On October 15, 2024, the Brazilian Office of the Comptroller General (Controladoria-Geral da União or "CGU") published Volume II of its Integrity Program Guideline for Private Companies ("Manual Programa de Integridade: Diretrizes para Empresas Privadas" or "Guideline"), which sets new recommendations for implementing, improving and monitoring integrity programs based on recent legislative updates and new market practices regarding integrity and environmental, social and corporate governance ("ESG") matters.
Although the Guideline does not have a normative or binding nature, it aims to update and complement the first volume of the document released in 2015 in order to disseminate and encourage the adoption of best integrity practices while providing transparency and predictability on CGU's perspective and approach with respect to such matters.
The Guideline's best practice recommendations take into account regulations related to anti-corruption matters that came into force after 2015, such as Decree No. 11,129/2022, which regulates Law No. 12,846/2013 (or Anti-Corruption Law), and Law No 14,133/2021 (or New Law on Public Bids and Administrative Contracts), which now establishes the mandatory adoption of integrity programs by companies involved in large-scale public contracts, including for tie-breaking criteria and as a condition for the rehabilitation of ineligible companies.
When preparing the Guideline, the CGU also considered other regulations that, although applicable to companies operating in the public sector, can also be taken into consideration by private companies for the purposes of structuring their integrity programs, such as Law No. 13,303/2016 (or the State-Owned Companies Law) and Decree No. 11,529/2023 (which regulates the Federal Public Administration's Integrity, Transparency and Access to Information System).
The Guideline pays special attention to the need to implement policies and procedures related to ESG matters, such as the prevention of harassment and discrimination practices, the promotion of corporate diversity and respect for human, social and environmental rights, with emphasis on the management of risks related to slave-like labor and the preservation of the environment.
To ensure that our clients are always informed and up to date, we have prepared the following summary of the main recommendations set forth in the Guideline. If you have any questions, do not hesitate to contact us – our Global Investigations & White-Collar Defense team is available to offer personalized support, discuss how these guidelines can impact your company and help you implement the best integrity and governance practices currently recognized by the CGU.
Enjoy your reading!
I. CONCEPT OF "INTEGRITY PROGRAM" UPDATED
The CGU introduces the Guideline by stating that it is essential that the concept of Integrity Program, initially defined by Decree No. 8,420/2015 (which originally regulated the Anti-Corruption Law until its revocation by Decree No. 11,129/2022), starts including the following objectives:
- Foster and maintain a culture of integrity in the organizational environment; and
- Combat other ethical and conduct deviations, violations or disrespect for rights, values and principles that impact trust, credibility and institutional reputation.
Such aspects of integrity were introduced, respectively, by Decree No. 11,129/2022 (Article 56) and Decree No. 11,529/2023 (Article 3). According to the CGU, these aspects add other elements to the concept of Integrity Program besides the fight against fraud and corruption, such as positive actions that promote ethics, good governance, respect for human and social rights, and the preservation of the environment.
In the Guideline, CGU also highlights that addressing and committing to these practices is an "increasingly current demand from society," which requires public and private organizations to act "responsibly" and "committed to sustainable, fair and democratic economic and social development," especially with regard to ESG practices, which "have gained significant prominence in the last decade" and "can no longer be ignored by companies."
II. NEW CONSIDERATIONS FOR IMPLEMENTING AND/OR IMPROVING INTEGRITY PROGRAMS
INTEGRITY AND CORPORATE GOVERNANCE
BEST PRACTICE
The governance structure1 plays a fundamental role in promoting integrity within the companies, as its internal bodies and individuals are responsible for making decisions that define the choice of leadership, corporate strategy and the way in which business is conducted and controlled. Regardless of their complexity, it is important that companies have a well-defined management and control structure, with clearly defined roles and responsibilities that are accessible to stakeholders.
RECOMMENDATIONS
- Adjusting the governance structure to the size, activities carried out by the company and the applicable regulatory framework.
- Detailing the duties and responsibilities of the agents and bodies that compose the governance structure in the company's internal regulations (by laws, articles of incorporation and other regulations), as well as disclosing this information within the organization.
- Implementing instruments to oversee the Integrity Program in the governance structure.
- Assessing the possibility of ensuring greater diversity in the composition of the company's governance bodies, reflecting the society in which it operates.
- Disclosing the governance structure (including information on the individuals that compose such structure, the positions they hold and their qualifications) on the company's institutional website.
ATTENTION!
With regard to economic groups, the recommendations above can be observed for all the companies that compose the group. Additionally, the CGU recommends that information on their composition, control structures and the relationship between subsidiaries and controlling companies are also disclosed.
LEADERSHIP'S ROLE
BEST PRACTICE
The commitment of companies' senior management,2 evidenced by visible and unequivocal support for the program, as well as the allocation of adequate resources, is the foundation of an effective Integrity Program. Leaders should be seen as examples of conduct and the first to observe the principles of the Integrity Program in order to ensure that those who commit irregularities are properly held accountable.
RECOMMENDATIONS
- Verifying conduct history for selecting potential candidates for leadership positions (e.g., involvement in cases of corruption, fraud, harassment, human rights violations or environmental damage, as well as possible failure to act in such cases).
- Including the achievement of milestones related to the application of the Integrity Program in the performance evaluation of senior management members and for granting variable compensation (bonuses).
- Implementing mechanisms that prevent the payment of bonuses or the granting of other types of benefits to members of senior management who commit irregularities or fail to act in the event of ethical violations.
- Requiring senior management members to be qualified with respect to corporate integrity matters (such as anti-corruption policies, ESG criteria and corporate governance), so that they can contribute to the implementation and oversight of the Integrity Program.
- Ensuring that members of senior management attend internal compliance trainings, with periodic updates (especially for members of senior management who compose bodies with the authority to deal with issues related to the application of the Integrity Program).
- Providing clear and frequent expressions of support for the Integrity Program through internal communications, electronic messages, social media, videos and meetings. In this case, it is important that the statements made are also reflected in the companies' decision-making processes.
- Providing financial and human resources to guarantee the implementation and proper functioning of the Integrity Program, in a manner compatible with the size and risks to which the company is subject, as well as proportional to the investments made in other sectors of the company.
- Applying sanctions to those who commit any irregularities, regardless of the position held by the offender, with remediation measures (including disciplinary measures) proportional to the seriousness of the infraction.
INTERNAL DEPARTMENT RESPONSIBLE FOR THE INTEGRITY PROGRAM
BEST PRACTICE
Companies must have a department responsible3for leading and coordinating the process of implementing, applying and monitoring the Integrity Program. These tasks need to be carried out with autonomy and authority so that the Integrity Program can actually be implemented and applied in the company's routine.
RECOMMENDATIONS
- Formalizing the responsibilities, guarantees and reporting lines (including the form and minimum periodicity of reports) of the department responsible for the Integrity Program in a document approved by the highest hierarchical level of the company.
- Providing financial, material and human resources so that the department responsible for the Integrity Program can carry out its activities, including (i) ensuring the effective participation of the person responsible for the program in the development of the area's budget; (ii) setting budget contingencies in similar proportions to the contingency practiced in other areas; (iii) providing a sufficient number of employees for the program's activities; and (iv) allocating funds for the development, contracting and maintenance of electronic tools and systems for applying and monitoring the program.
- Requiring that the members of the department responsible for the Integrity Program are qualified, including a university degree and experience in risk management, regulation and internal controls, and willingness to be periodically updated.
- Ensuring that the person responsible for the Integrity Program occupies a hierarchical position equivalent to the other areas that deal with related issues, including compensation compatible with the complexity of the position held and with the compensation received by the other leaders who occupy similar positions in the company.
- Ensuring that the department responsible for the Integrity Program reports directly to the highest hierarchical level of the company, including the preparation of periodic reports (containing information on the stage of implementation of the program, risks identified and mitigation measures, data and statistics on the application of the program, irregularities detected and complaints received).
- Ensuring that the department responsible for the Integrity Program is subject to senior management supervision and periodic auditing procedures (external or internal).
- Ensuring that the activities of the department responsible for the Integrity Program are carried out by individuals working in the company, who are aware and share the organizational culture with the other members. If certain activities are outsourced, the services provided by the third parties must be supervised by the person responsible for the compliance department.
Footnotes
1 In general, a company's governance structure can be represented by the shareholders and owners, the Board of Directors, the Advisory Committees, the Chair, the Executive Officers and the Supervisory and Control Bodies, as well as the relationships between them. This structure can vary according to the characteristics of each company, such as size and number of employees.
2 Members of senior management are those who occupy leadership roles in the company and are responsible for making strategic and operational decisions. Examples of senior management are the members of the Board of Directors, the CEO and other executive officers. With regard to micro and small companies, senior management can be their owners, shareholders, administrators and managers.
3 The way this department is structured depends on many factors, from the size of the company to the nature of the activities it carries out. In large companies and companies operating in highly regulated sectors, it is common to have a compliance department. In small companies, there may only be one person assigned to this function.
To view the full article click here
Visit us at mayerbrown.com
Mayer Brown is a global services provider comprising associated legal practices that are separate entities, including Mayer Brown LLP (Illinois, USA), Mayer Brown International LLP (England & Wales), Mayer Brown (a Hong Kong partnership) and Tauil & Chequer Advogados (a Brazilian law partnership) and non-legal service providers, which provide consultancy services (collectively, the "Mayer Brown Practices"). The Mayer Brown Practices are established in various jurisdictions and may be a legal person or a partnership. PK Wong & Nair LLC ("PKWN") is the constituent Singapore law practice of our licensed joint law venture in Singapore, Mayer Brown PK Wong & Nair Pte. Ltd. Details of the individual Mayer Brown Practices and PKWN can be found in the Legal Notices section of our website. "Mayer Brown" and the Mayer Brown logo are the trademarks of Mayer Brown.
© Copyright 2024. The Mayer Brown Practices. All rights reserved.
This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.