Anti-Corruption Benchmarking Survey

| Anti-Corruption Compliance Program Benchmarking Survey 1

Anti-Corruption Compliance Program Benchmarking Survey


IntroductIon by Kaplan & WalKer llp

Over the years, the FCPA Blog has been an indispensable resource for Anti-Corruption

related information and ideas. We are delighted and honored to have had this

opportunity to partner with Dick Cassin and his colleagues at the Blog (and their new

partners at Ethics360) on this benchmarking survey, which we hope will be viewed as

part of that tradition.

We have been providing compliance program related legal services to organizations

since the 1990’s and during that time have frequently seen the important role that

benchmarking can play in helping companies and their advisors develop, improve

and assess compliance programs generally. The case for Anti-Corruption compliance

program benchmarking in particular is, we believe, especially strong. This is due in

part to the increasingly grave consequences of sub-optimal performance in this area

and also to the high degree of operational complexity for Anti-Corruption compliance

programs. As much as any other area of law, the devil is in the details when it comes

to ensuring compliance program effectiveness here.

In drafting this survey, we drew upon various Anti-Corruption related best practices

of organizations with which we are familiar. Of course, we do not suggest that any

particular compliance tool or approach necessarily makes sense for all organizations.

Like any compliance area, Anti-Corruption efforts require mechanisms that are risk-

based and otherwise well-tailored to an organization’s particular needs. However,

we hope that having the data contained in this report will allow companies to address

the challenge of ensuring compliance efficacy in an informed way, based in part, and

as appropriate, on the experience of others.

Kaplan & Walker LLP


IntroductIon by rIchard l. cassIn

The Anti-Corruption Compliance Program Benchmarks Survey was the creation of Jeff Kaplan and Rebecca Walker. I had the pleasure to help get the word out about it through the FCPA Blog.

The response from the global compliance community was enthusiastic. That’s partly because Jeff and Rebecca wrote the Survey to be, among other things, an inventory of compliance best practices. Just taking the Survey could help a company diagnose its compliance condition and find ways to make it better.

The positive response was also due to the growing worldwide interest in compliance. That phenomenon prompted me to ask on the FCPA Blog not long ago if ours will be the time when international public corruption is finally tossed into the trashcan of history?

There are plenty of reasons to think so.

Only five years ago, even thoughtful people believed overseas bribery was a victimlesscrime -- a harmless agreement between two consenting adults. Happily, that idea is largely gone, replaced by awareness, still growing, that graft’s victims can be counted in the billions.

What changed attitudes? Not one thing but many.

Respected NGOs are now speaking for the victims. The stories aren’t pleasant (think ‘Blood Diamond’) but the links between graft and human rights abuses are now in plain sight.

Though the damage from corruption can be seen and felt, it’s hard to measure, putting it in the realm of ‘soft’ science. Still, some brave academics have taken up the cause of compliance.

The U.N. and OECD are promoting the links between compliance, ethics, and human rights. It’s one of the most important new trends of corporate citizenship.

And ordinary people have more power to fight corruption than at any time in history. There’s easy access to online public and private hotlines. Cell phones record ‘secret’ shakedowns in the tax office, snap photos of cash-grabbing clerks, and capture videos of corrupt cops and judges that might appear on YouTube an hour later.

Through Facebook, victims find each other and lock arms. And with Twitter, a hundred thousand people can be in the streets by noon to march against sleaze.

No wonder the interest in compliance is spreading well beyond the United States. The U.K. is now on the front lines, Canada has joined the fight, the G-7 has more attention on enforcement than ever, and the OECD is pushing all of its members to get on board.

Sure, there’s lots of work ahead. But these really are hopeful times.

Part of that hope is based on the work of people like Jeff Kaplan and Rebecca Walker. And of all those who completed the Anti-Corruption Compliance Program Benchmarks Survey. Their thoughtful responses made this landmark Report possible.

Richard L. CassinThe FCPA Blog


Selected Highlights Of The Survey

Introduction And Demographic Information

Risk Assessment

Policies And Procedures

Overall approach to Anti-Corruption policy

Specific requirements concerning providing items of value to government officials

Gifts and entertainment

Travel

Charitable contributions and community support payments

Facilitating payments

Personal safety payments

Requirements concerning retaining and using third-party intermediaries

Due diligence requirements in engaging tpis

General TPL agreements/certifications regarding Anti-Corruption laws

Specific TPL compliance program requirements: training, auditing and monitoring

Requirements concerning mergers, acquisitions and joint ventures

Program Governance And Management

Training And Communications

Web-based training

In-person training

Role-based training

Training best practices

Other communications

Compliance Checking

Auditing

Self-assessments

Incentives

Program Documentation

Authority And Independence

Other Best Practices

Appendix – Demographic Information Regarding Respondents

content06

07

08

11

11

12

12

14

16

18

20

21

21

23

24

26

29

33

33

35

36

36

37

38

38

39

41

42

43

43

45


selected hIghlIghts of the survey

• One third of respondents utilize a stand-alone, documented risk assessment process

dedicated solely or largely to Anti-Corruption risk.

• Nearly three quarters have a stand-alone Anti-Corruption manual or other policy

document (separate from an Anti-Corruption provision of the Code of Conduct).

• One third require that employees seek approval of the Compliance function or someone

else other than their manager (e.g., the legal department) prior to providing gifts or

entertainment to government officials in all instances.

• Forty-six percent require the Compliance function or another independent function to

approve the retention of some third- party intermediaries (“TPIs”); 29% do so for all TPIs.

• Forty-three percent require some TPIs to certify periodically that they are in compliance

with Anti-Corruption laws; 27% do so for all TPIs.

• Thirty-eight percent require compliance training of some or all TPIs.

• More than half have formal standards for monitoring compliance by TPIs (such as

requirements that, on an ongoing basis, business personnel review TPIs’ invoices to

ensure that they do not suggest violations of Anti-Corruption laws).

• About two thirds of respondents have formal Anti-Corruption compliance integration

procedures of acquisitions and JVs.

• Only 4% have not designated a senior company official to oversee the Anti-Corruption

compliance program.

• At close to two thirds of the companies, the board of directors or a board committee

periodically receives reports about the Anti-Corruption compliance program.

• Only 10% of respondents believe their organization has been very successful in tailoring

Anti-Corruption training to the various roles played by employees of their organizations.

• Nearly half have had a discussion of their Anti-Corruption compliance program in a

company newsletter.

• Three out of every eight companies conduct stand-alone Anti-Corruption audits.

• 13% of respondents use compliance criteria in performance evaluations, some of which

is specific to Anti-Corruption.

• At more than three fifths of companies, the Chief Compliance Officer reports directly to

the board or a board committee about the Anti-Corruption compliance program.

• One third of respondents have a written charter (or charter-type document) specifically for

their Anti-Corruption compliance program.


IntroductIon and demographIc InformatIon

From early May until mid-July 2011 Kaplan & Walker LLP and the FCPA Blog, which is edited

by Richard L. Cassin of Cassin Law LLC, hosted a benchmarking survey on Anti-Corruption

compliance programs. This report is based on the results of that survey.

Given the sensitivity of some of the topics being surveyed (such as board of directors

oversight of and senior management support for Anti-Corruption compliance programs) the

authors decided to conduct the survey anonymously. Ninety-five complete responses were

received, and an additional eight partially-completed responses were used in compiling this

report.1

Manufacturing and technology sectors were the most heavily represented among the

respondents, and there was also a relatively high degree of representation from the energy,

pharma, aerospace and financial services areas. Table A in the Appendix provides a

complete breakdown of survey participants by sector.

Respondents also tended to be larger companies – both by revenue and number of

employees, and a clear majority were publicly traded. See Tables B-D in the Appendix for

further information about these demographic dimensions. Not surprisingly given the survey

topic, many respondents are organizations that operate on a global basis. See Table E for

further detail on this.

For the most part data was sought in the form of multiple choice questions. However,

respondents were given the opportunity to provide text answers, too (both where they

selected “other” to a multiple choice question and where the survey solicited information

about “best practices.”)2

1 This was out of nearly 30 partially-completed responses received. We were unable to include the remaining 22 partially-completed responses because we were unable to verify to a reasonable degree the accuracy of the data therein.

2 The survey did not define best practices, and the inclusion of responses to best practice questions does not signify that the survey authors necessarily would consider the practices described as being best practices. Rather, text answers were included in this report where the authors felt that they would be of interest to readers of the report.


risk assessment

Risk assessment plays an important role in any effective compliance program, and this

is particularly the case regarding Anti-Corruption compliance programs, as reflected in

official Anti-Corruption compliance standards. Perhaps most significantly, under the

Recommendation of the Council for Further Combating Bribery of Foreign Public Officials

in International Business Transactions, published in 2009/2010 by the Working Group on

Bribery in International Business Transactions of the Organisation of Economic Cooperation

and Development (“OECD Anti-Bribery Guidance”), risk assessment is seen as a foundational

component to effective Anti-Corruption compliance.3 The same can be said of the Guidance

about Procedures which Relevant Commercial Organisations can Put into Place to Prevent

Persons Associated with Them from Bribing (section 9 of the Bribery Act 2010), published

in 2011 by the United Kingdom’s Ministry of Justice (“UK Anti-Bribery Guidance”).4 Risk

assessment is clearly important, too, to the United States Department of Justice and the

Securities and Exchange Commission, as evidenced by cases brought under the Foreign

Corrupt Practices Act (“FCPA”). One sees an emphasis on risk assessment both in aspects

of FCPA enforcement decisions identifying defendants’ internal controls and in model Anti-

Corruption compliance program requirements that defendants agree to implement.5 (Both

types of enforcement proceedings are referred to collectively herein as “FCPA Compliance

Cases.”)

Most respondent companies not only conduct some form of Anti-Corruption risk

assessment, but do so in a formal, documented way. However, there is a fairly even spread

among companies as to the extent to which the Anti-Corruption risk assessment effort is a

stand-alone process or part of a larger process, i.e., a broader compliance risk assessment

or an even broader “ERM” one.

3 “Effective internal controls, ethics, and compliance programmes or measures for preventing and detecting foreign bribery should be developed on the basis of a risk assessment addressing the individual circumstances of a company, in particular the foreign bribery risks facing the company (such as its geographical and industrial sector of operation). Such circumstances and risks should be regularly monitored, re-assessed, and adapted as necessary to ensure the continued effectiveness of the company’s internal controls, ethics, and compliance programme or measures.”

4 Principle 3, Risk Assessment: “The commercial organisation assesses the nature and extent of its exposure to potential external and internal risks of bribery on its behalf by persons associated with it. The assessment is periodic, informed and documented.”

5 E.g., SEC v. Alcatel-Lucent, S.A. (S.D. Fla. Dec. 27, 2010), available at http://www.sec.gov/litigation/complaints/2010/comp21795.pdf.


Which of the following best describes Anti-Corruption risk assessment at your company?

Comments of note about risk assessment included the following:

• A combination of internal and external assessments.

• No formal risk assessment has been performed; however, during an FCPA investigation

[a] significant amount of information was gathered and used in the same manner as if a

risk assessment had [been] conducted.

• Global and focused risk assessment in each of the big ticket compliance areas, i.e., Anti-

Trust, Anti-Bribery.

• On an annual basis, we distribute a self-assessment for our locations around the world to

complete. The self-assessment includes information such as % of sales to government

entities, third party sales agents, training, etc. The information is then included in the risk

assessment and scored to identify the higher risk locations who then receive an on-site

review of transactions the following fiscal year.

33.3%A stand-alone, documented process dedicated solely or largely to Anti-Corruption risk

22.5%Part of a documented process focusing on compliance risks of all kinds

26.5%Part of a documented, enterprise-wide process focusing on risks of all kinds – meaning not only compliance risks, but others encompassed within an “ERM” framework

11.8%A largely informal, undocumented process

3.9%My company does not conduct an Anti-Corruption risk assessment 2%

Other

Fewer than 4% of respondents do not conduct any type of Anti-Corruption risk assessment, and fewer than 12% have a largely informal, undocumented Anti-Corruption risk assessment process.


Not only should risks be assessed, but the assessment results should be put to use

with respect to various compliance program elements. The survey revealed the following

regarding such uses:

The results of the risk assessment are• Used in determining aspects of Anti-Corruption training and communication 80.8%

• Used in determining audit priorities and/or approaches 78.8%

• Used to draft or revise Anti-Corruption policies and procedures 78.8%

• Reported to the Board 67.7%

• Don’t know 4%

• Other 2%

“Other” uses of risk assessment were “to determine monitoring” and “to vet customers and

suppliers.”

80.8%

78.8%

78.8%

67.7%

4%

2%


polIcIes and proceduresAnti-Corruption policies and procedures play a central role in Anti-Corruption compliance

programs. They are addressed in a variety of ways in the OECD Anti-Bribery Guidance6 and

UK Anti-Bribery Guidance,7 and the US Department of Justice has also emphasized their

importance in a key guidance in this area.8 Indeed, Anti-Corruption policies and procedures

are affirmatively required by the internal controls provisions of the FCPA and other Anti-

Corruption laws.

Given the central role they play in Anti-Corruption compliance programs, the survey asked a

number of questions about Anti-Corruption policies and procedures.

Overall approach to Anti-Corruption policyA clear majority of companies have a stand-alone Anti-Corruption policy in addition to an Anti-

Corruption related provision in the code of conduct, and nearly half distribute a version of the

policy to third party intermediaries:

Which of the following describes your Company’s approach regarding written Anti-Corruption policies?• The Code of Conduct includes a provision on the Company’s Anti-Corruption policy

82.4%

• There is a stand-alone Anti-Corruption manual or other separate policy document (i.e.,

separate from the Code of Conduct) 74.5%

• There is a written policy that has been prepared for and is disseminated to our third party

intermediaries and/or other third parties 46.1%

• We do not have a written Anti-Corruption policy 2.0%

82.4%

74.5%

46.1%

2.0%

Additionally, two respondents indicated that they are in the process of drafting stand-alone

policies and another noted that his/her organization has local Anti-Corruption standard

operating procedures for each market.

6 The second item of the OECD Anti-Bribery Guidance provides that companies should have “a clearly articulated and visible corporate policy prohibiting foreign bribery.” The fifth item provides that companies should have “ethics and compliance programmes or measures designed to prevent and detect foreign bribery, applicable to all directors, officers, and employees, and applicable to all entities over which a company has effective control, including subsidiaries, on, inter alia, the following areas: i) gifts; ii) hospitality, entertainment and expenses; iii) customer travel; iv) political contributions; v) charitable donations and sponsorships; vi) facilitation payments; and vii) solicitation and extortion.”

7 Principle 1 Proportionate Procedures: “A commercial organisation’s procedures to prevent bribery by persons associated with it [should be] proportionate to the bribery risks it faces and to the nature, scale and complexity of the commercial organisation’s activities. They are also clear, practical, accessible, effectively implemented and enforced.”

8 U.S. Department of Justice Opinion Procedure Release 04-02 (July 12, 2004) (the ‘‘Opinion Procedure Release’’) speaks to the need for a “clearly articulated corporate policy against violations of the FCPA and foreign anti-bribery laws and the establishment of compliance standards and procedures to be followed by all directors, officers, employees, and all business partners, …that are reasonably capable of reducing the prospect that the FCPA or any applicable foreign Anti-Corruption law or [the company’s] Compliance Code will be violated.”


Specific requirements concerning providing items of value to government officialsGiven the thrust of Anti-Corruption laws, policies and procedures regarding providing things

of value to government officials are central to effective Anti-Corruption compliance. Such

policies and procedures typically address the issues noted immediately below,9 with a key

consideration being the extent of approval requirements for sensitive transactions.

Gifts and entertainment

Which of the following best describes your company’s approach to gifts and entertainment?• Employees must seek approval of the Compliance function or someone else other than

their manager (e.g., the legal department) prior to providing gifts or entertainment to

government officials in all instances 33.3%

• Employees must seek approval of the Compliance function or someone else other than

their manager (e.g., the legal department) prior to providing gifts or entertainment to

government officials in certain instances 24.5%

• Employees must comply with the Company’s standards governing providing gifts and

entertainment to government officials, but need not seek prior approval from management

or the Compliance function 20.6%

• Employees must seek approval of their manager prior to providing gifts or entertainment

to government officials in certain instances 9.8%

• Employees must seek approval of their manager prior to providing gifts or entertainment

to government officials in all instances 7.8%

• Other 3.9%

• Don’t know 1%

33.3%

24.5%

20.6%

9.8%

7.8%

3.9%

1.0%

9 These topics also largely track those in Item 5 of the OECD Anti-Bribery Guidance, quoted above in footnote 6.


“Other” responses and comments included the following:

• Employees in certain high risk countries require approval from management for

expenditures over a specified limit. Employees in the remaining locations follow the

standard gift and entertainment policy.

• No gifts are provided to government officials in any circumstances.

• Amount of gift/entertainment to be provided dictates what approvals are required.

Gifts/entertainment over certain amounts triggers Compliance function approval, but

management approval is always required.

• We recently enacted a gifts and hospitalities procedure that requires prior written approval

for giving gifts and hospitalities to government officials. Only nominal gifts (e.g. logoed

pens, ball caps) or hospitalities (e.g. soft drinks, coffee) may be given to government

officials without obtaining prior approval.

• We have a dedicated international business services office that conducts compliance

analysis for all hosting and hospitalities provided, come to legal for additional support

as needed; legal “owns” the business rule; also have mandatory annual training for all

engaged in international travel involving foreign officials or all who host foreign officials in

US.

• We have set dollar thresholds by country as well as tiered approvals based on not only

the dollar amount but the nature of the gift/entertainment.

• We set some thresholds. Each has different approval requirement.

• Our company policy sets a dollar limit as well as a frequency limit. While the dollar limit is

easily auditable the frequency limitation is very difficult to track and verify.

“We have set dollar thresholds by country as well as tiered approvals based on not only the dollar amount but the nature of the gift/entertainment.”


Travel

Some FCPA cases have involved providing travel to government officials,10 and Anti-

Corruption policies and procedures generally address this issue. The majority of respondents

(53.1%) indicated that their organizations require approval of the Compliance function or

someone else other than a manager (e.g., the legal department) before offering to provide

travel expenses to a government official in all instances.

Which of the following best describes your company’s approach to providing travel to government officials?

10 E.g., US v Ingersoll Rand Company Limited, DDC 1:07-cr-00294-RJL.

13.3%Employees must comply with company standards regarding providing travel to government officials but need not seek prior approval

15.3%Employees must seek approval of the Compliance function or someone else other than their manager (e.g., the legal department) before offering to provide travel expenses to a government official in some instances

53.1%Employees must seek approval of the Compliance function or someone else other than their manager (e.g., the legal department) before offering to provide travel expenses to a government official in all instances

5.1%Employees must seek prior approval of their manager before offering to provide travel expenses to a government official in certain instances

7.1%Employees must seek prior approval of their manager before offering to provide travel expenses to a government official in all instances

6.1%Other


Most of the “other” responses were to the effect that this activity was barred under all

circumstances. In addition, respondents noted:

• International travel must be pre-approved by a manager and there are strict limits as to how

the travel support is to be provided (e.g., payable to vendors where possible, etc.).

• Pre-approvals are based on different threshold amounts.

• No gifts or entertainment may be given to any government official or employee without the

prior consent of our General Counsel.

• All travel for government related customers must be approved in advance by an attorney

knowledgeable in FCPA.

• Our policy does not allow for the payment of travel expenses for government officials

with the rare exception that must be approved by Compliance. In all cases the travel

expenses will be paid directly to the service provider and never reimbursed to the

government official.


Charitable contributions and community support payments

Contributions to charitable causes or payments in support of communities are less likely

to serve corrupt purposes than are gifts, entertainment and travel, but they are not entirely

without such risk.11 Organizations address the issue of charitable payments through a fairly

wide range of relevant practices, but in this question, as in the prior question, the largest

number of respondents (nearly 44%) indicated that employees must seek approval of the

Compliance function or someone else other than their manager (e.g., the law department) in

all instances of such payments.

11 See SEC v. Schering-Plough Corp., No. 04-0945 (D.D.C. 2004).

13.3%Employees must comply with company standards regarding charitable contributions and community support payments, but need not seek prior approvals

9.2%Employees must seek prior approvals of a manager in all instances

17.3%Employees must seek approval of the Compliance function or someone else other than their manager (e.g., the law department) in some instances

43.9%Employees must seek approval of the Compliance Function or someone else other than their manager (e.g., the law department) in all instances

6.1%Other 10.2%

Employees must seek prior approvals of a manager in certain instances

Which of the following best describes your company’s approach to making charitable contributions and/or community support payments that could benefit government officials?


Several of the “other” responses were to the effect that charitable contributions are not made

by the respondent organization. In addition, noteworthy comments to this question included:

• Local counsel is hired to assist with evaluating legitimacy, credibility of charity.

• All charitable contributions must be approved by our parent company Chief Compliance

Officer. No charitable contributions are allowed at the division level.

• We are drafting a charitable contributions procedure which will require each business unit

to develop an annual plan for giving. Each intended recipient named in the annual plan

will be subject to Anti-Corruption due diligence. All variations from the approved annual

plan will be required to be approved in advance and accompanied with a rationale for the

deviation.

“Local counsel is hired to assist with evaluating legitimacy, credibility of charity.”


Facilitating Payments

As might be expected, with the advent of Anti-Corruption laws that do not contain the

exception for facilitating payments that the FCPA contains, a strong plurality of respondents

(44.4%) indicated that such payments are prohibited in all circumstances. Several

respondents also commented that, while their policies currently permit facilitation payments,

they are now or soon will be revising their policies to prohibit such payments. The full range

of responses to a question addressed to this area is as follows:

Which of the following best describes your company’s written policy with respect to providing facilitating payments to government officials?

44.4%We do not permit facilitating payments under any circumstances

7.1%We permit facilitating payments under some specified circumstances, but require that they be accurately recorded in the company’s books and records

39.4%We permit facilitating payments under some specified circumstances, but require that they be pre-approved if practical to do so and be accurately recorded in the company’s books and records

9.1%Other


12 Note that personal safety payments are also addressed in the section immediately following this one.

Comments and “other” answers to this question included the following:

• We allow today only with prior approval by the compliance function, but we’ll be revising to

strictly prohibit any such payments. Revisions will happen in next few months.

• Policy is currently silent so as to discourage such payments.

• Mention the exception in FCPA, but require compliance with local law. Revising to explicitly

state no facilitation payments.

• We discourage facilitating payments but require that they meet FCPA allowances and are

accurately recorded in books and records if made.

• We are considering an update to this policy to explicitly disallow all facilitating payments

(except where personal safety or emergency circumstances exist) in light of the U.K.

Bribery Act.

• Permit them, but require legal approval and have not yet granted approval.

• Realistic policy in place regarding the making of facilitation payments only when required

and below a nominal value. Any payments made must be recorded and reported to allow

the company to gather information on where and why these payments are being made.

• Reconsidering in light of UK Bribery Act (multiple responses).

• We have a very limited exception from our general prohibition on facilitation payments in

situations when an individual’s health or safety may be threatened.12

“We allow [facilitating payments today] today only with prior approval by the compliance function, but we’ll be revising to strictly prohibit any such payments.”


Which of the following best describes your program’s approach to providing safety payments (where an employee’s personal health, safety or freedom is at risk) to government officials?

48.2%We have a written policy that specifies that the Company permits necessary safety payments, but requires that they be accurately recorded in the company’s books and records

14.1%Other 37.6%

We do not have a written policy regarding safety payments, but we permit them as necessary

Several of the “other” comments indicated that the organizations would address personal

safety payments through their facilitating payments policies, although given the movement

away from permitting facilitating payments at some organizations, that may be a less useful

approach than it was previously.

Personal safety payments13

The possibility of being prosecuted for bribery based on a true personal safety payment

is presumably remote. Still, such payments do have some potential for corruption-related

abuse, and could give rise to record-keeping related risks as well. We therefore asked

respondents about their approach to personal safety payments. Interestingly, just under

half (48.2%) of respondents have a written policy regarding safety payments, although, as

expected, nearly all respondents indicated that they permit safety payments as necessary.

13 Strictly speaking, personal safety payments are distinct from facilitating payments - but, as one of the responses to our question about the former reflects, the two are sometimes dealt with together.


Requirements concerning retaining and using third-party intermediaries Retaining and using third-party intermediaries (“TPIs”) has, of course, been an area of major

Anti-Corruption related risk.14 For this reason, this area is also a major focus of all relevant

Anti-Corruption compliance program standards,15 as well as of this survey.

Due Diligence Requirements in Engaging TPIs

The first set of questions here concerned the due-diligence-related mechanics of retaining

TPIs – both in terms of securing information about the TPI and seeking appropriate approval

regarding their use:

TPIs must complete a due diligence questionnaire or similar document. This requirement applies with respect to:

44.3%

35.1%

16.5%

4.1%

41.5%

33.0%

21.3%

4.3%

14 E.g., US v. Siemens Aktiengesellschaft, No. 1:08-cr-00367-RJL (D.D.C. 2008).

15 For example, the OECD Anti-Bribery Guidance provides that companies should have “ethics and compliance programmes or measures designed to prevent and detect foreign bribery applicable, where appropriate and subject to contractual arrangements, to third parties such as agents and other intermediaries, consultants, representative distributors, contractors and suppliers, consortia, and joint venture partners (hereinafter “business partners”), including, inter alia, the following essential elements: i) properly documented risk-based due diligence pertaining to the hiring, as well as the appropriate and regular oversight of business partners; ii) informing business partners of the company’s commitment to abiding by laws on the prohibitions against foreign bribery, and of the company’s ethics and compliance programme or measures for preventing and detecting such bribery ; and iii) seeking a reciprocal commitment from business partners.”

The employee proposing to use the TPI must complete a due diligence questionnaire or similar document. This requirement applies with respect to:

Some TPIs

All TPIs

We don’t have this requirement

Don’t know

Table legend:


35.8%

48.4%

11.6%

4.2%

46.4%

28.9%

20.6%

4.1%

The employee’s supervisor or other operations personnel must expressly approve the retention. This requirement applies with respect to:

The Compliance function or another independent function, such as the legal department, must approve the retention. This requirement applies with respect to:

Some TPIs

All TPIs


Don’t know

Table legend:


16 More specific compliance program undertakings are addressed in the section immediately following this one.

General TPI agreements/certifications regarding Anti-Corruption laws

The next set of questions concerned what might be called general16 Anti-Corruption-related

agreements required of TPIs.

The TPI must contractually agree to abide by Anti-Corruption laws. This requirement applies with respect to:

30.9%

59.8%

5.2%

4.1%

Some TPIs

All TPIs


Don’t know

Table legend:

42.6%

27.7%

25.5%

4.3%

The TPI must agree to certify periodically that it is in compliance with Anti-Corruption laws. This requirement applies with respect to:


46.2%

29.0%

20.4%

4.3%

The TPI must agree to submit to Anti-Corruption audits conducted by your company or a third party on your company’s behalf. This requirement applies to:

Specific TPI compliance program requirements: training, auditing and monitoring

The next aspects of TPI-related policies and procedures in the survey concerned three key

(and in this context, often challenging) compliance program components - training, auditing

and monitoring.

The TPI must agree to provide Anti-Corruption training to personnel acting on behalf of your company. This requirement applies with respect to:

25.0%

13.0%

57.6%

4.3%

Some TPIs

All TPIs


Don’t know

Table legend:


Actual audits of TPIs

48.2%We have conducted Anti-Corruption audits of TPIs, but only in situations suggesting a need to do so (e.g., where there is an indication of possible misconduct)

4.4%Don’t know 47.8%

We have never conducted Anti-Corruption audits of TPIs

We have formal standards for monitoring compliance by TPIs (such as requirements that on an ongoing basis business personnel review TPIs’ invoices to ensure that they do not suggest violations of Anti-Corruption laws)• Yes - for all TPIs 17.8%

• Yes - for some TPIs 37.8%

• No 37.8%

• Other 2.2%

• Don’t know 4.4%

3.3%We have conducted Anti-Corruption audits of TPIs on a risk-based or a random basis, but not where there is an indication of possible misconduct 12.2%

We have conducted Anti-Corruption audits of TPIs on a risk-based or a random basis and also done so where there is an indication of possible misconduct

Twelve percent of respondents have conducted Anti-Corruption audits of TPIs on a risk-based or a random basis and have also done so where there is an indication of possible misconduct.

17.8%

37.8%

37.8%

2.2%

4.4%


An example of TPI monitoring given by one respondent was: “Annual refresh of due diligence;

annual performance review and continuing business justification by the business sponsor.”

TPI compliance-related best practices identified by respondents included the following:

• TPIs must renew their TRACE memberships and submit new compliance certificates

annually.

• Global Distributor Assurance Program.

• We use a risk-based approach to these assessments. The types of questions, level of

review, need for external investigations and contractual terms all increase as the risks with

the particular TPI rise.

“We use a risk-based approach to these assessments. The types of questions, level of review, need for external investigations and contractual terms all increase as the risk with the particular TPI rise. ” Requirements concerning mergers, acquisitions and

joint ventures

Mergers, acquisitions and joint venture formation/investments have given rise to FCPA

exposure in a number of circumstances.17 The survey sought information concerning

compliance measures addressed to risks of this nature by asking “Which of the following

are required by your program’s approach to mergers, acquisitions, and joint venture

investments related to its Anti-Corruption policies, procedures and practices?”

The other party to the transaction must complete a due diligence questionnaire or similar document.

14.5%

59.0%

20.5%

6.0%

17 See Jacobson, Singer, Levy and Murray, Caveat Emptor: Why and How FCPA Due Diligence Should Be Conducted Prior to Mergers and Acquisitions, Corporate Counsel Review, May 2010.

In some cases

In all cases

We don’t require this

Don’t know

Table legend:

Worried about the compliance practices of your third-party

intermediaries? Ethics 360 has complete solutions to put your company

in a safe place and your mind at ease.

For more information please visit www.ethics360.com


We use a third party to conduct an integrity screening report.• In some cases – but of target entity only 12.8%

• In some cases – both of target entity and key individuals 34.6%

• In all cases – but of target entity only 2.6%

• In all cases – both of target entity and key individuals 23.1%

• We don’t require this 20.5%

• Don’t know 6.4%

12.8%

34.6%

2.6%

23.1%

20.5%

6.4%

36.5%

45.9%

11.8%

5.9%

35.1%

28.6%

29.9%

6.5%

We conduct a review of inherited contracts and third-party relationships

In some cases

In all cases


Don’t know

Table legend:

We conduct a forensic review of the entity’s books and records


In some cases

In all cases


Don’t know

Table legend:

15.0%

71.3%

7.5%

6.3%

We require Anti-Corruption representations and warranties from the other party

29.6%

38.3%

25.9%

6.2%

We have formal Anti-Corruption compliance integration procedures of acquisitions and JV’s

Best practices relating to Anti-Corruption M&A and JV activity included:

• We are currently rewriting our M&A procedures to require Anti-Corruption due diligence

on all targets and buyers.

• We have developed standard form due diligence checklists on corruption/bribery issues

- each form is tailored to different size deals/sophistication levels of the target. And

we have created a formal process flow chart to indicate how M&A due diligence will

incorporate corruption/bribery issues.

• We have a dedicated team for M&A FCPA due diligence.

“We have a dedicated team for M&A FCPA due diligence. ”


program governance and management

Due to their operational complexity and resource needs, Anti-Corruption programs generally

require good program governance and management to be effective. Program governance

and management expectations are set forth in various Anti-Corruption standards.18 In a

related vein, at least under U.S. law, members of boards of directors increasingly face the

prospect of shareholder litigation for Anti-Corruption compliance program failures.19

A number of questions addressed to this aspect of Anti-Corruption compliance were posed

by the survey.

Some companies have designated a senior company official to oversee their Anti-Corruption compliance programs. Which of the following best describes your company’s approach to this aspect of its program

31.3%General Counsel, who also serves as Chief Compliance Officer, has been designated to oversee the Anti-Corruption compliance program

5.1%General Counsel, who does not serve as Chief Compliance Officer, has been designated to oversee the Anti-Corruption compliance program

46.5%Chief Compliance Officer, who does not also serve as General Counsel, has been designated to oversee the Anti-Corruption compliance program

3.0%Chief Financial Officer has been designated to oversee the Anti-Corruption compliance program

1.0%Senior operations personnel has been designated to oversee the Anti-Corruption compliance program

4.0%We have not designated a senior company official to oversee the Anti-Corruption compliance program

3.0%Other

6.1%Don’t know

18 For example, Item 4 of the OECD Anti-Bribery Guidance provides that “oversight of ethics and compliance programmes or measures regarding foreign bribery, including the authority to report matters directly to independent monitoring bodies such as internal audit committees of boards of directors or of supervisory boards, [should be] the duty of one or more senior corporate officers, with an adequate level of autonomy from management, resources, and authority.” Relatedly, in the 2011 settlement of Foreign Corrupt Practices Act charges, the Department of Justice required Johnson & Johnson to “appoint heads of compliance within each business sector and corporate function. These compliance heads will have reporting obligations to the Chief Compliance Officer and the Audit Committee” and also to “[m]aintain a global compliance leadership team, including regional compliance leaders and business segment compliance leaders, with responsibility for overseeing its company-wide compliance program. That leadership team will have reporting obligations directly to the Chief Compliance Officer.” Letter from US Department of Justice dated January 14, 2011 to Eric A. Dubelier, Reed Smith LLP, filed in United States v DePuy Inc., DDC 11-Cr-99 (available at http://lib.law.virginia.edu/Garrett/prosecution_agreements/pdf/johnson.pdf.)

19 Grow, “Bribery investigations spark shareholder suits,” Reuters, Nov. 1, 2010 available at http://www.reuters.com/article/2010/11/01/us-bribery-lawsuits-idUSTRE6A04CO20101101.


“Other” answers included

• Overseen by an FCPA Steering Committee.

• Bank Secrecy Act Officer oversees FCPA. This person is not the Chief Compliance

Officer.

• General Counsel, who serves as Chief Compliance Officer and another executive officer

have been designated to oversee the Anti-Corruption compliance program.

Who is principally responsible for managing your Anti-Corruption compliance program on a day-to-day basis?• Chief Compliance Officer, who does not also serve as General Counsel 33.0%

• A member of the law function other than the General Counsel or Chief Compliance

Officer 23.0%

• A member of the Compliance function other than the Chief Compliance Officer 17.0%

• General Counsel, who also serves as Chief Compliance Officer 10.0%

• No one employee is principally responsible for managing the Anti-Corruption compliance

program on a day-to-day basis 4.0%

• General Counsel, who does not serve as Chief Compliance Officer 3.0%

• Operations personnel 2.0%

• Other 2.0%

In close to half of respondent companies, the Chief Compliance Officer, who does not also serve as General Counsel, has been designated to oversee the Anti-Corruption compliance program.

33.0%

23.0%

17.0%

10.0%

4.0%

2.0%

2.0%

“Other” answers here were

• FCPA Steering Committee and

• Senior Vice President for Human Resources and Compliance.

Did you know Ethics 360 has a wide variety of unique and industry-leading tools to help compliance

officers effectively manage compliance programs? Our powerful tools give you the information you need

when you need it. For more information please visit www.ethics360.com


Which of the following best describes the training that your company provides to the board of directors regarding Anti-Corruption compliance? (For the purposes of this question, such training does not include receiving reports about the Anti-Corruption compliance program in connection with the board’s program oversight.)

Which of the following best describes how your board of directors (or committee thereof) oversees the Anti-Corruption compliance program?20

42.1%Board/board committee periodically receives reports about general compliance program but not specifically about the Anti-Corruption compliance program


Board/board committee periodically receives reports about the Anti-Corruption compliance program

26.5%The board/relevant board committee has never received Anti-Corruption training

32.5%The board/board committee receives Anti-Corruption training on a periodic basis

24.1%The board/board committee has received Anti-Corruption training in the past, but we do not currently have plans to provide additional board training

6.0%The board/board committee has not yet received Anti-Corruption training, but we intend to provide them with training in the next year


At one company, “The CCO’s twice yearly reports to the Audit Committee include discussion

of the status of anti-bribery compliance efforts. This includes discussion of the risk areas and

how the laws (particularly FCPA and now UK Bribery Act) apply to our businesses. This is

not the same as the type of computer-based and live training that we offer to employees, but

there is a training element.”

Which of the following types of reports are provided periodically to the board/board committee?

42.7%Anti-Corruption training/communications 51.5%

Reports regarding suspected violations of the Anti-Corruption policy

45.6%Implementation of Anti-Corruption procedures

44.7%Revisions to the Anti-Corruption policy

At nearly a third of respondent companies, the board or a board committee receives Anti-Corruption training on a periodic basis.

45.6%Results of Anti-Corruption risk assessment

3.9%Other

41.7%Don’t know

One of the “Other” answers was “Risk associated for future ventures.”

20 Note that the survey authors mistakenly coded this as a “select all that apply” – rather than “check one” question, which is why the percentages add up to more than 100.


traInIng and communIcatIons

Training and other communications play a vital role in effective Anti-Corruption compliance

programs. This is due partly to the fact that the full meaning and import of Anti-Corruption

laws may not be obvious to all relevant parties acting on behalf of an organization. Anti-

Corruption training and other communications are featured prominently in the OECD Anti-

Bribery Guidance and UK Anti-Bribery Guidance, and in FCPA Cases.21

The survey sought a wide array of information concerning this aspect of Anti-Corruption

compliance programs.

Web-based training

Which of the following best describes your company’s approach to delivering web-based Anti-Corruption training as part of the general code of conduct (or other general C&E) web-based training?

14.0%All employees receive Anti-Corruption training as part of the general code of conduct/general C&E web-based training course once, and some employees receive the training on a periodic basis

15.0%No employees receive Anti-Corruption web-based training as part of the general code of conduct/general C&E web-based training course

7.0%Don’t know

7.0%All employees receive Anti-Corruption training as part of the general code of conduct/general C&E web-based training course only once

27.0%All employees receive Anti-Corruption training as part of the general code of conduct/general C&E web-based training course on a periodic basis

22.0%Some but not all employees receive Anti-Corruption training as part of the general code of conduct/general C&E web-based training course on a periodic basis

4.0%Other

21 For example, the OECD Anti-Bribery Guidance recommends that companies take “measures designed to ensure periodic communication, documented training for all levels of the company, on the company’s ethics and compliance programme or measures regarding foreign bribery, as well as, where appropriate, for subsidiaries…”). The UK Anti-Bribery Guidance, in Principle 5 Communication (including training), provides that “The commercial organisation [should] seek to ensure that its bribery prevention policies and procedures are embedded and understood throughout the organisation through internal and external communication, including training, that is proportionate to the risks it faces.” FCPA Cases routinely involve Anti-Corruption training. For instance, a 2011 settlement involving Johnson & Johnson (“J&J”) required the company to “provide: a. Annual training on anticorruption laws and regulations to directors, officers, executives, and employees who could present corruption risk to J&J. b. Enhanced and in-depth FCPA training for all internal audit, financial, and legal personnel involved in FCPA audits, due diligence reviews, and acquisition of new businesses. c. Training as necessary based on risk profiles to relevant third parties acting on the company’s behalf that may interact with government officials at least once every three years.” Letter from US Department of Justice dated January 14, 2011 to Eric A. Dubelier, Reed Smith LLP, filed in United States v Johnson & Johnson, at 37, DDC 11-Cr-99 (available at http://lib.law.virginia.edu/Garrett/prosecution_agreements/pdf/johnson.pdf ).

4.0%Some but not all employees receive Anti-Corruption training as part of the general code of conduct/general C&E web-based training course only once


Which of the following best describes your company’s approach to delivering web-based Anti-Corruption training as a separate (i.e., separate from general C&E training) training course?

15.7%No employees receive a stand-alone Anti-Corruption web-based training course

11.0%Other

6.9%Don’t know

3.9%All employees receive a stand-alone Anti-Corruption web-based training course only once

2.0%All employees receive a stand-alone Anti-Corruption web-based training course once and some employees receive it on a periodic basis

48.0%Some employees receive a stand-alone Anti-Corruption web-based training course on a periodic basis

17.6%All employees receive a stand-alone Anti-Corruption web-based training course on a periodic basis

4.9%Some employees receive a stand-alone Anti-Corruption web-based training course only once

Ethics 360 offers customized Anti-Corruption training solutions for both in-house and international

vendor needs to protect you and your company. We work with the world’s leading experts to craft

training programs that perfectly fit your needs. For more information please visit www.ethics360.com


In-person training

Which of the following best describes your approach to delivering in-person Anti-Corruption training?

66.3%Some employees receive in-person Anti-Corruption training on a periodic basis

6.9%Don’t know

2.0%All employees receive in-person Anti-Corruption training only once

7.9%Some employees receive in-person Anti-Corruption training only once

1.0%Other

6.9%All employees receive in-person Anti-Corruption training on a periodic basis

1.0%All employees receive in-person Anti-Corruption training once and some employees receive it on a periodic basis

7.9%No employees receive in-person Anti-Corruption training


Role-based training

How successful do you think your organization is in tailoring Anti-Corruption training to the various roles played by employees of your organization (e.g., different training for sales personnel as opposed to financial personnel)?

10.3%Very successful

59.8%Somewhat successful

19.6%Not successful

3.1%Other

Training Best Practices

Best practices in this area included the following:

• Developed and trained on country specific sales and marketing codes of conduct.

• We designed a training matrix including the training principle, objectives, targets,

contents, agenda, etc., which help us manage the training in an efficient way. Each

time. We usually tailor the materials in local language or bilingual, redesign the scenario

discussion/quiz part for each training.

• Sales, Finance and Legal receive periodic face-to-face and online training specifically on

Anti-Corruption. All employees receive updates via periodic communications.

• We have a robust risk-based training approach to ethics. Courses are assigned based

on level within the organization and functional responsibilities.

• Almost all of our training is done live and focused upon facts and issues for particular

populations (e.g., logistics team, real estate team, finance team, operations team).

“We have a robust risk-based training approach to ethics. Courses are assigned based on level within the organization and functional responsibilities.”


Other communications

In addition to true training, a robust Anti-Corruption compliance program typically includes

non-training communications, which the survey sought to explore.

Have you communicated about your Anti-Corruption compliance program in the following ways

19.8%Posters concerning the Anti-Corruption compliance program

47.9%Discussion of Anti-Corruption compliance program in company newsletter (general newsletter or a Compliance specific one)

42.7%Communications regarding the Anti-Corruption compliance program that are disseminated to third parties, including TPIs (such as letters or electronic communications to third parties)


Written communication from or speeches by CEO

61.5%Written communication from or speeches by other senior business leaders

62.5%Discussion of Anti-Corruption compliance program on Company intranet site

6.3%Other

“Other” answers include “Communication to internal teams based on recommendations from

Anti-Corruption risk assessment.”

At more than three in five respondents, senior business leaders other than the CEO have made speeches about the company’s Anti-Corruption compliance program.


complIance checKIng

Auditing is another essential component of effective Anti-Corruption compliance for a

variety of reasons, including that corruption can be resistant to the “soft side” of compliance

(such as training) and because these functions are deemed essential to internal controls

provisions of Anti-Corruption laws. Anti-Corruption compliance standards contain significant

expectations in these areas.22

Related to auditing are assessments, which are generally taken to mean more qualitative

forms of checking. The Department of Justice and the OECD have emphasized the

importance of program assessments to achieving and maintaining program effectiveness

– the former by, among other things, a 2010 speech by the Attorney General calling on

companies “to change the tone at the top, to re-evaluate their compliance programs and

internal controls, to find ways to encourage a culture of compliance…”23; the latter in item

12 of the Anti-Bribery guidance stating that companies should conduct “periodic reviews

of the ethics and compliance programmes or measures, designed to evaluate and improve

their effectiveness in preventing and detecting foreign bribery, taking into account relevant

developments in the field, and evolving international and industry standards..”

Auditing

Which of the following describes Anti-Corruption auditing at your company? (Select all that apply.)

37.5%Our audit (or other appropriate) department conducts stand-alone Anti-Corruption audits, meaning audits entirely or largely addressed to corruption-related issues

2.1%Other

11.5%Our company does not audit for Anti-Corruption compliance

19.8%Our audit (or other appropriate) department does not conduct stand-alone Anti-Corruption audits but does devote a substantial portion of general audits to Anti-Corruption compliance

21.9%Our audit (or other appropriate) department does not conduct stand-alone Anti-Corruption audits but does devote a minor portion of general audits to Anti-Corruption compliance

7.3%Don’t know

22 Principle 1 of the UK Anti-Bribery Guidance provides that companies should have “[f]inancial and commercial controls such as adequate bookkeeping, auditing and approval of expenditure.” See also SEC v. Monsanto Company, Case No. 1:05CV00014 (D.D.C) (2005).

23 Available at http://www.justice.gov/ag/speeches/2010/ag-speech-100531.html.


22 Principle 1 of the UK Anti-Bribery Guidance provides that companies should have “[f]inancial and commercial controls such as adequate bookkeeping, auditing and approval of expenditure.” See also SEC v. Monsanto Company, Case No. 1:05CV00014 (D.D.C) (2005).

23 Available at http://www.justice.gov/ag/speeches/2010/ag-speech-100531.html.

Comments here included

• Our internal audit function will perform its own risk assessment to determine the

frequency of its audits.

• Legal Department oversees the audits.

• As we expand international presence, auditing will be integrated with program.

Self-Assessments

Which of the following best describes internal self-assessments of your Anti-Corruption compliance program?

40.4%Formal (i.e., documented in a report of some kind) self-assessment by the Compliance function 16.2%

No self-assessment

12.1%Formal review of Anti-Corruption-related internal controls by finance department

41.4%Informal self-assessments

7.1%Don’t know


Which of the following best describes external (i.e., by a third party) assessments of your Anti-Corruption compliance program?

23.4%We have conducted an external assessment devoted largely or entirely to our Anti-Corruption program 2.1%

Other

47.9%We have not conducted an external assessment of our Anti-Corruption compliance program

7.4%Don’t know

19.1%We have conducted an external assessment of our general compliance program, which included some assessment of our Anti-Corruption compliance program

Finally, note that in the earlier discussion about TPI-related procedures, there is data

concerning monitoring – which is yet another form of compliance checking.

Nearly a quarter of respondents have conducted an external assessment devoted largely or entirely to their Anti-Corruption compliance program.


Incentives

Incentives are a relatively new form of compliance “tool.” However, they are important under

Anti-Corruption compliance standards.24

Which of the following are part of your company’s approach to Anti-Corruption compliance incentives?

24 Item 9 of the OECD Anti-Bribery Guidance provides that companies should have “appropriate measures to encourage and provide positive support for the observance of ethics and compliance programmes or measures against foreign bribery, at all levels of the company.” See also Kaplan, The First Word On Compliance Incentives, the FCPA Blog, Jan. 19, 2011 available at http://www.fcpablog.com/blog/2011/1/19/the-first-word-on-compliance-incentives.html.

One respondent commented: “Managers have the option to include Anti-Corruption

compliance criteria in performance evaluations of at-risk functions.”

At more than 16% of responding companies, the Compliance function provides information in personnel decisions - such as promotions or succession planning - for key employees.

52.2%We use compliance criteria in performance evaluations, but it is not specific to Anti-Corruption

15.2%Other

7.6%We give financial awards for exceptional contributions to the compliance program

13.0%We use compliance criteria in performance evaluations, some of which is specific to Anti-Corruption

16.3%The Compliance function provides information in personnel decisions (such as promotions or succession planning) for key employees

7.6%Don’t know


Program Documentation

Documentation of the governance aspects of an Anti-Corruption compliance program can

be important to ensuring the effective operation of the program, providing a basis for program

audits and helping an organization get credit for its program in the event of an investigation.

Which of the following best describes governance documentation for your Anti-Corruption compliance program?

33.7%We have a written charter (or charter-type document) specifically for our Anti-Corruption compliance program

21.4%We do not have a written charter specifically for our Anti-Corruption compliance program nor do we have a written one for our overall compliance program

7.1%Don’t know

37.8%We do not have a written charter specifically for our Anti-Corruption compliance program but do have a written charter for our overall compliance program


Authority and Independence

Sufficient authority and independence are keys to effective Anti-Corruption compliance

programs, as is evidenced by cases where they were arguable absent25 and by Anti-

Corruption compliance standards.26

Which of the following factors contribute to the authority and independence of your Anti-Corruption compliance program?

42.3%Chief Compliance Officer reports in executive session to a board committee

59.8%Strong endorsement/support of the board or a board committee (or committees)

8.2%Chief Compliance Officer has employment contract with strong protections

7.3%Don’t know

60.8%Strong and active endorsement of the CEO

63.9%Strong and active endorsement of other senior business leaders

60.8%Chief Compliance Officer reports directly about Anti-Corruption compliance program to the board or a board committee

6.3%Other

4.1%Chief Compliance Officer has other employment-related protections (such as requirement that board committee must pre-approve any adverse employment action concerning him or her)

51.5%Strong measures are in place to protect independence of investigations and discipline measures

25 See, e.g., U.S. v. Siemens Aktiengesellschaft, No. 1:08-cr-00367-RJL (D.D.C. 2008).

26 Item 4 of the OECD Anti-Bribery Guidance recommends that “oversight of ethics and compliance programmes or measures regarding foreign bribery, including the authority to report matters directly to independent monitoring bodies such as internal audit committees of boards of directors or of supervisory boards, [be] the duty of one or more senior corporate officers, with an adequate level of autonomy from management, resources, and authority.”


Other Best Practices

Other best practices of note included:

• Semi Annual Anticorruption Sales Certifications are required of any sales person who may

interact with a government entity.

• Alerts automatically sent to all employees booking international travel, reminding them

of our Anti-Corruption policy and referring them to the Compliance internet site for more

information/details.

Comments here included:

• Formal, documented escalation protocol is in place to ensure the head of the compliance

function, reporting up to the Chief Compliance Officer, has independent reporting line to

the Chair of the board committee overseeing the compliance program to raise concerns.

• We have a robust program that is carefully monitored by our senior executive team,

international attorneys, audit and compliance team.

“We have a robust program that is carefully monitored by our senior executive team, international attorneys, audit and compliance team.”


3.9%

Appendix – Demographic Information Regarding Respondents

What is your company’s principal line of business?

4.9%

3.9%

1.0%

9.7%

3.9%

4.9%

Aerospace/Defense [5]

Business Services [4]

Construction/Engineering [4]

Consumer Products [1]

Energy [10]

Extractive, Mining, Chemicals [4]

Fin. Services (Bank, Insurance, Broker, Real Estate) [5]

5.8% Food & Beverage [6]

1.9% Leisure/Entertainment/Media [2]

18.4% Manufacturing [19]

1.0% Not for Profit/Government [1]

7.8% Pharma [8]

3.9% Retail [4]

15.5% Technology [16]

3.9% Telecomm [4]

2.9% Transportation [3]

2.9% Utilities [3]

3.9% Other [4]

0% Education [0]

Healthcare [0]

(“Other” industries include medical device, distribution, security and fire protection products

and services, and professional services.)


What is your company’s annual revenue?

How many people does your company employ?

2.9%

1.9%

2.9%

1.9%

3.9%

3.9%

8.7%

5.8%

9.7%

16.5%

Less than $1 million [3]

Less than 10 people [2]

$1 million - $5 million [3]

10 – 49 people [2]


100 – 499 people [4]


500 – 999 people [6]

$500 million- $1 billion [10]

1,000 – 4,999 people [17]

27.2%

6.8%

$1 billion - $5 billion [28]

5,000 – 9,999 people [7]

4.9%

2.9%


50 – 99 people [3]

39.8%

60.2%

More than $5 billion [41]

10,000 people or more [62]


What is your company’s ownership?

Your company has operations in which of the following locations?

1.0%

31.1% Private [32] 68.0% Public [70]

Non-profit/government [1]

53.4%

79.6%

72.8%

51.5%

Asia [82]

Australia [55]

Latin America [75]

Africa [53]

79.6%64.1%

Europe [82]

The Middle East [66]

93.2% North America [96]


About Ethics 360Ethics 360 is a group of companies that provides services related to anti-bribery education, training and publishing for multi-nationals and their third party intermediaries. Ethics 360 aims to create a greater awareness and knowledge of Anti-Corruption and bribery legislation and practical tools that stakeholders can deploy to ensure compliance with the FCPA, UKBA and similar legislation. Ethics 360’s management teams work over the past decade with governments and multinationals has led them to uncover many unique public record sources around the world that have since been aggregated into topic-specific areas of concern to their clients. Over 500 man-years of effort have gone into identifying, collating and maintaining these innovative data systems. For more information, please visit www.ethics360.com

About The FCPA BlogThe FCPA Blog was created by Richard L. Cassin with the goal of providing practical information about the FCPA and compliance in plain English to anyone with an interest in the topic. Cassin was named one of the 100 Most Influential People In Business Ethics in 2010 by Ethisphere Magazine, and the FCPA Blog was listed by the Risk Management Monitor as one of the ten best risk-management and insurance-industry blogs. To read the daily posts, or for more information, please visit www.fcpablog.com

About Kaplan & Walker LLPKaplan & Walker LLP is a law firm based in Princeton New Jersey and Santa Monica California whose practice is devoted entirely to providing compliance/ethics program related legal services. Since the 1990’s the firm’s partners have conducted compliance/ethics risk and program assessments, written/edited codes of conduct and other policy documents, counseled companies in matters regarding training and communications, drafted compliance audit protocols and reporting systems, established compliance/ethics offices, and assisted boards of directors in meeting their fiduciary duties under the Caremark case. They have also published and lectured widely in the field and conducted many compliance-related benchmarking studies. For more information please go to www.kaplanwalker.com

Anti-Corruption Benchmarking Survey

Documents

Transcript of Anti-Corruption Benchmarking Survey