According to news reports, HP has agreed to pay more than $108 million to resolve allegations that it bribed foreign officials in Russia, Poland and Mexico to win government contracts.
HP subsidiaries allegedly created a slush fund to pay bribes, set up a web of shell companies and bank accounts to launder money, employed two sets of books to track bribe recipients and used anonymous email accounts and prepaid mobile phones to arrange meetings. The employees responsible for these activities are all gone, but HP has agreed to implement additional compliance and reporting procedures as part of the settlement.
Based on my experience with the Department of Justice and SEC related to FCPA investigations, these additional procedures will need to focus not only on fraudulent activities of the past but also on high-risk areas identified through an in-depth risk assessment. Companies need to proactively determine where their risks are and tailor a monitoring and reporting process to those risks. Vendor due diligence and appropriate wording in contracts is a must! Third-party audits are strongly recommended. Monitoring or mining of communications, i.e., email, texts and chats, also should be considered for high-risk operations or locations. When it comes to the FCPA or any anti-bribery regulation, offense is the best defense.
Learn more about FCPA investigations by watching this archived webinar.