Mexico is finally taking a hard stance on corruption, with the passing earlier this year of a new anti-corruption law that takes effect next July 2017.
The law, passed in July 2016, aims to crack down on bribery and corruption by forcing government officials to be more transparent about their finances and business transactions. It calls for the appointment of a special prosecutor to investigate corruption cases, boosts penalties for companies that break the law and pushes firms to create their own anti-corruption compliance programs.
Dalia Sierra Ramirez, a partner in EY’s Fraud Investigation and Dispute Services practice, offers advice on how companies that do business there need to be looking now at the rules and devising strategies to comply with the new requirements.
What does this new law require from companies operating in Mexico?
The new anti-corruption regulation in Mexico, also known as Ley General de Responsabilidades Administrativas (LGRA), encourages companies to implement an Integrity Policy in order to prevent, detect and deter corruption within the organization. When determining the liability of legal persons, the authority may take into consideration the company’s Integrity Policy. Based on this, an Integrity Policy should include the following elements:
a) An organizational and procedures manual that clearly describes roles and responsibilities of each area and approval ladders
b) A Code of Conduct socialized across the entire organization
c) An adequate control framework as well as a regular monitoring process to verify compliance with the company’s integrity standards
d) An internal and external whistleblower system and a disciplinary process applicable to those individuals not complying with the company’s integrity standards or local regulations
e) A comprehensive training program for employees that is in connection with the Code of Conduct and the company’s integrity standards
f) Specific HR policies and procedures aimed at preventing the hiring of individuals that may represent an integrity risk for the Company
g) Mechanisms to ensure transparency
What industries will be impacted the most?
Companies operating in industries where the government is a client will face a greater challenge in ensuring compliance with the new regulation. These may include oil and gas, power and utilities, pharmaceuticals and medical devices.
While big multinational companies have large compliance departments and sophisticated anti-corruption programs, how will mid- and small-sized companies likely be affected by the new laws?
Mid- and small-sized companies will need to assess their corruption risks before implementing a compliance program (Integrity Policy). The compliance program needs to be proportionate and tailored to the risks faced by each company.
What happens if a company violates the new law?
Companies may be liable if an employee or third party commits a corrupt act on their behalf and the organization obtains an illegitimate benefit as a result of it. When determining the liability of legal persons, the authority may take into consideration the company’s Integrity Policy. Sanctions may include fines, ineligibility to participate in public tenders related to acquisitions for up to 10 years, suspension of activities for up to three years (temporary deprivation of exercising their commercial activities) and dissolution of the company.
How does this anti-corruption law compare to the U.S.’s Foreign Corrupt Practices Act and the UK Bribery Act?
Mexican anti-corruption regulation does not consider extraterritorial application at this point. However, similar to the FCPA and UK Bribery Act, companies should demonstrate to the regulator that an effective anti-corruption program is in place in order to reduce the liability when a corruption investigation takes place.
How will employee training be affected by this new law?
Training related to the Code of Conduct and integrity practices is a requirement of the new regulation. For those companies that currently have a compliance program in place, this is not new, and we do not foresee major impacts for them.
What are the elements of an effective anti-corruption compliance program?
An effective anti-corruption compliance program should aim to deter, detect and prevent bribery and corruption. It typically includes the following elements:
Policies and procedures. This helps set the proper tone at the top and throughout the entire organization and includes a communication and training program, as well as an internal controls framework.
Proactive activities. This includes risk assessment, monitoring activities and due diligence procedures.
Reactive activities. This part of the anti-corruption program sets specific protocols to react to when an allegation takes place, adequate and proportionate procedures to investigate and a sanction code for employees.