Building a World-Class Compliance Program: Best Practices and Strategies for Success
Chan, Anthony S., The CPA Journal
Building a World-Class Compliance Program: Best Practices and Strategies for Success By Martin T. Biegelman with Daniel R. Biegelman Published by John Wiley & Sons, Inc., March 2008; ISBN: 978-0-470-11478-0; 298 pages (hardcover); $45
Reviewed by Anthony S. Chan
This book is well-organized, wellwritten, and easy to read. Although it is not meant to be a user guide or handbook, the authors have succeeded in bringing together helpful hints and best practices that are critical to developing a practical compliance program. Readers are reminded right from the start of the importance of proper "tone at the top" and how the CEO can make a difference. The authors correctly point out that: "Compliance is more than just following laws, regulations, and policy. It is often about doing the right thing when faced with compliance challenges."
The book is divided into 13 chapters, and it contains a good discussion of the following:
* History, growth, and evolution of corporate compliance;
* Case studies of companies that emerge from compliance failures;
* Federal sentencing guidelines for organizations (FSGO) and the seven steps to an effective compliance program;
* The U.S. Department of Justice's McNulty Memorandum and the revised principles of federal prosecution of business organizations;
* The SEC's seaboard criteria (such as self-policing, self-reporting, remediation, and cooperation) in mitigating enforcement actions;
* Anti-money laundering enforcement; and
* The risk of corruption and the expanding reach of the Foreign Corrupt Practices Act (FCPA).
Readers who are pressed for time but want to learn how to develop an effective compliance program should find the following sections of the book extremely useful:
* Chapters 5 and 6, where the authors describe how companies addressed their compliance failures (such as accounting fraud and FCPA violations involving bribery and corruption) with positive remedial actions. According to the authors, an effective FCPA programs should include, at a minimum, the following elements:
* FCPA-based policy that establishes compliance standards and practices to be followed by employees, consultants, and agents;
* Implementation of appropriate disciplinary measures;
* A reporting system whereby suspected criminal conduct may be reported.
* Chapter 7, which includes a good discussion of "red flags" that could signal potential suspicious activity, including the following:
* Activity inconsistent with the customer's business;
* Avoidance of reporting or recordkeeping requirements;
* Frequent, large, round number wires; and
* Insufficient or suspicious information provided by a customer. …