FCPA 10 Hallmarks Self- Assessment

Similar documents
APEC General Elements of Effective Voluntary Corporate Compliance Programs

LAUREATE ANTI-CORRUPTION POLICY

ANTI BRIBERY AND FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Goodyear s Anti-bribery Policy July 1, 2011

DIGITAL RIVER, INC. FOREIGN CORRUPT PRACTICES ACT AND ANTI-BRIBERY POLICY. (Adopted by resolution of the Board of Directors on December 1, 2011)

Fraud-Related Compliance

LANTHEUS HOLDINGS, INC. Foreign Corrupt Practices Act and Anti-Bribery Compliance Policy

Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance

Platform Specialty Products Corporation Foreign Corrupt Practices Act/Anti-Corruption Policy

The Long Arm of the U.S. Foreign Corrupt Practices Act: Complying with the FCPA in the Vietnamese Landscape

OMNI TECHNICAL SOLUTIONS. Business Ethics, Compliance, Anti-Corruption and Anti-Money Laundering Policy

EAGLE PARENT, INC EPICOR SOFTWARE CORPORATION ACTIVANT SOLUTIONS, INC. UK ANTI-BRIBERY AND CORRUPTION POLICY. (As Adopted July 2011)

M&A in 2015: Successor Liability Under the FCPA. Norton Rose Fulbright US LLP Thursday, February 26, 2015

BBC. Anti-Bribery Policy. June 2011

Anti-Bribery and Corruption Policy

HILLENBRAND, INC. AND SUBSIDIARIES. Global Anti-Corruption Policy Statement and Compliance Guide

ANTI-CORRUPTION COMPLIANCE SYSTEM CERTIFICATION

ANTI-CORRUPTION AND ANTI-BRIBERY POLICY

The FCPA, Al Capone and the IRS June 11, 2014

DRAFT. Anti-Bribery and Anti-Corruption Policy. Introduction. Scope. 1. Definitions

ANTI-CORRUPTION POLICY AND PROCEDURES

SPG 223 Fraud Risk Management. June 2015

ANTI-BRIBERY AND FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Guidance Note: Corporate Governance - Board of Directors. March Ce document est aussi disponible en français.

Worldwide Anti-Corruption Policy

II. Compliance Examinations - Compliance Management System. Compliance Management System. Introduction. Board of Directors and Management Oversight

The Foreign Corrupt Practices Act, the Anti-Kickback Statute, and Healthcare Fraud Enforcement. Anti-Bribery Provisions

Bribery and Corruption

MICROSEMI CORPORATION FOREIGN CORRUPT PRACTICES ACT CORPORATE LEGAL MANUAL 1. POLICY 2. PURPOSE 3. SCOPE 4. PROVISIONS

Helix Energy Solutions Group, Inc. Code of Business Conduct and Ethics

PHILIPPINE LONG DISTANCE TELEPHONE COMPANY CODE OF BUSINESS CONDUCT AND ETHICS

Complying with the U.S. Foreign Corrupt Practices Act

INFORMATION TECHNOLOGY SECURITY STANDARDS

FOREIGN CORRUPT PRACTICES ACT AND ANTI-CORRUPTION COMPLIANCE POLICY. Adopted April 30, 2014

FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Corporate Code of Conduct

ELEPHANT TALK COMMUNICATIONS CORP. FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Foreign Corrupt Practices Act (FCPA)

GUIDELINES ON COMPLIANCE FUNCTION FOR FUND MANAGEMENT COMPANIES

SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT

FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

COMPLIANCE PROGRAM FOR XL GROUP PLC

E Distribution: GENERAL POLICY ISSUES. Agenda item 4 WFP ANTI-FRAUD AND ANTI-CORRUPTION POLICY. For approval

PROTIVITI FLASH REPORT

COMPLIANCE MANAGEMENT SYSTEM

CARDINAL RESOURCES LLC INTRODUCTION

company policy number 0001 LEGAL AND ETHICAL CONDUCT

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

The ITAR and the FCPA: What You Disclose May Hurt You. October 7, 2014

PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2

Bayer HealthCare s Comprehensive Compliance Program Pursuant to California Health and Safety Code

MACLEAN-FOGG COMPANY FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC)

Policy-Standard heading. Fraud and Corruption Policy

STATEMENT FROM THE CHAIRMAN

FEDERAL DEPOSIT INSURANCE CORPORATION WASHINGTON, D.C. ) CONSENT ORDER. ) FDIC b

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES

TITLE III INFORMATION SECURITY

Puerto Rican Family Institute, Inc.

GUIDANCE FOR MANAGING THIRD-PARTY RISK

EURIBOR - CODE OF OBLIGATIONS OF PANEL BANKS

Risk Considerations for Internal Audit

NOTICE 158 OF 2014 FINANCIAL SERVICES BOARD REGISTRAR OF LONG-TERM INSURANCE AND SHORT-TERM INSURANCE

EXTRA SPACE STORAGE INC. CODE OF BUSINESS CONDUCT AND ETHICS

PHOENIX NEW MEDIA LIMITED FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

ANTI-BRIBERY AND CORRUPTION POLICY

FCPA and International Compliance

Partnering Against Corruption Initiative Global Principles for Countering Corruption

SEKO Logistics Anti-Corruption and Foreign Corrupt Practices Act Policy

Anti-Corruption and FCPA Compliance Policy

U.S. Foreign Corrupt Practices Act for Beginners

Standards of. Conduct. Important Phone Number for Reporting Violations

Code of Business Conduct

Fraud Risk Management Procedures

NCI BUILDING SYSTEMS, INC. FOREIGN CORRUPT PRACTICES ACT POLICY STATEMENT AND COMPLIANCE GUIDE

TRANSNATIONAL JOINT VENTURES. & the importance of fcpa compliance

MEDICAID COMPLIANCE POLICY

Preparation of a Rail Safety Management System Guideline

THIRD PARTY. T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

2013 Communication on Progress

Samsung Engineering Co., Ltd.

Antifraud program and controls assessment grid*

ANTI-BRIBERY. Table of Contents Page #

Fubon Financial Holding Co., Ltd. (the Company ) Ethical Corporate Management Best Practice Principles (the Principles )

Compliance and Ethics at the Federal Reserve Bank of New York

BUILDING AN EFFECTIVE COMPLIANCE AND ETHICS PROGRAM

Transcription:

FCPA 10 Hallmarks Self- Assessment How exposed is your business to corruption risk? Take this assessment to find out if your systems are sufficiently robust to protect your business October 2014 Prepared by Compliance Experts www.complianceexperts.com

FCPA VULNERABILITY ASSESSMENT REF QUESTION YES NO N/A COMMENT 1. Commitment from Senior Management and a Clearly Articulated Policy Against Corruption 1.01 Has the organization documented a clear and concise anti-corruption compliance policy? 1.02 Does the policy take into account the nature of the business, having regard to: a) Products b) Services c) Locations d) Operations e) Transactions 1.03 Does the policy indicate a commitment to continual improvement in anti-corruption compliance, and prevention of corrupt transactions? 1.04 Does the policy commit the organization to comply with the FCPA and other anti-corruption laws in all areas in which it operates? 1.05 Does the policy commit to and provide an overall framework for setting improvement objectives and targets by specifying broad organizational goals? 1.06 Does the policy mandate the commitment of every person in the organization to comply with its requirements? 1.07 Has the organization's anti-corruption policy been authorized by top management? 1.08 Has the policy been communicated to all employees and all business functions? 1.09 Has the policy been communicated to all business partners with whom the organization deals, including: a) Customers b) Third party agents c) Contractors/sub contractors d) Government officials 1.10 Is the policy available to interested parties? 1.11 Is the policy available in the local languages for all countries in which the organization operates? 2. Code of Conduct and Compliance Policies and Procedures 2.01 Is there a documented process for identifying and accessing legal and other requirements relating to corrupt practices associated with your business?

2.02 2.03 2.04 2.05 2.06 2.07 2.08 2.09 2.10 2.11 2.12 Are these legal and other requirements taken into account in establishing, implementing and maintaining the compliance system? Is this information kept up to date? Is there a mechanism for effectively communicating relevant information on legal and other requirements such as regulations, standards, codes of practice, agreements and guidelines to persons working under the control of the organization and other relevant parties? Are anti-corruption objectives established, implemented, and maintained at each relevant function and level? Are objectives measurable, where practicable? Do objectives include a specific commitment to: a) Comply with applicable legal requirements b) Continual improvement? Are the following key factors taken into account when objectives are established and reviewed? a) Legal and other requirements b) Corruption Risks c) Technological options d) Financial options e) Operational issues f) Business requirements g) Views of relevant interested parties Do international contracts contain the following FCPA related clauses? a) Requiring the parties to know and comply with FCPA requirements. b) Requiring the provision of documents and records in the event of an Investigation. c) Providing for the cancellation of the contract in the event of an FCPA violation. Have program(s) for the achievement of anticorruption objectives been established, implemented and maintained? Have procedures been established, implemented and maintained for the ongoing prevention of corrupt practices? Do such procedures contain adequate definitions to ensure compliance - including the following? a) Responsibilities b) Proper internal controls c) Auditing practices d) Records e) Documentation requirements 2.13 Do such procedures cover the full scope of the organization's activities and operations, including the

2.14 2.15 2.16 2.17 2.18 2.19 following? a) Products and services b) Third-party agents c) Customers d) Government interactions e) Industry related risks f) Geographic risks Do such procedures adequately address all FCPA related risks facing the organization, including the following? a) The nature and extent of transactions with foreign governments b) Payments to foreign officials c) Use of third parties d) Gifts e) Travel f) Entertainment expenses g) Charitable and political donations h) Facilitating and expediting payments Do such procedures detail appropriate transaction approval mechanisms including the specification of the following? a) Monetary transaction limits b) Annual transaction limits c) Routing of unusual requests to senior management Has the organization designed and implemented a robust system of internal accounting controls to ensure that transactions are executed only in accordance with management s general or specific authorization? Does the system of internal accounting controls adequately take into account the operational realities and risks attendant to the organization - including the following? a) The nature of its products and services b) How the products or services get to market c) The nature of its work force d) The degree of regulation e) The extent of interactions with government(s) f) The degree to which the organization has operations in countries with a high risk of corruption Do procedures include the requirement to make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the organization? Do procedures include the requirement to record transactions in such a way as to permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements?

2.20 Do procedures include the requirement to maintain accountability for assets? 2.21 2.22 2.23 2.24 2.25 Do procedures permit access to assets only in accordance with management s general or specific authorization? Do procedures ensure that the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences? Do procedures specify controls to prevent the misreporting of these types of payment? a) Commissions or Royalties b) Consulting Fees c) Sales and Marketing Expenses d) Scientific Incentives or Studies e) Travel and Entertainment Expenses f) Rebates or Discounts g) After Sales Service Fees h) Miscellaneous Expenses i) Petty Cash Withdrawals j) Free Goods k) Intercompany Accounts l) Supplier / Vendor Payments m) Write-offs n) 'Customs Intervention' Payments Does the organization have a class of securities registered pursuant to Section 12 of the Exchange Act or that is required to file annual or other periodic reports pursuant to Section 15(d) of the Exchange Act.? Has the organization complied with SOX Section 404 (15 U.S.C. 7262) (Reporting on the State of a Company s Internal Controls over Financial Reporting)? 2.26 2.27 Has the organization complied with SOX Section 802 (18 U.S.C. 1519 and 1520) (Criminal Penalties for Altering Documents)? Has the organization complied with SOX Section 302 (15 U.S.C. 7241) (Responsibility of Corporate Officers for the Accuracy and Validity of Corporate Financial Reports)? 3. Oversight, Autonomy, and Resources 3.01 Has the organization assigned responsibility for the oversight and implementation of the anti-corruption compliance policy to one or more specific senior executives? 3.02 Are such senior executives able to operate autonomously in the performance of their duties?

3.03 Do such senior executives have access to the organization s governing authority? 3.04 Has the organization defined roles, allocated responsibilities and accountabilities, and delegated authorities at all business levels to facilitate effective implementation of the compliance program? 3.05 Have roles, responsibilities, accountabilities, and authorities been documented and communicated to all persons working in the organization? 3.06 Has the organization allocated adequate staffing and resources relative to the size, structure, and risk profile of the business? 4. Risk Assessment 4.01 4.02 4.03 4.04 4.05 4.06 4.07 4.08 Has a procedure been established, implemented and maintained for the ongoing identification and assessment of FCPA violation risks? Is the methodology for risk assessment defined with respect to its scope, nature and timing to ensure it is proactive? Does the procedure require a focus on high-risk markets, activities and transactions rather than lowrisk areas? Does the procedure address all types of activities and transactions, including the following? a) Routine activities and transactions b) Non routine activities and transactions c) Large government bids d) Questionable payments to third-party consultants Does the procedure ensure that the risk assessment approach is commensurate with the size and risk of the transaction? Does the procedure include the determination of appropriate control measures relative to the identified risk, such as increased due diligence, monitoring, or periodical audits? Are control measures appropriate given the exposure of the organization to key risks including the following? a) Country b) Industry sector c) The business opportunity d) Potential business partners e) Level of involvement with governments f) Amount of government regulation and oversight g) Exposure to customs and immigration in conducting business affairs Does the procedure take into account risks

4.09 associated with proposed changes in the organization, its activities, products and services, or the markets in which it operates? Following implementation of the risk management program, can it be said that the organization fully understands the risks associated with foreign corrupt practices (bribery), and has implemented robust controls to mitigate these risks? 5. Training and Continuing Advice 5.01 Is there a procedure in place for identifying competency needs of the following internal and external stakeholders with whom it deals? a) Top management b) Employees c) Customers d) Third party agents e) Contractors/sub contractors f) Government officials 5.02 Does the organization operate an anti-corruption training program? 5.03 Does the training program cover these key topics? a) Identification and management of corruption risks b) Related company policies and procedures c) Instruction on laws relating to the countries and industries in which the organization operates d) Practical advice to address real-life scenarios e) Case studies 5.04 Is the training presented in a manner appropriate for the targeted audience? 5.05 Is the training and training materials provided in the local language? 5.06 5.07 Is the training supplemented by guidance and advice on complying with the company s ethics and compliance program? Does this procedure take into account differing levels of responsibility, ability, language skills, literacy and risk? 5.08 Are training records retained for all training provided? 5.09 Does the organization evaluate the effectiveness of the training or action taken, and retain associated records? 6. Incentives and Disciplinary Measures

6.01 6.02 Does the organization provide positive incentives such as these? a) Personnel evaluations and promotions b) Rewards for improving and developing the company s compliance program c) Rewards for ethics and compliance leadership Is adherence to compliance a significant metric for management s bonuses so that compliance becomes an integral part of management s everyday concern? 6.03 Are compliance professionals and internal audit staff recognized by the organization? 6.04 Has the organization implemented appropriate and clear disciplinary procedures? 6.05 Have these procedures been applied consistently and promptly? 6.06 Are disciplinary procedures commensurate with the related violation? 7.Third Party Due Diligence and Payments 7.01 7.02 7.03 7.04 Has the organization clearly identified all third parties assisting the organization in some aspect of its foreign business? Have adequate procedures been established, implemented and maintained for the conduct of due diligence on third parties? Do such procedures provide for due diligence on the following related third parties? a) Agents b) Consultants c) Distributors Do such procedures require the ongoing assessment of third parties in relation to their qualifications, associations, and relationships with foreign officials, and the person(s) in the organization who have authority to enter into a contract with them? 7.05 Do such procedures require an increased level of scrutiny where "red flags" surface? 7.06 Do such procedures require the detailed analysis of the business rationale behind the third party engagement, including these key factors? a) Including the third party in the transaction b) The role of and the need for the third party c) The contract terms specifying the services to be performed d) The timing of the introduction of the

7.07 7.08 7.09 third party to the transaction Do such procedures require the analysis of the following financial components of each third party transaction? a) Payment terms b) Timing of payments c) Comparison with other similar transactions in the industry or country concerned Do such procedures require verification that the third party is actually performing the specified work and that payments are commensurate with this work? Do such procedures include a system for ongoing monitoring of third party relationships using these mechanisms? a) Updating due diligence periodically b) Exercising audit rights c) Providing periodic training d) Requesting annual compliance certifications by the third party 7.10 Has the organization informed third parties of its compliance program and commitment to ethical and lawful business practices or where appropriate, sought assurances from third parties, through certifications and otherwise, of reciprocal commitments? 8. Confidential Reporting and Internal Investigation 8.01 8.02 Does the organization have a mechanism for an organization s employees and others to report suspected or actual misconduct or violations of its policies? Are all reports treated on a confidential basis? 8.03 Does the mechanism ensure that employees and others are able to report without fear of retaliation? 8.04 Does the organization have an efficient, reliable, and properly funded process for investigating the allegation and documenting the organization s response? 8.05 Do policies and procedures include disciplinary or remediation measures to be taken? 8.06 Does the company analyze reported violations and the outcome of any resulting investigations in order to update its internal controls and compliance program and focus future training on such issues, as appropriate? 9. Continuous Improvement: Periodic Testing and Review 9.01 Does top management review the compliance

9.02 9.03 9.04 program at planned intervals, to ensure that it remains current, relevant and appropriate to the organization? Are the anti-corruption policy objectives and performance measured against stated objectives and targets? Do such steps include a review of ongoing changes such as these? a) The company s business over time b) The environments in which the company operates c) The nature of its customers d) The laws that govern its actions e) Industry standards Do reviews cover audit findings? 9.05 Is the compliance program updated following management reviews? 9.06 Are the outputs from management reviews consistent with the organization's commitment to continual improvement? 9.07 Are relevant outputs from management reviews made available for communication and consultation? 9.08 Are top management reviews documented and retained? 9.09 Do documented procedures detail the process to monitor and measure performance of the compliance program on a regular basis? 9.10 Do the procedures require the implementation of these performance measurement activities? a) Qualitative measures for the needs of the organization b) Quantitative measures for the needs of the organization c) Monitoring the extent of meeting FCPA objectives d) Use of proactive measures of performance e) Use of reactive measures of performance to monitor incidents and adverse events f) Recording of results and date of monitoring and measurement 9.11 Does the organization undertake a critical evaluation of its potential weaknesses and risk areas, such as surveys to measure compliance culture and the strength of internal controls, identify best practices, and detect new risk areas? 9.12 Does the organization undertake targeted audits to make certain that controls on paper are working in

9.13 9.14 9.15 9.16 practice? Are audit programs and schedules based on corruption risks and significant aspects of business operations, locations, and processes? Does the selection of auditors and conduct of audits ensure objectivity and the impartiality of the audit process? Do the audits seek to determine these key objectives? a) Conformance of the Compliance Program to FCPA regulations and other applicable regulations b) That the Compliance Program has been properly implemented and maintained c) That the Compliance Program is effective in meeting the organization's policy and objectives Do the audits review the results of previous audits? 9.17 Are audit results communicated to and reviewed by top management? 9.18 Are audit records retained? 10. Mergers and Acquisitions: Pre-Acquisition Due Diligence and Post-Acquisition Integration 10.01 10.02 10.03 10.04 10.05 Have adequate procedures been established, implemented and maintained for the conduct of FCPA due diligence on mergers and acquisitions? Do such procedures require due diligence to be conducted pre-acquisition or where circumstances prevent this, as soon as practicable post-acquisition? Do such procedures provide for the immediate disclosure to the authorities of any corrupt payments or practices uncovered during the due diligence? Do such procedures require the immediate integration of the acquired business into the organization's compliance program and internal control systems? Have the following integration actions been implemented for acquired business units? a) Training of new employees b) Re-evaluation of third parties under company standards c) Conduct of audits

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information