Using Internal Controls to Mitigate FCPA/Corruption Risks in China
Over the past two years, multinational corporations (MNCs) with offices in China have taken notice of the anticorruption initiative President Xi Jinping has been leading. This crackdown has affected not only state-owned enterprises (SOEs) and political officials, but also private industry in China. MNC responses have ranged from increasing the frequency of visits by headquarters-based internal auditors to establishing local compliance departments. An MNC’s response depends on the industry in which it operates and the maturity of its anti-fraud program in China. Regardless of the MNC’s level of sophistication, now is the time to take an in-depth look at the way MNCs are mitigating and addressing fraud risks, particularly Foreign Corrupt Practices Act (FCPA) and corruption risks.
Following are three key internal controls that when properly implemented will strengthen an MNC’s compliance environment in China.
Third Party Due Diligence
The importance of third party due diligence in China cannot be over-emphasized. MNCs should consistently apply a program that takes into account the limited amount of information publically available in China because it’s likely they will not be able to cite these limitations as a defense for conducting inadequate due diligence on third parties.
The third parties that pose the greatest risk to MNCs generally are sales agents, distributors, agents assisting with customs clearance, joint venture partners, marketing event planners and travel agents. This list is ever-evolving, however, and may change as further schemes are exposed in China.
Due diligence on these third parties should take into consideration the third party’s level of government interactions and possible conflicts of interests with employees. If the third party will be selling to SOEs in China, robust review procedures should be performed and documented. In addition to applying these review procedures to new third parties, MNCs should review their existing third parties and assess the level of due diligence that was initially performed when the MNC engaged the third party. For higher risk third parties, routine, recurring diligence is recommended.
Having a strong third party due diligence program will lower the chance of conducting business with unethical entities and satisfy anti-corruption regulations in the United States and certain other countries.
Vetting Marketing Events with Customers
There are significant risks inherent in hosting or sponsoring customer marketing events in China. One of the most prominent risks is the potential that the MNC is over-charged by event organizers, conference centers or hotels, and excess funds are diverted to existing or potential customers as an improper payment. In China, marketing events with customers are consistently used as a means to fund improper payments; therefore, scrutinizing these events is part of a strong governance program.
While evaluating the reasonableness of costs for certain sponsorships is certainly challenging, there are benchmarks that are useful in measuring such costs. The background materials for the event should be scrutinized based on an RMB threshold established by internal audit or compliance. The event planner, hotel or conference center should be able to provide a detailed breakdown of costs prior to the event. For larger events, these materials should be reviewed by multiple in-house parties including marketing, upper management, operations, internal audit and compliance. For those items that appear suspicious, MNCs should consider performing an independent assessment that includes confirming the details of the event and pricing a similar event at the venue. More and more MNCs are also sending an internal audit or compliance employee to the event, or sending an external party independent of the vetting process, to confirm such elements as the number and identities of attendees, the agenda, sponsorship exposure and additional details to confirm that the event complies with the their gift and entertainment policies.
Internal Audit Resources Sitting in China
To be effective in China, internal audit departments must have knowledge of the local business practices. Many MNCs periodically send headquarters-based internal audit teams into China to test certain accounts and review business cycles. This approach does not fully capture China-specific business nuances and risks. If an MNC does not have local internal audit resources to interview Chinese staff, test transactions and review supporting documentation, it should consider engaging a local firm to supplement the visiting internal audit team. If an MNC has an established local internal audit team, it is important for the team to maintain a direct reporting line to internal audit leadership at headquarters. If they do not, local management could have an inappropriately strong influence on the direction and results of local internal audits.
China’s crackdown on corruption has significant momentum. As a result, MNCs are re-assessing their internal controls in China to ensure they are taking the necessary steps to minimize potential liability. By properly implementing the internal controls described here, MNCs will be better able to avoid becoming a victim of the widespread fraud that the crackdown seeks to reduce.
Article authored by Paul Peterson, CPA, CFE, CIA, is director of Forensic, Investigation, & Dispute Services at Grant Thornton China. He focuses on fraud investigations, global anticorruption, litigation support and consulting services related to anti-fraud programs and controls.