FCPA Compliance and Ethics Blog

January 21, 2011

What Can Your CEO Do for Your FCPA Compliance Program?

So what can your Chief Executive Officer (CEO) do for your Foreign Corrupt Practices Act (FCPA) compliance program? It turns out quite a bit. Both the US Sentencing Guidelines, which are used as the basis for FCPA compliance programs, and the Consultative Guidance, which is the basis for the adequate procedures defense under the UK Bribery Act, make it clear that top company leadership on compliance and ethics is a key component of any successful anti-bribery and anti-corruption program. Many CEO’s desire to be leaders in this area for their businesses but do not know some of the specific steps that they can take to achieve this. In a book entitled, Building a World Class Compliance Program – Best Practices and Strategies for Success” author Martin Biegelman provides some concrete examples in the chapter entitled “Tone at the Top and Throughout”.

In this chapter Biegelman cites to a list used by Joe Murphy of actions that a CEO can demonstrate to set the requisite tone from the Captain’s Chair of any business. The list is as follows:
1. Keep a copy of the Constitution on your Desk. Have a dog-eared copy of your company’s Code of Conduct on your desktop and be seen using it.
2. Clout. Make sure your compliance department has authority, influence and budget within the company. Have your Chief Compliance Officer (CCO) report directly to the Board of Directors.
3. Make them Accountable. At Senior Executive meetings, have each participant report on what they have done to further the compliance function in their business unit.
4. Sticks and Carrots. Have both sanctions for violation of company compliance and ethics policies and incentives for doing business in a compliant manner.
5. Don’t do as I say, Do as I do. Turn down an expensive dinner or trip offered by a vendor. Pass on a gift that you may have received. Turn down a transaction based upon ethical considerations.
6. Be a Student. Be seen at intra-company compliance training. Take a one or two day course or attend a compliance conference outside your organization.
7. Award Compliance. You should recognize outstanding compliance efforts with companywide announcements and awards.
8. The Board. Recruit a nationally known compliance expert to sit on your company’s Board and chair the audit or compliance committee.
9. Independent Review. Obtain an independent, outside review of your company’s compliance program and report the results to the Board’s Audit Committee.
10. Vendors. Mandate that all vendors in your Supply Chain embrace compliance and ethics as a business model. If not, pass on doing business with them.
11. Network. Talk to others in your industry and your peers on how to improve your company’s compliance efforts.

Many companies struggle with some type of metric which can be used for upper management regarding compliance and communication of a company’s compliance values. We are indebted to our colleague, Stephen Clayton for the following idea. It is to require the CEO to post companywide emails or other communications once a quarter on some compliance related topic. The CEO’s direct reports would then also be required to email their senior management staff a minimum of once per quarter on a compliance topic. One can cascade this down the company as far as is practicable. Reminders can be set for each communication so that all personnel know when it is time to send out the message. If these communications are timely made, this metric has been met.

Biegelman begins the chapter discussed in this posting with the statement “The road to compliance starts at the top.” There is probably no dispute that a company takes on the tone of its top management. As we recently noted in our FCPA Blog posting on BP and the Deepwater Horizon disaster, based on the book Drowning in Oil-BP and the Reckless Pursuit of Profit” by Houston Chronicle business reporter Loren Steffy; the CEO of BP wanted the company to adopt the financial discipline that Exxon had shown after its own environmental disaster, the Exxon Valdez spill. However, he failed to also understand that “as closely as Exxon’s management watched costs, it also made clear to every worker that the one cardinal sin was skimping on safety.” So safety was not made the priority for BP.

As the compliance professional within your organization you may well be asked by your CEO to provide concrete actions that he or she can take to lead the company in compliance. There may be suggestions you wish to make to the same CEO and the actions presented by Biegelman in his book, and by Clayton herein, provide some concrete steps and actions you can have your CEO take.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2011

Blog at WordPress.com.