In an increasingly globalized economy, with various compliance requirements that apply not only to an organization, but it’s contractors and vendors as well, one way to stay ahead of fraud and corruption risks to satisfy those requirements involves proactive monitoring to ensure regulatory compliance. In two separate breakout sessions at the 29th Annual ACFE Global Fraud Conference delivered by Eric Feldman, senior vice president and managing director of Affiliated Monitors, Inc., he stressed that companies should take the first step in a proactive monitoring program by obtaining an independent assessment of their organization’s risks, practices or procedures and culture.
“It’s something that is a starting point you can do with your organization to find out where you stand, and what kinds of things can strengthen your organization so you’re in a better place if enforcement comes looking at you,” said Feldman.
In the event that law enforcement does come looking at an organization and does find violations of regulations like the U.S. Foreign Corrupt Practices Act (FCPA) or the U.K. Bribery Act, the cost of noncompliance can far outweigh the cost of ensuring adherence to these or other applicable regulations. Feldman highlighted more than 10 cases over the past decade in which major companies’ settlement costs totaled at least $398 million, without factoring in litigation costs.
In addition to steep financial penalties, enforcement actions can also require the appointment of a monitor. However, the U.S. Department of Justice (DOJ) may not require the appointment of a monitor if a company discloses a violation and has an effective compliance program.
“The real question is, ‘how do you evaluate the effectiveness of your company’s compliance program,’ and that’s something that’s always been vexing,” said Feldman. Some of the hallmarks of an effective compliance program listed by the DOJ include fostering a culture of compliance, dedicating sufficient resources to compliance activities and ensuring that experienced compliance personnel have appropriate access to management and the board of directors.
However, taking a bare minimum approach to only satisfy these and other requirements as a token gesture will not be enough to convince regulators or enforcement divisions of an effective compliance program. “If you hire one compliance monitor in Chicago for a company with operations in 100 countries, I doubt that is going to be sufficient,” said Feldman.
Feldman went on to explain how the DOJ applies the principles of FCPA corporate enforcement policy to all its corporate criminal investigations. “It’s well beyond now, just worrying about bribery,” he said. “It’s the full range of fraud, where there is a benefit to having that strong compliance and ethics program put into your company.”
It’s not just the DOJ that companies need to concern themselves with; other agencies ranging from the U.S. Securities and Exchange Commission and the Word Bank to the United Nations and professional licensing boards are involved in negotiating settlements for regulatory violations that could hinge upon an organization’s compliance program.
“Virtually every region in the world has moved toward regulation similar to FCPA or the U.K. Bribery Act, or they’re moving toward deferred prosecution regimes, so their companies can have an opportunity to settle cases without a major prosecution,” said Feldman. With proactive monitoring, companies can identify and address the compliance risks with effective controls and allow everyone involved to sleep easier at night, knowing that they won’t end up a cautionary compliance tale.