“Accounting” Provisions - ENS

ens.co.za

“Accounting” Provisions - ENS

anti-corruption compliance

an overview of what companies must do to ensure compliance to

global and south african anti-corruption legislation

October 2012


objectives

to provide an overview of:

• dramatic new anti-corruption compliance

requirements contained in the new

Companies Act regulations

• the key principles of the UK Bribery Act &

differences between UKBA & FCPA

• books and records

• the cost of non-compliance

• 3rd party due diligence requirements


the latest anti-corruption weapon in South Africa

• Section 43 of the regulations to the companies act requires

the establishment of a social and ethics committee

applies to:

– every state owned company

– every listed public company

– any other company that has in two of the previous 5 years scored

more than 500 points in relation to reg 26(2)

score is determined by one point per average employee number, -

one point per every R1 million in third party liability, - one point for

every million in t/o and - one point for every person with

direct/indirect beneficial interest in issued securities, and then for

NPO’s – one point per member or per association that is a member


Section 43 of the 2011 regs to the Companies Act

The Social and ethics committee of the company shall monitor the

company’s progress and standing regarding:

• the implementation of the OECD recommendations on preventing

corruption:

– Not offer, promise or give undue pecuniary or other advantage to

public officials or the employees of business partners.

– Develop and adopt adequate internal controls, ethics and

compliance programmes or measures for preventing and detecting

bribery, developed on the basis of a risk assessment addressing

the individual circumstances of an enterprise, in particular the

bribery risks facing the enterprise (such as its geographical and

industrial sector of operation)

– Prohibit and discourage facilitation payments


ecommendations contd

• Perform due diligence on agents and intermediaries

• Enhance the transparency of their activities in the fight against

bribery, bribe solicitation and extortion

• Promote employee awareness of and compliance with company

policies and internal controls, ethics and compliance programmes or

measures against bribery, bribe solicitation and extortion

• not make illegal political donations

The committee must ensure companies adhere to UN Global

compact principles – Principle 10 is reducing corruption


OECD recommendations re books and records

• These internal controls, ethics and compliance programmes or

measures should include a system of financial and accounting

procedures, including a system of internal controls, reasonably

designed to ensure the maintenance of fair and accurate books,

records, and accounts, to ensure that they cannot be used for the

purpose of bribing or hiding bribery.

• Such individual circumstances and bribery risks should be regularly

monitored and reassessed as necessary to ensure that the

enterprises internal controls, ethics and compliance programme or

measures are adapted and continue to be effective, and to mitigate

the risk of enterprises becoming complicit in bribery, bribe

solicitation and extortion


what does this mean for SA companies

• dedicated social and ethics

committee

• companies need a stand alone

anti-bribery policy

• commitment to ethical business

practises

• internal controls to prevent

bribery

• based on a risk assessment

• due diligence on business

partners, JV partners, agents &

intermediaries

• training & communication

• on-going monitoring of bribery

risk


The Foreign Corrupt Practices Act of 1977 (FCPA)

US Federal law with two main components

• “Anti-Bribery” Provisions

– Illegal to corruptly offer, promise, or give anything of value,

directly or indirectly, to a foreign official for the purpose of

obtaining or retaining business

• “Accounting” Provisions

– Publicly traded companies must maintain accurate books and

records and devise and maintain internal controls designed to

provide reasonable assurances that financial transactions are

properly recorded


FCPA – books and records offence

• The provisions of the Act relating to bookkeeping and internal

controls (“accounting provisions”) receive less publicity but are

much more likely to form the basis of a government proceeding

against companies subject to the Act

• The most common FCPA enforcement mechanism is a civil action

by the Securities and Exchange Commission (“SEC”) under the

accounting provisions and not a criminal charge by the Department

of Justice (“DOJ”) or even a civil action by the SEC under the antibribery

provision


the impact of Sarbanes Oxley provisions

• Sec 302 requires CEOs and CFOs of companies required to file

reports with the SEC to certify that

– (1) financial statements filed with the SEC fairly and accurately

represent the financial condition of the company

– (2) the certifying officers have evaluated the company’s internal

controls within 90 days prior to the certification and found the

controls to be adequate

– (3) the certifying officers have reported to the company’s

auditors and audit committee internal control deficiencies

and/or fraud involving management

• Sec 404 require companies to establish and maintain an adequate

system of internal controls and procedures for financial reporting

and the effectiveness thereof must be assessed annually


ooks and records

• must be in reasonable detail that accurately and fully reflect

transactions

– Payments, gifts, and entertainment

– important to declare and properly record facilitation payments

• effective internal accounting controls

– company policies and procedures (pre-approvals)

– documentation (e.g., expense forms)

– reporting

– certifications

– corrective actions


FCPA accounting provisions

accounting provisions only apply to issuers who are required to keep

records and accounts which accurately reflect the transactions and

dispositions of the issuers assets (in reasonable detail)

a company may be liable if it’s records:

• omit a transaction, such as a bribe, illegal commission or other improper

payment

• disguise records to conceal improper activity or fail to identify the

improper nature of the recorded transaction

• issuers are required to maintain a system of internal accounting controls

to provide reasonable assurances that transactions are executed in line

with management authorisation. Should conform to GAAP in preparation

of financial statements


liability for acts of subsidiaries

• the provisions were not aimed at “foreign” accounting

practices- but issuers can be held liable for the conduct of

foreign subsidiaries even though the improper conduct

occurred outside of US

• apply to majority owned foreign subsidiaries and, in some

cases to non-majority interests and JV’s

• regarding minority owners – an issuer who owns 50% or

less of voting power of another company is subject to

modified accounting provisions

• it is the issuers responsibility to use its “influence” to have

the company develop and maintain a system of internal

accounting controls


FCPA books and records

• the FCPA does not specify the procedures businesses must use in

maintaining books and records

• rather it prescribes a “reasonableness” standard for assessing the

adequacy of issuers practices related to accounting and recordkeeping

• issuers are required to keep records in “reasonable detail”

• and maintain a system of internal accounting controls that provide

“reasonable assurance” that assets are properly recorded

• the ambiguity of the “reasonable detail” is a source of controversy

as compliance is judged by the often amorphous “reasonable

man” standard


FCPA enforcement authority is divided between SEC

and DOJ

• SEC has authority to investigate and bring civil enforcement actions

against violators of accounting provisions

• DOJ is responsible for prosecuting “wilful” violations

• criminal liability attaches to enterprises if the business “knowingly

circumvented or knowingly failed to implement a system of internal

controls or knowingly falsified” the accounting records


FCPA penalties

Corporate

• $25 million criminal fine per

violation or twice the gain/loss

(books & records and internal

control violations)

• Up to $2 million per violation or

twice the gain/loss (anti-bribery

violations)

• $10,000 civil penalty or

disgorgement of gross gain

• Alternative Fines Statute, § 18

U.S.C. § 3571(d)

Individual

• 20 years in prison and/or $5

million criminal fine (books &

records and internal control

violations)

• 5 years imprisonment and/or up to

$250,000 fine per violation (antibribery

violations)

• $10,000 civil penalty or gross gain

• Alternative Fines Statute, § 18

U.S.C. § 3571(d)


the two most radical sets of anti-corruption legislation

United States Foreign Corrupt

Practices Act 1977 (FCPA)

• 2008 – 11 companies paid $890

million

• 2009 - 11 companies paid $644

million

• 2010 - 23 companies paid $1.8

billion (Siemens R1,4)

• 2011 – slow year - fifteen

companies settled FCPA

enforcement actions by paying a

total of $ 508.6 million

United Kingdom Bribery Act

2010 (effective July 2011)

• set to follow US example -

pre – UKBA, SFO setting

huge fines – pre UKBA

• currently restructuring under

new head – David Green QC

• it will take a few years for the

SFO to get enforcement into

gear

• first FCPA prosecutions only

took place in 1995


the cost of FCPA non compliance 2010-$1,8 billion

• $1,6 billion combined US & German fines against Siemens

• $579 million KBR/Halliburton settlement

• $400 million BAES

• $365 million Snamprogetti/ENI

• $185 million Daimler

• $137 million Alcatel Lucent

includes profit disgorgement - as in local comp commission

matters

and an increasing number of individuals prosecuted


cost of non - compliance 2011 - $508,6 million

• Aon - (Costa Rica, Egypt, Vietnam, Indonesia, the United Arab Emirates,

Myanmar, and Bangladesh) - $16.2 million

• Johnson & Johnson (Greece, Poland, Romania, UN food for oil

programme) - $70 million

• JGC (Nigeria) - $218.8 million

• Bridgestone (Corporation Mexico) - $28 million

• Converse Technology (Greece) - $2.8 million

• Diageo plc (India, Thailand, South Korea) - $16.4 million

• IBM (China) - $10 million

• Armor Holdings (UN Contracts)- $16 million

• Ball Corporation (Argentina) - $300,000


the UKBA

• UKBA of 2010, which came into effect on 1 July 2011 is the most

dramatic change to the global corruption environment since the

introduction of FCPA more than 25 years ago. It is a lot more thorough

and repeals all previous UK statutory and common law provisions

relating to bribery, replacing them with the crimes of

– bribery,

– being bribed,

– the bribery of foreign public officials and importantly for SA

organisations with links to the UK)

– the introduction of a new strict liability corporate offence: “the

failure of a commercial organisation to prevent bribery on its

behalf”

– reasonable and proportionate corporate hospitality is permitted


the UKBA

• The new Act is broad and applies to "ordinary residents in the UK”

and “relevant commercial organisations” i.e. UK partnerships, UK

incorporated companies as well as entities that “carry on business

or part of a business in the UK” regardless of where they are

incorporated or registered.

• It is important for applicable SA companies to understand that under

this new Act they may be charged with the offence of failing to

prevent bribery on their behalf through their business dealings and

links with the UK.

• provides strict liability for “associated persons” who pay bribes on

behalf of co – includes employees, agents, subsidiaries, and even

subcontractors


more specifically the UKBA contains

• two general offences covering the offering, promising or giving of an

advantage, and requesting, agreeing to receive or accepting of an

advantage, covering both active and passive bribery and applies to

individuals and corporate bodies in the UK and covers bribes using

agents or intermediaries paid anywhere in the world

• the distinct offence of bribery of a foreign public official;

• the new offence of failure by a commercial organisation to prevent a

divorce

bribe being paid for or on its behalf

(note that it may be a defence if the organisation has “adequate

procedures” in place to prevent bribery based on a balance of

probabilities standard, with consideration to the company’s size,

type of industry it operates in, the risk of corruption in its markets

and also how actively the business fosters a culture of compliance).


the adequate procedures defence

• In its Guidance notes on the new Act the Ministry of Justice states

that the objective of the Act is not to bring the full force of the

criminal law to bear upon well run commercial organisations that

experience an isolated incident of bribery on their behalf

• consequently - there is a defence if the organisation has “adequate

procedures” in place to prevent bribery - recognises the fact that no

bribery prevention regime will be capable of preventing bribery at all

times

• the guidelines set out six non prescriptive fundamental principles

that commercial organisations should consider when wishing to

prevent bribery being committed on their behalf


the six principles - (what you have to do to have a defence)

• Proportionate procedures - A commercial organisation’s

procedures to prevent bribery by persons associated with it are

proportionate to the bribery risks it faces and to the nature, scale

and complexity of the commercial organisation’s activities

• Top level commitment – Management tone will be critical. The toplevel

management of a commercial organisation (be it a board of

directors, the owners or any other equivalent body or person) should

be committed to preventing bribery by persons associated with it

• Risk assessment - The commercial organisation assesses the

nature and extent of its exposure to potential external and internal

risks of bribery on its behalf by persons associated with it


the six principles contd

• Due diligence - The commercial organisation applies due diligence

procedures, taking a proportionate and risk based approach, in

respect of persons who perform or will perform services for or on

behalf of the organisation, in order to mitigate identified bribery

risks.

• Communication (including training) - The commercial organisation

seeks to ensure that its bribery prevention policies and procedures

are embedded and understood throughout the organisation through

internal and external communication, including training, that is

proportionate to the risks it faces.

• Monitoring and review - The commercial organisation monitors

and reviews procedures designed to prevent bribery by persons

associated with it and makes improvements where necessary.


facilitation payments are criminalized by UKBA

• offence of failure to prevent bribery applies to non UK companies

that “carry on a business, or any part of a business in any part of the

UK”

• and importantly – it criminalizes facilitation payments (which

have always been illegal in SA)

• MOJ on facilitation payments “exemptions create artificial

distinctions that are difficult to enforce, undermine corporate antibribery

bribery procedures, perpetuate an existing culture of bribery

and have the potential to be abused”

• The choice may boil down to making the payment or not doing

business in a region at all (companies who gain a competitive

advantage by paying facilitation payments as opposed to those who

adopt a zero facilitation payment approach will be targeted)

• Health and safety payments are OK if imminent threat to wellbeing!


liability for the acts of third parties

FCPA, UKBA, and most other anti-corruption laws prohibit making

corrupt payments both directly and indirectly through third-party agents,

distributors, consultants, intermediaries, or other third parties

companies can be held responsible for the actions of a third party when

they:

1. authorize or instruct the third party to make improper payments to

foreign officials, or

2. make payments to a third party, knowing (or willfully blind) that

money will be paid directly (or indirectly) to a government official

the general rule is that you cant use an indirect route to do things you

are not allowed to do directly

(over 70%) of U.S. enforcement actions today involve bribe payments

made by agents, consultants and other third parties


liability for third party actions

The notion that one is not responsible for bribe payments

made by third parties no longer valid

• proof of “actual knowledge” of a bribe payment is not required

• knowledge is satisfied when a person is aware of a high probability

of the existence of a particular circumstance

• Companies and their employees cannot consciously disregard or

deliberately ignore suspicious facts before entering into or during a

third-party contract

• knowledge can also be established by failing to conduct due

diligence, which may cause enforcement authorities to take the

position that the knowledge element has been satisfied due to

willful blindness/conscious disregard


Panalpina case

• Panalpina World Transport Holdings Limited, a Swiss logistics

company with non US listing agreed to pay $70.56 million in penalties

to the DOJ, coupled to the disgorgement of $11.33 million in illicit

profits top the SEC as a result of bribes paid to customs officials in

places like Latin America and Nigeria to, inter alia,

• “obtain preferential treatment for itself and its customers;

• to expedite customs paperwork;

• overlook incomplete documentation;


Panalpina case continued

• avoid customs duties;

• avoid penalties, fines and legal problems”.

• Many of the improper payments were made as part of Panalpina’s

express courier service, Pancourier. Panalpina also admitted to

paying foreign government officials to secure contracts for itself.


who are third-party intermediaries

• resellers

• vendors

• marketing and other “consultants”

• export and other “agents”

• sales, licensing and other representatives

• lawyers

• accountants

• JV partners

• acquisition targets


FCPA – due diligence requirements

Step 1 is the background check on the name of the agent from a

reputable database to tell whether the agent:

1. is connected to a foreign government owned or controlled entity;

and

2. is being, or has been, investigated for any corruption, bribery,

criminal or civil violations in the country or region.

If the background check shows that the agent fails either or both,

then a more specific and in-depth inquiry will need to be made, or a

determination may be made to terminate the possible relationship


the different types of checks

• local database checks (background checks – public data)

– directorships/shareholding/conflict of interest checks, adverse

media, credit history

• global database investigation (GDI)

– comprehensive check of all available sanctions, embargoed and

watch lists, PEP databases as well as survey and an analysis of

the full range of business journals, websites, industry

publications, mainstream and local media

• enhanced due diligence (EDD)

– includes background check as well as GDI findings but also

incorporates field investigation - site visits, interviews with

management team members such as the CEO, COO, human

resources, legal and compliance. It includes policy review and

data analytics regarding sample transaction data to confirm that

the entity has not engaged in corrupt activity


the approach must be risk based

• understand how the third party was identified or recommended and

get a clear understanding of the projected costs and disbursements

• know your business partners, agents, and consultants – at least

check senior management/ directorships, shareholding

• know your exposure to, or contacts with, foreign government

officials - definition of govt official is very broad

• are there any peps, current or former govt officials or relatives of

such parties in the entity

• understand the services to be provided and how the payment will be

made

• Conduct a “red-flag” analysis


Politically Exposed Persons (PEPS)

• politically exposed persons are people who currently hold or have

held public positions or perform important public functions, such as

senior diplomats, government officials, high-level leaders of religious

or political organisations, members of ruling parties, royal families,

military leaders or judges

• in the SA context many PEPS feature as the “usual suspects” in

black empowerment transactions

• the due diligence process should identify Politically Exposed

Persons (PEPS) and remedial controls must be put in place to

manage the risk that they represent


FCPA due diligence best practises

• FCPA “best practices” for conducting due diligence in the vetting of

third parties are not set out in law or codified by the DOJ and SEC,

but there are frameworks that meet professional investigative

standards and expectations

• these are repeatable set of good faith procedures that:

– establish a credible due diligence process

– ensure a valid, testable outcome

– leverage proven methods to minimise unforeseen errors


US v Metcalf & Eddy Inc and the US Sentencing

guidelines

basic measures for compliance including minimising third-party

exposure:

• a risk assessment that measures the likelihood and severity of

possible violations and directs compliance resources based on that

assessment

• a clearly defined corporate compliance and ethics policy – setting

out clearly defined compliance standards, procedures and controls

to be executed by employees at all levels including external partners

and third parties

• a systematic and consistent due diligence effort to vet third parties

with the level of enquiry based on the risk assessment


asic due diligence compliance measures contd

• appropriate levels of professional field as well as online investigation

• consistent reps and warranties confirming that the business

partner/agent/intermediary will not pay bribes

• provision for audit and document review to ensure books and

records appropriately maintained

• document retention regarding all corporate compliance activities

(pre approval by line, legal & compliance)

• the pre approval process should reflect that the company has

gathered the facts of who what when and why related to risk areas

like gifts, travel, entertainment, per diems, donations, sponsorship

and CSR and considered the corruption risk


internal versus external

• when the due diligence is done internally there is always a risk that

important aspects are overlooked and the regulator may view this as

“wilful blindness” or looking the other way

• internal resources cannot be counted on to report fully,

independently or accurately on the nature of resellers and other

affiliate agents with whom they work in the field

• targets of acquisition or potential JV partners cannot be adequately

assessed from thousands of miles away

• the use of a third party investigation firm specialising in due

diligence demonstrates corporate commitment to professional,

independent and unbiased reporting (not to be overlooked – is the

fact that the company then has someone else to blame)


dodd frank legislative reform - whistleblowers

• The new whistleblower incentives and protections in the Dodd-Frank

financial reform legislation of 2010 are the result of the Bernard

Madoff scandal and other perceived failures by the SEC’s

Enforcement Division that were thought to have contributed to the

financial crisis of 2008

• To encourage persons with information about illegal activity to report

it to the SEC, Section 922(a)-(g) of Dodd-Frank (to be codified as

Securities Exchange Act Section 21F) gives a mandatory bounty

of between 10 and 30 percent of collected penalties in eligible

enforcement actions

• individual whistle blower must voluntarily provide original info

leading to successful enforcement actions in which monetary

sanctions exceed $1 million


conclusion

• all companies should be taking steps to reduce corruption, it is good

governance and the right thing to do, but...

• it is also a companies act requirement for all state owned and listed

companies as well a large unlisted co’s that meet criteria

• if you have operations in UK or US or are listed in those jurisdictions

you have to comply - the cost of non-compliance can destroy your

business (OECD recommendations similar to regs)

• the regulators will find ways to found jurisdiction & africa is a target

• the anti-corruption compliance principles are a defence

• get your procedures in place and do due diligence on business

partners agents & intermediaries – you are accountable for their

actions

• talk to ENS forensics


questions


tel: +2721 410 2553

cell: 082 820 1036

email: spowell@ens.co.za

thank you

More magazines by this user
Similar magazines