Harry Cassin Publisher and Editor

Andy Spalding Senior Editor

Jessica Tillipman Senior Editor

Richard L. Cassin Editor at Large

Elizabeth K. Spahn Editor Emeritus 

Cody Worthington Contributing Editor

Julie DiMauro Contributing Editor

Thomas Fox Contributing Editor

Marc Alain Bohn Contributing Editor

Bill Waite Contributing Editor

Shruti J. Shah Contributing Editor

Russell A. Stamets Contributing Editor

Richard Bistrong Contributing Editor 

Eric Carlson Contributing Editor

Bill Steinman Contributing Editor

Aarti Maharaj Contributing Editor

FCPA Blog Daily News

« Readers Respond To Hired Guns | Main | A Trillion Dollars Lost »

Risk-Based Compliance

Guest blogger Scott Moritz (left) from Daylight Forensic & Advisory LLC says:

In response to Halliburton’s proposed acquisition of Expro, the U.S. Department of Justice recently thrust the concept of “a risk-based approach” to the forefront of anti-bribery compliance with Opinion Procedure Release 08-02. A risk-based approach has been a regulatory expectation in anti-money laundering (AML) for years. Now, with Release 08-02, it's moving to the FCPA as well.

The concept is simple: certain customers, vendors, and intermediaries represent a higher compliance risk than others. Geography, nexus to government officials, business type, method of payment, dollar volume -- all are risk indicators. A Kazakhstan-based customs broker owned by the brother of the country’s oil minister, with million-dollar payments directed to an account in Cyprus, represents a high risk of corruption. That's clear. The hard part is making appropriate distinctions and parsing them across a global, decentralized vendor system. It's that aspect that often requires the use of sophisticated technology.

Companies looking to strengthen their FCPA compliance can learn from successful AML programs. In fact, proven AML techniques are already part of some of the more progressive FCPA programs. The key to any risk-based approach? It's the strategic use of information technology, tracking and sorting the critical elements -- including risk-ranking, as well as enhanced due diligence and ongoing monitoring of high-risk parties proportionate to their risk profiles.

To mitigate risk, the first step is knowing where it comes from. That's why the DOJ instructed Halliburton in its Opinion Procedure Release to apply a risk-based approach to due diligence. As the financial institutions have learned, deploying the right technology can be the key to making that happen.


Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
All HTML will be escaped. Hyperlinks will be created for URLs automatically.