During 2018 the Russian Federation adopted a number of amendments to strengthen its anticorruption laws and comply with international anticorruption commitments (yes, you read right, Russia). [i] While the amendments cover various topics, there are two that are interrelated and are particularly worthwhile discussing:
The first (consistent with global trends), expanded liability to include third parties that act as intermediaries in corrupt schemes and also expanded the definition of beneficiaries of bribes to include close family members and friends of public officials. The second one, while not technically a “compliance program defense” like the one contained in the UK Bribery Act[ii] or in Argentina’s new Anticorruption Law,[iii] can, in some circumstances, help companies avoid or reduce liability if they contributed to the detection of the corrupt scheme (i.e. by detecting the problem, conducting an administrative investigation and cooperating with the government).[iv] Granted, the language is still a bit vague and there is still significant discretion in assessing the extent of cooperation, but, at least, it is a clear indication of where things are going: having a compliance program that deals with third parties is no longer optional. Wзlcomз to изw иoяmal comяadзs.
While the need to have compliance programs is now crystal clear, there is still confusion in Russia (as well as in other parts of the world) as to what such programs should look like. Basic as it may sound, part of the confusion lies in the fact that people have very different ideas of what a compliance program is. The most common and dangerous misconception is that a compliance program is just an anticorruption policy, preferably written by a mega law firm (and for which the company paid as little as possible: “just give me the basics, what you give to your other clients…”).[v] That, of course, is an error. Just as cinder blocks by themselves are insufficient to build a house, policies in abstract cannot build a compliance program.
The best way to define compliance programs perhaps is to view them as ever-evolving (and ever-improving) cycles aimed at ensuring compliance with applicable law. In the words of Debbie Troklus, Greg Warner and Emma Wollschlager a compliance program must be “a living, ongoing process that is part of the fabric of the organization” [vi] rather than an abstract process or policy that lives in just one of its parts.
Another misconception is that what works for Company A may work just as fine for Company B. In this regard, while there may be opportunities to benchmark and leverage on others’ experiences, compliance programs are rarely “One-size-fits-all”. Much to the contrary, to be effective, compliance programs need to be the result of well-thought-out processes that consider each company’s unique characteristics such as industry, geographies, available resources, risk profiles and legal requirements.
While Russian authorities have recently acknowledged that there isn’t much legal guidance on what compliance programs should look like,[vii] local practitioners should, at a minimum (and until more guidance is issued), include, in one way or another, each of the following seven basic and widely recognized elements when designing compliance programs: (i) written policies and procedures; (ii) a compliance governance structure (i.e. compliance committees and officers); (iii) proper training and education; (iv) developing effective lines of communication; (v) enforcement through well publicized disciplinary guidelines; (vi) effective auditing and monitoring and (vii) prompt implementation of corrective action when violations are detected. [viii]
So how should we read the passing of the 2018 Russian anticorruption amendments? While some may choose to see them with some skepticism perhaps we should look at them as an opportunity for a Compliance Cold War or even a Compliance Race[ix]. Wouldn’t it be nice to hear our president tweet “My Compliance Program button is bigger than yours, and mine works”? TO BE CONTINUED….
[i] See http://en.kremlin.ru/acts/news/59614
[ii] See Section 7 of the UK’s Bribery Act, 2010 available at https://www.legislation.gov.uk/ukpga/2010/23/section/7
[iii] See Art 9(b) of Argentina’s Law 27-401, January 12, 2017 available at http://infojus.com.ar/leyes/ley-27-401-responsabilidad-penal-las-personas-juridicas/
[iv] “Юридическое лицо освобождается от административной ответственности за административное правонарушение, предусмотренное настоящей статьей, если оно способствовало выявлению данного правонарушения, проведению административного расследования и (или) выявлению, раскрытию и расследованию преступления, связанного с данным правонарушением, либо в отношении этого юридического лица имело место вымогательство.” See Article 19.28 of the Administrative Code of the Russian Federation available at
http://ppt.ru/kodeks.phtml?kodeks=11&paper=19.28
[v] Companies that take that approach not only lack a compliance program but have also increased their compliance risk by adopting policies that were not tailored to their specific needs which, in most times, results in the policies not being followed. Needless to say, it is worse to have policies that are not followed than having no policies at all.
[vi] Debbie Troklu, Greg Warner and Emma Wollschlager, Compliance 101, 1 (2008) available at http://www.corporatecompliance.org/Portals/1/Users/169/29/60329/Compliance%20101%20Book%20excerpt.pdf
[vii] Russian authorities have stated that they plan to introduce changes to Article 13.3 of the Anticorruption Law to include minimum standards and provide more clarity to companies wishing to implement effective compliance programs. These new standards are expected to consider factors such as company size and resources as well as whether the company is private or state-owned. See http://en.fas.gov.ru/press-center/news/detail.html?id=53645
[viii] These 7 elements have long been adopted in §8B2.1 of the U.S. Federal Sentencing Guidelines and also in guidance documents issued by other U.S. governmental agencies including the Department of Health and Human Services’ Office of the Inspector General (OIG). See https://oig.hhs.gov/compliance/compliance-guidance/index.asp.
[ix] Unlikely as it may seem, perhaps President Putin will choose to look at our anti-corruption efforts in the same way he looked at Barney, President George W. Bush’s dog, during a state visit and will feel the need to come up with “bigger, stronger and faster” compliance efforts.