We are occasionally asked what impact, if any, the FCPA has on internal controls other than asking the obvious question, “Have you seen any violations of the FCPA?” Many people might not be aware that the FCPA calls out specific internal control responsibilities as part of their Books and Records and Internal Control provisions, which require:
- (i)that books, records and accounts are kept in reasonable detail to accurately and fairly reflect transactions and dispositions of assets,
- and (ii) that a system of internal accounting controls is devised
- (a) to provide reasonable assurances that transactions are executed in accordance with management's authorization;
- (b) to ensure that assets are recorded as necessary to permit preparation of financial statements and to maintain accountability for assets;
- (c) to limit access to assets to management's authorization; and
- (d) to make certain that recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences.”
While these are only officially applicable to issuers (companies with securities traded on U.S. exchanges or otherwise required to file with the SEC), and not their foreign subsidiaries, there has been evidence that the SEC will hold parent companies liable for suspect transactions that are ultimately consolidated with the parent company financial statements for reporting purposes. This is important to understand because the penalties for both the company and individuals can be severe, and any number of transactions, policies, and activities could fall under this type of consideration by the SEC.
The fines can be severe for both companies and individuals (up to $25 million and $5 million respectively), and individuals can be imprisoned for up to 20 years. This is harsh compared to Sarbanes-Oxley and yet covers the same internal control processes and procedures so the FCPA should be treated with even stronger commitment from the management team.
As evidence of what can go wrong, a recent case highlighted some of these issues that involved the Chinese subsidiary of a U.S. parent corporation where bribes were being classified as sales commissions, and local policies went so far as to dictate and support this behavior. The SEC has issued a cease and desist order, and levied fines against both the parent company and an individual involved. The SEC found that:
“The payments were disguised as sales commissions in CWV’s books and records, thereby causing Watts’ books and records to be inaccurate. Watts failed to devise and maintain a system of internal accounting controls sufficient to prevent and detect the payments.”
In this case the company was liable for just under $4 million including fines and disgorgement, and the individual had to personally pay a fine of $25,000.
The SEC Proceeding details can be found here.
So while it is important to ensure that your system of internal controls is designed to support your U.S. financial reporting compliance, if you plan to or already have foreign operations you would be remiss not to consider the potential impact of the Foreign Corrupt Practices Act on your overall internal control strategy.
For more information on an integrated approach to internal controls, please visit Product Pages or contact us at (415) 240-4867.