ISO 37001 Prompts Review of FCPA-Based Anti-Corruption Policies

By Patty P. Tehrani
Lawyer and Founder of Policy Patty Toolkit

iso-logoNot surprisingly, most U.S. organizations base their anti-corruption policies on the U.S. Foreign Corrupt Practices Act (“FCPA”). At first, the FCPA was designed to combat bribery by U.S. companies conducting business worldwide. Over time its reach has extended beyond just U.S. companies. With the expansion of the FCPA and anti-corruption laws coming out of other countries, organizations that operate globally must now contend with various and possibly conflicting anti-corruption requirements.

Some good news may be on its way. Last month, the International Organization for Standardization (ISO) finalized and approved ISO 37001 (click here). ISO is an international standard-setting body that issues standards that are designed to meet expectations of enforcement authorities around the world. ISO 37001 outlines requirements for anti-bribery management systems using a risk-based approach that specifies required procedures and controls. By defining global minimum requirements for such systems, the new standard should help organizations with their policies. How? Organizations can use ISO 37001 to either assess their anti-corruption policies and related programs or review existing ones to make sure they meet these new standards.

To help with this review, consider the following key points:

• What’s the purpose of ISO 37001? It was developed to help organizations establish, operate, and improve their anti-bribery compliance programs. It does this by outlining requirements and guidance for establishing, implementing, maintaining and improving an anti-bribery management system.

• Why take notice? ISO 37001 will most likely serve as the global standard for anti-bribery management systems.

• Who is subject? The requirements of ISO 37001 are intended to apply to all organizations in all sectors across all jurisdictions and covers public, private and not-for-profit sectors. Since it is a risk-based standard, organizations can adapt the requirements based on size, structure, location, industry, scale and complexity of its activities as well as the risks it faces.

• What are the requirements? ISO 37001 outlines global practices for preventing, detecting, deterring, and remediating corruption risks. Key measures and controls include:
o anti-bribery policies and procedures communicated to employees and third parties;
o vetting and training employees;
o management and leadership commitment and support (“tone at the top”);
o risk assessments;
o third party compliance certifications, due diligence and contractual controls including termination rights;
o reporting, monitoring, investigation and whistleblower protections; and
o periodic review and improvement of anti-corruption compliance controls.

• What are the possible outcomes? ISO 37001 provides organizations with:
o a checklist for their existing anti-corruption policies or those to be established;
o context to help make more informed decisions about third parties through ISO 37001 certifications;
Note: Third parties can certify compliance with the standard in the same way they do for other ISO standards.

o potential leverage with regulators during reviews, investigations and possible enforcement actions; and
Note: It remains to be seen whether U.S. enforcement authorities will rely on ISO 37001 as a checklist to evaluate compliance programs. But organizations with anti-corruption programs that achieve ISO 37001 certification will most likely be better positioned during regulatory reviews.

o basis to promote and strengthen brand and reputation by sending a strong message to both internal and external stakeholders about an organization’s commitment to internationally recognized anti-bribery controls and measures that it has instituted to prevent bribery.

In conclusion, make sure you review ISO 37001 against your anti-corruption policies and controls as it will most likely play an important role in the future regarding anti-corruption efforts.

 

 




New Details from Panama Papers Expose Scope of Secret Oil Deals in Africa

Bribe - moneyNew details found in the leaked documents known as the Panama Papers indicate the magnitude of the use of shell companies in Africa to launder money, often illegally obtained from bribes, involving the sale of oil and other natural resources, according to an article published by Androvett Legal Media & Marketing. “That should prompt any oil companies doing business in Africa to quickly take stock of their contracts on that continent,” says Thomas Fox, a Houston consultant and lawyer who advises companies on international business and anti-bribery laws.

“It is imperative that any multinational company operating in Africa immediately check its contracts and payments to determine if it has been doing business with one of the shell companies listed in this most recent report,” says Fox, who is editor of the FCPA Compliance and Ethics Report. “If they fail to do that, those companies will be in a much worse position when they receive an inquiry from the U.S. Department of Justice or Securities and Exchange Commission.”

The latest revelations were published Monday by the International Consortium of Investigative Journalists (ICIJ) in collaboration with African news organizations. “These reports indicate that Panamanian law firm Mossack Fonseca established shell corporations for people in 44 of Africa’s 54 countries to assist in oil, gas and mining deals,” says Mr. Fox.

He notes that the first two waves of data published from the leaked documents came from politicians who used offshore tax havens to hide money and from U.S. citizens who used offshore tax havens to evade federal income taxes. “This third round of analysis puts the spotlight on those foreign officials who needed to launder money received from bribery and corruption.”

Fox, the former general counsel of an oilfield services company, has published several books on corporate compliance and the Foreign Corrupt Practices Act. He is the founder of Advanced Compliance Solutions.




On-Demand: Benchmarking Your FCPA Compliance Program

Bryan Cave has posted the audio and presentation slides of a webinar the firm recently presented examining how recent government settlements reinforce best practice components of an effective FCPA compliance program. The webinar was titled “Benchmarking Your FCPA Compliance Program.”

The webinar includes a landmark settlement against telecommunications provider VimpelCom Ltd.

DC partner Mark Srere, Denver partner Andrew Mohraz and DC associate Kristin Robinson lead the discussion on VimpelCom and other cases.

The webinar is the third of the year in Bryan Cave’s anti-corruption series. The topic will be of interest to in-house counsel and compliance professionals of companies that conduct business outside the United States.

Access the on-demand webinar.

 

 

 




The Five Top Compliance Related Events of 2015

Even though the number of Foreign Corrupt Practices Act (FCPA) enforcement actions dropped during 2015, there were several significant lessons for the compliance practitioner not only to learn but also to put in place in any corporate anti-corruption compliance regime, writes Thomas Fox in FCPAComplianceReport.com.

He discusses some significant events that occurred last year that he believes portend some of the greatest changes not only to compliance but to FCPA enforcement going forward.

Those events are discussed under these headings: The Yates Memo, DOJ Compliance Counsel, First British DP, FIFA Corruption Scandal, and Volkswagen and the Zeitgeist of Compliance.

Read the article.

 




Greater Emphasis on Corporate Compliance Programs

magnifyer-investigate-search-puzzleThe announcement by the Department of Justice Fraud Section that it hired Hui Chen, a lawyer with previous experience as a federal prosecutor and international corporate compliance, as a full-time Foreign Corrupt Practices Act compliance expert shows that compliance should be high on corporate agendas for 2016., writes Sarah C. Baskin in the Corporate Compliance and White Collar Advisor, published by Jackson Lewis.

“The DOJ’s move will likely lead to even greater and closer scrutiny of compliance programs. The first step employers should take in responding to this change is to conduct a prompt and thorough review of their compliance programs, starting with their Code of Conduct, their internal controls, monitoring, hotline, management of investigations and reporting protocols to law enforcement,” Baskin writes.

The article lists the key elements of a good compliance program.

Read the article.

 

 




Richard Bistrong’s From Behind the Bribe: The Sharp End of Compliance

Corporate Compliance Insights presents a short film about Richard Bistrong’s journey through the dark side of international business, “getting caught” and what that might mean for today’s compliance challenges.

Richard Bistrong is a former sales and marketing executive in the law enforcement and defense sector for more than 15 years, most of which was as VP for international sales. He pleaded guilty and sentenced to one count of conspiracy to violate the FCPA, including books and records as well as exporting goods without authorization.

Watch the film.