Introduction
As the global business environment becomes more complex each day, corporate entities in Nigeria are facing increased scrutiny from law enforcement agencies now than ever before. Over the past decade, there has been a rise in corporate investigations in Nigeria, driven by what appears to be a significant increase in weak corporate compliance protocols. This trend can arguably be attributed to cumbersome guidelines and sometimes overlapping and conflicting laws and regulations.
As a business operating in Nigeria, there is always a lingering possibility that your company could become the subject of an investigation or enforcement action by any of Nigeria's law enforcement agencies or regulators. A corporate entity might be the focus of an inquiry or may be connected to a company that is the main subject of an investigation because of its involvement in a transaction with a counterparty that is under investigation. Moreover, as an operator in a regulated sector, a corporate entity could face investigation following a routine enforcement action by a regulatory authority. Therefore, it is likely that, at some point, a corporate entity will need to engage with law enforcement agencies directly or indirectly due to an investigation. How such entities manage the investigation will ultimately influence its outcome.
Corporate entities should adopt a proactive approach rather than a reactive one to regulatory compliance. This will substantially lower the chances of an adversarial investigation and ensure they are well-prepared to respond to inquiries if an investigation or enforcement action occurs. To illustrate this, we have highlighted below some proactive measures that corporate entities should implement:
1. Develop Strong Internal Compliance Protocols
Corporate entities should establish and maintain robust compliance protocols that adhere to applicable legal and regulatory requirements under Nigerian law. This can be accomplished by appointing an in-house regulatory compliance officer or collaborating closely with external counsel to ensure consistent adherence to legal and regulatory obligations.
2. Employee training
Corporate entities should train their employees on legal and regulatory compliance issues, proper procedures during ongoing investigations, and correct reporting protocols when initiating an investigation or enforcement action. They must also train their Chief Executive Officer (CEO) and Head of Compliance on interview techniques and how to provide appropriate responses to questions during investigations.
The management team must also have in-depth knowledge of the company's processes, audit records, Know Your Customer (KYC) protocols, data privacy policies, general record-keeping, and how to interpret and submit documents that investigators may potentially request. The company should regularly carry out onthe-spot simulated dawn raids, forensic audits, and enforcement actions to test its procedures and evaluate its readiness for unexpected investigations and enforcement actions. This helps ensure the company remains within its compliance limits and facilitates the implementation of mitigation strategies where gaps are found, thereby improving preparedness for unforeseen investigations. Creating a company policy or manual that outlines the protocols for managing investigations would benefit corporate entities.
3. Conduct Counterparty Diligence
As we have noted above, one of the primary triggers for investigations is often related to business relationships with other corporate entities or individuals. Therefore, before establishing any business relationship with counterparties, it is crucial to implement internal KYC procedures to evaluate prospective partners, vendors, or agents' legal standing, reputation, and compliance status. Doing so will significantly lower the risk of liability resulting from third-party misconduct or malfeasance.
4. Third Party Indemnities
When negotiating contracts with counterparties, it is vital to include indemnity and compliance clauses in agreements with third parties. This will protect your organisation from potential liabilities resulting from third-party companies' actions or omissions and shield your organisation from the consequences of a counterparty's negligence or wilful misconduct.
5. Ethical Governance
Since the directors of a company are regarded as the company's alter ego, it is crucial to regularly review and evaluate their legal status, particularly regarding criminal investigations, bankruptcy, civil offences, and other issues that could affect the company. The company must implement clear corporate governance policies that direct the board's actions and operations.
6. Data Privacy
All companies must comply with data privacy laws by ensuring they have a legal basis before collecting and processing personal data. They must implement measures to protect sensitive data and prevent breaches that could result in regulatory action. Failing to comply with data privacy laws can jeopardise a company's legal position and may put it in the crosshairs of regulators.
7. Proactive regulatory engagement and monitoring
Businesses should actively engage with regulators by consistently participating in stakeholder interactions and industry forums. It is critical for business success to maintain and encourage a respectful and cordial relationship with regulatory authorities and law enforcement agencies. The compliance team should monitor regulatory updates and keep management informed of any policy changes.
8. Develop a comprehensive risk assessment and crisis management plan:
Businesses should formulate a response strategy for potential investigations, which includes engaging professional legal advisers, public relations experts, and internal communication methods. When a company becomes aware of an impending investigation or enforcement action, the initial step should be to evaluate the potential risks associated with the investigation's outcome and to identify weaknesses and vulnerabilities within the organisation that could lead to negative consequences.
Creating a communication plan during an investigation is essential, particularly regarding the information that might be disclosed to the public if necessary. It is also crucial to ensure that all public statements about the investigation are made in consultation with legal counsel. This approach safeguards the entity's legal interests and promotes clarity and consistency in communications, ultimately protecting the organisation's reputation.
9. Full Cooperation with Authorities
Maintaining open and professional communication with investigators is paramount. This includes promptly providing requested information and documents and honouring scheduled interviews or meetings. If a corporate entity is unable to attend a scheduled interview or meeting, it is advisable to inform the investigators of the basis for the absence and formally request an extension or rescheduling. Non-cooperative actions, such as providing false statements, withholding information, or obstructing efforts to arrange meetings or interviews, can severely jeopardise a corporate entity's position and undermine the investigation process.
Conclusion
While investigations carried out by law enforcement agencies and administrative bodies are essential for ensuring compliance with laws and regulations, their occurrence can pose significant challenges to corporations if not properly managed. Corporate entities can effectively address these challenges by adopting proactive compliance measures and strategic responses. Cultivating a culture of compliance reduces the risk of investigations and fosters sustainable business success. This proactive approach not only protects businesses from potential legal issues but also enhances the overall integrity and reputation of the organisation.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
