Many companies, depending on the industry, have implemented anti-corruption compliance programs. Some of the programs meet the standard for an “effective” anti-corruption compliance program. There is a vast difference between getting a program implemented on paper and an “effective” anti-corruption compliance program. After all, when you boil it down, anti-corruption compliance is not as difficult a task as everyone thinks.
Some programs are immature, some programs are overly complex, and some programs have found the right balance. Even an effective program, however, cannot guarantee success. There are so many ways to circumvent a program, secure money for paying bribes and then avoiding detection, especially if the business leaders and managers have not embraced anti-corruption compliance.
In the compliance context, tunnel vision occurs when senior leadership and the CCO have a narrow view of bribery risks and rely on a general assumption that anti-corruption compliance has been accomplished. Tunnel vision is contrary to vigilance and determination needed to mitigate risks on a continuing basis.
In this new compliance environment, there are five indicators that a company’s anti-corruption compliance program is suffering from “tunnel vision.”
The CEO and senior leadership have checked the box. CEOs and senior leaders are often satisfied when they implement an anti-corruption compliance program without understanding how and why it is supposed to work. If a CEO does not “own” the issue and flow down specific requirements from his or her senior leadership team, you can rest assured that the anti-corruption compliance program will not satisfy the effectiveness standard. In the absence of ownership and senior management commitment, a CCO will always be struggling for support, follow through and time dedicated for anti-corruption compliance.
Business managers, especially in sales, have not embraced compliance. A key indicator of a company’s commitment to compliance (on all issues including anti-corruption) is whether business managers take responsibility for ensuring compliance with anti-corruption policies and laws. Usually, this requires top management to push the issue down, hold managers accountable and include some measure of evaluation relating to anti-corruption compliance. It is fool-hardy to expect business managers to spread the compliance message, remind their employees of the importance of compliance, and monitor their employees’ activities to ensure full compliance, without a significant measure of accountability.
A disconnect between anti-corruption compliance and financial controls. CCOs and financial officers and managers at a company have to connect in a meaningful way to design, implement and monitor potential unauthorized use of funds. A key requirement, often ignored, is ensure proper coordination of financial controls and anti-corruption compliance. To state it obviously, a company cannot bribe unless a manager or employee uses money (or anything of value) to bribe a government officials. More attention needs to be paid to this issue and building stronger alliances between compliance and financial managers to prevent unauthorized access to money for bribery.
A shallow due diligence process. Many companies now have a skeletal due diligence process that employs a database service, FCPA questionnaires, and immature review and analysis functions. A shell due diligence program ignores careful risk-based analyses and mitigation strategies. Often the program is not well-documented with advice of counsel or risk analyses memoranda. The business personnel have no understanding of “red flags,” and why they are indicators of corruption and serious risks. An immature due diligence system is viewed as an administrative requirement without any substantive standards.
Another important indicator of a shallow due diligence process is the absence of any real defined controls over the due diligence process for potential acquisitions and integration planning. Companies that live and die through their acquisitions have to implement a robust due diligence program and integration planning system. A quick and easy test of an immature anti-corruption compliance program is the presence or absence of defined procedures for acquisition and integration.
A reimbursement/retrospective gifts and hospitality expense program. Companies that have robust anti-corruption compliance programs typically have a prospective component to their review of gifts and hospitality, meaning a threshold above which an employee must secure pre-approval for expenditures. Companies that have a narrow view of gifts and hospitality compliance usually have a retrospective program for reimbursement, not pre-approval. Employees pay for gifts and hospitality and then seek reimbursement as part of an expense account submission. Companies that have not replaced this component to require pre-approval, annual limits, and data collection of all meetings and interactions with foreign officials/recipients are running serious bribery risks.