2 Discussion Topics Types and Purpose of FCPA Audits Planning and InterviewingFCPA Audit ProgramTransactional Data AnalysisClosing and Reporting
3 Types of FCPA Audits M&A Due Diligence Reviews M&A Post Acquisition ReviewsInternal FCPA audits of business unitsAudits of Third Party Agents and Business PartnersMany types of audits but all share the same fundamentals.
4 IDENTIFY POINTS OF GOVERNMENT INTERACTION Purpose of FCPA AuditsIDENTIFY POINTS OF GOVERNMENT INTERACTIONDirectIndirectCustoms and DutiesCorporate Taxes and PenaltiesSocial SecurityVisas and Work PermitsPublic Official Gifts and EntertainmentTraining of Government Owned EntitiesBusiness Licenses and PermitsCustoms Agents and Freight ForwardersVisa ProcessorsCommercial Sales AgentsDistributorsConsultants and “Channel Partners”Business with Governmental Entities and NOCsAudit business activities with governmental entities and NOCs for evidence of potential corruption.
5 Audit Planning Start 4 to 6 weeks in advance Perform Audit with Legal Counsel’s leadEstablish key business contacts, discuss audit privileges and processesPrepare initial document request list for financial information queriesReview findings from previous auditsReview details of opened and closed internal investigations and Code of Conduct questionnairesResearch related DOJ and SEC enforcementsAudit PlanningPlan for the audit to minimize disruption to the business unit being audited and to ensure that the time in-country is as effective and productive as possibleKick-Off MeetingMeet with or otherwise communicate with management of business units to introduce the Legal Compliance and Internal Audit teamsInterviews of Financial and Selected Operations and Human Resources (time permitting) PersonnelInquire generally about internal controls, books and records and FCPA risks encountered in the past in the target country and inquire about potential issues that can be followed up by audit testingBusiness with Governmental Entities and NOCsAudit business activities with governmental entities and NOCs for evidence of potential corruption.Business with AgentsReview the activities of Agents for compliance with the Policies (and, in particular, those specifically related to the retention of Agents).
6 Data Request Trial Balance Chart of Accounts Journal Entry Line Items Ask for as much electronic information as possible well in advance.It’s much easier to get database records for internal audits than external audits.Ask for records up front in database or excel format (Not PDF).Trial BalanceChart of AccountsJournal Entry Line ItemsFinancial and Compliance PoliciesAudited Financial StatementsBank Recs and StatementsList of Agents or IntermediariesRevenue by Country and Customer
7 FCPA Audit Interviews Select Interviewers Select Interviewees Compliance Counsel – culturally sensitive, patient, good working relationship with auditorsAudit focus; not an internal investigationSelect IntervieweesFocus on those who interact with government entities/officials or third partiesBusiness LeadershipSales/Marketing/Business DevelopmentOperationsLogisticsCorporate Functions: HR, Finance, HSE, Real Estate, Legal
8 FCPA Audit Interviews Interviewing Topics and Techniques Audit focus; not an internal investigationGeneral Policies and ProceduresBooks and records pertaining to FCPA risksTest knowledge of FCPA and UK Bribery act including facilitating payments and their understanding of your company’s prohibitionsRegulatory challengesGovernment interactionsOther compliance areas: trade, anti-boycott, anti-money laundering, anti-trustConduct FCPA training during opening meeting
9 FCPA Audit program Review GL Accounts Commission payments to agents and representativesFacilitating paymentsTravel, meals and entertainmentTrainingGifts, Charitable Contributions, Political DonationsSales and Promotion expensesCustoms payments, freight forwarders, and other processing agentsImmigration expensesPermits, licenses, taxes and other regulatory expensesSecurity payments, Extortion paymentsCommunity contributions and Social responsibility paymentsConsultants (legal, tax advisors)Fines and Penalties (tax, customs, visa)Review of the GL will focus on accounts where transactions of interest are most likely to be posted. Inquire as to where in the GL the following items are posted and analyze the findings:
10 FCPA Audit Program Bank Accounts and Cash Disbursement Controls Review controls around bank accounts and cash disbursementsIdentify and review authorized signers, approval levels, and bank reconciliationsEnsure all bank accounts are included in the General LedgerIdentify and review certain bank and cash disbursement transactionsCash FundsReview controls around Cash FundsAscertain processes in place regarding disbursement and reconciliation of cash fundsIdentify and review payments to government officials, agents, or any unusual or suspicious activitiesIdentify and review certain bank transactions and test for any improper payments
11 FCPA Audit Program Travel & Entertainment and Gifts Payroll Explore payments made through employee-reimbursed expensesScrutinize for any suspicious expenses submitted, expenses lacking adequate documentation, incorrect postingIdentify and review accounts associated with gifts, meals, entertainment, travel, or promotionPayrollRisks include the use of ghost employees, hiring of relatives of non-U.S. government employees, and the use of bonus paymentsRequest a payroll listing and review for any such persons
12 FCPA Audit Program Donations and Contributions Training Identify and review and charitable donations and political contributionsTrainingDetermine whether your company provides training to government entities, and review GL accounts and employee expenses for related itemsPayments under local lawObtain list of payments to the government required by local lawsIdentify and review payments to government authorities or employees, customs authorities or agents, income taxes authorities or license requirementsPayments made to the 3rd PartyReview commission and expense payments for compliance with company policyTrace payments to 3rd Party’s bank account
13 Transactional Data Analysis Use A Risked Based Audit ApproachDownload GL line items including payments, expense reports, etc.Create data files for tests that indicate risky transactionsLink them together by a common field such as journal entry number or SAP Document numberIdentify Journal Entries or payments that have multiple risk factors
14 Transactional Data Analysis Run Individual Tests Focused On FCPA RiskManual Payments (SAP Payment Blocks and Methods)Duplicate Invoices and PaymentsRound Dollar Payments/InvoicesCompliance Sensitive WordsCompliance Sensitive AccountsCredit Cash – Debit ExpenseSequential InvoicesProhibited Vendors (OFAC, etc)Authorization LimitsOffshore Bank Accounts
15 Transactional Data Analysis Begin With The End In Mind213This is what the final project looks like.DEMO DATA ONLY
16 Analyze Chart of Accounts Compliance SensitiveGL AccountsAdd a field using the Multistate Field TypeIn the Equation area (Parameter): 1X: 0?: 3Blank: -1DEMO DATA ONLY
17 Compliance Sensitive Word Search Looping Search Key word searches are highly effective in finding purchasing card, travel and entertainment (T&E) or other types of fraud. The challenge is recording all those key words, editing or updating a formula, and managing character limits. The Looping Search App allows you to search in 1, 2, or 3 fields using words or wildcard fragments contained in a second file. Grow your list of key words in Excel, import them into IDEA to capture the most current version, then use them over and over, year to year, file to file. Add words to the Excel list instead of maintaining an extremely long formula.DEMO DATA ONLY
18 Compliance sensitive word search Looping SearchDEMO DATA ONLY
19 Compliance Sensitive Word Search Word List Maker Allows you to create a unique list of the words found in a selected field. All the words will be converted to uppercase and special characters will be removed. The final word list will be ordered based on the frequency of word usage with the most frequently used words appearing at the top. This app utilizes the IDEAScript feature to run tests by simply answering several prompts, and simplifies the process of creating a unique list of words found in the field so you can focus on the results rather than the process.DEMO DATA ONLY
20 COMPLIANCE SENSITIVE WORDS Word List MakerDEMO DATA ONLY
21 Manual Entries and Payments SAPTables: BSAK, BSEGTcodes:FBL1N Vendor LinesFBL3N GL LinesFBL5N Customer LinesWork with Accounting to determine how manual entries and payments are used and how to recognize them.Doc TypePosting KeyPayment MethodPayment BlockDEMO DATA ONLY
22 Vendor Bank Accounts Join files to determine: SAP Tables LFA1 – Vendor MasterLFB1 – Vendor master Company CodesLFBK – Vendor Master Bank AccountsQuestions:Is it allowable under your policy?Are there reasonable exceptions that should be excluded from the testing?Join files to determine:Vendors with no bank accountWhere Vendor Country is not equal to Bank CountryDEMO DATA ONLY
23 Closing and ReportingConstant communication between Legal Counsel and AuditorsCommunicate findings to management as they occurHold an onsite closing meeting with the auditeeIssue a consolidated final FCPA audit report that is appropriate to the type of audit being conducted.
24 Related Web Sites http://fcpamap.com http://www.fcpa.shearman.com
25 ContactS Jennifer Ellison Senior Legal Compliance Manager Baker Hughes Marianne IbrahimSenior Counsel, Audits and InvestigationsAudimation Services, Inc.1250 Wood Branch Park DriveSuite 480Houston, TX 77079