In recent remarks to a compliance conference for the pharmaceutical industry, the SEC’s Director of Enforcement, Andrew Ceresney, addressed FCPA issues that commonly arise in the industry. According to Ceresney, the SEC is continuing to focus on pharmaceutical companies because their operations typically pose a high risk for FCPA violations. Ceresney identified common bribery schemes and emphasized that the best way for a company to avoid these pitfalls is to implement a robust FCPA compliance program.
FCPA compliance programs, Ceresney said, are the best tools to detect FCPA misconduct and allow companies the opportunity to self-report and cooperate. Ceresney cited the recent Goodyear settlement in which no penalty was imposed because of Goodyear’s self-disclosure, cooperation, and remedial efforts. (See our coverage of the Goodyear settlement here.) Underscoring the importance of internal controls, he stated that senior leadership of companies should avoid a check-the-box mentality, and instead give “careful thought at the outset to how controls should be designed in light of a firm’s business operations.”
In his remarks, Ceresney also highlighted the hallmarks of an effective FCPA compliance program. These items include:
- Sufficient compliance personnel,
- Properly designed policies and procedures that are regularly tested,
- Employee compliance training,
- Vendors reviews,
- Third party due diligence,
- Accounting and expense controls,
- A process to escalate red flags, and
- Regular internal audits of the company’s books and records.
In light of the SEC’s recent emphasis on the difficult-to-meet “prevent and detect” standard for internal controls (as discussed in our coverage here), all companies, especially those in the pharmaceutical industry, should evaluate whether their FCPA compliance program conforms to Director Ceresney’s recommendations. A complete transcript of Ceresney’s remarks can be found here.