OECD Provides Guidance for Anti-Bribery Compliance Programs

Posted by Scott Hirst, co-editor, HLS Forum on Corporate Governance and Financial Regulation, on
Sunday, May 23, 2010
Comments Off on OECD Provides Guidance for Anti-Bribery Compliance Programs print this page Print
, ,
More from: ,

This post comes to us from Jeff Kaplan, a partner in Kaplan & Walker LLP specializing in corporate compliance and ethics programs, and is based on a Kaplan & Walker client memorandum.

In March 2010, a working group of the Organization of Economic Cooperation and Development (“OECD”), representing the thirty OECD member nations and eight other countries (the “Working Group”), issued its much-awaited Good Practice Guidance for anti-bribery compliance programs. For global companies, this represents what could well be the most significant set of compliance and ethics (“C&E”) program expectations ever promulgated, as we briefly describe in this memorandum.

Background: the “how” and “why” of good C&E programs

Nearly nineteen years ago, the U.S. government established an original and compelling model for promoting legal compliance by businesses. This new approach was set forth in the Federal Sentencing Guidelines for Organization (the “Sentencing Guidelines”), which offered companies both strong incentives for implementing C&E programs and meaningful guidance on how to do so.

Since then, a small number of other nations have followed this lead, at least in limited ways. But until recently, there had been no true global acceptance of the Sentencing Guidelines’ strategy of providing business organizations with incentives (the “how”) and methodologies (the “why”) for adopting strong C&E programs.

The OECD’s first step toward a Sentencing Guidelines approach: the anti-bribery Recommendation and the “why” of strong C&E programs

In December 2009, the Working Group issued its “Recommendation for Further Combating Bribery of Foreign Public Officials in International Business Transactions” (the “Recommendation”). Among other things, this document addressed the “why” of good C&E programs in ways that were not only consistent with the Sentencing Guidelines approach but also went even further than the Guidelines do in this respect.

That is, in addition to providing generally that “member countries should encourage …companies to develop and adopt adequate internal controls, ethics and compliance programmes or measures for the purpose of preventing and detecting foreign bribery,” the Recommendation specifies that such countries should “consider, where international business transactions are concerned, and as appropriate, internal controls, ethics, and compliance programmes or measures in their decisions to grant public advantages, including public subsidies, licences, public procurement contracts, contracts funded by official development assistance, and officially supported export credits.”

This goes well beyond the Guidelines “why” mechanism in that it provides for true positive incentives (i.e., “carrots”), rather than just reduced negative incentives (meaning smaller “sticks”). As such, it makes a strong business case for C&E programs, which should help pave the way for a greater commitment to strong antibribery efforts by key decision makers in companies (boards of directors and senior executives) and greater acceptance of program efforts throughout all ranks of an organization.

The OECD’s second step: the Good Practice Guidance – a global standard for the “how” of anti-bribery compliance programs

When the Recommendation was published in December, the Working Group had not yet promulgated a methodology for anti-bribery compliance efforts. However, the Group did so on March 3, 2010.

The Guidance, which is quite detailed, seems sure to become the template against which anti-bribery program standards will be judged, globally and in the U.S. [1] It includes, as one would anticipate, expectations concerning organizations’ antibribery policies, training, internal controls, reporting systems, discipline for violations, compliance incentives and accountability for program management. There is also considerable emphasis on third-party compliance measures, and a press release issued at the time the Guidance was published specifies that anti-bribery training should be addressed not only to employees but also to a company’s “business partners.” [2]

The Good Practices Guidance and anti-bribery compliance program assessments

Some forward looking companies will have already developed C&E programs that meet most of the standards set forth in the Guidance. But many organizations have yet to implement the last of the twelve program elements set forth in that document, which is to conduct “periodic reviews of the ethics and compliance programmes or measures, designed to evaluate and improve their effectiveness in preventing and detecting foreign bribery, taking into account relevant developments in the field, and evolving international and industry standards.”

As a general matter, C&E program reviews (sometimes called assessments) are important to ensuring program efficacy; indeed, as recently as September 2009, a member of the U.S. Sentencing Commission reminded companies that program assessments are “critical” in this regard. Moreover, in some cases – including those involving FCPA violations, such as the Siemens prosecution – the government has faulted companies for not reviewing their programs, and indeed the Justice Department’s standards regarding prosecuting corporations was amended in 2008 to add, among other things, an expectation that C&E programs be reviewed to help ensure efficacy.

Finally, assessments are particularly important with respect to effective anti-bribery compliance efforts. That is because the breadth and complexity of such efforts make them especially prone to operational failure, and an independent program assessment can help identify possible weaknesses and prevent such failure. Such reviews are also considered a best practice; for instance, earlier this year, KPMG’s Audit Committee Institute listed anti-bribery compliance program reviews among its ten recommended “to do’s” for audit committee members.

The full text of the Guidance is available below.

The OECD Good Practice Guidance [3]

Companies should consider, inter alia, the following good practices for ensuring effective internal controls, ethics, and compliance programmes or measures for the purpose of preventing and detecting foreign bribery:

  • 1. strong, explicit and visible support and commitment from senior management to the company’s internal controls, ethics and compliance programmes or measures for preventing and detecting foreign bribery;
  • 2. a clearly articulated and visible corporate policy prohibiting foreign bribery;
  • 3. compliance with this prohibition and the related internal controls, ethics, and compliance programmes or measures is the duty of individuals at all levels of the company;
  • 4. oversight of ethics and compliance programmes or measures regarding foreign bribery, including the authority to report matters directly to independent monitoring bodies such as internal audit committees of boards of directors or of supervisory boards, is the duty of one or more senior corporate officers, with an adequate level of autonomy from management, resources, and authority;
  • 5. ethics and compliance programmes or measures designed to prevent and detect foreign bribery, applicable to all directors, officers, and employees, and applicable to all entities over which a company has effective control, including subsidiaries, on, inter alia, the following areas:
    • i) gifts;
    • ii) hospitality, entertainment and expenses;
    • iii) customer travel;
    • iv) political contributions;
    • v) charitable donations and sponsorships;
    • vi) facilitation payments; and
    • vii) solicitation and extortion;
  • 6. ethics and compliance programmes or measures designed to prevent and detect foreign bribery applicable, where appropriate and subject to contractual arrangements, to third parties such as agents and other intermediaries, consultants, representatives, distributors, contractors and suppliers, consortia, and joint venture partners (hereinafter “business partners”), including, inter alia, the following essential elements:
    • i) properly documented risk-based due diligence pertaining to the hiring, as well as the appropriate and regular oversight of business partners;
    • ii) informing business partners of the company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the company’s ethics and compliance programme or measures for preventing and detecting such bribery; and
    • iii) seeking a reciprocal commitment from business partners.
  • 7. a system of financial and accounting procedures, including a system of internal controls, reasonably designed to ensure the maintenance of fair and accurate books, records, and accounts, to ensure that they cannot be used for the purpose of foreign bribery or hiding such bribery;
  • 8. measures designed to ensure periodic communication, and documented training for all levels of the company, on the company’s ethics and compliance programme or measures regarding foreign bribery, as well as, where appropriate, for subsidiaries;
  • 9. appropriate measures to encourage and provide positive support for the observance of ethics and compliance programmes or measures against foreign bribery, at all levels of the company;
  • 10. appropriate disciplinary procedures to address, among other things, violations, at all levels of the company, of laws against foreign bribery, and the company’s ethics and compliance programme or measures regarding foreign bribery;
  • 11. effective measures for:
    • i) providing guidance and advice to directors, officers, employees, and, where appropriate, business partners, on complying with the company’s ethics and compliance programme or measures, including when they need urgent advice on difficult situations in foreign jurisdictions;
    • ii) internal and where possible confidential reporting by, and protection of, directors, officers, employees, and, where appropriate, business partners, not willing to violate professional standards or ethics under instructions or pressure from hierarchical superiors, as well as for directors, officers, employees, and, where appropriate, business partners, willing to report breaches of the law or professional standards or ethics occurring within the company, in good faith and on reasonable grounds; and
    • iii) undertaking appropriate action in response to such reports;
  • 12. periodic reviews of the ethics and compliance programmes or measures, designed to evaluate and improve their effectiveness in preventing and detecting foreign bribery, taking into account relevant developments in the field, and evolving international and industry standards

Endnotes

[1] The chief FCPA prosecutor for the Department of Justice has been quoted as saying the Guidance has the “endorsement of the U.S. government.” http://www.law.com/jsp/cc/PubArticleCC.jsp?id=1202444478279&Roided_Up_Enforcement_DOJ_Unit_That_Prosecutes_FCPA_to_Bulk_Up_Substantially.
(go back)

[2] See http://www.oecd.org/document/41/0,3343,en_2649_34487_44697385_1_1_1_1,00.html.
(go back)

[3] © OECD 2010. The original of this document is available at
http://www.oecd.org/dataoecd/11/40/44176910.pdf (Appendix II).
(go back)

Both comments and trackbacks are currently closed.