Site icon Xcelus

Does your Compliance Program have Adequate Resources?

What is Adequate?

In appraising a compliance program, the DOJ and SEC consider whether a company has sufficient resources to ensure the company’s compliance program is implemented effectively. When it comes to compliance, there is no one-size-fits-all program. Adequate resources may be measured in different ways. Companies may consider a variety of factors when determining what is appropriate for their specific business needs. What follows are basic suggestions to measure adequate resources.

Size.

For smaller sized companies, it may be appropriate for day-to-day operational responsibility to be delegated to other specific individuals within a company. DOJ and SEC recognize the reporting structure will depend on the size and complexity of an organization. Logically, the bigger the company the more employees must be responsible to oversee compliance. The regulators may ask whether the corporation has provided for a staff sufficient to audit, document, analyze, and utilize the results of the corporation’s compliance efforts. Ultimately the prosecutors will determine whether all of the corporation’s employees are adequately informed about the compliance program and are convinced of the corporation’s commitment to it.

Autonomous

The DOJ and the SEC will determine if the responsibility for the oversight and implementation of a compliance program is assigned to one or more specific senior executives within an organization, such as a Chief Compliance Officer or Director. These individuals must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources. Adequate autonomy generally includes direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors such as the audit committee.

Industry.

Moreover, the amount of resources devoted to compliance will depend on the complexity of the industry and risks associated with the business. A company is considered a high-risk business if its customer or business partners are primarily foreign government officials. As US corporations become multinational through foreign acquisitions, the opportunity for FCPA violations increases. Authorities have brought a number of cases in the proposed and completed acquisitions, and have announced repeatedly that acquirer and investor must conduct FCPA due diligence on mergers and acquisitions.

Geography.

The Transparency International’s Corruption Perceptions Index is a great tool to determine geographic risk. TI provides maps and reports of corruption and rates almost every country in the world. The DOJ and the SEC will determine the geographic reach of the compliance program and analyze whether adequate resources have been allocated to the high risk countries. A multimillion dollar contract with a government agency in a high-risk country warrants greater scrutiny than modest and routine gifts and entertainment.
Exit mobile version