As we head into the holiday season, this is the perfect time to give your anti-bribery program a health check. For those in the U.S., we tend to focus on the Foreign Corrupt Practices Act when thinking about anti-bribery laws. However, if you work for a company that operates globally, you know that many countries have anti-bribery laws and you need to be aware of those requirements as well. Enforcement of the FCPA/anti-bribery laws is not going away. In fact, in my opinion, it will get even more intense over the next few years. Given the level of fines and the reputational risk at stake, it’s important to ensure you are taking the right steps to give your employees the tools they need to stay on the right side of the line. At my prior company, we typically used the advent of the holiday season as the time to take a number of steps relating to FCPA/anti-bribery compliance. Below are ten things you can do now to help ensure compliance with anti-bribery laws. In key spots, I have included links to articles or websites with additional information you might find helpful.
- Have an FCPA/anti-bribery policy. You need to have a comprehensive anti-bribery policy. It can be separate or part of a larger business ethics policy (though the better practice is a separate policy). If you don’t have one, now is the time to get one in place. Take time to customize your policy so it tracks to and resonates with your business. If you operate globally, you need your policy translated into the local languages of your employees outside the U.S. It’s difficult to explain to a regulator why you think a policy in English would be easily understood and followed by an employee whose first language is not English.
- Review/update your FCPA/anti-bribery policy. If you have a policy, now is the perfect time to read through it, make sure it’s up to date, clear, and easy to read. This last point is important. If you have a policy that is 15 pages of dense legal-speak, it will be hard to get people to read it, let alone understand it. Keep it simple and straight forward, the key message being “we don’t bribe people.” One easy trick: have a coffee or lunch with some business colleagues and get their feedback on the policy. You’ll learn a lot about how clear your policy is to understand when you ask non-lawyers for their thoughts and suggestions.
- Identify countries of operation with a higher possibility of bribery issues. If your company operates globally, you can create a “heat map” of countries where your company should focus attention on bribery risks. If you do business in Russia, China, Brazil, etc., you will need to be more alert to bribery issues and focus extra training for and communications to employees working in those “hot” countries.
- Send an email reminder to all employees about your anti-bribery policy. This is an easy and effective step. A short email communication to all of your employees several weeks before the holidays reminding them about the key points of your anti-bribery policy can prevent a misstep. It’s easy for folks to get carried away on gifts or expensive dinners during this time of year, not realizing that they could land the company (and themselves) in hot water. For some, just a reminder as to which of your company’s customers are potentially “government officials” can be very helpful as they may not realize that “quasi-governmental” entities are covered under these laws (e.g., airports, hospitals, utility companies, etc.).
- Update your FCPA/anti-bribery training. Review the materials and tools you use to train your employees about anti-bribery laws. Are they still fresh and relevant? Are they easy to follow and clear? Do you have special training tailored to those in sales or located in high risk countries? Are the members of your legal team sensitive to spotting FCPA/anti-bribery issues? Some companies use computerized training, but live teaching sessions (including webcasts) are highly effective too. Similarly, new training tools allow you to create apps and games to teach compliance and provide access over smart-phones and tablets. Keeping training fresh and cutting edge will help it “stick” with your employees.
- Create/update your FCPA/anti-bribery processes. Do you have processes in place to deal with potential issues? What is your due diligence process for FCPA issues in M&A deals? Do you have a process to research and vet the background of potential sales agents or joint venture partners? There are a number of “do it yourself” tools out there that make, at least the first step in research, easier and more comprehensive. Do you have a simple process for employees to report concerns or questions (e.g., a hot line or dedicated email address)? Do you remind employees regularly of the risks of violating anti-bribery laws? One thing we did at my former company was send a monthly email to all employees called “Ethics Every Day”. These were short emails that focused on ethical issues arising from specific provisions of our business ethics policy and reminding employees about the rules of the road. We also used examples from current headlines where companies got into trouble or employees went to jail or faced heavy fines for engaging in forbidden activity. Short emails containing real examples of how people tripped up, really bring the message home in an effective way.
- Review/update contract provisions. Odds are your vendor contracts contain representations around bribery laws. If your company regularly engages sales agents in foreign countries, you should have agreements that require certain certifications and acknowledgements about compliance with anti-bribery laws. Now is the time to review those agreements and update them as necessary (or get them in place if you do not have them). Be clear in your contracts about the importance of compliance with the FCPA, etc. Your agreements should have audit rights and the ability to terminate in the event your partner is in violation of anti-bribery laws. If a partner refuses to sign the agreement or include these provisions, that is a huge red-flag to your company not to do business with that partner.
- Get executive team buy-in. The most important tool in your tool box is getting senior executive buy-in that compliance with FCPA/anti-bribery laws is paramount at your company. Not only will this set the “tone from the top” it will help you in your job in terms of obtaining completion of training, reporting concerns or questions, and gaining compliance with processes you set up to help ensure third-parties are properly vetted before your company engages them. When we kicked off compliance training, it was the CEO who sent the message out to employees about the importance of the training and it was the executive team who generally completed the training first (which helped me address employees who later said they were “too busy” to complete the training).
- Consider an audit/assessment. Consider teaming up with your internal audit team or an outside vendor to review your FCPA/anti-bribery program and benchmark it against industry standard practices. If you decide to do this, be sure to confirm that the review is being done at the request of the legal department for the purpose of providing legal advice and be sure to take the necessary steps to preserve any applicable privileges. This can be a big task, so do not rush into an audit/assessment lightly, and it is smart to take advice from your outside counsel about such a project.
- Identify outside counsel. I always told my team to “plan ahead for the divorce”. That typically meant how does the contract deal with issues that arise when a business relationship ends badly. In the context of FCPA/anti-bribery law, you need to plan on how you deal with things when you have a real problem. Unless you are a particularly sophisticated in-house legal department, odds are you will not have the expertise or experience to handle a serious FCPA/anti-bribery issue. Figure out who you will call now, before there is a problem. When things blow up, you want to be ready to go as time will be of the essence most likely, and you will be glad to have experienced counsel helping guide you and your company through the process.
(“Ten Things” is not legal advice or legal opinion. It is intended to provide practical tips and references to the busy in-house practitioner and other readers)