There are numerous reasons to put some serious work into your compliance policies and procedures. They are certainly the first line of defense when the government comes knocking. The 2023 ECCP made clear that “Any well-designed compliance program entails policies and procedures that give both content and effect to ethical norms and that address and aim to reduce risks identified by the company as part of its risk assessment process.” This statement made clear that the regulators will take a strong view against a company that does not have well-thought-out and articulated policies and procedures against bribery and corruption, all of which are systematically reviewed and updated. Moreover, having policies written out and signed by employees provides what some consider the most vital layer of communication and acts as an internal control. Together with a signed acknowledgement, these documents can serve as evidentiary support if a future issue arises. In other words, the “Document, Document, and Document” mantra applies just as strongly to policies and procedures in anti-corruption compliance.
Three key takeaways:
1. Written compliance policies and procedures, together with the Code of Conduct, form the backbone of your compliance program.
2. The DOJ and SEC expect a well-thought-out and articulated set of compliance policies and procedures and that they be adequately communicated throughout your organization.
3. Institutional fairness for the application of policies and procedures demands consistent application of your policies and procedures across the globe.