10 Risk Areas For Companies Operating Internationally
1. Focus on High-Risk Regions
Emerging markets, while offering substantial growth opportunities, often come with unstable political situations and a lack of systemic controls for combating corruption. While Africa, Latin America, Asia, and the Middle East are key growth markets for many sectors, countries in these locations tend to have lower rankings when evaluated by the non-governmental organization Transparency International. See the rankings here.
2. Identify Holes in Policies and Procedures
Many companies believe they have strong compliance policies, but we know through experience that employees will exploit gaps and ambiguities. We have vast experience designing policies and presenting remediation programs to skeptical regulators and prosecutors, and can help you avoid unwitting pitfalls. The goal of a strong program is two-fold: to help prevent problems from occurring in the first instance; and to demonstrate to the government if things have gone awry that the company made a serious and sustained effort to govern responsibly.
3. Meaningfully Train at All Levels
Not all compliance programs are created equal because companies have different risk factors, budgets and business models. But good companies train at multiple levels of the organization, from the Board down to middle managers and sales representatives. Even a low-level employee can cause substantial liability for the corporation, so it is essential to have a strong training program aimed at specific risk factors based on your business model. It is also important to train employees about what should and should not be included in emails and texts.
4. Manage Third-Party Partners and Agents
Companies operating overseas are at high risk when dealing through third-party agents and partners. Third parties may not know American law or care about your policies or legal exposure; many feel they are immune to U.S. laws. A well designed but practical training program that includes third parties is now standard practice and, if done correctly, can help you avoid common pitfalls.
5. Scrutinize Offshore Payments
Company auditors and compliance professionals should closely monitor payments going through offshore bank accounts. Any payments that deviate from typical patterns of business dealings should be flagged for further review. Companies should also be mindful of transactions that are “split” or “structured” to fall under internal or governmental reporting guidelines. From our experience, government agents will focus on these types of transactions.
6. Identify Government Actors
While some government actors are easily identifiable by their titles, others are not. For example, many organizations in emerging markets are wholly or partially state-owned, and, thus, their employees are likely to be considered foreign officials under governing statutes. Companies should also be wary of interactions with family members of government actors as investigative agencies have recently scrutinized payments made to family members in an effort to identify bribes.
7. Know When Employees Meet Competitors
Most criminal price fixing cases begin at very low levels in the company, with sales reps having drinks or dinner or even meeting at customer events. Some contact may be inevitable, but it is important for the Legal Department to understand when and where such contacts occurs, and make sure that employees and agents have a good understanding of what they can and cannot do.
8. Prepare for and Contain Data Breaches
Historically, companies have understandably focused the majority of their efforts on attempting to prevent all data breaches. While prevention should remain a priority, sophisticated companies are increasingly aware that some form of data breach is inevitable and prepare accordingly. Companies should: (1) ensure that the data they retain is actually necessary for business operations; (2) prioritize cyber security measures based on the actual value of the data retained; (3) plan for response to an actual breach; and (4) document steps taken to ensure data security.
9. Avoid Travel and Entertainment Traps
The Justice Department and SEC have brought many cases based on travel and entertainment — lavish dinners, trips, gifts — on the theory that such benefits are bribes intended to curry business. It is an extremely unsophisticated view of most markets, but if the ultimate customer is a government entity (and the definition of a government entity is very broad in many parts of the world), the result can be a foreign bribery investigation. Knowing what entertainment is permissible is critical to avoiding such an inquiry.
10. Monitor Commission and Agency Relationships
Many countries require that U.S. companies sell through third parties or local agents. Yet these relationships can be fraught with legal risk if not managed appropriately. It is essential to know where and why you have agency relationships, how much money is being paid, and for exactly what services.
Download this insight here.
This information is provided by Vinson & Elkins LLP for educational and informational purposes only and is not intended, nor should it be construed, as legal advice.