Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

FCPA Compliance: Practical Steps to Establish and Maintain Control across the Globe

369
views

Published on

Video & Slides: http://www.proformative.com/events/fcpa-compliance-practical-steps-establish-maintain-control-across-globe …

Video & Slides: http://www.proformative.com/events/fcpa-compliance-practical-steps-establish-maintain-control-across-globe

Compliance with the Foreign Corruption Practices Act (FCPA) is one the greatest risk exposures companies face in doing business across the globe. There is more to FCPA than just legal conjecture and “what if” scenarios. There is a material impact being felt by many global companies as federal authorities step up their FCPA enforcement actions. Anti-bribery enforcement is on the rise and penalties are growing, with hefty fines being doled out by the millions. Data analytics are one of the most powerful ways to validate the completeness and accuracy of books and records, providing an invaluable early warning system against bribery and corruption. In this webinar, FCPA compliance and Data Analytics experts will outline best practices for incorporating analytics into your FCPA compliance program, and offer real-world success stories and key lessons learned. Attendees will also learn where and how to get started with common tests for identifying non-compliant activities, and how to prioritize and take a targeted approach to compliance.

Published in: Business, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
369
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Ernie introduces Phil and Jeremy
  • Jeremy starts with The Stakes.Ends this slide with transition to “Moral Issue”…
  • Phil
  • Phil
  • Phil
  • Jeremy transitions topic to Case Studies
  • Jeremy Case Study
  • Phil Case Study
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Phil
  • Jeremy
  • Phil
  • *HALFWAY POINT of our 40 minutes. We should be at around 11:25am or so by now*Phil
  • Phil-Jeremy adds Keyword search tip (Accounting Provision)
  • Phil
  • Phil
  • Phil
  • Jeremy
  • JeremyPhil adds 2 points- self-assessment and key challenge of implementing further controls
  • Jeremy
  • Jeremy
  • Jeremy
  • Jeremy
  • Jeremy- simple data visualization techniques
  • Jeremy
  • Jeremy
  • Ernie- ACL has a number of whitepapers, videos, case studies and other resources in their Proformative Exchange listing, including an eBook called “Don’t Get Bitten by the FCPA.”-There’s also a link listed from BKD to learn more about their advisory services in the area of investigation and public response
  • Transcript

    • 1. Ask, Share, Learn – Within the Largest Community of Corporate Finance Professionals FCPA Compliance: Practical Steps to Establish and Maintain Control Across the Globe Jeremy Clopton, Senior Managing Consultant, BKD, LLP Phil Lim, Product Manager, ACL
    • 2. • • •
    • 3. After participating in this event you will be able to: • Understand how to identify and mitigate FCPA risk exposures at your company • Discover current and emerging trends in technology that allow pro-active risk exposure management • Understand how to continuously monitor company data for suspicious FCPA activities
    • 4. Ask, Share, Learn – Within the Largest Community of Corporate Finance Professionals FCPA Compliance: Practical Steps to Establish and Maintain Control Across the Globe Jeremy Clopton, Senior Managing Consultant, BKD, LLP Phil Lim, Product Manager, ACL
    • 5. Jeremy Clopton,Senior Managing Consultant, BKD, LLP @j313 Phil Lim, Product Manager, ACL
    • 6. $70 Million $1.9+ Billion • Total Penalties 2010-2013 Penalties 2010-2013 • 20+ Organizations Organizations Personal Liability Johnson & Johnson $95 Million 2011 $398 Million Magyar Telecom 2011 Total S.A. 2013 • Personal fines fines • Incarceration • Incarceration Reputational Damage $45 Million Pfizer $29 Million Eli Lily 2012 2012
    • 7. The Scenario The Bribe What’s the issue? • You are part of an organization that manufactures and sells trains. • Government of Meydupistan needs to purchase new trains for its national railroad. • Budget of ~$100 Million.
    • 8. The Scenario The Bribe What’s the issue? •To obtain the business, government minister in charge is told: •$100K will be directed to his “favorite charity”
    • 9. The Scenario •$100K went from the people of Meydupistan to the Minister’s pocket. The Bribe •Not fair for competition: •What if a competitor had better trains for less? What’s the issue?
    • 10. The Need • FCPA violation = need for compliance plan • 8 countries of interest The Solution • Monthly compliance monitoring: • Dashboard for management review (8 – 10 analytics in one page) • Multiple accounting systems • Accompanying details for compliance and internal audit review • Increase in effectiveness and efficiency in testing
    • 11. The Need The Solution • FCPA violation = need for compliance plan • Step 1: Assessment of control environment (Internal Audit) • Lots of Joint Ventures/Acquisitions in worldwide markets • Step 2: Implement continuous monitoring data analytics • Step 3: Follow-up and report on findings and management remediation • Step 4: Repeat
    • 12. Financial reporting controls are not bribery controls. More application system controls can be ineffective. One-off initiatives are not sustainable. Stakeholders (internal and external) need visibility.
    • 13. Financial reporting controls are not bribery controls. More application system controls can be ineffective. •One time donation to a foreign official’s favourite charity? Not an issue for SOX, but for FCPA… One-off initiatives are not sustainable. •What do we need to test for? Stakeholders (internal and external) need visibility.
    • 14. Financial reporting controls are not bribery controls. More application system controls can be ineffective. •Implementing further application system controls can lead to inflexibility, rejection, and ultimately, workarounds. One-off initiatives are not sustainable. Stakeholders (internal and external) need visibility. •How do we maintain business agility while addressing the issue?
    • 15. Financial reporting controls are not bribery controls. More application system controls can be ineffective. One-off initiatives are not sustainable. Stakeholders (internal and external) need visibility. •One-off initiatives to produce a “report” don’t affect culture nor promote transparency. •How do we ensure lasting impact of our mitigation efforts?
    • 16. Financial reporting controls are not bribery controls. More application system controls can be ineffective. One-off initiatives are not sustainable. Stakeholders (internal and external) need visibility. •How does the executive team keep informed about ongoing bribery and corruption risk? •What about demonstrating to authorities that an effective program is in place?
    • 17. Self-Assessment Continuous Monitoring Executive Visibility • Internal Control Reviews • Policy Reviews • Ad-hoc Analysis and Sampling • Timely Alerts of Suspicious Activities • Exception Management Workflow • Maintain Business Agility • Dashboard for Senior Leadership to action • External Stakeholders
    • 18. Conduct Internal Control Reviews • Anti-Bribery Policies / Employee Education / Reporting hotlines Distribute and Track Deliverables • Document sources of revenue (party planning?) Who should perform the Assessment? • Business Partner/Joint Venture/Third party due diligence
    • 19. Conduct Internal Control Reviews • Management Recommendations Distribute and Track Deliverables Who should perform the Assessment? • Control Deficiencies
    • 20. Conduct Internal Control Reviews • External assurance firm? Distribute and Track Deliverables • Internal audit team/compliance team? Who should perform the Assessment? • Can better follow-up with findings, know the business
    • 21. Implement Detective Controls Where to Apply Bribery Analytics Define the Remediation Workflow • Incorporate analytics to increase effectiveness • Maintain Business Agility • Create a common data model to deal with disparate systems
    • 22. Implement Detective Controls • Where to apply data analytics Where to Apply Bribery Analytics Define the Remediation Workflow • Multiple business processes – Vendor Management, P2P, GL, Payroll, TNE
    • 23. Implement Detective Controls • Document follow-up and remediation Where to Apply Bribery Analytics • Identify trend of control effectiveness Define the Remediation Workflow • Further refine analytic logic and parameters, and processes
    • 24. • – – • – – –
    • 25. Fictitious Merchants • Area: TNE • Area: TNE Risk • A fictitious merchant is is set up to channel funds tounauthorized third party. • A fictitious merchant set up to channel funds to an an unauthorized third party. Control • Management should be notified when a merchant is used by very few • Management shouldaverage transactiona merchant is used by very few individuals but whose be notified when size is large. • individuals but whose average remediate exceptions on a timely basis. Management should review and transaction size is large. • Management should review and remediate exceptions on a timely basis.
    • 26. Manual Postings to System Accounts • Area: TNE Area: GL Risk • A fictitious journal entry isup to channelsystem account to hide athird party. manual merchant is set posted to a funds to an unauthorized transaction to an unauthorized third party Control • Management should be notified when a merchant is used by very few individuals but whose be notified of manual journal • Management shouldaverage transaction size is large. entries to GL accounts • typically reserved for application system exceptions on a timely basis. Management should review and remediate use. • Management should review and remediate exceptions on a timely basis.
    • 27. New Vendor Monitoring • Area: TNE Area: P2P Risk • Vendors without a previous to channel funds tothe unauthorized third party. A fictitious merchant is set up relationship with an organization may be used to channel funds to an unauthorized third party. Control • Management should be notified when a merchant is used by very few individuals but whose be notified when size is large. • Management shouldaverage transactionthere are new vendors with • significant transaction values. remediate exceptions on a timely basis. Management should review and • Management should review and remediate identified transactions on a timely basis.
    • 28. Non-Vendor Cash Payments • Area: TNE • Area: P2P, GL Risk • Cash payments not recordedup to channel funds to an unauthorized third party. A fictitious merchant is set in the accounts payable detail are not linked to a vendor and may not contain sufficient detail to analyze propriety of payment. Control • Management should be notified when payment is is used by very few • Management should be notified when a a merchantmade through any system individuals but whose average other than accounts payable. transaction size is large. • Management should review and remediate identified transactions on basis. Management should review and remediate exceptions on a timely a timely basis.
    • 29. Invoices without Descriptions • Area: TNE • Area: P2P Risk • Improper payments, andset up to channel funds to an unauthorized third party. A fictitious merchant is improper recording of these payments, through the accounts payable system by entering invoices without proper descriptions. Control • Management should be notified when a merchant is used by very few • Management should be notified when payments are made on invoices without an individuals but whose average transaction size is large. description. • Management should review and remediate exceptions on a timely a timely • Management should review and remediate identified transactions on basis. basis.
    • 30. Sales Adjustments or Write-offs to Customers • Area: O2C • Area:TNE Risk • Adjustments or write-offs may be manipulatedunauthorized third party. • A fictitious merchant is set up to channel funds to an in a kick-back or bribery scheme. Control • Management should be notified when a merchant is used by very few • Management should be notified of repetitive, significant adjustments individuals but whose average transaction size is large. and write-offs to the same customer. • Management should review and remediate exceptions on a timely basis. • Management should review and remediate exceptions on a timely basis.
    • 31. Payroll Employees without Deductions • Area: Payroll • Area: TNE Risk • Phantom employees mayup to channel funds to an unauthorized third party. A fictitious merchant is set be used to channel funds to an inappropriate third party. Control • Management should be notified when a merchant is used by very few • Management shouldaverage transaction size is large. individuals but whose be notified of any payroll transactions without • appropriate deductions. and remediate exceptions on a timely basis. Management should review • Management should review and remediate exceptions on a timely basis.
    • 32. • • – • –
    • 33. • •