Having a Standard Compliance Program. Is That Good Enough?
Question: Our company has a standard compliance program, that has been provided to us by an outside consultant. Are we well-protected in case of anti-bribery and corruption violations and investigations by the authorities?
Answer: Compliance programs cannot be “off the shelf” programs, but should be tailored to each company’s risk profile and business model. A “standard” compliance program is not a sufficient defense to misconduct and bribery and corruption violations. The critical aspect of a well-designed program is risk assessment and companies should carefully analyze and address the varying risks they face, such as the location of its operations, the industry sector, the regulatory landscape, payments to foreign officials and use of third parties. A risk-based compliance program shall devote appropriate attention and resources to high-risk transactions.
In addition, a compliance program, even if tailored and well-designed, cannot be a “paper program”, instead it should be implemented in an effective manner and periodically reviewed and revised, as necessary. Even a solid compliance program may be unsuccessful in practice if implementation is lacking or ineffective.
Effectiveness and implementation of a company’s compliance program is an important factor considered by the authorities when deciding what action to take in the context of the misconduct. For instance, DOJ and SEC may decline to pursue charges against a company based on the company’s effective compliance program, even when that program did not prevent the particular underlying FCPA violation that gave rise to the investigation.
*The contents of this message, current at the date of publication, are for reference and general informational purposes only and do not constitute legal advice. You should contact your attorney to obtain advice with respect to any particular legal matter. You should not act or refrain from acting on the basis of information in this publication without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.
Question: Our company has a standard compliance program, that has been provided to us by an outside consultant. Are we well-protected in case of anti-bribery and corruption violations and investigations by the authorities?
Answer: Compliance programs cannot be “off the shelf” programs, but should be tailored to each company’s risk profile and business model. A “standard” compliance program is not a sufficient defense to misconduct and bribery and corruption violations. The critical aspect of a well-designed program is risk assessment and companies should carefully analyze and address the varying risks they face, such as the location of its operations, the industry sector, the regulatory landscape, payments to foreign officials and use of third parties. A risk-based compliance program shall devote appropriate attention and resources to high-risk transactions.
In addition, a compliance program, even if tailored and well-designed, cannot be a “paper program”, instead it should be implemented in an effective manner and periodically reviewed and revised, as necessary. Even a solid compliance program may be unsuccessful in practice if implementation is lacking or ineffective.
Effectiveness and implementation of a company’s compliance program is an important factor considered by the authorities when deciding what action to take in the context of the misconduct. For instance, DOJ and SEC may decline to pursue charges against a company based on the company’s effective compliance program, even when that program did not prevent the particular underlying FCPA violation that gave rise to the investigation.
*The contents of this message, current at the date of publication, are for reference and general informational purposes only and do not constitute legal advice. You should contact your attorney to obtain advice with respect to any particular legal matter. You should not act or refrain from acting on the basis of information in this publication without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.
