One cannot really say enough about risk assessments in the context of anti-corruption programs. The 2012 FCPA Guidance stated it succinctly when it said, “Assessment of risk is fundamental to developing a strong compliance program, and is another factor DoJ and SEC evaluate when assessing a company’s compliance program.” The simple reason is straightforward: One cannot define, plan for, or design an effective compliance program to prevent bribery and corruption unless you can measure the risks you face. When you couple risk assessments with the root cause analysis required under the Justice Department’s Evaluation of Corporate Compliance Programs, you see the importance of these valuable tools.
What Should You Assess?
