The Justice Department Evaluation of Corporate Compliance Programs’ prong “Policies and Procedures” states: “Payment Systems – How was the misconduct in question funded (e.g., purchase orders, employee reimbursements, discounts, petty cash)? What processes could have prevented or detected improper access to these funds? Have those processes been improved?”
While the basic Watergate maxim “follow the money” has always been appropriate in any Foreign Corrupt Practices Act investigation, the Evaluation of Corporate Compliance Programs takes payment systems and their internal controls several steps farther past the detect and investigatory precepts. It is not just one set of compliance internal controls, but rather internal controls permeating throughout an organization that creates their effectiveness. What are effective compliance internal controls and how can the payroll function assist in fulfilling those requirements? There are several specific internal payroll controls that facilitate a company operationalizing its compliance program, as required under the Evaluation of Corporate Compliance Programs. These controls help keep an eye on the money trail, as money used for a bribe is oftentimes hidden in some company expenditure.
The four general areas of payroll control should include: (1) segregation of duties; (2) accountability, authorization, and approval; (3) security of assets; and (4) review and reconciliation. The role of global payroll in compliance is not often considered in operationalizing a compliance program, yet the monies to fund bribes in violation of the FCPA must come from somewhere. Unfortunately, one of those places is payroll.
CCOs need to sit down with their heads of payroll, explain the role of payroll, and review the internal controls already in place to see how they facilitate the goals of compliance. From that review you can then determine how to use payroll to help to operationalize your compliance program.