Top Ten International Anti-Corruption Developments For October 2016.
Top Ten International Anti-Corruption Developments for October 2016
11/17/2016
Newsletter
In order to provide an overview for busy in-house counsel and compliance professionals, we summarize below some of the most important international anti-corruption developments from the past month, with links to primary resources. This month we ask: What is ISO 37001 and why does it matter? Which one of the world’s largest airplane manufacturers resolved FCPA allegations? Why should companies expect more enforcement in Latin America, according to SEC’s FCPA Chief? Why is the OECD criticizing Ireland and Russia? And what is the latest in Brazil and the UK? The answers to these questions and more are here in our October 2016 Top Ten list.
1. International Organization for Standardization Issues ISO 37001, Anti-bribery Management Systems.
On October 15, 2016, the International Organization for Standardization (ISO)[1] published ISO 37001, Anti-bribery management systems. ISO 37001 “specifies a series of measures to help organizations prevent, detect and address bribery,” including “adopting an anti-bribery policy, appointing a person to oversee anti-bribery compliance, training, risk assessments and due diligence on projects and business associates, implementing financial and commercial controls, and instituting reporting and investigation procedures.” According to its introduction, ISO 37001 “reflects international good practice[,] can be used in all jurisdictions[, and] is applicable to small, medium and large organizations in all sectors, including public, private and not-for-profit sectors.” Because it was developed as a “requirements standard,” instead of a series of recommendations, ISO 37001 is capable of independent certification and may prove a useful tool for making informed decisions about business partners and third parties, particularly in locations perceived to have a high corruption risk. Although some Department of Justice (DOJ) and Securities and Exchange Commission (SEC) officials have made generally positive statements about the new standard, it is unlikely that either enforcement agency will view ISO certification alone as proof that a company has implemented an “effective compliance program” or as a complete defense to an FCPA violation. As discussed in the FCPA Resource Guide, DOJ and SEC evaluate compliance programs against each company’s “specific needs, risks, and challenges,” which may require a more nuanced analysis than does ISO certification. Moreover, as set out in DOJ’s Principles of Federal Prosecution of Business Organizations, although a positive factor, “the existence of a compliance program is not sufficient, in and of itself, to justify not charging a corporation for criminal misconduct undertaken by its officers, directors, employees, or agents.” ISO certification may gain greater traction in jurisdictions that offer a “compliance defense,” but even those jurisdictions are likely to go beyond the mere fact of certification in determining whether a company has implemented adequate procedures to prevent bribery. In our opinion, ISO 37001 is a welcome addition to the body of best practices available to companies seeking to reduce their corruption risk, but companies should also be cautious not to put too much stock in ISO certification as a panacea to liability for violations of the FCPA or other foreign bribery laws.
No comments:
Post a Comment