3 Ways CCOs Can Manage Anti-Bribery & Corruption Compliance

Compliance teams are facing increased pressure internally and externally to protect their organization against bribery and corruption risk.

The Foreign Corrupt Practices Act (FCPA) Resource Guide, released by the Department of Justice and the Securities and Exchange Commission, states that:

“Effective compliance programs are tailored to the company’s specific business and to the risks associated with that business. They are dynamic and evolve as the business and the markets change…. A company’s compliance and ethics program can help prevent, detect, remediate, and report misconduct, including FCPA violations, where it is well-constructed, effectively implemented, appropriately resourced, and consistently enforced.”

Organizations that fail to develop an integrated, holistic approach to compliance management will struggle to adhere to regulatory guidance and requirements.

Effective, efficient, and agile FCPA compliance requires a management framework with well-documented policies, processes, and controls. Chief compliance officers can support compliance program maturity by:

1. Communicating expectations with policies

Effective FCPA compliance programs are built on well-documented policies and a technology framework that establishes responsibility within the organization to help ensure and monitor whether employees act appropriately. Manual policy and compliance management processes can’t support effective reporting and don’t leave an adequate audit trail of the activities of employees and third parties.

2. Tracking regulatory changes

An effective FCPA compliance program should monitor all changes and updates in FCPA requirements, enforcement actions, and guidance, as well as other relevant anti-bribery and corruption laws and regulations.

3. Identifying and monitoring risks

A mature and effective FCPA compliance program develops common processes and implements technology to assist in automating risk assessments. Unifying risk management processes and data across the organization helps compliance teams more accurately analyze and report on emerging bribery and corruption risks.

Moving Toward a GRC Technology Architecture

A governance, risk, and compliance (GRC) technology architecture is essential for managing the full scope of regulatory requirements — including FCPA compliance — in today’s business environment.

A holistic framework for compliance, policy, risk, and vendor management equips organizations to:

• Manage compliance to requirements
• Implement and revise policies and controls
• Identify third-party relationships that may result in risk exposure
• Help employees and stakeholders stay well informed and build a corporate culture of ethics and compliance

Read next | Looking Toward the Future of Corporate Ethics >