Wal-Mart, embroiled in bribery investigations first in Mexico and now India, is hardly alone in its purported involvement in corruption, experts say. In fact, the mammoth retailer is “the tip of the iceberg,” says Charles Pautsch, a partner at law firm Arnstein & Lehr.
Pautsch observes that enforcement of the Foreign Corrupt Practices Act (FCPA) was strong in the early 1980s, then “waned for a while but lately has been picking up substantially.” And as companies seek to do business in more places in the world, corruption will become an even bigger problem, he says.
Most often — up to 90% of the time, according to some estimates — violations are committed by third parties to which companies outsourced international operations. Large, global companies may not be able to eradicate such behavior, but to comply with U.S. and foreign regulations — and avoid million of dollars in fines and possible jail time — they need to make a very good effort.
New FCPA guidelines released in October help businesses understand corruption guidelines and outline measures they can take to support compliance, including technological means of identifying and flagging questionable expenditures.
Last April The New York Times reported that Wal-Mart had suppressed evidence that Mexican officials were bribed to procure locations for Wal-Mart stores. Stores were awarded desirable sites through zoning changes and despite environmental concerns, the article said.
On November 15, Wal-Mart announced that it is conducting its own investigations in “a number of foreign markets, including but not limited to” Mexico, India, China, and Brazil. Last week the company’s Indian joint venture, Bharti Walmart, reportedly suspended its CFO and legal team and delayed store openings.
“As these matters are currently under review, it would be inappropriate for us to comment further on the specific allegations until we have concluded the investigations,” Wal-Mart said in a statement. “We are working diligently to strengthen our compliance programs and dedicating considerable resources to this effort. In fact, the company has spent more than $35 million on its global FCPA compliance review efforts over the past 18 months.”
Myriad regulations in some countries, like India, mean that a project on the scale of a new Wal-Mart could take years just to get the needed approvals, Pautsch says. Bribing government officials can greatly speed up the process, or even make a project happen that wouldn’t otherwise.
Indeed, FCPA compliance with respect to bribery in foreign countries is a tall order for most global organizations. “Over the years, I’ve found it to be the toughest compliance issue that exists in business,” Pautsch says. “Training and computer-assisted guidance are necessary to stay on top of what has become a mammoth project.”
Organizations are learning more about identifying suspicious transactions and unusual patterns, says John Verver, vice president of product strategy and alliances at ACL, a maker of compliance, audit, and risk software. “No matter how good your overall policies are, it’s hard to beat the benefits of actually monitoring vast numbers of transactions on an ongoing basis,” he says.
Red flags include keywords referred to in FCPA guidelines, like “facilitation payments,” as well as unusual consulting fees, commissions, or charitable donations, notes Verver.
Other telltale signs are officials working overseas who have higher expenses than others in comparable positions, and expenses charged to entertainment or “other,” says Norman Marks, an internal-audit and risk-management practitioner with SAP.
An organization that monitors for such red flags stands a good chance of catching fraud and bribery early, and if it does, the government will give it “a lot of credit,” Marks says.
During the past four years, companies have paid more than $2 billion in fines to the U.S. government arising from FCPA violations, says IPSA International, an investigative consulting service. As recently as 2004, the annual total was only $11 million.
Germany-based conglomerate Siemens alone paid a total of $1.6 billion to U.S. and German authorities in 2008 for violating FCPA accounting and record-keeping provisions.
Pautsch says companies may not examine applicable regulations carefully enough before launching operations in a new country. If they did exercise more care, they might in some cases choose not to do business there after all. But the business opportunities in a country may look so great that a company is willing to take on significant FCPA risk, Pautsch notes. And some companies may believe expanding into a new market is possible because they employ an intermediary familiar with the local regulations and customs.
Companies should investigate whether such a third party shares their cultural values. One that is too eager to help “may guide you into the worst dark alley,” Pautsch notes. In the case of Wal-Mart in Mexico, he observes, “the startling thing was that [many] of the accused intermediaries were law firms.”
Criminal penalties under the FCPA for those found liable for such transactions include jail time of up to 5 years for bribery and 20 or more years for accounting fraud, says Pautsch.
Accounting activities that most often run afoul of the FCPA include maintaining internal controls and systems for auditing third parties. There is “extensive tie-in” between the FCPA and controls required under the Sarbanes-Oxley Act, Pautsch says, and violations can result in fines under both laws.
A key to maintaining compliance is continuous training, says Marks. A retail company, for example, with high employee turnover — say, 20% to 30% — should be training every quarter, he says.
Company executives focused on performance and day-to-day operations may be comforted by having training programs as well as an FCPA policy and a code of ethics. But those measures aren’t sufficient without a mechanism showing that people understand the correct procedures and are following them, Marks says. Internal audit should take the lead in examining the company’s preventive activities and determining whether the message is coming through.