Search

Editors

Harry Cassin Publisher and Editor

Andy Spalding Senior Editor

Jessica Tillipman Senior Editor

Richard L. Cassin Editor at Large

Elizabeth K. Spahn Editor Emeritus 

Cody Worthington Contributing Editor

Julie DiMauro Contributing Editor

Thomas Fox Contributing Editor

Marc Alain Bohn Contributing Editor

Bill Waite Contributing Editor

Shruti J. Shah Contributing Editor

Russell A. Stamets Contributing Editor

Richard Bistrong Contributing Editor 

Eric Carlson Contributing Editor

Bill Steinman Contributing Editor

Aarti Maharaj Contributing Editor


FCPA Blog Daily News

« What does an effective compliance officer look like in 2019 and beyond? | Main | Italy adopts new ‘bribe destroyer’ law »
Tuesday
Jan152019

And the big compliance story for 2019 is . . . . 

Nearly every corporate anti-bribery violation reveals problems with internal controls.

Again and again SEC enforcement actions describe devious employees who were able to subvert the controls and thereby create slush funds and pay bribes, or controls that were weak to begin with and incapable of detecting or stopping the corrupt actors.

So here's the great opportunity -- internal controls enhanced with artificial intelligence that will detect and correct systemic weaknesses and, when needed, outsmart those employees who have bad intentions.

The FCPA's internal control provisions attract less attention than the flashier anti-bribery provisions. But they're crucial to preventing bribery. That's why they were included as part of the FCPA.

What are the internal control provisions? They require issuers (SEC-registered companies) to devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that--

(1) transactions are executed in accordance with management's general or specific authorization

(2) transactions are recorded as necessary (i) to permit preparation of financial statements in conformity with generally accepted accounting principles or any other criteria applicable to such statements, and (ii) to maintain accountability for assets

(3) access to assets is permitted only in accordance with management's general or specific authorization, and

(4) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences.

The joining together of internal controls with artificial intelligence has already started, particularly in financial institutions. But these are early days. The pace of development will accelerate in 2019 and beyond. And one day -- probably very soon -- we'll realize how AI-enhanced internal controls have drastically changed and improved compliance, and raised expectations about preventing corporate bribery.

Am I putting too much faith in technology? I don't think so. This morning when I was driving into work an app on my phone told me where I'd pass a concealed policeman, how to avoid a pothole a half mile ahead, and where to park my car. A block from the office, I turned on the lights there by talking into my watch. A few hours later, when I headed for the gym, the watch reminded me to take my earphones.

AI-enhanced internal controls aren't going to replace compliance officers or due diligence. I talked earlier this month about the critical role compliance officers now play in corporate governance and operations. Companies where that isn't true are behind the times and aren't using best practices. Just ask the DOJ and SEC.

Due diligence? No one seriously questions the need for a blend of automated and manual (human) due diligence systems that are embedded deep in the corporate-wide compliance program, upstream from internal controls.

But AI-enhanced internal controls will impact compliance officers by forcing even more integration with other parts of the corporation. Compliance departments and technical groups will have to team up with HR, travel, marketing, sales, purchasing, logistics, accounts payable, internal audit and so on, to design and deploy the systems and keep them working.

AI-enhanced internal controls won't become best practices all at once. They'll arrive through a process of trial and error, with gradual improvements here, a few missteps there, and some big leaps forward. Eventually -- maybe sometime this year, who knows? -- the right technology that's cost-effective will be fitted to the tasks internal controls are supposed to perform, and it will work.

That, I think, is the big compliance story of 2019.

____

Richard L. Cassin, pictured above, is the publisher and editor of the FCPA Blog.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
All HTML will be escaped. Hyperlinks will be created for URLs automatically.