The Foreign Corrupt Practices Act (FCPA) is a hot topic from an enforcement point of view, which means it should be a front-burner issue at any company that does international business. You do not want to play fast and loose with the law, especially now.

A commentary in Business Finance makes an interesting point about compliance, suggesting that you should consider using your existing internal audit controls to help with FCPA compliance. In many ways, this sort of task is tailor made for your internal auditors and ideal for the IT-based controls with which they are no doubt adept. "A technology-enabled strategy using audit analytics is a cornerstone of an effective and efficient FCPA compliance program. Audit analytics and continuous auditing can help internal auditors monitor FCPA-related internal controls to prevent and detect violations that could open the organization to broader repercussions."

Here's an approach to how you might get started putting together some controls:

1. Define the red flags and compliance questions that are most important to your FCPA compliance efforts. Namely identify:

• Payments made to high-risk vendors
• Payments to government contractors

2. Get the data you need to answer your questions. A great place to start is:

• Vendor data
• Payment data
• PEP (Politically Exposed Persons) list, OFAC (Office of Foreign Assets Control) list, etc.

3. Run analyses. Push results out to the right people. Automate the process.

4. Build from there with an iterative approach

For more:
- here's the post

Related articles:
Companies still struggle with FCPA  
FCPA enforcement activity grows   
SEC settles FCPA case with foreign company