The document summarizes the history and development of compliance programs in the United States. It discusses key events and regulations that shaped the compliance landscape, including the Foreign Corrupt Practices Act (FCPA) in 1977, which banned bribery of foreign officials. Subsequent regulations like Sarbanes-Oxley in 2002 and the Federal Sentencing Guidelines for Organizations in 1991 established standards for compliance programs and internal controls. Organizations now must navigate a complex web of mandatory laws and voluntary standards to design effective compliance programs.
The document summarizes the history and development of compliance programs in the United States. It discusses key events and regulations that shaped the compliance landscape, including the Foreign Corrupt Practices Act (FCPA) in 1977, which banned bribery of foreign officials. Subsequent regulations like Sarbanes-Oxley in 2002 and the Federal Sentencing Guidelines for Organizations in 1991 established standards for compliance programs and internal controls. Organizations now must navigate a complex web of mandatory laws and voluntary standards to design effective compliance programs.
The document summarizes the history and development of compliance programs in the United States. It discusses key events and regulations that shaped the compliance landscape, including the Foreign Corrupt Practices Act (FCPA) in 1977, which banned bribery of foreign officials. Subsequent regulations like Sarbanes-Oxley in 2002 and the Federal Sentencing Guidelines for Organizations in 1991 established standards for compliance programs and internal controls. Organizations now must navigate a complex web of mandatory laws and voluntary standards to design effective compliance programs.
The Foreign Corrupt Practices Act (FCPA) marked the early beginnings of compliance programs
in the United States. In the mid-1970s, United States Securities and Exchange
Commission (SEC) investigations discovered that a significant number of American companies participated in bribery overseas. “Over 400 U.S. Companies admitted to making questionable or illegal payments to foreign government officials, politicians and political parties.” (United States Department of Justice 2006) One of the most infamous cases of its time was the admission by a Lockheed executive, to the Multinational Corporations Subcommittee of the Senate Foreign Relations Committee, that Lockheed had paid bribes in the amount of $22 million to Japanese government officials in the course of trying to sell its aircraft. This revelation came on the heels of the U.S. Government providing Lockheed with a $250 million emergency loan guarantee (Hishikawa 2003). In an effort to restore faith in American business, in December 1977 the Foreign Corrupt Practices Act was signed into law. This anti-bribery provision makes it “unlawful for a U.S. person, and certain foreign issuers of securities, to make a corrupt payment to a foreign official for the purpose of obtaining or retaining business for or with, or directing business to, any person.” (United States Department of Justice 2006) The law also requires publicly traded companies “to maintain records that accurately and fairly represent the company’s transactions. Additionally, it requires these companies to have an adequate systems of internal accounting controls.” (United States Department of Justice 2006) Following the passage of the FCPA, in 1988, the Congress became concerned that American companies were operating at a disadvantage because their foreign counterparts were, as a matter of practice, paying bribes to foreign officials and deducting those bribes as business expenses on their taxes. (United States Department of Justice 2006) Subsequently, the Executive Branch began negotiations with the Organisation for Economic Co-operation and Development (OECD), a 34-member nation coalition consisting of the United States and 33 other countries, to enact legislation similar to FCPA. In 1997, the OCED signed the Convention on Combating Bribery of Foreign Public Officials in International Business Transactions. (http://www.oecd.org/document/21/0,2340,en_2649_34859_2017813_1_1_1_1,00.html) This regulation requires member nations to designate the payment of bribes to foreign offices as a crime and to follow the rules and regulations that govern bribery in international transactions. The U.S. ratified this convention and enacted implementing legislation in 1998. At this time, the FCPA was amended to include territorial jurisdiction over foreign companies and nationals. A foreign company or person is now subject to the FCPA, if the company or person either directly or indirectly through agents, engages in acts which further the facilitation of corrupt payments taking place within the territory of the United States.
Committee of Sponsoring Organizations[edit]
In response to the FCPA and its requirement to implement internal control programs, in 1985 a private-sector initiative was formed called the National Committee on Fraudulent Financial Reporting (commonly known as the Treadway Commission). This Commission recommended that its organizational sponsors work together to develop guidance on internal controls. Subsequently, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) was formed, and in conjunction with the CPA firm Coopers & Lybrand, COSO authored and published in 1992 the “Internal Control-Integrated Framework". This framework has become the de facto standard in the accounting industry for auditing, evaluating and monitoring internal control systems. The COSO Internal Control-Integrated Framework is now widely used by most organizations as the basis for “establishing and maintaining an adequate internal control structure and procedures for financial reporting” ( 15 USC § 7262) and for the assessment of control effectiveness under section 404 of Sarbanes-Oxley. United States Federal Sentencing Guidelines for Organizations[edit] In 1984 Congress passed the Sentencing Reform Act, which created a set of mandatory federal sentencing guidelines (Campbell & Bemporad 2006). As part of the Act, the United States Sentencing Commission was formed and delegated the responsibility “to provide “certainty” and “fairness” in sentencing, avoiding “unwarranted sentencing disparities” while “maintaining sufficient flexibility to permit individualized sentencing when warranted by mitigating or aggravating factors (Campbell & Bemporad 2006).” On May 1, 1991, as an extension of the Sentencing Reform Act, the United States Sentencing Commission submitted to Congress the Federal Sentencing Guidelines for Organizations] (FSGO), a set of standards that govern the sentences federal judges impose on organizations convicted of federal crimes. Enacted on November 1, 1991, core to the guidelines was the Commission's intent to “prevent and deter organizational wrongdoing” through its design of the organizational sentencing guidelines. These guidelines describe the elements of an organization's compliance and ethics program that are required to be considered for eligibility for a reduced sentence if convicted. In general, the FSGO require an organization to establish standards to guide its employees and agents. These standards must reflect government regulations and industry standards and apply to almost all types of organizations including corporations, partnerships, unions, non-profit organizations and trusts. In 2004, the United States Sentencing Commission voted to amend its existing organization guidelines to make the criteria for an effective compliance and ethics program more stringent. Two major standards were identified in the amended guidelines. The amended guidelines stated the need for directors and executives to take an active role in the management of its compliance and ethics program and the importance of promoting an organizational culture that is compliant with the law and demonstrates ethical culture. The amended guidelines outline minimum requirements for an effective compliance and ethics program and the amended FSGO has become synonymous with an effective compliance program. The FCPA, Sarbanes-Oxley (SOX) and the Federal Sentencing Guidelines represent just a fraction of the standards and requirements organizations need to consider today when developing and implementing their compliance programs. “Since the passage of SOX, the New York Stock Exchange (NYSE), NASDAQ, and the Public Company Accounting Oversight Board (PCAOB), have all proposed and implemented new rules relating to compliance programs (Martin 2004).” Organizations today are increasingly accountable to mandated laws, regulations and standards on a number of dimensions, which include geographical/regional considerations, as well as industry and functional discipline concerns. These regulations and standards apply to a variety of financial and non-financial areas. Adding to this complexity are the “voluntary” boundaries, which organizations have individually established such as organizational commitments, values, and contractual obligations. As a result of these dynamics, organizations at the very core of their business strategy need to establish the capacity and the capability to effectively address the conditions mandated by these external requirements and internally generated operating principles while still meeting their business objectives. History set the tone for increasing regulations and rising standards. Over time, organizations will need to be more proactive in anticipating and addressing these considerations while simultaneously protecting and building the enterprise. More and more organizations will need to translate, integrate and simplify these various standards and requirements into a cohesive approach.
Designing an effective compliance and ethics
program[edit] Designing an effective compliance and ethics program requires implementing a detailed plan that will make sure the business achieves their ethics objectives. The organization must have ways of managing, evaluating, and controlling business ethics and compliance programs. There are five items which can affect the success of the compliance and ethics program: (1) the content of the company's code of ethics, (2) the frequency of communication regarding the ethical code and program, (3) the quality of communication, (4) senior management's ability to successfully incorporate ethics into the organization, (5) and local management's ability to do the same.[1] Compliance and ethics program with regulatory requirements and the organization's own policies are a critical component of effective risk management. An organizations program is recommended to include monitoring and auditing systems that allow detection of criminal and other improper context to be found easily.[2] Maintaining the compliance and ethics program is one of the most important ways for an organization to maintain its ethical health, support its long- term prosperity, and preserve and promote its values. A compliance and ethics program supports the organization's business objectives, identifies the boundaries of legal and ethical behavior, and establishes a system to alert management when the organization is getting close to (or crossing) a boundary or approaching an obstacle that prevents the achievement of a business objective. Management should continuously improve its compliance and ethics program. This will enable it to better prevent, detect, and respond to similar misfeasance and/or malfeasance in the future. The compliance and ethics program should strive to deliver tangible benefits and outcomes to the organization. Every organization is unique and has its own objectives. As such, several objectives of the compliance and ethics program will be unique as well. There are a few universal program outcomes/objectives that a compliance and ethics capability should deliver. These include an enhanced culture of trust, accountability and integrity; prevention of noncompliance, preparation for when (not “if”) noncompliance occurs, protection (to the extent possible) from negative consequences, detection of noncompliance, response to noncompliance and improvement of the program to better prevent, protect, prepare, detect and respond to noncompliance. An important aspect of a high-performing program, and one that cannot be overstated, is enhancing an ethical culture. A strong ethical culture that provides important benefits would including a “safety net” for when formal controls are weak or absent, and an open environment of trust, ingredients that help drive overall workforce productivity. A well-designed compliance and ethics program is only half the picture. Critical to its success and its ability to meet the challenges of constant change, increasing complexity, rapidly evolving threats, the need for continuous improvement requires organizations to have the commitment of both senior management and the board, adequate authorization and funding, the appropriate tools to facilitate measurement and rolling-up information, comprehensive training on the measurement process and an early socialization of approach.