By Leslie Benton, Vice President, Advocacy and Stakeholder Engagement
Companies looking to improve their anti-corruption compliance programs can learn from CREATe.org’s “Top 10 Tips” for ensuring effective compliance. Providing advice for the development, implementation and enforcement of anti-corruption compliance programs, these tips are designed to promote compliance both within an organization and among its business partners.
- Understand Your Risks – It is important for a company to perform regular risk assessments specific to its industry, geography, business structure, business partners and level of government oversight. Those risks can then be evaluated in the context of the company’s control environment.
- Implement Effective Policies and Procedures – Companies must adopt, document and implement clear policies and procedures and effective financial controls, tailored to their specific risks, and communicate them throughout their organization, and, as appropriate, to business partners.
- Tone at the Top – For a compliance program to succeed, senior management must create and sustain a zero tolerance culture. Internationally recognized guidelines, such as the DOJ and SEC FCPA Resource Guide to the U.S. Foreign Corrupt Practices Act and the OECD Good Practice Guidance on Internal Controls, Ethics and Compliance, underscore that commitment of senior management is vital to the effectiveness of a company’s controls – and how the company will be viewed by enforcement authorities.
- Tone in the Middle – It is at this level of corporate management that the most compliance risks arise. Middle management, too, must be fully integrated into a company’s compliance efforts and accountable for implementation and monitoring.
- Ensure the Compliance Function has Independent Authority – Companies should assign responsibility to anti-corruption compliance to senior level representatives who have independence, clout and an adequate budget and human resources. Cross-functional teams are a best practice.
- Do Your Due Diligence – Including its business partners in its compliance program is imperative for a company’s success. A reported sixty percent of recent FCPA enforcement actions have involved third parties. Business partners must be rigorously vetted.
- Document Business Partner Relationships Carefully – Given the risks associated with entering into business relationships, it is crucial that companies spell out the services to be performed and payment terms for partnerships. At a minimum, provisions should be included for compliance reps and warranties and the right to terminate in the event of corruption.
- Train and Communicate – Companies must regularly train their employees, and provide specialized training for high-risk employees and for third parties. In addition to training, the importance of compliance must be consistently communicated throughout an organization.
- Monitor Your Program and Partners – Once a compliance program is in place, a company must regularly monitor the program and the performance of its employees and business partners, making sure to include effective whistleblower procedures and protection.
- Enforce and Improve – Thorough, timely investigations and sanctions for specific violations by employees and business partners are paramount to the success of a compliance program. Companies should take corrective action to update and improve their program as necessary, particularly to meet new risks as they arise.
For more information on improving your anti-corruption program, consult CREATe Leading Practices for Anti-Corruption here.