One of the things that my colleague Stephen Martin talks about is the need for strategic planning for your Foreign Corrupt Practices Act (FCPA) compliance program. He suggests a 1, 3 and 5 year strategic plan which you should utilize as a road map for your compliance program in these time frames. Equally important, as a former state and federal prosecutor, he believes that such a document would be an important item to produce to a prosecutor, who might be reviewing your compliance program in the event of a voluntary self-disclosure, a Dodd-Frank or other whistle-blower event, which has led your company to receive a subpoena or letter of inquiry or an industry sweep. He believes that such a strategic plan could well lead to the development of credibility for your company and your compliance program in the event of one of the aforementioned eventualities.
With the above in mind I was interested to read an article in a recent issue of the Houston Business Journal, entitled “Strategic planning needs constant follow-up to be successful” by Bruce Rector. In the article Rector sets out steps to assist in utilizing a strategic plan. As with Martin he recognizes that while a strategic plan can serve as guide for your company going forward, it must actually be utilized to garner any use out of it. Rector notes that “if your company and management team have expended the time and resources to pull together a strategic plan, the next logical step is to follow up and keep things on track.” While Rector’s article is not aimed at the compliance arena, I believe that the steps he lays out, translate without difficulty, into steps a compliance officer can take to meet the suggestion laid out by Martin above.
- Review the Goals of the Strategic Plan. This requires that you arrange a time for the Chief Compliance Officer (CCO) and team to review the goals of the Strategic Plan. Rector advises that to the extent possible this should be done in person. The CCO should lead a discussion of the Strategic Plan and determine how this goal in the Plan measures up to its implementation in your company.
- Design an Execution Plan. Here Rector advises that the “Keep it Simple Sir” or KISS method is the best to move forward. This would suggest that for each compliance goal, there should be a simple and straight forward plan to ensure that the goal in question is being addressed. Rector notes that any “plan must be specific with clear tasking and deliverables and a definite timeline for delivery.”
- Put Accountabilities in Place. In any plan of execution, there must be accountabilities attached to them. Simply having a time line is not enough. This means that the persons tasked with the responsibility of performing the tasks be clearly identified, by both the individual so tasked and the actual task they are assigned to complete. Accountability also includes a “follow-up mechanism to ensure that these vital goals are achieved.” This requires the CCO or other senior compliance department representative to put these in place and then mandate a report requirement on how the task assigned is being achieved.
- Schedule the Next Review of the Plan. Most interestingly, Rector recommends a review of the foregoing process on a weekly basis. While noting that this may seem time consuming, he believes that once the group assigned with this responsibility gets “into the rhythm, it can go smoothly.” While I would not necessarily agree that weekly meetings are required, Rector does correctly note that such regularity allows any problems which may arise to be detected and corrected more quickly than if meetings are held at a less frequent basis.
Martin’s guidance that a FCPA strategic plan can be a key part of your overall compliance program is sound advice. However, simply developing a strategic plan is not enough. Rector concludes by stating that “Part of management’s responsibility is to continually reinforce the vision and goals of the company, as set forth in this plan.” This is particularly true in the compliance arena, where assessment and updating are critical to an ongoing best practices compliance program. If you follow the process laid out by Rector, you will put a mechanism in place to demonstrate your company’s commitment to compliance by following through on intentions as set forth in your strategic plan.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2011