to fit in with the Company’s operational environment.

Accumulating deficiencies in this manner keeps all parties up-to-date on remediation progress so overall compliance efforts can move along at an acceptable rate.

Micheal Potorti can be reached at mpotorti@mp-audit.com. 

=============================================================================================

Episode 9 of This Week in the FCPA is now up and available for viewing. Check out Howard Sklar and myself with our weekly commentary on all things FCPA.

This Week’s Show Notes include the following topics:

1.  Three Articles on FCPA and International Rule of Law issues
2.  Tyson Foods case (one of the three articles)
3.  Private Equity and the UK Bribery Act
4.  Niko Resources