The Securites and Exchange Commission has placed a renewed interest in the accounting provisions of the Foreign Corrupt Practices Act, specifically the internal controls provisions. It would seem that the reason is straightforward: A company with rigorous internal compliance controls is better able to prevent, detect, and remedy any FCPA violations that may occur.
What can you do around the FCPA’s requirements for internal controls and current SEC emphasis? I would suggest that you begin with an exercise where you map the internal controls your company has in place to the indicia of the Ten Hallmarks of an Effective Compliance Program, as set out in the FCPA Guidance. While most compliance practitioners are familiar with the Ten Hallmarks, you may not be as familiar with standards for internal controls. I would suggest that you begin with the COSO 2013 Framework as your starting point.
