Ed. Note- a couple of weeks ago, I had a guest post from Timur Khasanov-Batirov about some of the challenges in the doing of compliance in his native Ukraine. He certainly had an interesting and most welcome perspective. I asked Tim if he might tell us a bit more about his background and talk about some of the things a US or other western company needs to consider when opening a business enterprise in Ukraine or eastern Europe for the first time. This interview is his response.
- Where did you grow up and what is your university or college training in?
I grew up in Tashkent, a vibrant southern megalopolis of the former Soviet Union. The city is known for mixture of various cultures and traditions. Probably that is the reason why I feel myself comfortable working in different countries and corporate environments.
I was fortunate to get scholarships for my legal studies twice. Thanks to Muskie Program I got a chance to do LLM program in the University of Minnesota Law School. Our library being in 2003 time among Top 10 in the nation (hope it is still in the list) was a perfect source to frame personal attitude to corporate ethics. The memory of the Program and Land of 10 000 Lakes will be enshrined in my heart.
- What jobs have you held after graduation from college?
My path is associated with embedding international standards into ‘fabrics’ of organizations I worked for. You must develop processes which improve efficiency and engage people in doing right things. I like to hear these words or to repeat them to myself. Sounds like music. Having such melody in my head (which hopefully is not too strange) I made my way with roles of in house counsel at US owned mobile operator, regional business trainer for CIPA Network, and legal advisor to various international corporations. I like to remember intensive period spent in capacity of attorney at Baker and McKenzie. Work for the Firm has polished an important technique for compliance person. I mean the skill to align legal requirements of different jurisdictions to produce a solid legal advice.
- How did you get into the field of compliance?
Back to 2006 I got awesome assignment. As person responsible for Legal & Controls at international FMCG company in Kazakhstan I was asked to lead the project on obtaining ISO 9001 quality management standard. After one year of deliberations and resistance we came to finishing tape with almost 60 described business processes and allocated responsibilities among key managers. So the next step looked natural for me. It should be compliance which assembles risk management, law, and communications into single and powerful managerial tool.
In 2007 compliance philosophy was ‘terra incognita’ in the former Soviet Union. Almost everyone was convincing me that the concept would never survive in that region. Today it is obvious that compliance is extensively developing. I have no regrets about taken decision.
- What are some of the biggest compliance challenges that you face in your current role?
As in house compliance person and participant of the regional professional community I enjoy the opportunity to monitor challenges from different angles. The good thing is that the idea of ethical conduct is becoming popular among business leaders, legal and audit professionals. You can feel tremendous difference in attitudes to compliance at the corporate boardroom in last 5 years.
There is some progress with setting adequate regulatory environments by the countries in the region. In the very same time local enforcement practices are expected to become more consistent with relevant laws.
There is a curious phenomenon worth mentioning. Issues which have been raised by local professional community these days include questions associated both with early stage of compliance development along with inquiries associated with advanced level like for instance questions on the best ways to protect whistleblower from retaliation in a long term period. Thus from my prospective the main challenge in the region is the necessity to manage compliance risks based on sophisticated Western framework in a business environment where compliance is a relatively new concept.
There is also challenge which I believe is on the agenda for our profession globally. It is about integrating compliance into corporate strategic planning. I am also sure that our mission is to change minds of the corporates. Here comes to mind the meme of the day by Matt Kelly which depicts Kermit saying ‘I saw the manager to fire you for calling the hotline. But that’s none of my business’.
- What advice would you provide to an American or western European company doing business in Ukraine or eastern Europe for the first time regarding compliance?
I would highlight Top 6 practical actions:
Code of Ethics
To ensure that the Code of Ethics will work in the region please check if it is translated into local language(s). Just have in mind that English is a second language for your employees (in the best case). Local JV partners, distributors, and agents might not speak English at all. The reality shows importance of getting professional translation to avoid phrases ‘lost in translation’. It happens when the Code is written in heavy legal language or translation is not reflecting the real meaning of the text.
Based on my practice I would recommend investing some money in publishing hard copies of the Code rather than relying on the e-version only. At minimum hard copies of the Code should be distributed to C-level staff and key managers. It is vital to appoint a person (normally a Compliance officer) who could be approached by the employee for explanation of the Code’s provisions.
The team should consist of experts who are aware of both FCPA/UKBA requirements and nuances of local regulatory developments. I suggest having folks who will be able not only to update you on new Ukrainian anticorruption laws or regional pitfalls like ban on facilitation payments but to independently manage such risks in the organization.
Assessment of the Program by Top Management
It might be disputable but I would advise using the US Sentencing Commission Guidelines Manual as a comprehensive tool for detailed self-assessment of the Regional Compliance initiatives. I also believe there are just 4 simple questions answers on which can precisely illustrate the situation with corporate ethics for the Top management:
- How we evaluate efficiency of the compliance activities?
- Does Compliance Officer have resources and adequate power to prevent unethical behavior?
- Are we sure that our internal investigations are effective and impartial?
- At what extent top management is engaged in compliance program?
It could be a sophisticated web-based system with global coverage in ideal case or just sole person which acts as a contact for personnel (looks provocative but still could be effective) to raise concern. The mechanism of tipping should exist in the form which your budget and corporate structure allows. Local experiences confirm that the effectiveness of the line will rise when personnel is duly communicated about actions taken as result of corporate investigations.
Consultants and Intermediaries
You may want to review contracts concluded in the region with consultants, distributors or corporate representatives. There are two reasons why it could be a good idea. Firstly, you will be able to check whether there are any FCPA risks if your representative interacts on your behalf with the local authorities. Secondly, what we see in this region is that contractual arrangements on ‘providing services’, ‘marketing activities’ and so on are often become veils for occupational fraud.
Conflicts of Interest
Conflict of interest or simply situation when decision of the employee might be impaired by his personal interest poses two risks. The first risk is of FCPA nature. The second type of risk is in the area of occupational fraud. Widespread practice at emerging markets includes getting expensive gifts from the counterparties or contracting affiliated entities. I would recommend launching the internal system on declaring conflicts of interest which could be done by utilizing for instance the corporate intranet platform.