Multi-digit Euro fines for anti-competitive behaviour and continued press coverage of bribes have moved compliance programmes ever more into the focus of attention. They shall help prevent impermissible behaviour, but how to organise a compliance programme?

There are several reasons why undertakings should invest in programmes to safeguard that their business operates in compliance with applicable rules. Beside legal obligations to this end, some consequences of illicit behaviour are too significant to be taken lightly. These may include significant fines; forfeiture of enrichment from the illegal behaviour; administrative, civil and criminal sanctions against individuals; exclusion from public tenders; damage claims by affected customers and significant damage to reputation and share value (not to mention management time lost in dealing with investigations). In turn, effective compliance programmes may bolster credibility and even be criteria of consideration for investors.

There is no "one fits all solution". The actual scope of a compliance programme must be assessed on a case-by-case basis. The following steps (with a particular focus on anti-corruption and anti-trust) must usually be considered.

Step 1: Risk identification

Compliance programmes cannot exclude each and every risk associated with day-to-day-business. Their aim, rather, is to prevent systematic wrong behaviour. Such behaviour can equally occur in procurement (risks of anti-competitive behaviour, corruptibility, defalcation), production (environment production, work safety, etc) and sales (corruption, anti-trust, defalcation, etc). As a first step, the risk exposure of companies in these respective areas must be assessed thoroughly.

From an anti-trust angle, one must assess whether the company faces the risk of:

i. the coordination with competitors of prices, production, markets or customers, which is a particular risk if:

  • customers are also competitors;
  • company representatives attend trade association meetings together with competitors;
  • staff (regularly) joins from competitors;
  • employees receive information on competitors' future conduct; or
  • the company co-operates (extensively) with competitors.

ii. restrictive supply agreements, including:

  • restricting the distributor in its resale prices or the area into which or the customer to whom the distributor may sell the contract goods; or
  • agreeing on impermissible exclusivity clauses.

Should the respective company enjoy a considerable level of market power, one must also appraise whether this company is market dominant, which would entail further behavioural obligations.

From an anti-corruption angle, a company is exposed to compliance risks if:

i. a considerable proportion of its revenue is derived from contracts with or sales to public bodies or state-owned companies, and where the underlying negotiations are not based on transparent tender proceedings;

ii. agents/consultants are widely used to procure contracts, especially with the public sector, and are believed to be pivotal to being awarded new contracts, where:

  • these agents/consultants are part of or in close relationship to the public sector (public authorities) or trade unions;
  • the respective company has no real insight into the identity or reputation of the agent/consultant and the actual scope of work to be done; and
  • the agents' compensation is not transparent.

and

iii. company funds can be misused for illicit payments that are facilitated by:

  • bank accounts that are not monitored by the company (ie such accounts are not consolidated and incoming and outgoing payments are not under the supervision of the accounting department);
  • the agent is not the holder of the bank account;
  • the company makes use of escrow accounts but there is no transparency within the company as to who has access to these accounts and what they are used for;
  • the opening of new accounts on behalf of the company is not regulated by guidelines; and
  • cash payments are not regulated by company policy guidelines or included in accounting.

Step 2: Risk prevention and review

Manifold means are available to mitigate the risks of illicit behaviour. They include:

i. compliance manuals, in which applicable rules are explained in more detail and policies to be adhered to explained in order to safeguard lawful behaviour;

ii. training of employees that have been identified to be at risk of wrongdoing. In order to tailor a compliance programme, one might consider carrying out a staff-based risk assessment and training employees in different levels of detail depending on their risk exposure. Such training can be performed face-to-face or online (or a combination of the two);

iii. testing of employees' knowledge, eg in regular interviews or through on-line tests, legal audits and the like; and

iv. sign-off procedures, eg for competitor contacts and the retaining of agents (compliance clause in contracts of employees, business partners, agents).

Once the compliance programme has been implemented, it is important to review it on a ongoing basis in order to adapt it should it turn out that risks have changed, certain measures have proven ineffective, the testing of employees has revealed that certain aspects of the compliance programme have not been understood fully or are unpractical, or that audits and interviews of that certain aspects of business need closer scrutiny.

Enforcing a culture of compliance

Most importantly, for the compliance programme to be more than mere lip services, it is necessary to enforce a culture of compliance from the top of the company down. This includes, first and foremost, an unreserved commitment to compliance from the board and senior management, which is continuously reinforced in the company's code of conduct and exemplified by senior management. In addition, it is advisable to make it clear that disregarding compliance rules shall be regarded as misconduct and entail disciplinary action, while continued and proven adherence to compliance rules is a requirement for bonuses and promotions.

This article was originally published in the schoenherr roadmap`11 - if you would like to receive a complimentary copy of this publication, please visit: http://www.schoenherr.eu/roadmap.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.