Anti-Corruption Compliance Programs and Barriers to Information Flow
In this article, Daniel Patrick Wendt and Ann Sultan discuss barriers to the flow of information, an increasingly common dilemma faced by multinational companies when implementing and enforcing anti-corruption compliance programs. These barriers can include aspects of data privacy rules, national security or state secret restrictions, and confidentiality obligations. "Effective anti-corruption compliance programs require companies to be able to monitor and test compliance programs, communicate the results, and — when appropriate — swiftly investigate potential violations," Wendt and Sultan wrote. "If a company has not planned how to manage the various information flow barriers, the compliance program may lose some of its effectiveness – and quickly, if employees' violations are allowed to occur without investigations and appropriate discipline."
The authors provide an overview of benchmarks that offer "implicit guidance" on managing information barriers from the Department of Justice (DOJ), the Committee of Sponsoring Organizations of the Treadway Commission (COSO), and section 7.5.3 of the International Organization for Standardization (ISO) Draft International Standard 37001 on Anti-Bribery Management Systems. "The obligation [to manage these information barriers] will likely become explicit in the future," Wendt and Sultan said. The authors also include seven recommendations encouraging companies to "plan and invest before the problems actually arise."