The Foreign Corrupt Practices Act of 1977 (FCPA) is a United States federal law known primarily for two of its main provisions, one that addresses accounting transparency requirements under the Securities Exchange Act, and another concerning bribery of foreign officials. FCPA provisions apply to any person or US entity doing business in foreign jurisdictions and are jointly enforced by the Securities and Exchange Commission (SEC) and the US Department of Justice (DOJ).
Given the high level of scrutiny and enforcement, companies that violate the FCPA can face substantial fines, investigative time, and reputation and brand damage due to non-compliance. As such, when developing leading compliance program practices, companies should establish appropriate monitoring, auditing, and ongoing evaluation of program effectiveness.
For teams tasked with monitoring and auditing (e.g. internal audit, compliance, etc.), using data analytics is important to improving the effectiveness of compliance programs. By using analytics to identify risk factors, flag anomalies, risk rank transactions, and send proactive alerts, your compliance program can focus on early detection and prevention of corruption schemes.
Analytics considerations for anti-corruption programs
1) Identify corruption risk factors.
As part of the risk evaluation process, companies should evaluate corruption risks specific to their company or industry. After these risks are identified and prioritized, companies should next consider possible corruption schemes and scenarios and understand if mitigating controls already exist that would prevent or detect these corruption schemes.
The output of this exercise should be a listing of program areas where detailed testing or further analysis should be performed due to potential risk. Identifying areas of higher corruption risk is the first step in designing controls and analytics to help mitigate these risks.
2) Design analytics to identify corruption red flags.
Data analytics can be leveraged to identify risky transactions for additional testing. By understanding the underlying corruption schemes that could exist, companies can design analytics to profile transactions that may be at higher risk based on noted trends or anomalies in comparison to the rest of the transactions in a population.
For illustrative purposes, an example corruption scheme with channel or partner sales is when a product is sold to a reseller at a deep discount, who then uses the large margin on that sale to pay a bribe to the end customer. In this scenario, reviewing discounting outliers from partner sales transactions may indicate higher corruption risk that should be investigated. Risk factors such as the size of the transaction, region, typical employee or partner discounting patterns, etc. may reveal corruption red flags.
Companies can use analytics to quickly identify outliers and atypical discounting patterns based on these various risk factors. See the below Sales Discounting Scatterplot dashboard, which makes it quick and easy to view outliers and atypical patterns. Designing analytics this way allows companies to further focus their review in geographical jurisdictions with a lower Corruption Perception Index (CPI) score where potential corruption and bribes are more prevalent.
Sales Discounting Scatterplot Dashboard: Using Tableau, sales data can be easily rendered, filtered, and analyzed. In the below example, deal discount percentage is plotted on the y-axis and date of deal close on the x-axis. Each circle represents an individual deal with circle size representing deal size. The following filters are utilized in the dashboard, each of which can be updated to help isolate risky transactions.
- Date of Deal Close: What is the review period?
- Deal Close Month: Are deals closed in certain months inherently riskier than others?
- Discount Percentage: What discount level would require additional scrutiny?
- Region and Sub-Region: Where are higher risk deals closed?
- Number of Days from Deal Creation to Closure: If a large deal is created and closed quickly, was it reviewed and approved through the appropriate channels?
3) Risk rank transactions and perform testing.
After analytics are developed, companies should identify transactions that are anomalies or do not conform to expected patterns or other items in the data set. Consider assigning a risk ranking to these transactions and perform additional testing procedures. Using the example of sales transactions noted above, additional detail testing could involve inspecting the supporting sales documents, inquiry with the sales or partner representative, etc.
4) Use analytics to provide proactive alerting of high-risk transactions.
Share information learned with your compliance team to determine how to deploy analytics for ongoing monitoring at scale. How can corruption be prevented in the future? How can corruption be detected earlier in the sales cycle?
With Tableau, you can set up data-driven alerts. For example, let’s say you want your compliance team to be notified when a pipeline partner-led deal closes in a country with a low CPI score and exceeds a discount percentage of 50%. By establishing that threshold with an alert, you can automatically send notifications to the team tasked with monitoring these transactions, enabling them to take action based on data.
Data analytics is a powerful part of a larger anti-corruption program. Analytics can detect corruption red flags and prevent corruption schemes, helping you avoid potential fines, investigations, and immeasurable damage to your reputation. The application of these four analytics considerations to your compliance program helps monitor and audit transactions real-time, improving anti-corruption efforts in an effective and powerful way.
To learn how to take a proactive approach to exposing risk and improving anti-corruption prevention, visit the Tableau Audit, Risk, and Compliance Analytics solutions page.