Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Scott Moritz: A plan to integrate the compliance program after an acquisition

As mentioned in my post last week, one way the DOJ determines if a company has performed the required anti-corruption due diligence when acquiring an entity is looking at whether the new entity was promptly incorporated into the acquiring company’s internal controls, including its compliance program.

There are three main areas to focus on in order to successfully accomplish this integration, whether it be into your existing anti-corruption program or one that has been newly established.

These are:

  • Identifying the universe of foreign official touchpoints
  • Fully identifying the intermediaries among third parties, and
  • Examining hiring practices as they relate to foreign officials

Most senior executives struggle to understand the term “foreign officials.” The designation includes not only government officials but employees of state-owned companies and public international organizations like the World Bank or the United Nations.

Further, when companies look at foreign officials, the focus of scrutiny tends to be on customers, while failing to consider the various ways in which companies routinely interact with government agencies at the federal, state and local level and the ways those interactions can be problematic.

It is therefore critically important to perform an exhaustive “inventory” of all of the ways the organization can come into contact with foreign officials, not just among the company’s customer base, but through the various ways in which the company may interact with such persons in connection with meeting regulatory, legal, administrative and licensing obligations as well as any other way there may be contact, official or unofficial.

Mapping these relationships, examining them and then prioritizing them in terms of the potential risk is a critically important step to successfully integrating the acquired entity into the acquiring organization and its compliance program.

In the overwhelming majority of FCPA prosecutions, the bribe payers are business intermediaries acting on behalf of the defendant company. It is not common practice to delve deeply into business intermediaries during pre-acquisition due diligence, and yet most FCPA risk resides within those relationships.

Part of the process of identifying intermediaries is doing something similar to the mapping of foreign official touchpoints discussed above. Understanding the activities of each intermediary and determining whether and to what extent they may be interacting with foreign officials on the company’s behalf will make mitigating the potential corruption risk of the newly acquired entity a far less challenging exercise.

Government touchpoints extend to the hiring of employees, interns and consultants. The SEC has charged companies with FCPA violations in connection with hiring employees or interns who would not have otherwise been hired were it not for the fact that their family members were government officials in a position to award business to the defendant companies. Most companies do not include hiring practices in their anti-corruption program risk assessments, nor do they examine how a candidate was sourced and whether a prospective hire poses any added FCPA risk.

While simply hiring a family member of a foreign government official does not violate the FCPA, it is the hiring decision that could eventually come under intense scrutiny. The key is ensuring that the candidate has met or exceeded all of the criteria for the position and there is no indication of a quid pro quo. Since such a hire represents heightened risk, some organizations require additional controls, such as increased levels of approval prior to extending an offer to a family member or associate of a foreign official.

Finally, acquisitive companies should seek to examine the potential FCPA risk of a prospective acquisition within the constraints of the information available to them pre-close and then perform a timely, thorough risk assessment focusing on the three areas above: touchpoints with foreign officials and the acquired entity’s intermediaries — especially those who are interacting with foreign officials on the company’s behalf — and the alignment of recruiting and hiring activities with the company’s anti-corruption compliance program.

It is not uncommon for a company to get more than you bargain for when buying an entity — such as ongoing fraud and bribery schemes. Being able to demonstrate the lengths the company has gone to root them out will make all the difference in the government’s determination as to whether to hold it accountable for someone else’s sins.


Scott Moritz is Managing Director and Global Lead of Protiviti Forensic, based in New York. He served as an FBI Special Agent for nearly 10 years where he focused on white collar crime, domestic and international corruption and money laundering investigations. A version of this post previously appeared on Protiviti View.

Share this post


Comments are closed for this article!