The compliance burden on companies is increasing.
High Contrast
The compliance burden on companies is increasing.
As companies grow, their regulatory risks grow even faster.
Companies must understand and remediate issues to successfully navigate regulatory challenges.
The compliance burden on organizations is growing, with more regulatory hurdles than ever before. Expansion creates additional inherent risks to an organization’s compliance with laws and regulations. Companies can become vulnerable to increased scrutiny and potential regulatory actions from the lack of oversight of the sales and marketing processes, consolidation of compliance resources, strategic business acquisitions and operating in new high-risk areas. Managing those concerns can mean the difference between identifying root causes, remediating issues, and strengthening processes or suffering potentially significant regulatory consequences.
Many companies, including those in the life sciences and health care industries, have specific compliance regulations in place designed to discourage potential bribery or corruption during sales and marketing practices. Activity between company representatives and foreign government officials comes under scrutiny, with regulators looking to thwart any potential market manipulation, abuse of promotional and marketing programs and incentives, improper payments and other fraudulent practices.
In many cases, harmful activity is not intentional, and in some situations, confusion can occur with global or local customs, which leads to inquiries from regulators. Regardless of intentions, controls must be in place that discourage processes that could lead to fines and penalties.
Our client is a global biopharmaceutical genomics testing services provider with laboratory operations in the United States, United Kingdom, Germany, China and Japan. The client discovered they previously engaged in prohibited sales and marketing activity. While they enacted a compliance program and internal control changes to reduce the risk of prohibited activity, they wanted to ensure the additional internal controls were effective and that no such activity would recur.
RSM utilized a risk-based approach, leveraging data analytics to identify and analyze several higher-risk transactions and payment categories. We interviewed global employees with respect to compliance activities, operations and transactions. We analyzed higher-risk transactions for compliance with new policies and procedures to evaluate the effectiveness of our client’s controls. Our findings, including a confirmation of control effectiveness, were reported to their internal audit and the general counsel. They included practical recommendations for incremental program enhancement, thereby reducing the potential for fines and penalties stemming from future compliance failures.
In a quest for ongoing efficiency, many organizations consolidate the same or similar departments during a transaction, developing a streamlined structure with fewer barriers to productivity. However, while increasing efficiency is important, any combined functions must continue to meet the compliance standards.
In addition, growth through acquisition can complicate ongoing compliance. During the integration process, new employees must familiarize themselves with a new culture, and a transition to new compliance processes can result in potential gaps without effective oversight.
A bank with $2 billion in deposits and approximately 650 employees was integrating with another institution that would increase deposits by $1 billion and add 350 employees. The bank brought various aspects of its anti-fraud program and investigative resources into a single office covering internal and external fraud as well as the Bank Secrecy Act and anti-money laundering compliance. Following the transaction, they had to effectively integrate the acquired operations and personnel into the consolidated office.
In addition, being aware of the current regulatory environment and how those charged with compliance and enforcement look positively on banks with disciplined compliance and fraud programs, the bank regularly sought third-party assessments of anti-fraud programs to leverage best practices and strengthen regulatory standing. After the transaction, the bank initiated an assessment with RSM and sought to have any improvements in place before the integration.
The RSM team assessed the effectiveness of the bank’s anti-fraud program to determine alignment with regulatory guidance and expectations. We cross-referenced their program documentation with guidance from the Securities Exchange Commission (SEC), Department of Justice (DOJ) and Federal Deposit Insurance Corporation (FDIC). Also, we provided best practice insights gained from extensive experience with other financial institutions.
The review confirmed that the bank’s anti-fraud efforts were on the right path, and we offered suggestions for strengthening their program, from CEO involvement in compliance initiatives and developing a company-specific code of conduct training program to expanding the use of proactive data analytics. With that information, we validated the bank’s approach and moved forward with their integration with confidence.
Operating a global company means often working in areas at high risk for bribery and corruption. To keep companies from gaining an unfair advantage, regulators seek to discourage improper payments and activities by levying significant fines and penalties on companies that violate anti-bribery and anti-corruption laws.
Regulators expect ethical behavior and business processes, with effective compliance programs that include operational and financial controls. As the barriers to doing business globally continue to fall, companies need to focus on establishing or refining anti-bribery and anti-corruption processes and programs to avoid potential regulatory actions and reputational harm.
Our client is a global industrial manufacturing company that produces specialty components for the aerospace, transportation, energy and industrials markets. The company operates in foreign countries with a high percentage of sales to government-owned entities. They felt they had an effective ethics and compliance program but had not conducted country-specific compliance audits due to a lack of qualified audit resources. They were concerned their compliance team might be understaffed and unable to monitor global operations effectively, and the lack of testing created vulnerability to potential hidden corruption concerns, regulatory fines and reputational harm.
RSM suggested an approach to deliver high-quality anti-bribery, anti-corruption and trade control assessments within the highest-risk locations and performed more than 10 such projects over a two-year span. The assessments identified several significant risks that required escalation and were investigated and remediated. We delivered actionable recommendations for the compliance program and internal control enhancements, which were agreed upon by management and tracked by internal audit through remediation. The engagement significantly reduced the company’s risk of regulatory violations, fines and reputational damage and strengthened the third-party risk management processes.
Organizations contend with several emerging issues that make compliance more complex, from increased regulatory scrutiny to a lack of qualified compliance resources. With companies in all industries and of all sizes experiencing heightened compliance risks, an organization must understand its potential risks, implement effective processes and controls, and create an overall culture of compliance to mitigate organizational risk to an acceptable level.
Contact RSM’s forensic, integrity and compliance team to learn how we can evaluate your compliance processes and protect your business. Our experience and knowledge can advise you in confirming the strength of your compliance approach or creating a more effective strategy.