Best Practices For Anti-Corruption Compliance Programs – A Moving Target


bestThe Justice Department and the SEC have pushed extraordinary changes in the field of anti-corruption compliance.  If one looks back five years ago and compares the so-called best-practices from 2008 and compares them to recent pronouncements on anti-corruption compliance, the differences are stark.

Here is a summary chart on current program elements and some “best practices” cited by DOJ and the SEC in recent enforcement settlements.


If you look down the list, there are some interesting elements, additions and refinements.  These include:

Annual Compliance Assessments – The requirement of annual compliance assessments is important.  A company can stand still and expect its compliance program to continue working.  A compliance assessment is a critical tool for improving a compliance program.  A regular assessment routine should be designed with a schedule for in-depth and less intensive assessments.  A stated policy for conducting such reviews and the timing and resources committed to each should be set out in advance.

Effective Training for Third Parties – This requirement has become more important in the last few years because of DOJ and SEC concern about the absence of effective control over third parties.   A company does not have to conduct the training itself so long as it ensures that the third-party company provides comparable training programs to its employees.

Integration of Acquired Entities into Compliance Program – In response to poor integration practices, DOJ and the SEC have emphasized this element.  DOJ and the SEC have dealt with companies that acquired companies without making any effort to integrate the acquired company into the parent company’s internal controls.  This phenomena has occurred on numerous occasions in China and other Asian countries.best3

DOJ and the SEC have imposed this requirement with some flexibility and allowed companies to complete the integration process within eighteen months.

Two aspects of this element raise some concern.  DOJ and the SEC expect the acquiring company to conduct forensic audits of the acquired company and to report to the government any violations that are discovered.   These are troublesome requirements.  They constrain company discretion: (1) to assign audit resources where appropriate; and (2) to require companies to disclose to the government any violations.   No one hs tested these requirements but companies have to retain discretion to assign compliance resources where appropriate and disclose when they choose to disclose a violation.

Evolving International and Industry Standards – This factor requires companies to take into account evolving international and industry standards when monitoring, testing and auditing a company’s compliance function.  This terminology is somewhat vague but in practice is an attempt to define “best practices” in this area.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Michael Volkov, The Volkov Law Group | Attorney Advertising

Written by:


The Volkov Law Group on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.