Business Integrity and A aa

50 %
50 %
Information about Business Integrity and A aa

Published on March 27, 2008

Author: Tutu1


Business Integrity & Accountability FCPA Record Keeping and Internal Control Best Practices:  Business Integrity & Accountability FCPA Record Keeping and Internal Control Best Practices Carlo di Florio, JD, LL.M PricewaterhouseCoopers Global Risk Management Solutions New York 212-520-2275 Presentation Overview:  Presentation Overview Record-Keeping Provisions and Best Practices Permissible Payments and Related Guidelines COSO Internal Control Best Practices Auditors Role and Disclosure Requirements Undertaking Effective Due Diligence Identifying and Responding to Red Flags Slide3:  Accounting and Record-Keeping Provisions Frequently overlooked and dangerously ignored, the accounting provisions of the FCPA require publicly-held companies to maintain records that accurately reflect transactions and dispositions of assets, and to maintain systems of internal accounting controls. The accounting and record-keeping provisions apply to all payments, not just to sums that would be “material” in the traditional financial sense. Slide4:  Accounting Provisions - Foreign Affiliates A U.S. company is required to assure compliance with the accounting provisions by foreign affiliates it controls An issuer must make a good faith effort to cause compliance by affiliates in which its voting power is 50% or less The SEC is pursuing a number of cases concerning illicit payments by foreign subs/affiliates by going after the U.S. parent for failure to maintain adequate internal controls. FCPA: “Books and Records” Provision:  FCPA: “Books and Records” Provision Requires issuers to “make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of assets” by the company. Slide6:  Record-Keeping Transactions should be recorded in conformity with accepted accounting standards designed to prevent off-the-books transactions such as kick-backs and bribes. “Reasonable detail” is “such level of detail and degree of assurance as would satisfy prudent officials in the conduct of their own affairs.” Slide7:  Common High-Risk Areas Agent’s commissions - should be reasonable, comply with local law, and not touch foreign officials. Agent’s Expense Reimbursements - Exercise caution with lump-sum expense reimbursement element of a foreign agent’s compensation. Slide8:  Common High-Risk Areas FCPA Compliance Audits - Examine foreign branch offices and foreign subsidiaries. Because of different accounting and oversight systems, these entities are often used as vehicles for concealing or mischaracterising transactions. Specific Transactions - If there are red flags regarding a particular transaction, a good place to start the risk assessment is with the books and records. Slide9:  Common High-Risk Areas Acquiring a Foreign Entity - Conduct effective due diligence. In certain countries, you will likely find prior bribe payment scenarios. Investigate red flags and exercise caution over treatment of prior transactions Institute and internal control framework going forward Slide10:  Quantitative and Qualitative Accuracy An issuer’ books, records, and accounts should correctly record not only the financial facts of the transaction, but also such other information as may be necessary to call a reviewer’s attention to any possible qualitative illegality or impropriety A prudent risk management strategy is to transparently account for facilitating payments accurately as “lawful facilitating payments.” Slide11:  Falsification of Books and Records Rule 13b2-1 prohibits the falsification of books and records required to be kept under the record-keeping provisions of the FCPA. It applies to “any person” and there is NO materiality requirement Books are defined broadly to include “accounts, correspondence, memoranda, tapes, discs, papers, books, and other documents or transcribed information of any type. The rule prohibits masking transactions or characterizing them in any oblique way Almost every FCPA case involves payments that were concealed or mischaracterized. Slide12:  Misrepresentations to Auditors Rule 13b2-2 prohibits any officer or director from making (or causing to be made) materially false or misleading statements or omitting to state any material facts in the preparation of filings required by the Exchange Act. Extends to internal auditors as well as outside auditors A failure to clarify a representation can also constitute a violation Slide13:  Books and Records - Rules of Thumb All accounting records, expenditures, expense reports, invoices, vouchers, gifts, business entertainment and any other business records should be accurately and reliably reported and recorded. Any and all payments by or on behalf of Company may only be made on the basis of appropriate supporting documentation and only for the purpose specified in the documentation. No undisclosed or unrecorded fund or asset (“off-books” or “slush funds”) may be established or maintained for any purpose Slide14:  Books and Records - Rules of Thumb To avoid even the appearance of impropriety, no payments to any third party should be made in cash other than documented petty cash disbursements. No corporate checks should be written to “cash,” “bearer,” or third party designees of a party entitled to payment. No payments should be made outside the country of residence of the recipient without the prior written approval of the Chief Financial Officer and the office of General Counsel. Slide15:  The anti-bribery provisions create a limited exception for small payments or gifts made to expedite or secure performance of a “routine governmental action.” The “facilitating” payments covered by this exception include routine payments made: to obtain documents necessary to qualify a person to do business in the country; to process government papers; to provide police protection, postal services, or necessary inspections; or to provide phone, utilities, cargo, or similar services Facilitating Payments Exception Slide16:  Facilitating Payments - Control and Record-Keeping Issues Look for the following information in the accounting records for lawful facilitating payments: Records demonstrating the amount of the payment, the identity of the recipient, the routine act provided, and whether it is customary in the country; Written approval from the office of General Counsel Written opinion from reputable local counsel concerning the legality of the facilitating payment. FCPA Safe Harbors (Affirmative Defenses):  FCPA Safe Harbors (Affirmative Defenses) The FCPA provides two affirmative defenses: 1. Where the payment or gift was lawful under the written laws of the foreign country 2. Where the payment or gift was a reasonable and bonafide expenditure directly related to either: the promotion, demonstration, or explanation of products or services, or the execution or performance of the contract Slide18:  Guidelines for Bonafide Expenditures - Travel and Entertainment The amount of the expenditure should be reasonable, not lavish or excessive. Avoid expenditures for family members of foreign officials. There should be an appropriate balance between the business purpose of the trip and the entertainment and leisure activities provided. The legitimate business reasons for the expenditures, and the absence of any “corrupt inducements” should be carefully documented. For example, a written invitation should be sent to the recipient stating that the trip is primarily for educational or promotional purposes. Inform the superior of the recipient of the purpose and financial arrangements for the trip. Ensure that there is no double reimbursement (e.g., by the company and the officials ministry). Slide19:  Guidelines for Bonafide Expenditures All expense reimbursements should be supported by appropriate receipts reflecting the nature of the expense reimbursed. Effective risk management is to pay vendors directly for travel and lodging expenses Avoid cash payments (e.g., “walking around money.”) Slide20:  Guidelines for Bonafide Expenditures The amount and type of expenditures should be consistent with U.S. and local custom The expenditures should be lawful under local law The expenditures should be accurately reflected on the books and records, and supported by appropriate documentation Slide21:  Example - Guidelines for Minister’s Conferences Outside County Record the amount of the payment, the identity of the recipient, and the business purpose. Attach copies of expense records and correspondence establishing payment and purpose. If based on contract requirements, attach a copy of the relevant pages of the contract. If a written opinion from reputable local counsel is obtained, attach a copy. If obtained, attach copy of correspondence from superior that he supports the trip and company’s payment. Slide22:  General Guidelines for Gifts The Department of Justice provided some guidance in an early advisory opinion (FCPA Rev. Proc. Rel. No. 81-1), but it is limited to the specific case. In that case, gifts allowed: when permitted by local law when the ceremonial value of the item exceeds its intrinsic value when the cost of the gift does not exceed $500 per person when the expense is commensurate with the legitimate and generally accepted local custom for such expenses by private business persons in the country Slide23:  Guidelines for Gifts nominal in value not in the form of money permitted under the laws of the host country customary, in type and value, in the host country made transparently at an appropriate time and in an appropriate circumstance made as a courtesy or token of regard or esteem, or in return for hospitality Given openly rather than secretly Accurately reflected in the company’s books and records Slide24:  Gifts and Entertainment - Sample Policy Record the gift or entertainment provided and its value attach all receipts and expense records Identify the circumstances, such as a holiday If a gift arises out of local custom or is permitted by applicable law or regulations, summarize the custom or attach a copy of the applicable law or regulation If applicable law or regulation does not specifically address the legality of providing gift or entertainment, obtain written opinion of reputable local counsel specifying that the gift or entertainment is not illegal and include the opinion with the accounting records FCPA: “Accounting Controls” Provision:  FCPA: “Accounting Controls” Provision Requires issuers to devise and maintain accounting controls sufficient to provide “reasonable assurances” that four objectives are met: that transactions are executed in accordance with Management’s instructions that transactions are recorded as necessary to permit proper accounting and preparation of financial statements that access to assets is controlled according to management’s instructions that records are reconciled with existing assets at reasonable intervals # # # # Slide26:  What is Required? The FCPA does not mandate any particular kind of internal control frameworks. The test is whether a system, taken as a whole, reasonably meets the statute’s specified objectives. The SEC has made reference to what would be generally accepted as an adequate internal control system. Best practices have been formalized in a widely accepted form by the Committee of Sponsoring Organizations (“COSO”) of the Treadway Commission. Slide27:  Adequate Internal Controls COSO broadly defines internal control as a process, effected by an entity’s board of directors, management or other personnel, designed to provide reasonable assurance regarding: 1) the efficiency of operations; 2) the reliability of financial reporting; and 3) compliance with applicable laws and regulations. Slide28:  Adequate Internal Controls To achieve these objectives, effective internal control consists of establishing five interrelated components: control environment risk assessment control activities information and communication systems monitoring mechanisms Slide29:  Control Environment The "control environment" is what sets the tone of an organization and provides discipline and structure. It reflects the entity’s corporate governance and includes: the integrity and competence of the entity's people; management's philosophy and operating style; and the way management and the board assign authority and responsibility throughout the organization. Slide30:  Risk Assessment "Risk assessment" is the identification and analysis of risks to determine how they should be effectively managed. Once risks have been identified, sourced and measured, steps must be taken to avoid, transfer, or otherwise reduce the risks to acceptable levels. As an example, to evaluate the risk of bribery and corruption in the procurement process, one might analyze how engineering could create specifications that favor specific vendors, how purchasing could unfairly award contracts, and how accounting could record kickbacks. Slide31:  Control Activities The "control activities" are the policies and procedures that help ensure that management's directives are carried out. These include such practices as authorization, reconciliation and segregation of duties. Such activities would permeate the entire organization, at all levels and in all functions. They should be tailored to reflect the entity’s specific control environment, objectives, and tolerance for risks. Slide32:  Information and Communication "Information and communication systems" produce operational, financial and compliance related reports, and they also notify personnel of their role in the internal control system. These systems must provide a means for moving important information to the very top of the organization and for receiving inputs from external parties. As an example, consider information of corrupt practices coming from a whistleblower. The source could be a marketing clerk within the organization who comes across incriminating documents or an external vendor who witnesses a corrupt practice. In either event, it is critical that internal and external information be identified, captured, and communicated in a form and time frame that enables decision makers to carry out their responsibilities. Slide33:  Monitoring Finally, "monitoring" is a process that assesses the quality of the system's performance over time. When deficiencies are discovered, they must be reported and appropriate remedial action taken. The internal enforcement mechanism must be taken seriously by subsidiary, branch, and regional management and personnel. When Are Controls Adequate:  When Are Controls Adequate All five components should be present and functioning effectively to conclude that internal control over operations is effective. (COSO) Slide35:  Auditors Role Auditors have been given added responsibility in detecting and reporting fraud in recent years. Under Statement of Accounting Standards (“SAS”) 53, auditors should make appropriate inquiries of management , when risk factors indicate, concerning a company’s compliance with laws against bribery. In 1997, SAS No. 82 came into effect providing that auditors must not only report fraud but also search for it. Even if not material, detected misstatements due to fraud must be reported. SEC enforcement actions are increasing under Books and Records provisions and related anti-fraud rules Slide36:  Auditors Role Risk Factors that must be considered under SAS No. 82 may be grouped into three categories: Management’s characteristics and influence over the control environment The economic and regulatory environment in which Company operates Company’s operating characteristics (nature and complexity of transactions) and its financial condition. Slide37:  Auditors Role In assessing risks, the auditor may consider: what steps have been taken to implement and enforce a formal code of conduct whether there are specific controls that mitigate the risk of fraud or whether specific control deficiencies may exacerbate the risk of fraud the effectiveness of a program to prevent, deter and detect fraud whether an oversight committee (e.g., audit committee of the board or compliance committee) has identified fraud risk factors Slide38:  Communicating Findings of Fraud Whenever there is evidence that fraud may exist, SAS No. 82 requires that the matter should be brought to the attention of appropriate level of management. Even if not material, detected misstatements due to fraud must be reported at least one level of management above those involved. Communication may also be necessary to the compliance committee and the audit committee of the board as well since the management above may be too close to the conduct. Slide39:  Treatment in Financial Statements Materiality generally governs disclosure obligations for publicly-held companies SAS No. 82 notes that “an illegal payment of an otherwise immaterial amount could be material if there is a reasonable possibility that it could lead to a material contingent liability or a material loss of income.” If material revenue or earnings are derived from transactions involving illegal acts, or will be impacted by attendant risks, that information must be considered for disclosure Slide40:  Disclosure Requirements The 1996 Private Securities Litigation Reform Act provides that companies must institute procedures designed to provide reasonable assurance of detecting illegal acts that would have a direct and material effect on the determination of financial statement amounts. The auditor must consider the effect of an illegal act on the financial statements, including any contingent monetary effects such as fines, penalties, and damages. Slide41:  Disclosure Requirements (cont’d) When an auditor concludes that an illegal act may have a material effect on the financial statements, and that senior management has not taken remedial action, the auditor must report to the board of directors that the failure to take remedial action is reasonably expected to warrant departure from a standard report of the auditor or warrant resignation from the audit. The board of directors and the auditor then have disclosure obligations to the SEC. Effective Due Diligence of Business Partners and Agents:  Effective Due Diligence of Business Partners and Agents An Ounce of Prevention... Due Diligence is Critical:  Due Diligence is Critical Conduct due diligence on the integrity of all foreign partners, agents, consultants, marketing representatives and other business associates Understand their reputation and confirm their experience, competence and integrity Understand the corruption risks posed by conflicts of interest and relationships with public officials Follow-up on Red Flags Undertaking Due Diligence Investigations:  Undertaking Due Diligence Investigations Relevant country desk officers at the U.S. Department of State and U.S. Department of Commerce (or comparable government offices) Commercial attaché at the U.S. embassy in the relevant foreign country Published press reports concerning the agent’s activities and corruption within the particular country, ministry or agency Sources of Information Undertaking Due Diligence Investigations (cont’d):  Undertaking Due Diligence Investigations (cont’d) Commercial and investigative databases Request references from the agent and check reputation of agent in the local business community Conduct a site visit and assess operation/resources Ensure that terms of the proposed compensation arrangement appear consistent with the market for comparable services Maintain file of due diligence efforts Red Flags in Using Agents:  Red Flags in Using Agents Country has widespread history of corruption Questionable reputation in the business community Local law prohibits use of agents Agent has family or business ties to a government official Agent is recommended to you by the foreign government customer Agent insists that identity not be disclosed Agent refuses to expressly certify compliance with FCPA Red Flags in Using Agents (cont’d):  Red Flags in Using Agents (cont’d) Agent lacks the staff or facility to perform services Agent requests a payment or commission substantially above the going rate. Agent requests commission up-front for him to “get the business” or “make the necessary arrangements.” Agent requests payment through some unusual means (e.g., to third country, third party, by bearer instrument, etc.) Slide48:  GOAL - Demonstrate Integrity It is important that a company be able to demonstrate that it has conducted adequate due diligence, it has followed-up on red flags, and it has structured the transaction/relationship to reasonably ensure the integrity of the deal and compliance with the law and internal control best practices. Slide49:  Supporters of The OECD Anti-Bribery Convention Central & South America Argentina Brazil Chile Mexico Asia Australia Japan Korea New Zealand North America Canada United States Hungary Iceland Ireland Italy Luxembourg The Netherlands Norway Poland Portugal Slovak Republic Spain Sweden Switzerland Turkey Austria Belgium Czech Republic Denmark Finland Germany Greece Europe

Add a comment

Related presentations

Related pages

Business ethics and Integrity | Jotun

Business ethics and integrity ... Business operations Jotun holds a high ethical standard in its daily business operations. Furthermore, ...
Read more

Business integrity: morality check | Accountancy Age

Integrity is central to the identity of professions such as accountancy. Not only are accountants required by their professional bodies’ codes of ethics to
Read more

The role of integrity in individual and effective ...

Journal of Academic and Business Ethics The role of integrity, Page 1 The role of integrity in individual and effective corporate leadership
Read more

integrity Meaning in the Cambridge English Dictionary

Meaning of “integrity” in the English Dictionary. ... A, a; a/one hundred ... (Definition of integrity from the Cambridge Business English Dictionary ...
Read more

Integrity and Ethics - Parker

Integrity and Ethics; ... continue to strengthen our ethical heritage and guide us in managing business activities with integrity as we pursue our ...
Read more

Preserving Integrity - Career Development From

Preserving Integrity ... Volkswagon is paying dearly for its unethical behavior and a once "successful" business is losing loyal customers as well as ...
Read more


STANDARDS OF BUSINESS CONDUCT ... integrity, and fairness when ... should see Jetnet or for international dialing instructions.
Read more

Data Integrity -

Data integrity is about the actual values that are stored and used in your application's data structures. ... Defining business rules.
Read more

FIVE CORE VALUES: INTEGRITY - NAIA - Champions of Character

Integrity Teambuilding Activities. Activity 1 Activity 2. WHY CHAMPIONS OF CHARACTER? Sports at all levels are full of examples of a breakdown of the ...
Read more