EY has identified eight key steps to an effective anti-corruption compliance program:
Conduct a risk assessment program
Identifying and analysing risk is essential to developing an effective anti-corruption compliance program. According to EY, the corruption risk assessment should focus on actual risks posed by the nature of a company’s operations, the degree of business with governmental entities, its use of agents and other intermediaries, the countries where it does business, the regulatory environment and other factors.
Develop a corporate anti-corruption policy
EY holds that companies should develop an anti-corruption policy based on the requirements of the Foreign Corrupt Practices Act (FCPA), the UK Bribery Act and, where it applies more stringent requirements, local law. The overall compliance policy should be a clear and unambiguous statement of the company’s position that both governmental and commercial bribery on any scale will not be tolerated.
Implementing anti-corruption policies and controls
Giving gifts or providing meals, entertainment or travel to government employees could, under certain circumstances, violate the FCPA or UK Bribery Act. Such expenditures need to be monitored carefully to avoid the appearance of impropriety.
Guidelines for charitable giving should be designed to ensure that donations are received by the intended recipient and are not being used for unknown or unintended purposes.
Implement anti-corruption financial controls
Strict enforcement of travel and expenses rules related to meals and entertainment, and the detailed reporting of the people entertained and the business purpose, supports anti-corruption compliance. Reconciling bank accounts on a monthly basis is a key cash control that also protects against misappropriation and possible off-book payments.
Additional measures that can to taken as a deterrent and mode of detection for bribery and corruption include enhanced transaction review, approval and accounting procedures, controls around bank accounts and petty cash, enhanced vendor approval and payment processes, and increased scrutiny of high risk transactions.
Conduct anti-corruption compliance training
At a minimum, EY holds that every person in a position to obtain business through bribery or other improper means should receive anti-corruption compliance training. Companies should also consider training all internal audit, accounting, financial and legal employees. Enhanced training might be considered for specific groups such as senior management, accounting, sales, and marketing and finance.
Monitor the program
Monitoring means anti-corruption compliance audits. This activity can also include data mining and forensic data analytics. The purpose of anti-corruption compliance audits should be to test for substantive compliance by seeking to identify potential violations or red flags. Audits often also uncover new risks not previously seen or appreciated. In this way, they act as part of an ongoing corruption risk assessment process.
Anti-corruption procedures in M&A
Companies should develop a policy and specific procedures for anti-corruption due diligence in any contemplated merger, acquisition or joint venture.
Reassess risk and modify program
EY recommends that comprehensive corruption risk assessments are conducted periodically, to make sure that the anti-corruption program is evolving effectively to meet new risks posed by the changing business and regulatory environment. If the business changes significantly, such a process should be accelerated.
Adapted from a report by Emma McAleavey.
Read the article online at: https://www.oilfieldtechnology.com/exploration/08072014/eight_steps_to_effective_anti-corruption_compliance_874/