a World-Class Compliance Program: Best Practices and Strategies
Martin T. Biegelman with Daniel R. Biegelman
by John Wiley & Sons, Inc., March 2008; ISBN: 978-0-470-11478-0;
298 pages (hardcover); $45
by Anthony S. Chan
- This book is well-organized, well-written, and easy to read. Although
it is not meant to be a user guide or handbook, the authors have
succeeded in bringing together helpful hints and best practices
that are critical to developing a practical compliance program.
Readers are reminded right from the start of the importance of proper
“tone at the top” and how the CEO can make a difference.
The authors correctly point out that: “Compliance is more
than just following laws, regulations, and policy. It is often about
doing the right thing when faced with compliance challenges.”
is divided into 13 chapters, and it contains a good discussion
of the following:
growth, and evolution of corporate compliance;
studies of companies that emerge from compliance failures;
sentencing guidelines for organizations (FSGO) and the seven
steps to an effective compliance program;
- The U.S.
Department of Justice’s McNulty Memorandum and the revised
principles of federal prosecution of business organizations;
- The SEC’s
seaboard criteria (such as self-policing, self-reporting, remediation,
and cooperation) in mitigating enforcement actions;
laundering enforcement; and
- The risk
of corruption and the expanding reach of the Foreign Corrupt
Practices Act (FCPA).
are pressed for time but want to learn how to develop an effective
compliance program should find the following sections of the book
5 and 6, where the authors describe how companies addressed
their compliance failures (such as accounting fraud and FCPA
violations involving bribery and corruption) with positive remedial
actions. According to the authors, an effective FCPA programs
should include, at a minimum, the following elements:
policy that establishes compliance standards and practices
to be followed by employees, consultants, and agents;
of appropriate disciplinary measures;
- A reporting
system whereby suspected criminal conduct may be reported.
7, which includes a good discussion of “red flags”
that could signal potential suspicious activity, including the
inconsistent with the customer’s business;
of reporting or record-keeping requirements;
large, round number wires; and
or suspicious information provided by a customer.
9 and 10, which include a comprehensive discussion of the seven
steps to an effective compliance program. These steps, listed
below, are adapted from the federal sentencing guidelines:
compliance standards and procedures that are reasonably capable
of reducing the likelihood of criminal conduct;
overall responsibility for compliance to a specific high-level
reasonable efforts to exclude prohibited persons—do
not delegate discretionary authority to individuals with a
history of illegal conduct or other conduct inconsistent with
a compliance program;
training and communication of standards and procedures to
employees and agents;
monitoring, auditing, and reporting systems to evaluate program
standards with discipline and incentives; and
to criminal conduct and remedial action—take reasonable
steps to respond to discovered criminal conduct.
two compliance programs are alike, the examples in this book should
provide great insight to readers in designing their own compliance
programs. Readers are also reminded of the key role internal audit
should play in the ongoing monitoring for compliance. Chief compliance
officers should properly integrate internal audit in their compliance
book to be equally useful to the boards and managements of smaller
public companies or other privately held organizations, the authors
should include other relevant examples or case studies, whereby
the same underlying principles of good corporate governance could
be applied. Most small businesses lack the resources to hire a
dedicated chief compliance officer, and they must find the right
balance, given pressing priorities and limited resources.
this book is a “must read” for those in the business
of compliance and risk management, and I would highly recommend
it to audit committees and senior management. In fact, I have
already recommended it to colleagues and clients.
S. Chan, CPA, is a partner of Berdon LLP in New York, N.Y.,
and a leader of its Sarbanes-Oxley compliance and corporate governance
practice. He is vice chair of the NYSSCPA’s SEC Practice Committee.
CPA Journal is broadly recognized as an outstanding, technical-refereed
publication aimed at public practitioners, management, educators,
and other accounting professionals. It is edited by CPAs for CPAs.
Our goal is to provide CPAs and other accounting professionals
with the information and news to enable them to be successful
accountants, managers, and executives in today's practice environments.
The New York State Society of CPAs. Legal