Close X
Attorney Spotlight

What emerging trend in shareholder litigation does Britt Latham find most interesting in his practice today?    Find out more>


Close X


Search our Experience

Experience Spotlight

Envision to Sell to KKR for $9.9 Billion

We represented Envision Healthcare Corporation (NYSE: EVHC) in its definitive agreement to sell to KKR in an all-cash transaction for $9.9 billion, including debt. KKR will pay $46 per Envision share in cash to buy the company, marking a 32 percent premium to the company's volume-weighted average share price from November 1, when Envision announced it was considering its options. The transaction is expected to close the fourth quarter of 2018. Read more

Envision Healthcare

Close X

Thought Leadership

Enter your search terms in the relevant box(es) below to search for specific Thought Leadership.
To see a recent listing of Thought Leadership, click the blue Search button below.

Thought Leadership Spotlight

Six Things to Know Before Buying a Physician Practice spotlight

Dermatology, ophthalmology, radiology, urology…the list goes on. Yet, in any physician practice management transaction, there are six key considerations that apply and, if not carefully managed, can derail a transaction. Download the 6 Things to Know Before Buying a Physician Practice to keep your physician practice management transactions on track.

Click here to download the guide.

FCPA Resource Guide Action Items, Issue 2 – Elements of Compliance Programs


November 27, 2012

As we discussed in a previous alert on November 16, the Department of Justice ("DOJ") and Securities and Exchange Commission ("SEC") jointly published a Resource Guide to the U.S. Foreign Corrupt Practices Act (available here). The Guide provides a convenient roadmap of DOJ and SEC's expectations regarding corporate compliance programs in one place. For in-house counsel and compliance officers, the release of the Resource Guide also provides an excellent opportunity to marshal internal support for a fresh assessment of existing compliance programs.

Though the 120-page Resource Guide covers a wide range of topics, this alert provides a concise summary of seven DOJ and SEC expectations for corporate anti-corruption compliance programs generally, what these expectations mean for companies and specific actions companies can take to help address each one.

  1. Tone at the Top
  2. Enforcers often stress the need for a culture of compliance, regardless of the strength of a company's program on paper. The Resource Guide reiterates this position. However, the Resource Guide indicates that enforcers will evaluate the culture among middle managers and line-level employees—not just the commitment from senior managers.

    Action Item: In addition to training employees on anti-corruption policies, assess employees' perceptions of the company's commitment to compliance. This kind of assessment can help leadership identify compliance weaknesses and better determine the best way to allocate anti-corruption resources.

  1. Risk Assessment
  2. In the words of the Resource Guide, "[a]ssessment of risk is fundamental to developing a strong compliance program." DOJ and SEC expressly acknowledge that one-size-fits-all compliance programs rarely work and that compliance programs should be risk-based: "DOJ and SEC will give meaningful credit to a company that implements in good faith a comprehensive, risk-based compliance program, even if that program does not prevent an infraction in a low risk area because greater attention and resources had been devoted to a higher risk area."

    Action Item: Conduct regular, meaningful risk assessments and use them to guide the rest of the company's compliance efforts. As the Resource Guide notes later, "Effective policies and procedures require an in-depth understanding of the company's business model, including its products and services, third-party agents, customers, government interactions, and industry and geographic risks."

  1. Code of Conduct, and Compliance Policies and Procedures
  2. Unlike some previous guidance, the Resource Guide specifically identifies risks that many companies should address with policies and procedures:

         - Payments to foreign officials
         - Use of third parties
         - Gifts, travel and entertainment expenses
         - Charitable and political donations; and
         - Facilitating and expediting payments.

    Most companies already have these policies in place (with the possible exception of facilitating and expediting payments – a recent survey found that 64% of companies simply ban these outright).

    Action Items: (1) Ensure your program addresses each of the risk areas above; (2) translate all policies and procedures into local languages; and (3) consider using web-based approval programs for gifts, travel and entertainment expenses. These recommendations (and the Resource Guide in general) indicate a preference for a centralized compliance function with communications tailored for local business units.

  1. Training and Continuing Advice
  2. As the Resource Guide notes, "[c]ompliance policies cannot work unless effectively communicated throughout a company." DOJ and SEC do not offer specific recommendations on the content of the training, except to note that companies should consider tailoring their training programs to the audience – sales personnel and accounting personnel may need different training based on the scenarios they are likely to face.

    Action Items: (1) Develop means to give specific advice when it is needed urgently. For larger companies, this typically means well-publicized ways to communicate with on-call in-house compliance or legal personnel. For smaller companies, this may mean retaining outside FCPA counsel ahead of time, so that they can provide timely advice when it is needed. (2) Customize anti-corruption training to the jobs, functions and specific risks faced by specific audiences.

  1. Incentives and Disciplinary Measures
  2. DOJ and SEC also note the need for compliance policies to be linked with meaningful consequences. In addition to disciplinary measures for non-compliance, however, DOJ and SEC explicitly note that some companies have "made adherence to compliance a significant metric for management's bonuses." Under the Dodd-Frank Act it is also critical for public companies to bring FCPA investigations under the direction of counsel as swiftly as possible to protect investigative information from disclosure.

    Action Item: Develop positive incentives for ethics and compliance leadership. Require employees to report suspected violations of the FCPA internally and foster a corporate culture where internal reports are expected and clearly appreciated. For example, consider taking such reports (or lack thereof) into account when evaluating employee job performance and consider taking compliance climate metrics into account when evaluating managers and other leaders.

  1. Oversight, Autonomy, and Resources
  2. The Resource Guide echoes the U.S. Sentencing Guidelines in emphasizing that companies should assign responsibility for their compliance functions to senior executives who have autonomy from management. The Resource Guide also acknowledges that another individual can be delegated day-to-day responsibility for the compliance program.

    Notably, the U.S. Sentencing Guidelines require that, for maximum credit, the individual to whom day-to-day responsibility is delegated should have "direct access to the governing authority [e.g., the Board of Directors] or an appropriate subgroup of the governing authority [e.g., the Audit Committee]."

    Action Item: Assign operational responsibility for the company's compliance program to a senior executive and give that individual "express authority to communicate personally" to the Board of Directors or Audit Committee.

  1. Continuous Improvement: Periodic Testing and Review
  2. The Resource Guide emphasizes that no compliance program should be static. Rather, DOJ and SEC recommend that companies "regularly review and improve their compliance programs."

    For companies that undertake ad hoc reviews of their compliance programs, however, the release of the Resource Guide presents a clear opportunity to update policies and procedures in light of the guidance from DOJ and SEC.

    Action Item: Schedule routine testing and review processes (including those that are unannounced).


In sum, though the Resource Guide does not answer every question, it brings clarity and specificity to many of the compliance expectations that guide the DOJ and SEC's FCPA enforcement decisions. Similarly, though the action items listed above are not required or all-inclusive, if taken they can help companies prevent, detect and mitigate FCPA and other compliance problems.

Next in The Series:

We will examine the government's specific compliance expectations regarding third parties, M&A and confidential reporting/internal investigations in the next installments of this client alert series.

If you have any questions about this alert, the Resource Guide, or other anti-corruption issues, contact one of the members of Bass, Berry & Sims PLC's Global Anti-Corruption team below, or your regular attorney at the firm. For more information and resources on this topic, please visit Bass, Berry & Sims' webpage on Foreign Corrupt Practices Act (FCPA) or International.

In Case You Missed It:

Related Services


Visiting, or interacting with, this website does not constitute an attorney-client relationship. Although we are always interested in hearing from visitors to our website, we cannot accept representation on a new matter from either existing clients or new clients until we know that we do not have a conflict of interest that would prevent us from doing so. Therefore, please do not send us any information about any new matter that may involve a potential legal representation until we have confirmed that a conflict of interest does not exist and we have expressly agreed in writing to the representation. Until there is such an agreement, we will not be deemed to have given you any advice, any information you send may not be deemed privileged and confidential, and we may be able to represent adverse parties.