Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Internal Auditors Can Ease Compliance Pain

By Steve Biskie

Internal audit departments are uniquely positioned to help business leaders understand and navigate the risks of FCPA across the organization. A technology-enabled strategy using audit analytics is a cornerstone of an effective and efficient FCPA compliance program.

It’s risky to rely on “policies” alone – companies need to actively monitor transactions to ensure compliance with those policies. This, among other things, can help assure any business that they are operating according FCPA requirements.

Effective data analysis techniques utilized by internal audit departments raise visibility around potential violations and can help management focus attention on the right places. The internal audit department can also work with management to develop an overall culture of compliance, where all employees know their activities will be evaluated and transactions monitored.

For example, strategic data analysis can pinpoint potential FCPA violations such as:

  • payments to risky vendors, including government contractors and parties on government watch lists
  • use of new attorneys, accountants, or consultants in high-risk countries with no prior company relationship
  • missing descriptions or suspicious payment keywords, such as “for services rendered,” “gifts,” or “facilitation”
  • checks made out to “cash”
  • payments classified as government expenses, or written to an individual
  • attempts to mask activity by redirecting payments (e.g., altering legitimate vendor information in order to redirect a payment, and then changing it back to the ‘correct’ vendor information immediately after)

We all know the damage that an FCPA violation can do to an organization, so testing 100% of all corporate transactions for all business units should be a priority. Data analytics is the best way to look at all of these transactions, highlight where extra attention may be required, and free up valuable resources to focus on other significant aspects of the Act.

And while the use of data analytics cannot guarantee you won’t ever have a violation, having a comprehensive monitoring program in place has been proven to help reduce fines if a violation slips through the cracks.

To learn more about how to use audit analytics as part of a comprehensive FCPA compliance strategy, check out the ebook: Don’t Get Bitten by the FCPA – Leveraging audit analytics for compliance testing.

Steve Biskie is the Director of Services Product Management, ACL Services.

Share this post


Comments are closed for this article!