FCPA practitioners like to focus their attention on “sexy” compliance issues.  Internal controls are rarely discussed.  It can be a mind-numbing topic.  When it comes down to it, internal financial controls are the most important protection against bribes (and fraud).

 A company with effective internal controls is taking an important step in deterring illegal payments.  Two key components of internal controls are: (1) travel and entertainment rules with specified business purposes for expenditures; and (2) strict monitoring and reconciliation of bank accounts to detect possible theft or off-the-books payments. 

Internal controls in high-risk areas should be designed to protect against risks and strictly enforced.   Sarbanes-Oxley financial controls focus on “material” transactions and are not sufficient to meet the requirements for anti-corruption controls.   Misuse of corporate funds for bribery can involve “non-material” transactions.  As a result, anti-corruption controls have to focus on individual transactions, approval procedures for such transactions, monitoring of bank accounts, petty cash funds, payments to vendors and overall scrutiny of payment processes.  

To underscore the importance of anti-corruption compliance, financial staff in corporate headquarters, individual business units, and all accounting personnel should be trained and evaluated on adherence to anti-corruption procedures.  The financial staff is the frontline of any anti-corruption compliance program.  

Companies need to pay special attention to bank accounts and relevant policies governing opening, closing and maintenance of bank accounts.  Access to all bank accounts has to be controlled.  It is important to minimize the number of accounts, review and close inactive accounts, minimize the number of signatories to each account, and regularly reconcile checking accounts.

Petty cash is another high-risk area and usually have few controls governing the use of such funds.  It is important to establish effective controls over petty cash funds – the funds need to be used for normal incidental expenses, the purpose of an expenditure, and adherence to procedures. Most companies assign responsibility for petty cash funds and controls to one individual.  A log and voucher system can be used. 

Another area for potential abuse is vendors and procurement.  A company needs to establish a screening system for selecting vendors and approving payments to the vendor.  The company should maintain vendor records of approval and authorization reviews.   It is critical that any review and control process identify any state-owned enterprise or government interest in a joint venture.  It is important to require and review documentation concerning each transaction with the vendor, especially those in which the foreign government has an ownership interest or is affiliated with vendor.  In the case of a distributor, agent or consultant, the company needs to use its established due diligence procedures for third party intermediaries.