teaching methods which involve participation by the staff should be used.
It is recommended that the education and training expressly
identify the learning outcomes to be achieved. For example:
- to understand that it is prohibited by Australian, USA and relevant local
law to pay bribes and secret commissions;
- to understand that company policy prohibits corrupt conduct;
- to be better informed about the company's compliance program, including
the various certification processes;
- to be aware that contracts must include anti-corrupt conduct clauses; and
- to be informed of the legal ramifications for the company and the employee
of non-compliance.
Ideally, although not
stated in the Australian Standard itself, a mechanism for testing
whether or not the learning outcomes have been achieved ought to be
included.
To continue to maintain high standards with respect to the
education and training component of any compliance program, the
effectiveness of the education and training program should be
periodically evaluated, reviewed and updated.
Maintaining records to verify that the training has been conducted, the names of the
attendees, the content of the training and achievement of the learning
outcomes is very important (see 3.5 Record keeping).
4.2 Visibility and communication
In implementing a compliance program with respect to
compliance with laws prohibiting the bribery of foreign public
officials, the policy and program should not be restricted in its
dissemination.
Indeed the policy and program should be widely
publicised within the organisation so that it is understood and
becomes part of everyday practice.
Maintaining the visibility and communication of the program can be achieved in a
number of ways, including through the education and training program, reminding staff
of their obligations in corporate newsletters and on bulletin boards.
E-mail reminder messages and prominently placed posters also assist. A
timetable of regular communications may be developed as a prudent
measure to assist in achieving regular communication of the required
message.
4.3 Monitoring and assessment
Maintaining the effectiveness
and viability of the compliance program requires regular monitoring of
the program and its elements and assessing the performance of the
program.
Monitoring and assessment are essential.
It is recommended
that a clear strategy for continual monitoring be developed and that
the strategy specifically sets out both internal and external
monitoring processes.
An outline of the schedule for monitoring, the
resources required and the data to be collected should be specified.
In order to undertake effective assessment of the compliance program,
it is recommended that there be pre-determined objectives which have
been documented to assist in evaluating the performance of the
compliance program. Monitoring and assessing the process and the
paperwork is necessary but not sufficient. Ascertaining the culture of
the operating environment and the awareness of the need for compliance
is also required.
4.4 Review
The review aspect of an effective
compliance program is not simply another form of monitoring and
assessment. It goes beyond what would be required in terms of
monitoring. Reviewing the operation of any compliance program is
necessary to identify and understand reasons for compliance failures.
In addition, the review of the program assists an organisation to
identify and to design improvements.
Under the Australian Standard, it
is recommended that reviews occur at specified intervals to ensure
that the compliance program is operating effectively and that it is
still appropriate to the organisation's operations. The Australian
Standard recognises that the actual depth and frequency of such
reviews will vary with the nature of the organisation and its
policies.
With respect to laws prohibiting the bribery of foreign
public officials, much will depend on the nature of the organisation's
particular activities. If the company operates in countries which are
perceived to be "high risk" in terms of corruption and in industries
which are also perceived to be "high risk", the depth of such reviews
may be more extensive and the frequency more regular than for another
area of legal compliance which does not present such a high level of
importance in terms of regulatory compliance.
Reviews are necessary to identify and understand the risk areas and the
reasons for compliance
failures. They also assist in assessing if the compliance program is
performing effectively. Although a company's compliance manager may
organise a review, the review itself should not be carried out by the
manager having day to day responsibility for compliance within that
part of the organisation being reviewed. It is important that there be
independence brought to bear either by the review being conducted by a
manager from another part of the organisation or by an independent
reviewer or consultant.
4.5 Liaison
A corporation's compliance program
may also include liaison with other bodies and advisers. Liaison is
important to assist an organisation in maintaining its awareness of
current problem areas and new developments in compliance methods.
For
example, with respect to a compliance program dealing with anti-
bribery legislation, membership of, or regular contact with,
Transparency International will assist a company to obtain early
warning of intended changes to laws or practices.
The newsletters and
other publications produced by Transparency International and
professional advisers, such as lawyers and accountants, are useful
means of supplementing liaison with the relevant regulatory
authorities and other bodies.
4.6 Accountability
Any legal compliance
program requires management skills to make it work. Compliance
officers themselves have the responsibility of organising and
assisting to bring about compliance with laws prohibiting foreign
bribery. However, compliance staff cannot discharge a company's
compliance responsibilities.
Compliance not only requires commitment
at senior levels. Communication of that commitment throughout the
organisation coupled with input from and involvement of relevant staff
from all levels of the organisation is also needed. It is important
that the appropriate staff understand and accept their accountability
for compliance.
In particular, performance evaluation of the
compliance program should be reported as set out in the program
itself, including reporting to the Board or governing body, audit or
compliance committee and the Chief Executive Officer.
Those personnel
who have an accountability and responsibility for compliance with
anti-corrupt conduct laws should have those accountabilities and
responsibilities reflected within their relevant job descriptions. It
should also be clear that any relevant Board or management committee
having such a responsibility, has that particular responsibility
clearly articulated in its terms of reference. One aspect of
discharging accountability could be the production of annual
compliance reports for the Board as well as ad hoc exception reports
or the governing body as appropriate.
An area where companies may
expose themselves to risks, if not of prosecution at least of adverse
public comment and reputational risk, is in promoting staff who fail
to demonstrate a commitment to compliance. In other areas of the law,
such as trade practices (also known as anti-trust), promoting staff
who have a poor compliance record or attitude has been adversely
commented upon by the courts. Rewarding staff who flout the company's
compliance program to achieve commercial targets will have damaging
effects: the compliance program will be undermined, the company's
credibility will be weakened, the risk of prosecution will be
increased.
4.7 System for handling compliance failures
Embedding a compliance program into an organisation's operations requires the
inclusion of a system for handling compliance failures, regardless of
whether those compliance failures are major or minor in nature.
Clearly, systemic and recurring problems will be of fundamental
importance in terms of compliance with anti-bribery laws. However, an
isolated incident of compliance failure could also present serious
potential difficulties for any corporation, particularly if that
compliance failure is significant in nature and has occurred through
the deliberate conduct of an employee. Indeed, even small compliance
failures may demonstrate the existence of a systemic problem with
respect to the organisation's operations.
It is important that there be a system in place to classify, analyse and have
a process for
investigating allegations and specific incidents of compliance
failure. Such a system provides useful feedback to the organisation
and can assist in such areas as:
- re-designing the program;
- changing organisational practices and procedures;
- re-focussing of the education and training program; and
- providing an early warning of potential problems.
4.8 Continuous improvement
The relevance and
effectiveness of a corporation's compliance program will be influenced
by whether or not the organisation has some means of incorporating
continuous improvement philosophies into its procedures. Both the
compliance objectives and the assessment criteria ought to involve
ongoing review for continuous improvement to be effected.
Continuous
improvement assists in keeping the company abreast of developments and
in fostering a culture of compliance within the organisation.
Innovation is encouraged where continuous improvement philosophies are
promoted.
A way of maintaining and motivating continuous improvement
is to recognise exemplary compliance behaviour within the workforce of
the organisation. In this way, good corporate practice by staff is not
only encouraged, it is also rewarded. Ethical conduct by employees
assists in enabling the company embrace good ethical practices as an
integral part of its corporate governance framework. Benefits will
flow to the company with its enhanced reputation as a good corporate
citizen.
5 A culture of compliance
The Australian Criminal Code which
contains the offence of bribery of a foreign public official has the
effect of exposing a company to criminal charges if the corporate
culture of the company directs, tolerates or leads to non-compliance
with the criminal provisions. In addition a company can be criminally
liable if the company fails to create and maintain a corporate culture
that requires compliance with the law. As a result, a culture of
compliance is critical for Australian companies conducting business
outside Australia.
Promoting and monitoring compliance can be a
challenging and difficult undertaking. However, in Australia the
Australian Standard AS3806 on compliance programs provides detailed
guidance on the necessary elements for implementing, operating and
maintaining any compliance program.
The Australian legislation
implementing the OECD Convention requires companies to scrutinise the
prevailing cultures within those parts of the businesses involved in
its overseas operations. It is vital that a culture of compliance with
foreign bribery laws be established, promoted and maintained.
Bringing
about change in organisational cultures can be extremely difficult and
time consuming. A company which has permitted a culture to develop
which tolerates or encourages the payment of bribes to foreign public
officials will experience difficulties in re-educating staff, changing
the corporate culture and implementing a compliance program to meet
the Australian Standard. Nevertheless, it is essential under
Australian law.
If a prohibited culture is permitted to persist within
an Australian company, that organisation will remain at risk of
prosecution under Australian Commonwealth criminal law. Directors and
senior officers of such a company would also risk being in breach of
their fiduciary and statutory duties.
The Australian Standard for
compliance programs offers valuable guidance on the elements of an
effective compliance program to assist companies, directors,
management and staff to achieve compliance with the new Australian
laws. The Australian Standard for compliance programs may also provide
useful guidance for effective compliance with anti-corrupt conduct
laws in other countries.
Notes
Australian Standard AS3806 - 1998, Compliance Programs, Standards Australia, page 4
BIBLIOGRAPHY
CCH Australia Limited Australian Legal Compliance: Making it Work
Parliament of the Commonwealth of Australia, Joint Standing Committee
on Treaties OECD Convention on Combating Bribery and Draft Implementing
Legislation 16th Report June 1998
Practising Law Institute Doing Business Under the Foreign Corrupt Practices
Act Don Zarin, Corporate and Securities Law Library
Standards Australia Australian Standard: Compliance Programs AS3806 - 1998
Standards Australia A Guide to AS3806 - 1998, Compliance Programs SAA HB133 -
1999