Is Your Organization FCPA Compliant?

July 2019

The Foreign Corrupt Practices Act (FCPA), which forbids US businesses from engaging in bribery or inaccurate accounting in their overseas activities, has been in effect since 1977. In the past decade, however, the Securities and Exchange Commission and the Department of Justice have significantly stepped up enforcement efforts. In the first quarter of 2019 alone, companies under investigation for FCPA violations settled claims for more than US $1 billion. The legal fees associated with FCPA investigations cost businesses more than US $2 million per month, and the standards of intent required to prosecute are minimal – if the bribery is proven, intent and knowledge are inferred. Even non-US companies should be aware of FCPA, as its provisions extend to foreign subsidiaries of US companies as well as foreign companies with US investment. 

Unfortunately, even when a business does everything in its power to remain compliant, they are still greatly affected by factors outside their immediate control.  But today, technologies can exist that can help businesses leverage previously untapped data to reduce their blind spots.

Know Your Vendors

To conduct business overseas, companies often rely on third-party intermediaries. While using local vendors to help conduct overseas business makes perfect sense from a business perspective, they represent a liability as well. About 90% of FCPA-identified bribery schemes involve third-party intermediaries. Activities that are clear FCPA violations, such as bribery, can be considered standard operating procedure in some other countries. 

The good news is that help exists for those wanting to stay compliant. An ecosystem has sprung up to provide businesses with subscription-based due diligence services. Risk intelligence databases identify those on sanction lists or watchlists, who have a previous criminal history, who are politically exposed, who appear in media searches, or whose names have been culled from lists provided by law enforcement. In this way, businesses can perform an initial vetting of the sources, both internal and external, with whom they are likely to associate. 

Risk Intelligence and Real-Time Data

The level of analysis most platforms provide, while valuable, does not, however, provide a complete picture of what’s going on. Here’s why:

  • Real-time information – There may be vendors – or even employees – who do not appear on any list, but this does not mean they are immune from initiating contact or falling prey to those wishing to illicitly gain from a company’s foreign investment. These risks need to be tracked on an ongoing basis, and businesses should know immediately if anyone affiliated with their company enters a gray zone of conduct or contact with a suspicious entity.
  • Hidden relationships  – Those involved in illegal activities often go to great lengths to hide their relationships with others, particularly when the connections raise obvious suspicion. To truly map out a network of relationships, much deeper knowledge of second- or even third-degree connections is needed. For example, a third-party vendor in a direct illicit relationship is easy to detect. Identifying a third-party vendor who uses a fake identity or a proxy to form an indirect illicit relationship is far trickier. 

Why is this added layer of protection so essential? Ultimately, if you’re the target of an investigation or if your name is linked to corruption, it won’t matter what safeguards you’ve put in place or how carefully you’ve stressed the need to be FCPA-compliant. The damage will be yours to bear.

Protect Yourself From Every Direction

To perform true due diligence that covers all angles and leverages real-time data, you’ll need a platform that can harness information at scale, connect the dots and present precise, otherwise-unattainable insights. To learn more about how Voyager Labs can help you proactively stay ahead of threats, click here

Share this post