Most medium- to large-sized companies institute codes of conduct as a key component of their compliance programs. Companies that are subject to U.S. jurisdiction and also operate internationally face a wide array of domestic and international statutes and regulations (as well as diverse cultural challenges) that require a far more robust program than domestic-only entities. It often is a challenge to make these policies understandable and relevant not only in the U.S. but also to all employees worldwide. The complexity of the laws, combined the far-flung locations of employees, makes full compliance virtually impossible, although an effective compliance program will limit the instances and the severity of violations and damages.
An effective Code of Conduct emphasizes the importance of fair business dealings and compliance with all laws and regulations that apply to the company and its business activities. If a company runs an effective compliance program based on the Code of Conduct, potential suppliers, customers and employees will want to do business with the organization. , An effective code also creates a culture of compliance and limits potentially crippling fines, sanctions and jail time for its employees and partners.
The Code of Conduct will often comprise stand-alone policies such as:
- An anti-bribery policy
- A data protection policy
- A gifts and entertainment policy
- Anti-trust guidelines
- Insider trading guidelines
- Anti-boycott, embargoed countries and other import/export policies
International best practices in achieving compliance have developed in many high-risk compliance areas, including that of anti-bribery. Based on the proliferation of anti-bribery laws and conventions, including the U.S. Foreign Corrupt Practices Act (FCPA), Organization for Economic Cooperation and Development anti-bribery convention and the UK Bribery Act, effective policies of multi-national companies have evolved. For example, the UK Bribery Act specifically excludes the FCPA defense of “facilitation” payments (e.g. payment for expedited filings). As a result, many companies operating in the U.S. and internationally exclude the defense of facilitation payments in their anti-bribery policies to strive toward the goal of global compliance.
For companies subject to U.S. jurisdiction, Part B of the U.S. Federal Sentencing Guideline describes the key components of an effective compliance and ethics program. Adherence to these guidelines may mitigate potential fines and jail sentences that a company may face if it is non-compliant. Under the guidelines, an effective policy incorporates senior executive leadership and due diligence activities that both prevent and detect criminal conduct and encourage ethical conduct and a commitment to compliance. Recognizing that it is impossible to stop all potential violations, the guidelines acknowledge that the occurrence of an offense does not mean that the policy in place is not effective and, as a result, penalties otherwise payable may be reduced based on the effectiveness of the compliance program and the cooperation of the entity.
International resentment at having to comply with U.S.-specific laws is common. Recently a major UK-based financial institution with a U.S. chartered affiliate allegedly openly ignored U.S. money laundering rules that restricted certain financial transactions with Iran. Other U.S.-specific laws that have resulted in large issues for international subsidiaries of U.S.-based companies are the FCPA, embargoed country restrictions and anti-boycott legislation. Only through effective training and the establishment of a culture of compliance can a company expect to prevent most non-compliant activities.
The large fines and jail time imposed on many large multinationals should provide all of the necessary inducement for senior leadership buy-in to the necessity of an effective compliance program. Moreover, the ever-expanding whistleblower protections and the large financial benefits that a whistleblower may enjoy under the Dodd-Frank Act subjects every company to potentially thousands of compliance officers in the form of employees and agents of the company. This should make every chief executive and board of directors stand up and take notice of the risks of not so implementing compliance standards. As a result, today’s compliance officer typically faces much less resistance from the various functions that compose the compliance function in enforcing an effective compliance program.
In conclusion, companies should strive to attain global compliance with their policies. However, they must aggressively monitor for any allegation of non-compliance and be prepared to react nimbly and immediately investigate any such allegation.