Burying Bribes in the Books and Records

This article reviews the books and records and internal controls provisions of the Foreign Corrupt Practices Act, and it analyzes 70 FCPA enforcement actions initiated by the Securities and Exchange Commission since 2009, highlighting the financial accounts and expense categories that the SEC alleged were involved in concealing corrupt payments. Knowing where the SEC is looking can help guide a company when it assesses its own bribery risks and when targeting potential corrupt payments with data analytics.

There have been 70 cases since 2009 in which the SEC made FCPA-related allegations. The accounts most used to cover up bribes were “Commissions” and “Consulting.” The next most commonly-used accounts were “Cost of Sales,” “Travel and Entertainment,” and “Customs.”

Some cases had multiple allegations. The internal controls allegations were generally less specific than for books and records violations. Typical allegations include: No controls to detect FCPA violations; no program to monitor employee compliance with the FCPA; lack of FCPA training; lack of management authorization for transactions; lack of oversight over foreign agents; and failure to follow-up on FCPA red flags.

Data analytic modules can be modified to focus on high risk expense categories. Each of these categories can be linked to transaction-level data in order to examine individual vendors, countries, frequencies and amounts of disbursements. Given the SEC’s focus on the use of third parties to facilitate bribes, data analytics also can be used to help investigate suspicious payments through link analysis.