Video & Slides: http://www.proformative.com/events/fcpa-compliance-practical-steps-establish-maintain-control-across-globe
Compliance with the Foreign Corruption Practices Act (FCPA) is one the greatest risk exposures companies face in doing business across the globe. There is more to FCPA than just legal conjecture and “what if” scenarios. There is a material impact being felt by many global companies as federal authorities step up their FCPA enforcement actions. Anti-bribery enforcement is on the rise and penalties are growing, with hefty fines being doled out by the millions. Data analytics are one of the most powerful ways to validate the completeness and accuracy of books and records, providing an invaluable early warning system against bribery and corruption. In this webinar, FCPA compliance and Data Analytics experts will outline best practices for incorporating analytics into your FCPA compliance program, and offer real-world success stories and key lessons learned. Attendees will also learn where and how to get started with common tests for identifying non-compliant activities, and how to prioritize and take a targeted approach to compliance.
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FCPA Compliance: Practical Steps to Establish and Maintain Control across the Globe
1. Ask, Share, Learn – Within the Largest Community of Corporate Finance Professionals
FCPA Compliance: Practical Steps to Establish and
Maintain Control Across the Globe
Jeremy Clopton, Senior Managing Consultant, BKD, LLP
Phil Lim, Product Manager, ACL
3. After participating in this event you will be able to:
•
Understand how to identify and mitigate FCPA risk exposures at your
company
•
Discover current and emerging trends in technology that allow pro-active
risk exposure management
•
Understand how to continuously monitor company data for suspicious FCPA
activities
4. Ask, Share, Learn – Within the Largest Community of Corporate Finance Professionals
FCPA Compliance: Practical Steps to Establish and
Maintain Control Across the Globe
Jeremy Clopton, Senior Managing Consultant, BKD, LLP
Phil Lim, Product Manager, ACL
6. $70 Million
$1.9+ Billion
• Total Penalties 2010-2013
Penalties 2010-2013
• 20+ Organizations
Organizations
Personal Liability
Johnson &
Johnson
$95 Million
2011
$398
Million
Magyar
Telecom
2011
Total S.A.
2013
• Personal fines
fines
• Incarceration
• Incarceration
Reputational Damage
$45
Million
Pfizer
$29
Million
Eli Lily
2012
2012
7. The Scenario
The Bribe
What’s the issue?
• You are part of an organization that manufactures and
sells trains.
• Government of Meydupistan needs to purchase new
trains for its national railroad.
• Budget of ~$100 Million.
8. The Scenario
The Bribe
What’s the issue?
•To obtain the business, government minister in charge is
told:
•$100K will be directed to his “favorite charity”
9. The Scenario
•$100K went from the people of Meydupistan to the
Minister’s pocket.
The Bribe
•Not fair for competition:
•What if a competitor had better trains for less?
What’s the issue?
10.
11. The Need
• FCPA violation = need for
compliance plan
• 8 countries of interest
The Solution
• Monthly compliance monitoring:
• Dashboard for management
review (8 – 10 analytics in one
page)
• Multiple accounting systems
• Accompanying details for
compliance and internal audit
review
• Increase in effectiveness and
efficiency in testing
12. The Need
The Solution
• FCPA violation = need for
compliance plan
• Step 1: Assessment of control
environment (Internal Audit)
• Lots of Joint
Ventures/Acquisitions in
worldwide markets
• Step 2: Implement continuous
monitoring data analytics
• Step 3: Follow-up and report on
findings and management
remediation
• Step 4: Repeat
13. Financial reporting controls are not
bribery controls.
More application system controls can be
ineffective.
One-off initiatives are not sustainable.
Stakeholders (internal and external)
need visibility.
14. Financial reporting controls are not bribery
controls.
More application system controls can be
ineffective.
•One time donation to a foreign
official’s favourite charity? Not
an issue for SOX, but for
FCPA…
One-off initiatives are not sustainable.
•What do we need to test for?
Stakeholders (internal and external) need
visibility.
15. Financial reporting controls are not bribery
controls.
More application system controls can be
ineffective.
•Implementing further
application system controls can
lead to inflexibility, rejection, and
ultimately, workarounds.
One-off initiatives are not sustainable.
Stakeholders (internal and external) need
visibility.
•How do we maintain business
agility while addressing the
issue?
16. Financial reporting controls are not bribery
controls.
More application system controls can be
ineffective.
One-off initiatives are not sustainable.
Stakeholders (internal and external) need
visibility.
•One-off initiatives to produce a
“report” don’t affect culture nor
promote transparency.
•How do we ensure lasting impact
of our mitigation efforts?
17. Financial reporting controls are not bribery
controls.
More application system controls can be
ineffective.
One-off initiatives are not sustainable.
Stakeholders (internal and external) need
visibility.
•How does the executive team
keep informed about ongoing
bribery and corruption risk?
•What about demonstrating to
authorities that an effective
program is in place?
18.
19. Self-Assessment
Continuous Monitoring
Executive Visibility
• Internal Control
Reviews
• Policy Reviews
• Ad-hoc Analysis and
Sampling
• Timely Alerts of
Suspicious Activities
• Exception Management
Workflow
• Maintain Business
Agility
• Dashboard for Senior
Leadership to action
• External Stakeholders
20.
21. Conduct Internal Control Reviews
• Anti-Bribery Policies / Employee
Education / Reporting hotlines
Distribute and Track Deliverables
• Document sources of revenue
(party planning?)
Who should perform the
Assessment?
• Business Partner/Joint
Venture/Third party due diligence
22. Conduct Internal Control Reviews
• Management Recommendations
Distribute and Track Deliverables
Who should perform the
Assessment?
• Control Deficiencies
23. Conduct Internal Control Reviews
• External assurance firm?
Distribute and Track Deliverables
• Internal audit team/compliance
team?
Who should perform the
Assessment?
• Can better follow-up with
findings, know the business
24.
25. Implement Detective Controls
Where to Apply Bribery Analytics
Define the Remediation
Workflow
• Incorporate analytics to increase
effectiveness
• Maintain Business Agility
• Create a common data model to
deal with disparate systems
26. Implement Detective Controls
• Where to apply data analytics
Where to Apply Bribery Analytics
Define the Remediation
Workflow
• Multiple business processes –
Vendor Management, P2P, GL,
Payroll, TNE
27. Implement Detective Controls
• Document follow-up and
remediation
Where to Apply Bribery Analytics
• Identify trend of control
effectiveness
Define the Remediation
Workflow
• Further refine analytic logic and
parameters, and processes
29. Fictitious Merchants
• Area: TNE
• Area: TNE
Risk
• A fictitious merchant is is set up to channel funds tounauthorized third party.
• A fictitious merchant set up to channel funds to an an unauthorized third
party.
Control
• Management should be notified when a merchant is used by very few
• Management shouldaverage transactiona merchant is used by very few
individuals but whose be notified when size is large.
• individuals but whose average remediate exceptions on a timely basis.
Management should review and transaction size is large.
• Management should review and remediate exceptions on a timely basis.
30. Manual Postings to System Accounts
• Area: TNE
Area: GL
Risk
• A fictitious journal entry isup to channelsystem account to hide athird party.
manual merchant is set posted to a funds to an unauthorized transaction
to an unauthorized third party
Control
• Management should be notified when a merchant is used by very few
individuals but whose be notified of manual journal
• Management shouldaverage transaction size is large. entries to GL accounts
• typically reserved for application system exceptions on a timely basis.
Management should review and remediate use.
• Management should review and remediate exceptions on a timely basis.
31. New Vendor Monitoring
• Area: TNE
Area: P2P
Risk
• Vendors without a previous to channel funds tothe unauthorized third party.
A fictitious merchant is set up relationship with an organization may be
used to channel funds to an unauthorized third party.
Control
• Management should be notified when a merchant is used by very few
individuals but whose be notified when size is large.
• Management shouldaverage transactionthere are new vendors with
• significant transaction values. remediate exceptions on a timely basis.
Management should review and
• Management should review and remediate identified transactions on a
timely basis.
32. Non-Vendor Cash Payments
• Area: TNE
• Area: P2P, GL
Risk
• Cash payments not recordedup to channel funds to an unauthorized third party.
A fictitious merchant is set in the accounts payable detail are not linked to a
vendor and may not contain sufficient detail to analyze propriety of payment.
Control
• Management should be notified when payment is is used by very few
• Management should be notified when a a merchantmade through any system
individuals but whose average
other than accounts payable. transaction size is large.
• Management should review and remediate identified transactions on basis.
Management should review and remediate exceptions on a timely a timely
basis.
33. Invoices without Descriptions
• Area: TNE
• Area: P2P
Risk
• Improper payments, andset up to channel funds to an unauthorized third party.
A fictitious merchant is improper recording of these payments, through the
accounts payable system by entering invoices without proper descriptions.
Control
• Management should be notified when a merchant is used by very few
• Management should be notified when payments are made on invoices without an
individuals but whose average transaction size is large.
description.
• Management should review and remediate exceptions on a timely a timely
• Management should review and remediate identified transactions on basis.
basis.
34. Sales Adjustments or Write-offs to Customers
• Area: O2C
• Area:TNE
Risk
• Adjustments or write-offs may be manipulatedunauthorized third party.
• A fictitious merchant is set up to channel funds to an in a kick-back or
bribery scheme.
Control
• Management should be notified when a merchant is used by very few
• Management should be notified of repetitive, significant adjustments
individuals but whose average transaction size is large.
and write-offs to the same customer.
• Management should review and remediate exceptions on a timely basis.
• Management should review and remediate exceptions on a timely
basis.
35. Payroll Employees without Deductions
• Area: Payroll
• Area: TNE
Risk
• Phantom employees mayup to channel funds to an unauthorized third party.
A fictitious merchant is set be used to channel funds to an inappropriate
third party.
Control
• Management should be notified when a merchant is used by very few
• Management shouldaverage transaction size is large.
individuals but whose be notified of any payroll transactions without
• appropriate deductions. and remediate exceptions on a timely basis.
Management should review
• Management should review and remediate exceptions on a timely basis.
Jeremy starts with The Stakes.Ends this slide with transition to “Moral Issue”…
Phil
Phil
Phil
Jeremy transitions topic to Case Studies
Jeremy Case Study
Phil Case Study
Phil
Phil
Phil
Phil
Phil
Phil
Phil
Phil
Phil
Phil
Phil
Phil
Jeremy
Phil
*HALFWAY POINT of our 40 minutes. We should be at around 11:25am or so by now*Phil
Phil-Jeremy adds Keyword search tip (Accounting Provision)
Phil
Phil
Phil
Jeremy
JeremyPhil adds 2 points- self-assessment and key challenge of implementing further controls
Jeremy
Jeremy
Jeremy
Jeremy
Jeremy- simple data visualization techniques
Jeremy
Jeremy
Ernie- ACL has a number of whitepapers, videos, case studies and other resources in their Proformative Exchange listing, including an eBook called “Don’t Get Bitten by the FCPA.”-There’s also a link listed from BKD to learn more about their advisory services in the area of investigation and public response