Oracle settlement shows importance of foreign risk management

Dec 27, 2013

The Oracle corporation recently agreed to pay a $2 million fine to settle allegations that one of its subsidiaries violated the Foreign Corrupt Practices Act (FCPA). According to the Securities and Exchange Commission, an India subsidiary created an unauthorized side fund of approximately $2.2 million by fabricating invoices.

This introduced operational risk for Oracle, one SEC official said. "Through its subsidiary's use of secret cash cushions, Oracle exposed itself to the risk that these hidden funds would be put to illegal use," stated Marc Fagel, director of the SEC's San Francisco regional office. "It is important for U.S. companies to proactively establish policies and procedures to minimize the potential for payments to foreign officials or other unauthorized uses of company funds."

According to the U.S. Justice Department, U.S. companies are not the only ones that must comply with the FCPA. They will also be held liable for the activity of their agents, joint venture partners or other third parties acting on their behalf.

As anti-corruption law expert Mike Koehler wrote for his blog, FCPA Professor, it's not unusual for a large multinational company to have hundreds or thousands of distributors. Without automated processes for vetting contractors and training them on a firm's standards for compliance with industry regulations, keeping track of every third-party supplier, vendor and subcontractor can prove extremely time-consuming and costly.

While the Oracle case involved one of its subsidiaries, the situation underscores why companies need to prioritize contractor qualification and management in addition to creating robust internal controls. Failing to ensure that your external business partners are observing regulations such as FCPA could put you at risk for hefty fines. 


Category: risk management