By Steve Biskie
Internal audit departments are uniquely positioned to help business leaders understand and navigate the risks of FCPA across the organization. A technology-enabled strategy using audit analytics is a cornerstone of an effective and efficient FCPA compliance program.
It’s risky to rely on “policies” alone – companies need to actively monitor transactions to ensure compliance with those policies. This, among other things, can help assure any business that they are operating according FCPA requirements.
Effective data analysis techniques utilized by internal audit departments raise visibility around potential violations and can help management focus attention on the right places. The internal audit department can also work with management to develop an overall culture of compliance, where all employees know their activities will be evaluated and transactions monitored.
For example, strategic data analysis can pinpoint potential FCPA violations such as:
- payments to risky vendors, including government contractors and parties on government watch lists
- use of new attorneys, accountants, or consultants in high-risk countries with no prior company relationship
- missing descriptions or suspicious payment keywords, such as “for services rendered,” “gifts,” or “facilitation”
- checks made out to “cash”
- payments classified as government expenses, or written to an individual
- attempts to mask activity by redirecting payments (e.g., altering legitimate vendor information in order to redirect a payment, and then changing it back to the ‘correct’ vendor information immediately after)
We all know the damage that an FCPA violation can do to an organization, so testing 100% of all corporate transactions for all business units should be a priority. Data analytics is the best way to look at all of these transactions, highlight where extra attention may be required, and free up valuable resources to focus on other significant aspects of the Act.
And while the use of data analytics cannot guarantee you won’t ever have a violation, having a comprehensive monitoring program in place has been proven to help reduce fines if a violation slips through the cracks.
To learn more about how to use audit analytics as part of a comprehensive FCPA compliance strategy, check out the ebook: Don’t Get Bitten by the FCPA – Leveraging audit analytics for compliance testing.
Steve Biskie is the Director of Services Product Management, ACL Services.