propose a recall election in Fall 2003 to
determine whether or not the official
should remain in office. China has tried
to crack-down on bribery with long
prison sentences and even a few executions. And in the United States, influence peddling related to the 2002 Winter
Olympics serves as a reminder that
bribery can occur even in the most economically mature countries.
For internal auditors, bribery and its
detection presents a considerable challenge, especially in light of the U.S. Foreign Corrupt Practices Act (FCPA). The
act can be somewhat confusing, and it
provides little guidance on exactly where
or how to look for bribes and other illegal payments. However, it clearly indicates that virtually all U.S. businesses, as
well as non-U.S. firms registered with the
U.S. Securities and Exchange Commission (SEC), must not engage in bribery and
must have systems in place to detect and
prevent illegal payments.
aimed at preventing U.S. businesses from
engaging in bribe-paying activity and at
restoring confidence in corporate America.
In general, the FCPA prohibits U.S.
companies, as well as non-U.S. firms
listed with the SEC, from making payments to foreign officials for the purpose
of obtaining or keeping business. The act
also requires issuers of securities to meet
its extensive accounting standards.
From an audit perspective, four specific
areas of the act merit examination:
accounting and internal control requirements, the difference between legal and
illegal payments, the definition of
knowledge regarding illegal payments, and the
penalties for noncompliance. Auditors
charged with helping to ensure compliance with the act and manage the risk of
bribery should be familiar with each of
these key areas.
ACCOUNTING AND INTERNAL CONTROL
REQUIREMENTS The FCPA is well-known
Virtually all U.S. businesses, as well as non-U.S. firms
registered with the U.S. Securities and Exchange
Commission, must not engage in bribery and must have
systems in place to detect and prevent illegal payments.
‡Asset records are compared with
existing assets at “reasonable intervals,” and appropriate action is taken
with respect to any differences.
Amendments made to the FCPA in
1988 strengthened some of the act’s
requirements for internal control, specifying that no one shall knowingly circumvent or fail to implement internal
accounting controls or falsify any book
or record that shows the company’s
transactions and assets. The amendment
also clarifies that the terms reasonable
assurances and reasonable detail refer to
the “level of detail and degree of assurance as would satisfy prudent officials in
the conduct of their own affairs.”
The FCPA provisions, therefore, clearly
indicate that a firm’s accounting records
must be accurate and that a strong system
of internal controls must exist. Although
the recent U.S. Sarbanes-Oxley Act of
2002 amended the Securities Exchange
Act to increase corporate responsibilities
relating to the maintenance and reporting of internal control, the legal description of the elements of internal control —
that is, the elements specified in the FCPA
and its amendments — remains the same.
From a legal standpoint, then, it is imperative that internal audits conducted at
companies subject to Sarbanes-Oxley still
include an evaluation of the design and
operation of internal control in light of
the FCPA’s requirements.
Auditors working for companies that are
subject to FCPA requirements should be
familiar with the act and understand how
to comply with its anti-bribery provisions.
Firms with international operations need
to keep abreast of the potential risk level
for bribery, and auditors can help in this
effort by using tools such as Transparency
International’s Bribe Payers Index to evaluate the possibility of illegal corporate payments. Armed with the right tools and
knowledge, auditors can help ensure compliance with the FCPA and keep their companies safe from the scourge of corruption.
INSIDE THE FCPA
The U.S. Congress enacted the FCPA as an
amendment to the U.S. Securities Exchange
Act of 1934. The anti-corruption legislation
was created in response to the revelation
that U.S. corporations had given more than
$300 million in bribes or questionable payments to foreign government officials during the 1970s. Passed in 1977, the FCPA was
for its requirement that corporations
must keep detailed accounting records
with an adequate system of internal controls. Specifically, organizations under
the act’s jurisdiction are required to maintain books and records that, in “
reasonable detail,” accurately and fairly reflect
their transactions. Furthermore, the company’s internal accounting controls system must be able to provide “reasonable
‡Transactions are executed in
accordance with management’s
‡Transactions are recorded in a way
that enables financial statements to
be prepared in accordance with U.S.
Generally Accepted Accounting
Principles, or any other applicable
criteria, and maintains accountability
‡Company assets can be accessed only
in accordance with management’s
DEFINING ILLEGAL PAYMENTS AND BRIBES The
FCPA prohibits “an offer, payment,
promise to pay, or authorization of the
payment” of money or gift to any government official, political party or party
official, or political candidate for purposes
of influence. However, the act does not
prohibit all bribes. Instead, it allows for
low-level bribes, sometimes referred to as
“grease” payments, to facilitate “routine
governmental action.” The 1988 FCPA
amendment provides several examples of
routine government actions performed by
foreign officials where these payments are
‡Obtaining permits, licenses, or other
official documents to conduct business.
‡Processing governmental papers,
such as visas and work orders.
‡Providing police protection, mail
pick-up and delivery, or inspections
associated with contract performance
or transporting goods across country.
INTERNAL AUDITOR FEBRUARY 2004