Not surprisingly, some companies question whether or not they should invest in a full-fledged compliance program. However, while the return on investment is not always obvious, a strong program can help your company avoid fines and legal expenses. In the United States the Department of Justice (DOJ) and the Securities Exchange Commission (SEC) sometimes decline to pursue charges due to a company having an effective compliance program in place.
Evidence of a solid compliance program has helped a number of companies avoid prosecution under the US FCPA, even when a company did not or could not prevent the underlying violation that gave rise to an investigation. In this article, you’ll learn more about demonstrating program effectiveness and how the multinational Harris Corp. avoided prosecution, thanks to its compliance program.
An effective compliance Program: The Harris Corp.
In September 2016 the SEC and DOJ declined to prosecute the Harris Corp., despite violations of the FCPA by its newly acquired subsidiary, CareFx Corp. The case demonstrates how robust compliance programs can shield companies from potential prosecutions.
Briefly, Harris had acquired CareFx which, in turn, owned a Chinese subsidiary, CareFx China, whose CEO had engaged in a bribery scheme. The CEO, Jun Ping Zhang, offered gifts and hospitality to government officials at state-owned hospitals in China. Ping disguised the bribes as expense claims, which were then improperly recorded and consolidated into Harris Corp.’s accounting records.
“Although only able to perform limited pre-acquisition due diligence on the subsidiary,” Harris had taken immediate, significant steps “to train staff in China and integrate the subsidiary into Harris’s system of internal accounting controls,” according to the DOJ. “As a result of Harris’s post-acquisition measures, including the implementation of an anonymous complaint hot line, Harris discovered the misconduct at the subsidiary within five months of the acquisition.”
This case was the first time a multinational company avoided prosecution altogether while its employee (Ping) was still on the hook for the violation. Despite Ping’s flagrant violations, the SEC and DOJ declined to prosecute Harris, mainly because Harris had conducted appropriate due diligence on CareFx and maintained an effective compliance program in place after the acquisition.
It’s important to note that Harris had ongoing self-policing in place as part of their program, which led them to discover the violation and subsequently report it to the
government. It’s a great example of the protection provided by a strong compliance program.
Demonstrating your program’s effectiveness
The first step is to have a compliance program in place. But it’s not enough to just do the right thing—your company must also be able to provide evidence of the program’s effectiveness. This is the same advice the Integrity Initiative is giving to signatories of the Integrity Pledge. Our advantage in the Philippines is that the Integrity Initiative has developed a “self-assessment” program that helps signatory companies to see their progress in creating compliance throughout the organization. In this process, the Integrity Initiative offers assistance to signatory companies to move up to the “Validation” stage and then on the “Certification”. The “Seal of Honesty”, developed by the BIR in cooperation with the CSR and the Integrity Initiative, is based on the same principles: you display honesty in your tax payments and the BIR will provide benefits.
The following aspects of corporate compliance programs should be taken into consideration:
■ Analysis and remediation of underlying misconduct
■ Senior and middle management
■ Autonomy and resources
■ Policies and procedures
■Risk assessment
■ Training and communications
■Confidential reporting and investigation
■Incentives and disciplinary measures
■Continuous improvement, periodic testing and review
■ Third-party management
■ Mergers and acquisitions
You can use this guide to measure how well your compliance program shields your company from prosecution. Whether you’re training individuals, rolling out policies or vetting third parties, every affirmative compliance effort that you make should become part of an auditable trail of efforts, processes and controls. Unfortunately, that’s where many companies fall short.
Technology’s role in compliance
At many companies, people may be committed to doing the right thing, but fail to fully record those efforts. Part of the problem is the sheer volume of information to maintain, from tracking whistle-blower issues to registering every gift or clearance of a potential conflict.
In order to quickly and easily demonstrate your compliance efforts, you need more than good policies —you need a system of record. That’s where today’s technology offers great value: Sophisticated, automated systems are more reliable than good intentions when it comes to collecting the evidence you need to avoid risks. As we saw in the Harris case, evidence of an effective compliance program can make all the difference in deterring prosecution.
****
If you want more detailed information on compliance programs, talk to us in the Integrity Initiative; or e-mail me at Schumacher@integrityinitiative.com
Flashback: On July 11 I wrote about ‘Open Government Partnership – Part of Fighting Corruption’ and made extensive reference to reports prepared by the Independent Reporting Mechanism (IRM) of the local Open Government Partnership implementation group. The reason why I used the IRM source is that the Integrity Initiative is part of the Civil Society Groups supporting the OGP Program and the reporting of the IRM. In fact, the Integrity Initiative has added progress information to the latest IRM report.
Image credits: Nuvolanevicata | Dreamstime.com