Avoid an FCPA investigation before it's too late

Avoid an FCPA investigation before it's too late
November 12, 2015

The message is clear. If your company is engaged in international activities, it's critical that you thoroughly assess and understand your company’s risks of non-compliance with the FCPA and design your controls accordingly.

A recent article that appeared in Compliance Week, co-authored by Joseph Howell, Co-founder and Executive Vice President of Workiva, and Brent Macey, Director of Internal Audit for Schnitzer Steel Industries, Inc., analyzes the steps you need to take to avoid a difficult audit.

First, it is essential that you understand the law—Foreign Corrupt Practice Act (FCPA).

Companies that put off implementing controls because it seems like an expensive undertaking or aren't sure where to begin are putting their business at risk. Whether your team conducts its own review or contracts an outside expert to perform an evaluation, it's important that you have a strong understanding of the FCPA provisions before beginning the process of identifying and assessing your risks.

Once you understand the law, you can go forward with the risk assessment.

Howell and Macey suggest appointing a small steering committee with representatives from legal, finance, compliance, risk, purchasing, and sales. This committee will be tasked with identifying all foreign contacts and all types of hypothetical actions by the organization or employees that could be considered a bribe under the FCPA.

After the risks are identified and effectively ranked from highest to lowest, it's the steering committee's time to shine.

The group should make clear recommendations to senior management and the board as to which risks to link with controls and which risks to manage in a different manner.

The process doesn't need to be overly complex and will provide limitless value to your organization, while keeping it away from a damaging and costly FCPA investigation.

Take it from Kara Brockmeyer, Chief of the SEC Enforcement Division's FCPA Unit, in a statement regarding a U.S. company charged with more than $2 million in penalties from FCPA violations.

This is a wake-up call for small and medium-size businesses that want to enter into high-risk markets and expand their international sales. When a company makes the strategic decision to sell its products overseas, it must ensure that the right internal controls are in place and operating.

And Tom Fox, author and seasoned industry expert, writes in a recent Compliance Week e-book about the long-term importance of assessing your risks:

Internal controls will only become more important in FCPA enforcement. You need to get ahead of the curve.

Conducting a full assessment of your non-compliance risks will provide significant value to your senior management and board of directors. This, incorporated with controls, employee training, and periodic audits will give you and your company not only peace of mind, but could save millions of dollars.

So, go ahead and tell management to expand business internationally, with the confidence you need knowing you'll avoid the potential costly consequences of an FCPA investigation.

For more in-depth information about this process, here's a practical guide. Download the white paper.

Mike Sellberg

About the author

Mike Sellberg is Executive Vice President and Chief Product Officer at Workiva. He is the former EVP and CTO at iMed Studios and the former Divisional General Manager at Engineering Animation, Inc.