Answer:
The news of the Siemens FCPA case and $1.6 billion in fines brought a shocking wake-up call to the cost of not maintaining compliance with FCPA. However, determining your compliance exposure to FCPA across a global banking operation and its covered vendor/service provider relationships can appear to be a very daunting, time consuming, and a costly endeavor. In reality, if you use a risk based approach the results are not only attainable but provide the necessary clarity for moving forward with a comprehensive compliance program. The results from such a scoring process can provide clarity into the required scope and the best approach for moving forward with a comprehensive compliance program. The key components of this risk based discovery approach include:
- First define key indicators of compliance exposure to FCPA such as business locations, lines of business, organizational structure, and governance which in turn can be used to quickly define your “FCPA exposure scope”
- Leverage existing data sources on your business to build your FCPA exposure scope based on your key indicators of FCPA compliance exposure
- Utilize a “risk weighted” survey based approach to assess the scope of your exposure in order to calculate a meaningful “FCPA Exposure score“
- Based on your results from the exposure assessment, follow-up with risk weighted and scored FCPA self assessment control surveys to calculate a “FCPA Control Score”
- This “FCPA Control Score” will give you an indication of the level of anti-bribery management controls that exist across the bank where you have FCPA compliance exposure
- Finally, utilize your FCPA “Exposure Score” and “Control Score” to calculate an overall “FCPA Compliance Score” across the bank and its relevant 3rd party business relationships
- The FCPA compliance scores will help drive focused remediation, monitoring, and enforcement activities.
First published on BankersOnline.com 3/16/09
print
share