In 2022, the US Department of Justice Criminal Division secured more than 250 fraud convictions, while the Money Laundering and Asset Recovery Section secured more than two dozen more convictions.
Assistant Attorney General Kenneth A. Polite, Jr., recently recounted these actions and added that “We are using every tool at our disposal to combat corporate crime, including more sophisticated data analytics.”
“The fight against corruption is, in this administration's opinion, core to US national security interest.”
The Biden administration named the fight against corporate corruption as one of its priorities. “The fight against corruption is, in this administration's opinion, core to US national security interests,” said Grant Thornton Forensic Advisory Services Partner Frederick J. Kohm. One of the ways that the administration will target corruption is through the Foreign Corrupt Practices Act (FCPA) that prohibits international bribes of government officials and other corrupt activities.
In a distributed industry like technology and telecommunications, even small companies might have international relationships that fall under FCPA scrutiny. In a recent Grant Thornton webinar on FCPA enforcement in technology and telecommunications, most respondents said they saw more of that scrutiny last year.
A Federal Bureau of Investigation alert reported more than 241,000 business email compromise incidents in financial institutions over the prior five years, resulting in a loss of more than $43.3 billion. All it takes is a single employee clicking a link or following misleading instructions in a corrupt email, to open a digital gate into the wider corporate IT infrastructure. The ramifications can be significant.
To avoid FCPA infractions, companies need to do more than monitor their international relationships. They also need to monitor their internal culture.
Be aware
The FCPA is multi-faceted, and Kohm said agencies within the Federal government, including the Department of Justice (DOJ) and Securities and Exchange Commission (SEC), are creating corporate crime advisory groups to stay better coordinated. “This is a spinoff of the 2021 White House memorandum on corruption. Agencies are working together to create more transparency, direction and collaboration around enforcement issues," Kohm said.
That’s why it’s important for tech and telecom companies to understand the FCPA and related regulations, and to form a strategy to prevent potential incidents. Companies need to recognize the signs of potential corruption, and understand the process for responding to potential FCPA violations.
With comprehensive FCPA awareness in place, companies can build a compliance program that keeps them prepared.
Be prepared
Tech and telecom companies need a strategy to monitor, identify and respond to potential or possible corruption. A compliance program is usually at the heart of that strategy, and investigators might have important expectations for that program.
“The DOJ assesses a corporation's compliance programs and compliance cultures, where regulators want to see our compliance programs that reward ethical behavior and punish unethical behavior.”
“The DOJ assesses a corporation's compliance programs and compliance cultures, where regulators want to see compliance programs that reward ethical behavior and punish unethical behavior,” said Grant Thornton Forensics Advisory Services Manager Keith Mellott. The DOJ will want to see a good track record of compliance program activity and could even reward companies with reduced penalties if they can demonstrate a history of compliance.
To build that history, companies can take actions like:
- Review the compliance program regularly
- Plan and evolve the compliance program
- Empower the compliance program to take action within the company
- Establish clawback policies to recover funds
- Communicate policies on the use of personal devices
- Perform auditing and testing
- Assess and report misconduct
These actions reflect an active and evolving compliance program with a dedicated team and motivated participants. Like any policy, actions need to be clear and concise so that every employee knows the consequences of criminal behavior. For instance, if the company has a clawback policy that recovers compensation from an employee engaging in corruption, that needs to be stated in the initial employment agreement. Personal devices, whether they are company or personally owned, can become instruments of criminal activities and need to have unambiguous policies related to usage.
The DOJ will be looking for these sound policies as part of any investigation, and will take into account their history of appropriate implementation when considering penalties.
Be vigilant
Tech and telecom companies cannot leave a compliance program on autopilot. The DOJ will expect to see an evolution in the program, where it changes and improves over time in response to revised governmental restrictions and company policies.
Self-reporting is an essential part of a compliance program. If a company is vigilant in monitoring employee and workplace activities, fraud and bribery can surface. When it does, the company needs to alert the applicable government agency right away.
“When a company voluntarily self-discloses misconduct, fully cooperates and makes timely and appropriate remediation, there will be a presumption that the company will receive a declination.”
The FCPA Corporate Enforcement Policy can make the DOJ more lenient on companies that self-report. “Under this policy, when a company voluntarily self-discloses misconduct, fully cooperates and makes timely and appropriate remediation, there will be a presumption that the company will receive a declination,” said Grant Thornton Forensics Advisory Services Senior Associate Caroline Pierce.
Along with self-reporting, several other practices can help companies avoid or lessen the impact of infractions:
- Conducting regular risk assessments
- Monitoring of third-party partners
- Establishing a whistleblower hotline
- Cooperating with regulators fully during an investigation
These practices can help prevent corruption and, if an infraction occurs, can facilitate a smoother investigation or more favorable outcome.
Be clear about the cost
When investigators uncover long-term or widespread corruption, penalties can be massive.
One technology company recently reached a $23 million settlement with the SEC in a case that spanned a decade of corruption. The settlement was significant, but it would have been higher if the company had not been prepared to take action on its own.
“The SEC stated that they took into account the company’s self-reporting and other remedial efforts,” said Grant Thornton Forensics Advisory Services Manager Mary Bohrer. “These remediation efforts included terminating senior regional managers, terminating distributors and resellers, creating over 15 new risk and compliance positions and teams globally, and implementing a compliance data analytics program.”
Tech and telecom companies of any size can have international relationships that fall under FCPA scrutiny — which is why the companies must be ready to demonstrate their vigilance at finding and reporting corruption.
Contacts:
Our featured risk, compliance and controls insights
No Results Found. Please search again using different keywords and/or filters.