Issuu on Google+

1

|

Anti-Corruption Compliance Program Benchmarking Survey

Anti-Corruption Compliance Program Benchmarking Survey


2

|

Anti-Corruption Compliance Program Benchmarking Survey


3

|

Anti-Corruption Compliance Program Benchmarking Survey

INTRODUCTION BY KAPLAN & WALKER LLP Over the years, the FCPA Blog has been an indispensable resource for Anti-Corruption related information and ideas. We are delighted and honored to have had this opportunity to partner with Dick Cassin and his colleagues at the Blog (and their new partners at Ethics360) on this benchmarking survey, which we hope will be viewed as part of that tradition. We have been providing compliance program related legal services to organizations since the 1990’s and during that time have frequently seen the important role that benchmarking can play in helping companies and their advisors develop, improve and assess compliance programs generally. The case for Anti-Corruption compliance program benchmarking in particular is, we believe, especially strong. This is due in part to the increasingly grave consequences of sub-optimal performance in this area and also to the high degree of operational complexity for Anti-Corruption compliance programs. As much as any other area of law, the devil is in the details when it comes to ensuring compliance program effectiveness here. In drafting this survey, we drew upon various Anti-Corruption related best practices of organizations with which we are familiar. Of course, we do not suggest that any particular compliance tool or approach necessarily makes sense for all organizations. Like any compliance area, Anti-Corruption efforts require mechanisms that are riskbased and otherwise well-tailored to an organization’s particular needs. However, we hope that having the data contained in this report will allow companies to address the challenge of ensuring compliance efficacy in an informed way, based in part, and as appropriate, on the experience of others.

Kaplan & Walker LLP


4

|

Anti-Corruption Compliance Program Benchmarking Survey

INTRODUCTION BY RICHARD L. CASSIN The Anti-Corruption Compliance Program Benchmarks Survey was the creation of Jeff Kaplan and Rebecca Walker. I had the pleasure to help get the word out about it through the FCPA Blog. The response from the global compliance community was enthusiastic. That’s partly because Jeff and Rebecca wrote the Survey to be, among other things, an inventory of compliance best practices. Just taking the Survey could help a company diagnose its compliance condition and find ways to make it better. The positive response was also due to the growing worldwide interest in compliance. That phenomenon prompted me to ask on the FCPA Blog not long ago if ours will be the time when international public corruption is finally tossed into the trashcan of history? There are plenty of reasons to think so. Only five years ago, even thoughtful people believed overseas bribery was a victimless crime -- a harmless agreement between two consenting adults. Happily, that idea is largely gone, replaced by awareness, still growing, that graft’s victims can be counted in the billions. What changed attitudes? Not one thing but many. Respected NGOs are now speaking for the victims. The stories aren’t pleasant (think ‘Blood Diamond’) but the links between graft and human rights abuses are now in plain sight. Though the damage from corruption can be seen and felt, it’s hard to measure, putting it in the realm of ‘soft’ science. Still, some brave academics have taken up the cause of compliance. The U.N. and OECD are promoting the links between compliance, ethics, and human rights. It’s one of the most important new trends of corporate citizenship. And ordinary people have more power to fight corruption than at any time in history. There’s easy access to online public and private hotlines. Cell phones record ‘secret’ shakedowns in the tax office, snap photos of cash-grabbing clerks, and capture videos of corrupt cops and judges that might appear on YouTube an hour later. Through Facebook, victims find each other and lock arms. And with Twitter, a hundred thousand people can be in the streets by noon to march against sleaze. No wonder the interest in compliance is spreading well beyond the United States. The U.K. is now on the front lines, Canada has joined the fight, the G-7 has more attention on enforcement than ever, and the OECD is pushing all of its members to get on board. Sure, there’s lots of work ahead. But these really are hopeful times. Part of that hope is based on the work of people like Jeff Kaplan and Rebecca Walker. And of all those who completed the Anti-Corruption Compliance Program Benchmarks Survey. Their thoughtful responses made this landmark Report possible. Richard L. Cassin The FCPA Blog


5

|

Anti-Corruption Compliance Program Benchmarking Survey

CONTENT 06

Selected Highlights Of The Survey

07

Introduction And Demographic Information

08

Risk Assessment

11

Policies And Procedures

11

Overall approach to Anti-Corruption policy

12

Specific requirements concerning providing items of value to government officials

12

Gifts and entertainment

14

Travel

16

Charitable contributions and community support payments

18

Facilitating payments

20

Personal safety payments

21

Requirements concerning retaining and using third-party intermediaries

21

Due diligence requirements in engaging tpis

23

General TPL agreements/certifications regarding Anti-Corruption laws

24

Specific TPL compliance program requirements: training, auditing and monitoring

26

Requirements concerning mergers, acquisitions and joint ventures

29

Program Governance And Management

33

Training And Communications

33

Web-based training

35

In-person training

36

Role-based training

36

Training best practices

37

Other communications

38

Compliance Checking

38

Auditing

39

Self-assessments

41

Incentives

42

Program Documentation

43

Authority And Independence

43

Other Best Practices

45

Appendix – Demographic Information Regarding Respondents


9

|

Anti-Corruption Compliance Program Benchmarking Survey

Which of the following best describes Anti-Corruption risk assessment at your company?

3.9%

My company does not conduct an Anti-Corruption risk assessment

11.8%

2% Other

A largely informal, undocumented process

33.3%

A stand-alone, documented process dedicated solely or largely to Anti-Corruption risk

26.5%

Part of a documented, enterprise-wide process focusing on risks of all kinds – meaning not only compliance risks, but others encompassed within an “ERM� framework

22.5%

Part of a documented process focusing on compliance risks of all kinds

Comments of note about risk assessment included the following: Fewer than 4% of respondents do not conduct any type of Anti-Corruption risk assessment, and fewer than 12% have a largely informal, undocumented Anti-Corruption risk assessment process.

t

A combination of internal and external assessments.

t

No formal risk assessment has been performed; however, during an FCPA investigation [a] significant amount of information was gathered and used in the same manner as if a risk assessment had [been] conducted.

t

Global and focused risk assessment in each of the big ticket compliance areas, i.e., AntiTrust, Anti-Bribery.

t

On an annual basis, we distribute a self-assessment for our locations around the world to complete. The self-assessment includes information such as % of sales to government entities, third party sales agents, training, etc. The information is then included in the risk assessment and scored to identify the higher risk locations who then receive an on-site review of transactions the following fiscal year.


21 |

Anti-Corruption Compliance Program Benchmarking Survey

Requirements concerning retaining and using thirdparty intermediaries Retaining and using third-party intermediaries (“TPIs”) has, of course, been an area of major Anti-Corruption related risk.14 For this reason, this area is also a major focus of all relevant Anti-Corruption compliance program standards,15 as well as of this survey.

Due Diligence Requirements in Engaging TPIs The first set of questions here concerned the due-diligence-related mechanics of retaining TPIs – both in terms of securing information about the TPI and seeking appropriate approval regarding their use:

TPIs must complete a due diligence questionnaire or similar document. This requirement applies with respect to: Table legend: Some TPIs All TPIs We don’t have this requirement Don’t know

44.3% 35.1% 16.5% 4.1%

The employee proposing to use the TPI must complete a due diligence questionnaire or similar document. This requirement applies with respect to:

41.5% 33.0% 21.3% 4.3%

14

E.g., US v. Siemens Aktiengesellschaft, No. 1:08-cr-00367-RJL (D.D.C. 2008).

For example, the OECD Anti-Bribery Guidance provides that companies should have “ethics and compliance programmes or measures designed to prevent and detect foreign bribery applicable, where appropriate and subject to contractual arrangements, to third parties such as agents and other intermediaries, consultants, representative distributors, contractors and suppliers, consortia, and joint venture partners (hereinafter “business partners”), including, inter alia, the following essential elements: i) properly documented risk-based due diligence pertaining to the hiring, as well as the appropriate and regular oversight of business partners; ii) informing business partners of the company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the company’s ethics and compliance programme or measures for preventing and detecting such bribery ; and iii) seeking a reciprocal commitment from business partners.” 15


anti-corruption