SlideShare a Scribd company logo

Anti bribery and-corruption_the_good_the_bad_and_the_ugly

B
Barrett_Mackey
1 of 8
Download to read offline
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560   ANTIBRIBERY AND CORRUPTION: THE GOOD, THE BAD, AND THE UGLY   The  Good,  the  Bad,  and  the  Ugly  of  ABC ................................ 2   Starting  with  the  Ugly:  The  Growing  Burden  of  ABC  Laws  and  Regulations....................................... 2   Next,  the  Bad:  Ignorance  Is  no  Excuse .............................................................................................. 3   The  Good:  A  Strong  Compliance  Program  Ready  to  Defend  the  Organization ................................... 3   Meeting  Anticorruption  Obligations....................................... 4   Transaction  Monitoring:  The  Cornerstone  of  a  Strong   Antibribery  and  Corruption  Program...................................... 6   Oversight  Systems:  Bringing  Order  to  Compliance............................................................................ 7     Tuesday, October 2, 2012 www.Corp-Integrity.com Page 1 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 The dynamic and global nature of business is challenging for risk and compliance processes. As organizations expand operations and business relationships — vendors, supply chain, outsourcers, service providers, consultants and staffing — their risk exposure grows exponentially, internally and externally. Organizations need to stay on top of their game by monitoring relationships and transactions for bribery and corruption, expanding regulations, increased fines and sanctions, and aggressive regulators and prosecutors around the world. The Good, the Bad, and the Ugly of ABC Starting with the Ugly: The Growing Burden of ABC Laws and Regulations Laws such as the Foreign Corrupt Practices Act (FCPA) have been in place in the U.S. for nearly 35 years. Each year shows increasing noncompliance and growing fines and penalties by the U.S. Department of Justice. The U.K. Bribery Act (UKBA) was approved in 2010, and went into force July 2011. Both the FCPA and the UKBA are country-specific initiatives to support the Organization for Economic Cooperation and Developmentʼs (OECD) anticorruption initiatives. Other legislation such as the U.S. Dodd-Frank Wall Street Reform Act gives corporate whistleblowers that provide information that leads to a successful SEC enforcement 10 percent to 30 percent of monetary sanctions over $1 million. While the UKBA is still too new to measure its effect, the FCPA has a long trajectory of increasing penalties and enforcement actions. Consider:  The average FCPA penalty in its 35-year history is $50 million. In the past few years the average is over $66 million. To date the largest penalty has been against Siemens, at $800 million.  Investigation costs can run as much as the penalty. Siemenʼs spent over $800 million for investigation and legal costs. If the average recent fine is $66 million, the organization can expect to spend at least half that much on investigation.  The cost of complying with enforcement actions is significant. These typically require the organization to build and maintain a compliance program to specific requirements, and an independent external monitor to validate the program on a periodic basis. The ugly side of ABC enforcement actions is that the penalty is only half the cost to the organization. If the average penalty in the past two years is $66 million, the organization can expect the total cost to investigate and respond to issues of bribery and corruption Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 2 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 will be over $100 million, on average. Next, the Bad: Ignorance Is no Excuse Growing documentation of enforcement actions shows us the organization and executives cannot claim ignorance. It is imperative that the organization understands whom it is doing business with and the transactions being done. Organizations need strong internal controls to look for suspicious transactions and to ensure the organization is doing business with right organizations and not the wrong ones. In the Nature Sunshine FCPA action, the government charged the COO (CEO at time of investigation) and CFO with violating FCPAʼs books and records clause and did not have adequate control over and internal control provisions. This was in response to bribes paid by a Brazilian company subsidiary to customs officials to import unregistered products into Brazil. The SECʼs investigation determined neither the COO nor CFO had any involvement in or knowledge of the improper cash payments in Brazil. However, the SEC found they violated the FCPAʼs internal control provisions in their capacities as control persons under Section 20(a). The SEC based its argument on the theory that the COO and CFO failed to supervise the companyʼs internal controls and oversight of process to keep accurate books and records. The Good: A Strong Compliance Program Ready to Defend the Organization In April 2012 a landmark FCPA decision was announced. For the first time on record the government did not prosecute an organization for violation of FCPA: The company, Morgan Stanley, had a strong compliance program including a system of internal controls meant to ensure accountability for its assets and to prevent bribery and corruption. The Department of Justice stated: “Morgan Stanleyʼs internal policies, which were updated regularly to reflect regulatory developments and specific risks, prohibited bribery and addressed corruption risks associated with the giving of gifts, business entertainment, travel, lodging, meals, charitable contributions and employment. Morgan Stanley frequently trained its employees on its internal policies, the FCPA and other anticorruption laws. . . . Morgan Stanleyʼs compliance personnel regularly monitored transactions, randomly audited particular employees, transactions and business units, and tested to identify illicit payments. Moreover, Morgan Stanley conducted extensive due diligence on all new business partners and imposed stringent controls on payments made to business partners.” 1 1 http://www.justice.gov/opa/pr/2012/April/12-crm-534.html Tuesday, October 2, 2012 www.Corp-Integrity.com Page 3 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 This illustrates that strong processes — up-to-date policies, training and transaction monitoring — defend the organization and keep it out of trouble. Meeting Anticorruption Obligations In todayʼs complex business environment the organization protects itself by demonstrating it implements appropriate compliance measures to prevent and detect corruption and noncompliance. Preventive measures should avoid corruption, alongside detective measures to monitor for corruption and respond quickly and efficiently. While laws around the world are aimed at antibribery and corruption, compliance aspects of these laws are based on common requirements. From a U.S. perspective, the best defense is to show the organization meets the elements of an effective compliance program as established by the U.S. Sentencing Commission Organizational Guidelines.2 The guidelines compliment and coordinate well with the U.K.ʼs guidance requiring a company to demonstrate adequate procedures to prevent bribery. It is a full defense in the U.K. Bribery Act when an organization proves that despite a particular incident of bribery it nevertheless has proper compliance practices in place to prevent corruption and bribery. Both the U.S. and U.K. guidance align and support the OECD Good Practice on Internal Controls, Ethics and Compliance.3 An integrated view of the U.S., U.K. and OECD guidance requires an organization have the following compliance elements in place: • Understand your risk: An organization must conduct periodic assessment (e.g., annual) of the exposure of the organization to corruption and unethical conduct. • Approach compliance in proportionality of risk: If in a certain area of the world or business partner scores as a higher risk to corruption, the organization must respond with stronger compliance procedures and controls. • Tone at the top: Management must communicate that they support the antibribery and corruption compliance program and will not tolerate corruption in any form. At the same time they must be informed about the effectiveness and operations of compliance initiatives for anticorruption. • Know who you do business with: Due diligence efforts must be in place to make sure the organization is contracting with ethical entities. If there is a high degree of risk to corruption in a relationship, it is necessary that additional 2 http://www.ussc.gov/Guidelines/Organizational_Guidelines/guidelines_chapter_8.htm 3 http://www.oecd.org/dataoecd/5/51/44884389.pdf Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 4 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 preventive and detective controls be established in accordance with the risk. • Keep information current: These are not point-in-time efforts that happen once. Business transactions and relationships evolve and require ongoing monitoring to look for issues that point to bribery and corruption. • Compliance oversight: The organization needs someone responsible for oversight of antibribery and corruption compliance processes and activities, with the authority to report to the audit committee of the board. • Established policies and procedures: Organizations must have documented and up-to-date policies and procedures that address bribery and corruption. The code of conduct is the governing policy that addresses gifts, hospitality, entertainment, expenses, customer travel, political contributions, charitable donations and sponsorships and facilitation payments. • Effective training and communication: Written policies are not enough — individuals need to know what is expected of them. Organizations must implement training programs on the organizationʼs policies and practices for employees and business partners at risk of bribery, corruption and fraud. • Implement communication and reporting processes: The organization must have communication channels where employees can get questions on policies answered to avoid noncompliance issues. The organization must also have a hotline reporting system for individuals to report suspected misconduct. • Assessment and monitoring: The organization must have regular compliance assessment and monitoring activities to ensure policies, procedures and controls are in place and working. • Investigations: Investigation processes must quickly identify (e.g., hotline, surveys, management reports, exit interviews) potential incidents and quickly and effectively investigate and resolve issues. • Internal accounting controls: Organizations must keep detailed books, records and accounts that accurately reflect transactions and disposition of assets that could be implicated in bribery and corruption issues. • Manage change to the business: Organizations must monitor the business environment for changes that impact its anticorruption program or introduce greater risk of corruption. Compliance must be an active and living part of the organization to prevent and detect corruption, bribery and fraud in international business. It is a continuous and ongoing process that must be monitored, maintained and nurtured. The challenge is establishing corruption prevention and detection activities that move the organization from a reactive fire-fighting mode to one that proactively manages, monitors, prevents and detects corruption and compliance related risks. Tuesday, October 2, 2012 www.Corp-Integrity.com Page 5 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 Transaction Monitoring: The Cornerstone of a Strong Antibribery and Corruption Program Most organizations have policy and training programs in place. These are essential components — but by themselves do not keep organizations out of hot water. What the U.S. Department of Justice called out in the Morgan Stanley case were their policies and training, but they also had regular monitoring and auditing of transactions. The transaction-monitoring component is what makes companies different — it keeps them out of hot water, and when they do get in hot water it helps them recover. Think of this as a maturity curve. Ineffective compliance programs are ad hoc in nature and often supported by hundreds to thousands of documents and spreadsheets that are error-prone and difficult to reconcile. Established compliance programs have strong policies and training programs — this is good, but does not protect the organization completely. An effective compliance program has policies and training, but also has regular monitoring of business relationships and transactions — the organization is prepared to defend itself in enforcement actions. Organizations with transaction monitoring can demonstrate strong controls in place for FCPA books and records and internal control provisions; they can prevent suspicious transactions from happening to begin with, or alert the organization to suspicious activity before it becomes a greater issue. Transaction monitoring can accomplish the following: • The organization understands its risk as it continuously monitors transactions to alert the organization to bribery and corruption. • Monitoring can be tailored to address risk proportionality to the business, so high- risk transactions and business relationships are more effectively monitored. • Management is better prepared to take action and enforce tone, as suspicious transactions are brought to their attention to take action on. • The organization knows who it is doing business with as transactions with new vendors are reviewed and it ensures proper screening is done. • The most current information about business partners and transactions can be held to policy thresholds and due-diligence efforts. • Bribery and corruption issues can be monitored and prevented, alongside proper compliance oversight. • Transaction monitoring assures policies are complied with and exceptions enforced, documented and managed. • Employee training is reinforced, alerting workers when they do something outside of standard policies. • Robust communication and reporting alerts management to potential exposure. Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 6 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 • Internal accounting controls keep accurate records, and accurately reflect transactions and disposition of assets. Policies, training, audits and assessments are still needed. Transaction monitoring makes all of them an ongoing reality. In this way, the organization is prepared to defend itself in an enforcement action and demonstrate to law enforcement and regulators it is doing everything possible to prevent bribery and corruption. Oversight Systems: Bringing Order to Compliance Oversight Systems is a solution provider in the compliance market that Corporate Integrity has researched and evaluated. Through a purpose-built continuous transaction analysis, Oversight Systems eases the anticorruption compliance burden by delivering operational effectiveness, human and financial efficiency and agility to compliance processes. Its solution monitors transactions and the personnel that perform them, and detects and prevents bribery, corruption and other types of fraud. While other vendors help with policy communication and training for ABC compliance, Oversight Systems is one of the few that take compliance to the transaction level to ensure bribery and corruption does not happen in course of business transactions. Specifically, Oversight Systems accomplishes:  Data analytics: Oversight Systems monitors for bribery and corruption by monitoring accounting and ERP data to identify trends and anomalies.  Exception management: The ability to review and analyze transactions flagged as suspicious and grant exceptions when needed.  Real-time detection: Oversight Systems can monitor transactions, activity, and business relationships in real-time to help prevent issues from happening.  Continuous monitoring: By reviewing every transaction in the system the organization can look at transactions individually and in aggregate. This can detect bribery and corruption activity that may have flown under the radar initially.  Limit exposure: Continuous monitoring can prevent bribery and corruption or limit scope and duration to reduce exposure to the organization.  Business relationship monitoring: Through integration with third-party content sources such as politically exposed person (PEP) screening and watch lists, the organization can feel confident it is doing business with people that are not known to be susceptible to corruption.  Breadth of analytic capabilities: Oversight Systems has one of the most expansive analytic engines for analyzing business transactions. It covers Boolean logic, chaining, recurrence, format outliers, similarity, clustering and consolidation, Tuesday, October 2, 2012 www.Corp-Integrity.com Page 7 of 8
Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 temporal analysis, aggregation, numerical statistics, meta reasoning, sentiment, spatial, image and linguistic analytical capabilities.  Process automation: Integrated workflow and task management ensures everyone knows what is in their queue and what is expected of them.  Reporting and dashboard: The analytic engine drives a robust reporting and dashboarding ability that allows for customization to specific manager needs. The core compliance capabilities of the Oversight Systems solution enable a complete transaction monitoring and response system for bribery and corruption. This helps organizations achieve a system of internal control and monitoring to meet requirements of a regulatory compliance program. Oversight Systems is tuned to help with other areas of risk and compliance such as fraud, error and waste. Organizations that use Oversight Systems report they have lowered costs for monitoring and audit, minimized errors, were able to detect issues and areas for improvement in a timely manner, and gained greater clarity of business process and transaction performance. Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 8 of 8

Recommended

Enforcement Focus on CCO Liability GER 2017
Enforcement Focus on CCO Liability GER 2017Enforcement Focus on CCO Liability GER 2017
Enforcement Focus on CCO Liability GER 2017Duff & Phelps
 
Are CEOs Less Ethical Than in the Past?
Are CEOs Less Ethical Than in the Past?Are CEOs Less Ethical Than in the Past?
Are CEOs Less Ethical Than in the Past?Strategy&, a member of the PwC network
 
can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948Cheryl Goldberg
 
Preparing for and Responding Effectively to Cyber Attacks
Preparing for and Responding Effectively to Cyber AttacksPreparing for and Responding Effectively to Cyber Attacks
Preparing for and Responding Effectively to Cyber AttacksDuff & Phelps
 
Cyber Insurance - What you need to know
Cyber Insurance - What you need to knowCyber Insurance - What you need to know
Cyber Insurance - What you need to knowFitCEO, Inc. (FCI)
 
scce-cep-2016-05-Tushe
scce-cep-2016-05-Tushescce-cep-2016-05-Tushe
scce-cep-2016-05-TusheNadine Tushe
 
RC_JUL16_Boards Beware
RC_JUL16_Boards BewareRC_JUL16_Boards Beware
RC_JUL16_Boards BewareHarlan Loeb
 
2012 Cost of Cyber Crime Study: Japan
2012 Cost of Cyber Crime Study: Japan2012 Cost of Cyber Crime Study: Japan
2012 Cost of Cyber Crime Study: JapanJitendra Adhikari
 

Recommended

Enforcement Focus on CCO Liability GER 2017
Enforcement Focus on CCO Liability GER 2017Enforcement Focus on CCO Liability GER 2017
Enforcement Focus on CCO Liability GER 2017Duff & Phelps
 
Are CEOs Less Ethical Than in the Past?
Are CEOs Less Ethical Than in the Past?Are CEOs Less Ethical Than in the Past?
Are CEOs Less Ethical Than in the Past?Strategy&, a member of the PwC network
 
can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948Cheryl Goldberg
 
Preparing for and Responding Effectively to Cyber Attacks
Preparing for and Responding Effectively to Cyber AttacksPreparing for and Responding Effectively to Cyber Attacks
Preparing for and Responding Effectively to Cyber AttacksDuff & Phelps
 
Cyber Insurance - What you need to know
Cyber Insurance - What you need to knowCyber Insurance - What you need to know
Cyber Insurance - What you need to knowFitCEO, Inc. (FCI)
 
scce-cep-2016-05-Tushe
scce-cep-2016-05-Tushescce-cep-2016-05-Tushe
scce-cep-2016-05-TusheNadine Tushe
 
RC_JUL16_Boards Beware
RC_JUL16_Boards BewareRC_JUL16_Boards Beware
RC_JUL16_Boards BewareHarlan Loeb
 
2012 Cost of Cyber Crime Study: Japan
2012 Cost of Cyber Crime Study: Japan2012 Cost of Cyber Crime Study: Japan
2012 Cost of Cyber Crime Study: JapanJitendra Adhikari
 
FINEX Alert Perfect D&O Storm '16
FINEX Alert Perfect D&O Storm '16FINEX Alert Perfect D&O Storm '16
FINEX Alert Perfect D&O Storm '16Anthony Rapa
 
Bcg Candidate Core Story V
Bcg Candidate Core Story VBcg Candidate Core Story V
Bcg Candidate Core Story VEmployment Crossing
 
Reading Between the Lines GER 2017
Reading Between the Lines GER 2017Reading Between the Lines GER 2017
Reading Between the Lines GER 2017Duff & Phelps
 
The Rise And Rise Of FCPA
The Rise And Rise Of FCPAThe Rise And Rise Of FCPA
The Rise And Rise Of FCPANair and Co.
 
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...Leas Bachatene
 
Volksvegan
VolksveganVolksvegan
VolksveganTrade Expert
 
Risk of Fraud Managing Business Risk
Risk of Fraud Managing Business RiskRisk of Fraud Managing Business Risk
Risk of Fraud Managing Business RiskMuna D. Buchahin
 
Davon quiz 4
Davon quiz 4Davon quiz 4
Davon quiz 4Candy Foreman
 
Summary paper
Summary paperSummary paper
Summary paperelyssamo2
 
What the Research Tells Us: The SEC, CFTC, FINRA
What the Research Tells Us: The SEC, CFTC, FINRAWhat the Research Tells Us: The SEC, CFTC, FINRA
What the Research Tells Us: The SEC, CFTC, FINRADuff & Phelps
 
Executive Summary GER 2017
Executive Summary GER 2017Executive Summary GER 2017
Executive Summary GER 2017Duff & Phelps
 
Nimisha_Agarwal (2)
Nimisha_Agarwal (2)Nimisha_Agarwal (2)
Nimisha_Agarwal (2)Nimisha Agarwal
 
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and EthicsClass Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and EthicsJohn J. Sarno
 
A New Normal GER 2017
A New Normal GER 2017A New Normal GER 2017
A New Normal GER 2017Duff & Phelps
 
What the Research Tells Us: The PRA and FCA
What the Research Tells Us: The PRA and FCAWhat the Research Tells Us: The PRA and FCA
What the Research Tells Us: The PRA and FCADuff & Phelps
 
Legal Business - Bjarne
Legal Business - BjarneLegal Business - Bjarne
Legal Business - BjarneBjarne Philip Tellmann
 
The Professional Negligence Law Review First Edition
The Professional Negligence Law Review First EditionThe Professional Negligence Law Review First Edition
The Professional Negligence Law Review First EditionMatheson Law Firm
 
FCR Report 2017
FCR Report 2017FCR Report 2017
FCR Report 2017Gillian Faichnie
 
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...PECB
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Jay Kesan
 
November aasl pwpt
November aasl pwptNovember aasl pwpt
November aasl pwptCharlotte Aasl
 
Uzywkom nie! (3)
Uzywkom nie! (3)Uzywkom nie! (3)
Uzywkom nie! (3)Zespół Szkół w Drogomyślu
 

More Related Content

What's hot

FINEX Alert Perfect D&O Storm '16
FINEX Alert Perfect D&O Storm '16FINEX Alert Perfect D&O Storm '16
FINEX Alert Perfect D&O Storm '16Anthony Rapa
 
Reading Between the Lines GER 2017
Reading Between the Lines GER 2017Reading Between the Lines GER 2017
Reading Between the Lines GER 2017Duff & Phelps
 
The Rise And Rise Of FCPA
The Rise And Rise Of FCPAThe Rise And Rise Of FCPA
The Rise And Rise Of FCPANair and Co.
 
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...Leas Bachatene
 
Risk of Fraud Managing Business Risk
Risk of Fraud Managing Business RiskRisk of Fraud Managing Business Risk
Risk of Fraud Managing Business RiskMuna D. Buchahin
 
Summary paper
Summary paperSummary paper
Summary paperelyssamo2
 
What the Research Tells Us: The SEC, CFTC, FINRA
What the Research Tells Us: The SEC, CFTC, FINRAWhat the Research Tells Us: The SEC, CFTC, FINRA
What the Research Tells Us: The SEC, CFTC, FINRADuff & Phelps
 
Executive Summary GER 2017
Executive Summary GER 2017Executive Summary GER 2017
Executive Summary GER 2017Duff & Phelps
 
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and EthicsClass Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and EthicsJohn J. Sarno
 
A New Normal GER 2017
A New Normal GER 2017A New Normal GER 2017
A New Normal GER 2017Duff & Phelps
 
What the Research Tells Us: The PRA and FCA
What the Research Tells Us: The PRA and FCAWhat the Research Tells Us: The PRA and FCA
What the Research Tells Us: The PRA and FCADuff & Phelps
 
The Professional Negligence Law Review First Edition
The Professional Negligence Law Review First EditionThe Professional Negligence Law Review First Edition
The Professional Negligence Law Review First EditionMatheson Law Firm
 
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...PECB
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Jay Kesan
 

What's hot (20)

FINEX Alert Perfect D&O Storm '16
FINEX Alert Perfect D&O Storm '16FINEX Alert Perfect D&O Storm '16
FINEX Alert Perfect D&O Storm '16
 
Bcg Candidate Core Story V
Bcg Candidate Core Story VBcg Candidate Core Story V
Bcg Candidate Core Story V
 
Reading Between the Lines GER 2017
Reading Between the Lines GER 2017Reading Between the Lines GER 2017
Reading Between the Lines GER 2017
 
The Rise And Rise Of FCPA
The Rise And Rise Of FCPAThe Rise And Rise Of FCPA
The Rise And Rise Of FCPA
 
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
ethiXbase-Anti-Corruption-Compliance-Achieving-100-percent-third-party-due-di...
 
Volksvegan
VolksveganVolksvegan
Volksvegan
 
Risk of Fraud Managing Business Risk
Risk of Fraud Managing Business RiskRisk of Fraud Managing Business Risk
Risk of Fraud Managing Business Risk
 
Davon quiz 4
Davon quiz 4Davon quiz 4
Davon quiz 4
 
Summary paper
Summary paperSummary paper
Summary paper
 
What the Research Tells Us: The SEC, CFTC, FINRA
What the Research Tells Us: The SEC, CFTC, FINRAWhat the Research Tells Us: The SEC, CFTC, FINRA
What the Research Tells Us: The SEC, CFTC, FINRA
 
Executive Summary GER 2017
Executive Summary GER 2017Executive Summary GER 2017
Executive Summary GER 2017
 
Nimisha_Agarwal (2)
Nimisha_Agarwal (2)Nimisha_Agarwal (2)
Nimisha_Agarwal (2)
 
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and EthicsClass Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
Class Lecture: Corporate Culture, Abuse of Power, Whistleblowing and Ethics
 
A New Normal GER 2017
A New Normal GER 2017A New Normal GER 2017
A New Normal GER 2017
 
What the Research Tells Us: The PRA and FCA
What the Research Tells Us: The PRA and FCAWhat the Research Tells Us: The PRA and FCA
What the Research Tells Us: The PRA and FCA
 
Legal Business - Bjarne
Legal Business - BjarneLegal Business - Bjarne
Legal Business - Bjarne
 
The Professional Negligence Law Review First Edition
The Professional Negligence Law Review First EditionThe Professional Negligence Law Review First Edition
The Professional Negligence Law Review First Edition
 
FCR Report 2017
FCR Report 2017FCR Report 2017
FCR Report 2017
 
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
 

Viewers also liked

Pc week powerpoint[2]
Pc week powerpoint[2]Pc week powerpoint[2]
Pc week powerpoint[2]tomsabella
 
Pc week powerpoint[1]
Pc week powerpoint[1]Pc week powerpoint[1]
Pc week powerpoint[1]tomsabella
 
Uploading certificate with oracle wallet manager and orapki utilities
Uploading certificate with oracle wallet manager and orapki utilitiesUploading certificate with oracle wallet manager and orapki utilities
Uploading certificate with oracle wallet manager and orapki utilitiesÖzgür Umut Vurgun
 
Oracle12c Pluggable Database Hands On - TROUG 2014
Oracle12c Pluggable Database Hands On - TROUG 2014Oracle12c Pluggable Database Hands On - TROUG 2014
Oracle12c Pluggable Database Hands On - TROUG 2014Özgür Umut Vurgun
 
Yeni başlayanlar i̇çin Oracle 12c
Yeni başlayanlar i̇çin Oracle 12cYeni başlayanlar i̇çin Oracle 12c
Yeni başlayanlar i̇çin Oracle 12cÖzgür Umut Vurgun
 
Portfolio theory chapter
Portfolio theory chapterPortfolio theory chapter
Portfolio theory chaptershashi09kumar
 

Viewers also liked (18)

November aasl pwpt
November aasl pwptNovember aasl pwpt
November aasl pwpt
 
Uzywkom nie! (3)
Uzywkom nie! (3)Uzywkom nie! (3)
Uzywkom nie! (3)
 
Research
ResearchResearch
Research
 
Andres guevara
Andres guevaraAndres guevara
Andres guevara
 
Pc week powerpoint[2]
Pc week powerpoint[2]Pc week powerpoint[2]
Pc week powerpoint[2]
 
LMiR 2013 ZS Drogomyśl
LMiR 2013 ZS DrogomyślLMiR 2013 ZS Drogomyśl
LMiR 2013 ZS Drogomyśl
 
Pc week powerpoint[1]
Pc week powerpoint[1]Pc week powerpoint[1]
Pc week powerpoint[1]
 
Uploading certificate with oracle wallet manager and orapki utilities
Uploading certificate with oracle wallet manager and orapki utilitiesUploading certificate with oracle wallet manager and orapki utilities
Uploading certificate with oracle wallet manager and orapki utilities
 
Oracle12c Pluggable Database Hands On - TROUG 2014
Oracle12c Pluggable Database Hands On - TROUG 2014Oracle12c Pluggable Database Hands On - TROUG 2014
Oracle12c Pluggable Database Hands On - TROUG 2014
 
Uzywkom nie! (1)
Uzywkom nie! (1)Uzywkom nie! (1)
Uzywkom nie! (1)
 
Oracle12c flex rac flex asm
Oracle12c flex rac flex asmOracle12c flex rac flex asm
Oracle12c flex rac flex asm
 
Yeni başlayanlar i̇çin Oracle 12c
Yeni başlayanlar i̇çin Oracle 12cYeni başlayanlar i̇çin Oracle 12c
Yeni başlayanlar i̇çin Oracle 12c
 
Photo schemas (1)
Photo schemas (1)Photo schemas (1)
Photo schemas (1)
 
Uzywkom nie! (6)
Uzywkom nie! (6)Uzywkom nie! (6)
Uzywkom nie! (6)
 
Uzywkom nie! (7)
Uzywkom nie! (7)Uzywkom nie! (7)
Uzywkom nie! (7)
 
Exadata Performance Notes
Exadata Performance NotesExadata Performance Notes
Exadata Performance Notes
 
Portfolio theory chapter
Portfolio theory chapterPortfolio theory chapter
Portfolio theory chapter
 
Oracle Cloud As Services
Oracle Cloud As ServicesOracle Cloud As Services
Oracle Cloud As Services
 

Similar to Anti bribery and-corruption_the_good_the_bad_and_the_ugly

1Ethics and the Nonprofit March 2013Ethics and the Nonprof
1Ethics and the Nonprofit March 2013Ethics and the Nonprof1Ethics and the Nonprofit March 2013Ethics and the Nonprof
1Ethics and the Nonprofit March 2013Ethics and the NonprofAnastaciaShadelb
 
Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesDun & Bradstreet
 
A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)
A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)
A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)Dan Frechtling
 
Employer 0409
Employer 0409Employer 0409
Employer 0409dgade
 
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_Haluk Ferden Gursel
 
Audit Response to Money Laundering by Financial Institutions: An Economic Per...
Audit Response to Money Laundering by Financial Institutions: An Economic Per...Audit Response to Money Laundering by Financial Institutions: An Economic Per...
Audit Response to Money Laundering by Financial Institutions: An Economic Per...inventionjournals
 
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...EY
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...LexisNexis Benelux
 
Securities Insight: Securities Enforcement
Securities Insight: Securities EnforcementSecurities Insight: Securities Enforcement
Securities Insight: Securities EnforcementLexisNexis
 
Chavez Beyond the Smoke-Filled Room
Chavez Beyond the Smoke-Filled RoomChavez Beyond the Smoke-Filled Room
Chavez Beyond the Smoke-Filled RoomJ. Anthony Chavez
 
Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey Paul Hamilton
 
Managing sanctions compliance challenges
Managing sanctions compliance challengesManaging sanctions compliance challenges
Managing sanctions compliance challengesGrant Thornton LLP
 
IBM Counter Financial Crimes Management
IBM Counter Financial Crimes ManagementIBM Counter Financial Crimes Management
IBM Counter Financial Crimes ManagementVirginia Fernandez
 
Restoring Your Organization's Reputation after Financial Fraud
Restoring Your Organization's Reputation after Financial FraudRestoring Your Organization's Reputation after Financial Fraud
Restoring Your Organization's Reputation after Financial FraudCBIZ, Inc.
 

Similar to Anti bribery and-corruption_the_good_the_bad_and_the_ugly (20)

1Ethics and the Nonprofit March 2013Ethics and the Nonprof
1Ethics and the Nonprofit March 2013Ethics and the Nonprof1Ethics and the Nonprofit March 2013Ethics and the Nonprof
1Ethics and the Nonprofit March 2013Ethics and the Nonprof
 
September 2017 newsletter
September 2017 newsletterSeptember 2017 newsletter
September 2017 newsletter
 
Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third Parties
 
A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)
A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)
A_Complete_Approach_to_KYC_With_Business_Customer_Intelligence (1)
 
Employer 0409
Employer 0409Employer 0409
Employer 0409
 
Your Third-Party Vendor's Risk Is Your Risk, Too
Your Third-Party Vendor's Risk Is Your Risk, Too Your Third-Party Vendor's Risk Is Your Risk, Too
Your Third-Party Vendor's Risk Is Your Risk, Too
 
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
Dr haluk f gursel fraud examination rises to distinction article grcj 2010 1_v3_
 
MTBiz Jan-Mar 2013
MTBiz Jan-Mar 2013MTBiz Jan-Mar 2013
MTBiz Jan-Mar 2013
 
Audit Response to Money Laundering by Financial Institutions: An Economic Per...
Audit Response to Money Laundering by Financial Institutions: An Economic Per...Audit Response to Money Laundering by Financial Institutions: An Economic Per...
Audit Response to Money Laundering by Financial Institutions: An Economic Per...
 
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
 
Securities Insight: Securities Enforcement
Securities Insight: Securities EnforcementSecurities Insight: Securities Enforcement
Securities Insight: Securities Enforcement
 
William J. Kolasky Antitrust Compliance Programs The Governm
William J. Kolasky Antitrust Compliance Programs The GovernmWilliam J. Kolasky Antitrust Compliance Programs The Governm
William J. Kolasky Antitrust Compliance Programs The Governm
 
William j. kolasky antitrust compliance programs the governm
William j. kolasky antitrust compliance programs the governmWilliam j. kolasky antitrust compliance programs the governm
William j. kolasky antitrust compliance programs the governm
 
Chavez Beyond the Smoke-Filled Room
Chavez Beyond the Smoke-Filled RoomChavez Beyond the Smoke-Filled Room
Chavez Beyond the Smoke-Filled Room
 
Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey
 
Managing sanctions compliance challenges
Managing sanctions compliance challengesManaging sanctions compliance challenges
Managing sanctions compliance challenges
 
IBM Counter Financial Crimes Management
IBM Counter Financial Crimes ManagementIBM Counter Financial Crimes Management
IBM Counter Financial Crimes Management
 
IBM Counter Finalcial Crimes Management
IBM Counter Finalcial Crimes ManagementIBM Counter Finalcial Crimes Management
IBM Counter Finalcial Crimes Management
 
Restoring Your Organization's Reputation after Financial Fraud
Restoring Your Organization's Reputation after Financial FraudRestoring Your Organization's Reputation after Financial Fraud
Restoring Your Organization's Reputation after Financial Fraud
 

Anti bribery and-corruption_the_good_the_bad_and_the_ugly

  • 1. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560   ANTIBRIBERY AND CORRUPTION: THE GOOD, THE BAD, AND THE UGLY   The  Good,  the  Bad,  and  the  Ugly  of  ABC ................................ 2   Starting  with  the  Ugly:  The  Growing  Burden  of  ABC  Laws  and  Regulations....................................... 2   Next,  the  Bad:  Ignorance  Is  no  Excuse .............................................................................................. 3   The  Good:  A  Strong  Compliance  Program  Ready  to  Defend  the  Organization ................................... 3   Meeting  Anticorruption  Obligations....................................... 4   Transaction  Monitoring:  The  Cornerstone  of  a  Strong   Antibribery  and  Corruption  Program...................................... 6   Oversight  Systems:  Bringing  Order  to  Compliance............................................................................ 7     Tuesday, October 2, 2012 www.Corp-Integrity.com Page 1 of 8
  • 2. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 The dynamic and global nature of business is challenging for risk and compliance processes. As organizations expand operations and business relationships — vendors, supply chain, outsourcers, service providers, consultants and staffing — their risk exposure grows exponentially, internally and externally. Organizations need to stay on top of their game by monitoring relationships and transactions for bribery and corruption, expanding regulations, increased fines and sanctions, and aggressive regulators and prosecutors around the world. The Good, the Bad, and the Ugly of ABC Starting with the Ugly: The Growing Burden of ABC Laws and Regulations Laws such as the Foreign Corrupt Practices Act (FCPA) have been in place in the U.S. for nearly 35 years. Each year shows increasing noncompliance and growing fines and penalties by the U.S. Department of Justice. The U.K. Bribery Act (UKBA) was approved in 2010, and went into force July 2011. Both the FCPA and the UKBA are country-specific initiatives to support the Organization for Economic Cooperation and Developmentʼs (OECD) anticorruption initiatives. Other legislation such as the U.S. Dodd-Frank Wall Street Reform Act gives corporate whistleblowers that provide information that leads to a successful SEC enforcement 10 percent to 30 percent of monetary sanctions over $1 million. While the UKBA is still too new to measure its effect, the FCPA has a long trajectory of increasing penalties and enforcement actions. Consider:  The average FCPA penalty in its 35-year history is $50 million. In the past few years the average is over $66 million. To date the largest penalty has been against Siemens, at $800 million.  Investigation costs can run as much as the penalty. Siemenʼs spent over $800 million for investigation and legal costs. If the average recent fine is $66 million, the organization can expect to spend at least half that much on investigation.  The cost of complying with enforcement actions is significant. These typically require the organization to build and maintain a compliance program to specific requirements, and an independent external monitor to validate the program on a periodic basis. The ugly side of ABC enforcement actions is that the penalty is only half the cost to the organization. If the average penalty in the past two years is $66 million, the organization can expect the total cost to investigate and respond to issues of bribery and corruption Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 2 of 8
  • 3. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 will be over $100 million, on average. Next, the Bad: Ignorance Is no Excuse Growing documentation of enforcement actions shows us the organization and executives cannot claim ignorance. It is imperative that the organization understands whom it is doing business with and the transactions being done. Organizations need strong internal controls to look for suspicious transactions and to ensure the organization is doing business with right organizations and not the wrong ones. In the Nature Sunshine FCPA action, the government charged the COO (CEO at time of investigation) and CFO with violating FCPAʼs books and records clause and did not have adequate control over and internal control provisions. This was in response to bribes paid by a Brazilian company subsidiary to customs officials to import unregistered products into Brazil. The SECʼs investigation determined neither the COO nor CFO had any involvement in or knowledge of the improper cash payments in Brazil. However, the SEC found they violated the FCPAʼs internal control provisions in their capacities as control persons under Section 20(a). The SEC based its argument on the theory that the COO and CFO failed to supervise the companyʼs internal controls and oversight of process to keep accurate books and records. The Good: A Strong Compliance Program Ready to Defend the Organization In April 2012 a landmark FCPA decision was announced. For the first time on record the government did not prosecute an organization for violation of FCPA: The company, Morgan Stanley, had a strong compliance program including a system of internal controls meant to ensure accountability for its assets and to prevent bribery and corruption. The Department of Justice stated: “Morgan Stanleyʼs internal policies, which were updated regularly to reflect regulatory developments and specific risks, prohibited bribery and addressed corruption risks associated with the giving of gifts, business entertainment, travel, lodging, meals, charitable contributions and employment. Morgan Stanley frequently trained its employees on its internal policies, the FCPA and other anticorruption laws. . . . Morgan Stanleyʼs compliance personnel regularly monitored transactions, randomly audited particular employees, transactions and business units, and tested to identify illicit payments. Moreover, Morgan Stanley conducted extensive due diligence on all new business partners and imposed stringent controls on payments made to business partners.” 1 1 http://www.justice.gov/opa/pr/2012/April/12-crm-534.html Tuesday, October 2, 2012 www.Corp-Integrity.com Page 3 of 8
  • 4. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 This illustrates that strong processes — up-to-date policies, training and transaction monitoring — defend the organization and keep it out of trouble. Meeting Anticorruption Obligations In todayʼs complex business environment the organization protects itself by demonstrating it implements appropriate compliance measures to prevent and detect corruption and noncompliance. Preventive measures should avoid corruption, alongside detective measures to monitor for corruption and respond quickly and efficiently. While laws around the world are aimed at antibribery and corruption, compliance aspects of these laws are based on common requirements. From a U.S. perspective, the best defense is to show the organization meets the elements of an effective compliance program as established by the U.S. Sentencing Commission Organizational Guidelines.2 The guidelines compliment and coordinate well with the U.K.ʼs guidance requiring a company to demonstrate adequate procedures to prevent bribery. It is a full defense in the U.K. Bribery Act when an organization proves that despite a particular incident of bribery it nevertheless has proper compliance practices in place to prevent corruption and bribery. Both the U.S. and U.K. guidance align and support the OECD Good Practice on Internal Controls, Ethics and Compliance.3 An integrated view of the U.S., U.K. and OECD guidance requires an organization have the following compliance elements in place: • Understand your risk: An organization must conduct periodic assessment (e.g., annual) of the exposure of the organization to corruption and unethical conduct. • Approach compliance in proportionality of risk: If in a certain area of the world or business partner scores as a higher risk to corruption, the organization must respond with stronger compliance procedures and controls. • Tone at the top: Management must communicate that they support the antibribery and corruption compliance program and will not tolerate corruption in any form. At the same time they must be informed about the effectiveness and operations of compliance initiatives for anticorruption. • Know who you do business with: Due diligence efforts must be in place to make sure the organization is contracting with ethical entities. If there is a high degree of risk to corruption in a relationship, it is necessary that additional 2 http://www.ussc.gov/Guidelines/Organizational_Guidelines/guidelines_chapter_8.htm 3 http://www.oecd.org/dataoecd/5/51/44884389.pdf Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 4 of 8
  • 5. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 preventive and detective controls be established in accordance with the risk. • Keep information current: These are not point-in-time efforts that happen once. Business transactions and relationships evolve and require ongoing monitoring to look for issues that point to bribery and corruption. • Compliance oversight: The organization needs someone responsible for oversight of antibribery and corruption compliance processes and activities, with the authority to report to the audit committee of the board. • Established policies and procedures: Organizations must have documented and up-to-date policies and procedures that address bribery and corruption. The code of conduct is the governing policy that addresses gifts, hospitality, entertainment, expenses, customer travel, political contributions, charitable donations and sponsorships and facilitation payments. • Effective training and communication: Written policies are not enough — individuals need to know what is expected of them. Organizations must implement training programs on the organizationʼs policies and practices for employees and business partners at risk of bribery, corruption and fraud. • Implement communication and reporting processes: The organization must have communication channels where employees can get questions on policies answered to avoid noncompliance issues. The organization must also have a hotline reporting system for individuals to report suspected misconduct. • Assessment and monitoring: The organization must have regular compliance assessment and monitoring activities to ensure policies, procedures and controls are in place and working. • Investigations: Investigation processes must quickly identify (e.g., hotline, surveys, management reports, exit interviews) potential incidents and quickly and effectively investigate and resolve issues. • Internal accounting controls: Organizations must keep detailed books, records and accounts that accurately reflect transactions and disposition of assets that could be implicated in bribery and corruption issues. • Manage change to the business: Organizations must monitor the business environment for changes that impact its anticorruption program or introduce greater risk of corruption. Compliance must be an active and living part of the organization to prevent and detect corruption, bribery and fraud in international business. It is a continuous and ongoing process that must be monitored, maintained and nurtured. The challenge is establishing corruption prevention and detection activities that move the organization from a reactive fire-fighting mode to one that proactively manages, monitors, prevents and detects corruption and compliance related risks. Tuesday, October 2, 2012 www.Corp-Integrity.com Page 5 of 8
  • 6. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 Transaction Monitoring: The Cornerstone of a Strong Antibribery and Corruption Program Most organizations have policy and training programs in place. These are essential components — but by themselves do not keep organizations out of hot water. What the U.S. Department of Justice called out in the Morgan Stanley case were their policies and training, but they also had regular monitoring and auditing of transactions. The transaction-monitoring component is what makes companies different — it keeps them out of hot water, and when they do get in hot water it helps them recover. Think of this as a maturity curve. Ineffective compliance programs are ad hoc in nature and often supported by hundreds to thousands of documents and spreadsheets that are error-prone and difficult to reconcile. Established compliance programs have strong policies and training programs — this is good, but does not protect the organization completely. An effective compliance program has policies and training, but also has regular monitoring of business relationships and transactions — the organization is prepared to defend itself in enforcement actions. Organizations with transaction monitoring can demonstrate strong controls in place for FCPA books and records and internal control provisions; they can prevent suspicious transactions from happening to begin with, or alert the organization to suspicious activity before it becomes a greater issue. Transaction monitoring can accomplish the following: • The organization understands its risk as it continuously monitors transactions to alert the organization to bribery and corruption. • Monitoring can be tailored to address risk proportionality to the business, so high- risk transactions and business relationships are more effectively monitored. • Management is better prepared to take action and enforce tone, as suspicious transactions are brought to their attention to take action on. • The organization knows who it is doing business with as transactions with new vendors are reviewed and it ensures proper screening is done. • The most current information about business partners and transactions can be held to policy thresholds and due-diligence efforts. • Bribery and corruption issues can be monitored and prevented, alongside proper compliance oversight. • Transaction monitoring assures policies are complied with and exceptions enforced, documented and managed. • Employee training is reinforced, alerting workers when they do something outside of standard policies. • Robust communication and reporting alerts management to potential exposure. Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 6 of 8
  • 7. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 • Internal accounting controls keep accurate records, and accurately reflect transactions and disposition of assets. Policies, training, audits and assessments are still needed. Transaction monitoring makes all of them an ongoing reality. In this way, the organization is prepared to defend itself in an enforcement action and demonstrate to law enforcement and regulators it is doing everything possible to prevent bribery and corruption. Oversight Systems: Bringing Order to Compliance Oversight Systems is a solution provider in the compliance market that Corporate Integrity has researched and evaluated. Through a purpose-built continuous transaction analysis, Oversight Systems eases the anticorruption compliance burden by delivering operational effectiveness, human and financial efficiency and agility to compliance processes. Its solution monitors transactions and the personnel that perform them, and detects and prevents bribery, corruption and other types of fraud. While other vendors help with policy communication and training for ABC compliance, Oversight Systems is one of the few that take compliance to the transaction level to ensure bribery and corruption does not happen in course of business transactions. Specifically, Oversight Systems accomplishes:  Data analytics: Oversight Systems monitors for bribery and corruption by monitoring accounting and ERP data to identify trends and anomalies.  Exception management: The ability to review and analyze transactions flagged as suspicious and grant exceptions when needed.  Real-time detection: Oversight Systems can monitor transactions, activity, and business relationships in real-time to help prevent issues from happening.  Continuous monitoring: By reviewing every transaction in the system the organization can look at transactions individually and in aggregate. This can detect bribery and corruption activity that may have flown under the radar initially.  Limit exposure: Continuous monitoring can prevent bribery and corruption or limit scope and duration to reduce exposure to the organization.  Business relationship monitoring: Through integration with third-party content sources such as politically exposed person (PEP) screening and watch lists, the organization can feel confident it is doing business with people that are not known to be susceptible to corruption.  Breadth of analytic capabilities: Oversight Systems has one of the most expansive analytic engines for analyzing business transactions. It covers Boolean logic, chaining, recurrence, format outliers, similarity, clustering and consolidation, Tuesday, October 2, 2012 www.Corp-Integrity.com Page 7 of 8
  • 8. Author: Michael Rasmussen mkras@Corp-Integrity.com +1.888.365.4560 temporal analysis, aggregation, numerical statistics, meta reasoning, sentiment, spatial, image and linguistic analytical capabilities.  Process automation: Integrated workflow and task management ensures everyone knows what is in their queue and what is expected of them.  Reporting and dashboard: The analytic engine drives a robust reporting and dashboarding ability that allows for customization to specific manager needs. The core compliance capabilities of the Oversight Systems solution enable a complete transaction monitoring and response system for bribery and corruption. This helps organizations achieve a system of internal control and monitoring to meet requirements of a regulatory compliance program. Oversight Systems is tuned to help with other areas of risk and compliance such as fraud, error and waste. Organizations that use Oversight Systems report they have lowered costs for monitoring and audit, minimized errors, were able to detect issues and areas for improvement in a timely manner, and gained greater clarity of business process and transaction performance. Tuesday, October 2, 2012 © 2012, Corporate Integrity, LLC. All rights reserved. Page 8 of 8