Saturday, September 18, 2010

China Syndrome: FCPA & Rating Agencies...

A modern day "Operational Risk China Syndrome" is making the Board of Directors nervous these days. The new syndrome otherwise called the Foreign Corrupt Practices Act (FCPA) has been the buzz at rating agencies for months. Are you sure about your ability to withstand the scrutiny of a FCPA litmus test? Board Member Magazine explains:

On June 2nd, Fitch Ratings agency announced that Foreign Corrupt Practices Act violations could result in ratings downgrades. That’s one more reason boards should educate themselves on FCPA and how their companies are monitoring FCPA-related risks. It appears, though, that many boards do not feel comfortable with their companies’ compliance programs. In a soon-to-be released survey from KPMG’s Audit Committee Institute, only 27 percent of U.S. audit committee members said they were satisfied that their company had an effective process to manage Foreign Corrupt Practices Act risks, and other risks associated with doing business in Brazil, Russia, India, China and other emerging markets. 35 percent of respondents were only somewhat satisfied, and 9 percent said process improvements were needed in conducting such business, which may include sourcing, outsourcing, manufacturing, or sales and distribution channels.

As your Business Development teams fan out across the globe to satisfy the appetite of the Chinese economy for critical infrastructure, establish a sound and effective awareness, training and audit program. What are the ramifications of putting unprepared personnel on the ground to do business in the Chinese Markets?

American companies or individuals who enter joint ventures with foreign partners, as well as those who hire foreign agents or distributors in China, must be extremely cautious of the vicarious liability that they may face as a result of a third party's violation of the principles set forth in the FCPA. According to the Justice Department, an American company will be subject to liability under the FCPA if it makes payments to an intermediary third party with the knowledge that such payments will go to a foreign official for corrupt purposes. Conscious disregard is enough to satisfy the requirement; if the American company is aware of a "high probability" that such payments will occur, the knowledge requirement will be satisfied. More importantly, a joint venture partner, agent, or distributor will be considered an intermediary third party for purposes of the FCPA. Therefore, any violation of FCPA standards by one of those parties could result in the American company being vicariously liable under the FCPA.

In order for the Board of Directors to have peace of mind on the emerging markets business opportunities first a substantial compliance framework needs to be established. Next, the implementation of predictive analytics software to manage the complexity of companies, people and relationships as you do business in any of these countries. This includes the subscription to several databases that include the constantly changing landscape of specially designated nationals (SDN) and politically exposed persons (PEP). World check explains:

During the period 2005 to 2007 alone, more than 310 elections and by-elections took place around the world – that’s an average of nearly 10 elections per month. (Source: ElectionGuide.org). This means that your existing clients may be elected to public office, and hence become PEPs, without your business knowing it. It may be that you only apply your due diligence processes to new customers and so miss a whole category of individuals that do not meet your corporate risk appetite. As such, routine and ongoing PEP risk screening is not only considered best practice, but is also a legal requirement.
In practice, full compliance with PEP legislation has not come without major operational challenges. In the post-9/11 era, the proliferation of regulatory compliance laws, combined with the need to screen hundreds of thousands of users and accounts on a routine basis, has created a substantial administrative burden for businesses subject to PEP legislation.

The sheer magnitude of the due diligence challenge has subsequently led to the adoption of a risk-based approach to regulatory compliance, but nevertheless Enhanced Due Diligence and ongoing risk management is still required for PEPs. Broadly speaking, the risk-based approach entails the identification of risks that exceed your business’ stated risk appetite (including the need for regulatory compliance), and then matching individuals and entities against these heightened risks during the preliminary stages of due diligence. Should a person fall into one or more of the specified heightened risk categories, additional due diligence is then required.

As your company establishes it new China-based strategy for partnerships, joint ventures or actually putting employees in country the operational risks become exponential. Remember, a sound and prudent risk framework includes a 4D approach:

  • Deter
  • Detect
  • Defend
  • Document

With these established and operating on a global basis the Board of Directors will be sleeping more soundly. Or perhaps not...learn more.