Originally Published in Inside Counsel | February 11, 2015 | By Paul Mandell
Managing corporate compliance is among the most vexing challenges that face today’s general counsel and chief compliance officers. This is particularly true for those in-house executives responsible for mitigating risk related to foreign operations in emerging markets, where legal rules and business practices may differ significantly from those in the U.S. In order to minimize company risk arising from operating in such environments, U.S. general counsel and chief compliance officers may wish to leverage certain best practices that are discussed below.
1. Perform due diligence in person
When managing risk in emerging markets, relying on others to do your diligence can only get you so far. To be fully comfortable with the environment in which your foreign operations exist, you should consider performing your own fact-finding live and in person. Take the time to sit down with your staff and probe potential areas of risk. Ask about how often your foreign teammates meet with government officials, how business is won generally, other topics that may pose risk, and look and listen carefully for cues about where else you ought to focus.
“In-person diligence is particularly important when dealing with local third-party intermediaries, who may have ‘grown up’ in business environments that have historically adopted a permissive attitude toward or may generally accept graft or bribery,” according to Douglas Coleman, a former DOJ trial lawyer who has counseled and conducted internal investigations for multi-national, publicly traded aerospace and defense contractors on FCPA-related issues in a variety of roles over the past 15 years, including BAE Systems and Curtiss-Wright Corporation. Coleman notes, “Since these intermediaries’ business customs are different than what we are used to, they can easily get a company into FCPA trouble without any illegal intent. If you can sit with these third parties in person and in their own country during due diligence, you can more readily determine whether they understand and are likely to comply with the FCPA.”
“Be particularly focused on whether a third-party intermediary is needed at all,” cautions Mara Senn, an anti-corruption and white collar partner at Arnold & Porter in Washington, D.C. “Sometimes an intermediary is not particularly qualified to help you with any substantive part of your business, but may merely be hired to ‘make connections’ and could ultimately act as a conduit for bribes.”
2. Get good local help
Although you may spend time on the ground with foreign colleagues performing your own due diligence, you will almost certainly need support to accelerate your learning and successfully tackle unfamiliar rules and issues. As a starting point, be sure you have good local counsel or consultants in place who can provide a basic education, as well as help spot or digest issues. Because local counsel and consultants can themselves be corruption risks, be sure to conduct thorough due diligence on them before you rely on them to represent your company.
In researching prospects to lend local expertise in an emerging market, you may want to begin by asking for recommendations from trusted firms or industry contacts based in the U.S. who have done business in the relevant market. Ask for introductions, but be sure to do your own research online. Though not always feasible, it can be helpful to find foreign counsel with an LLM from the U.S. or experience working in the U.S., which can make it more likely that the advice you get will be relevant to you and your perspective. Finally, as with due diligence on your foreign team’s practices, when possible, go to the country and meet your counsel or consultant prospects in person. Examine their physical and technological infrastructure, keeping an eye out for obvious risks to reliable communication or data security. Finally, be sure to ask about conflicts, to which overseas counsel may be less sensitive.
3. Do not rely on a single source
In conducting any kind of investigation or due diligence exercise, it is always a good practice to rely on a variety of sources. By leveraging a variety of sources, you have a better chance of developing a complete picture of the relevant circumstances. This is particularly true in the context of emerging-market compliance, where it can be harder to determine whether you are getting accurate information.
In searching for additional sources, be sure not to use a single person or team to supply all of the new names and contact information. “One challenge in gathering accurate information in smaller foreign markets is the increased likelihood that many available sources may have close family or working relationships, reducing the likelihood that multiple sources will yield different perspectives,” notes Senn. “If you can identify and rely upon sources from beyond the circle of existing contacts, it will be far easier to obtain an independent verification of the circumstances at a particular business rather than a rubber stamp, which may not reveal existing corruption risks.”
4. Assess and navigate cultural differences
Finally, navigating cultural differences in tackling compliance in a foreign country is often easier said than done. Cultural differences are a critical factor in managing compliance overseas. And to be effective in that pursuit, you must understand and be sensitive to the culture and implement policies that are tailored to the relevant cultural backdrop, while at the same time ensuring that the policy addresses corruption risks consistently and effectively.
As noted by Dmitry Chausovsky, chief compliance officer of AerCap, an aircraft leasing company headquartered in The Netherlands, “Cultural differences affect not only how companies do business with their customers, but how compliance programs should be structured and implemented within the companies themselves. Performing compliance training, drafting compliance policies or even investigating potential violations of a company’s policies requires a good understanding of local cultural norms and the relationship between internal and external parties. What may work in Kansas may get a different reaction in Japan and may help or hinder the success of a compliance program.”
Although acquiring a foreign business or launching a new office outside the U.S. may be a daunting prospect for those responsible for corporate compliance, many others have been down the same road and have managed risk effectively. If you keep in mind the practices described above and have sufficient buy-in from the company to manage compliance risk fully, you will give your business its best chance at staying out of trouble while it expands its foreign presence.