Corrupt business partners can cause trouble for corporate compliance officers in a host of ways, but one specific scheme keeps catching my attention: distributors manipulating your company’s sales practices to fund bribes overseas.
Twice in the last five months, we’ve seen the Securities and Exchange Commission (SEC) sanction U.S.-listed companies for FCPA violations, where distributors exploited poor internal accounting controls to create slush funds for bribes. In both cases, those sanctions included monetary penalties, plus the usual disgorgement of ill-gotten profits.
The SEC has a substantial history of FCPA cases involving distributors, going back to the early 2010s
That alone suggests that weak oversight of distributors is something the SEC takes seriously, when such cases arise. But the SEC also has a substantial history of FCPA cases involving distributors, going back to the early 2010s.
So effective internal control over distributors isn’t just a serious concern; it’s a stubborn one, too. What’s the best way for compliance officers to confront it these days?
First let’s remember what FCPA schemes involving distributors look like, and why they can be so tricky to police. One recent enforcement action against an electronics manufacturer captures a lot of the challenge here.
The scheme: the company’s head of China operations granted “discounts” to distributors that supposedly would be passed along to Chinese government officials in the market for telecom equipment. Said customers, however, never received the discount. The government agency paid full price, and the discount funded a bribe to the government official signing the contract.
Our telecom company also kept a separate, secret database of corrupt discounts to distributors, while entering bogus data into the company’s central sales database. Managers told Chinese employees to use their personal email addresses to conduct these transactions, rather than the corporate email system.
So we have two tricky compliance challenges: employees and distributors collaborating to pay bribes; and employees using a shadow IT system to hide the truth from prying eyes in audit, compliance, or other more senior management.
Anti-Bribery and Corruption Internal Controls for Third-Party Distributors
Start with the Accounting Policies
Understand the rules that govern how discounts, coupons, rebates, and sales devices circulate among your company, distributors, and end customers. Any one of those items that could somehow be converted into cash should be kept under tight control, if it’s allowed at all.
Understand the rules that govern how discounts, coupons, rebates, and sales devices circulate among your company, distributors, and end customers.
For example, in one recent SEC enforcement case, the distributor often received “credit notes” that it could use to offset money it owed back to the company — or, sometimes, to convert those notes into cash. You can guess where that cash ultimately went.
Policies to govern and reduce potential abuses like that are critical. They are the foundation for all the other controls that come later, when employees distributors try to evade those policies.
Demand More Evidence
In our China case cited above, when employees arranged for a discount to fund a bribe, they justified that discount in the company’s official sales management system because of “competition.” Again and again, “competition” was the magic word executives used to explain discounts that were, in fact, illicit.
Competition can be a legitimate reason to offer a discount, but to reduce the risk of bribery, the company should demand more evidence to support the need for that discount. Each case should be documented, to capture the transaction’s unique circumstances.
Competition can be a legitimate reason to offer a discount, but to reduce the risk of bribery, the company should demand more evidence to support the need for that discount.
Now, will employees and distributors still engage in corruption and deception anyway? You bet. But if they’re going to attempt corruption no matter what, essentially, you want internal controls that force them to work harder to do it.
Why? So properly skeptical employees will have a better chance of seeing the scam. No control in the world is as effective as a sharp-eyed, objective employee saying, “Something doesn’t seem right here.” Your internal controls should help to bring those conditions about.
That requires two steps. First, as we said above, documentation requirements should be stringent enough to give that reviewing employee (accounts payable manager, internal auditor, compliance officer; anyone who approves discounts or reviews their use) ample evidence to evaluate the transaction and the discount.
Second, however — that employee needs sufficient skepticism to exercise objective judgment. So we have a training and corporate values issue here, too. It’s not enough to have discounts reviewed by executives in another business unit if they rubber-stamp every request that comes along. They need to be trained, and led, to know that they should follow their nose when something doesn’t pass the smell test.
It’s not enough to have discounts reviewed by executives in another business unit if they rubber-stamp every request that comes along.
Strong policies, clear documentation, and employees properly trained on the mechanics of risk management and their ethical duty to question possible misconduct. Those three things won’t solve all a compliance officer’s problems — but ain’t that peculiar, how they keep cropping up.