blog hero2x
Anti-Corruption & Bribery

Best Practices for a Successful FCPA Risk Assessment


By Josh Young Oct 06, 2016

fcpa risk assessment

Through a series of investigations in the 1970s, the U.S. Securities and Exchange Commission (SEC) identified over 400 businesses that made questionable or illegal payments -- totaling more than $300 million -- to foreign governments, officials and political parties.

In response to this rampant corruption, Congress passed the Foreign Corrupt Practices Act (FCPA) which prohibits the bribing of foreign officials or political agents by U.S. citizens, companies or even foreign subsidiaries of American-based businesses. In addition, the FCPA charges companies whose securities are listed in the United States to meet stringent accounting and oversight protocols. 

While enforcement of the FCPA was primarily targeted at only large-scale businesses for the first few decades, in 2010 the Department of Justice (DOJ) and SEC cast a wider net, pursuing a more aggressive approach.

In 2014, the SEC pursued charges against Smith & Wesson Holding Corporation, a business with roughly 1,500 employees. To settle the case, the organization agreed to pay $2 million in penalties.

This case led Kara Brockmeyer, chief of the SEC Enforcement Division's FCPA Unit, to state: "This is a wake-up call for small and medium-size businesses that want to enter into high-risk markets and expand their international sales. When a company makes the strategic decision to sell its products overseas, it must ensure that the right internal controls are in place and operating."

Concerned that your employees haven't been sufficiently prepared for compliance audits? Download a recording of our Ethics & Compliance Training Best Practices webinar.

In response to this increased prosecution, businesses that are subject to FCPA regulations have begun risk assessment and compliance evaluations to protect their operations. By taking proactive measures, your business can prevent violations before they occur.

Further, the DOJ has historically reduced fines for businesses that have self-reported violations, and in April 2016 the agency launched a pilot program to formalize the offering of mitigation credit for these self-reporting organizations.

How Can You Encourage Successful FCPA Risk Assessments?

Address your unique challenges

In a resource guide jointly produced by the DOJ and SEC, the agencies clearly state that they will "give meaningful credit to a company that implements in good faith a comprehensive, risk-based compliance program."

Based on the advice the guide offers, your assessment should focus on the particular risks presented by the country, industry, potential business partners, level of involvement with foreign governments, amount of regulation, and customs requirements associated with the business opportunity or project.

Keep staff educated

To keep pace with the ever-changing risks your company faces, you need to create a culture of anti-corruption. Provide your employees with the FCPA training and tools to identify and react to potential threats and vulnerabilities as they appear.

Review third parties

According to the Organization for Economic Cooperation and Development (OECD), three out of every four foreign bribery cases that were prosecuted in 2014 involved payments made by a third party. In light of this reality, you need to not only examine your own foreign offices but any overseas business that engages in operations on your behalf.

Reassess frequently

If you conduct assessments only once a year, you are offering an emerging risk up to 364 days to take root and operate undetected. You should create an assessment policy that is integrated with your routine operations. Include anti-bribery and anti-corruption evaluations into each new project or initiative that your company pursues.

The Next Step

There is no one-size-fits-all strategy for FCPA compliance. Instead, you need to develop a customized monitoring and assessment strategy that caters to the unique risks and operations of your business.

With opportunities for corruption growing more complex, you should definitely seek outside legal and expert advice when drafting any assessment or compliance programs, and a key component of those plans should involve providing your employees with the knowledge and training to protect your business.

To learn more about our global anti-corruption and FCPA courses, you can fill out the form on the right to request a demo.

Workplace Answers &
Click 4 Compliance Join Forces

We’ve created the world’s most comprehensive and engaging online compliance training library for companies around the globe.

Learn more View courses