As the United States prepared to take a long holiday over the July 4th weekend, the Department of Justice set off some fireworks of its own: the department published a new edition of the FCPA Resource Guide, a one-volume compendium of all things related to the Foreign Corrupt Practices Act (FCPA). What does the Foreign… Read More
Proportionality is the principle of responding to an action with an equally-sized reaction. In criminal law, the principle of proportionality gives us the wisdom that “the punishment should fit the crime”. In business, we see the proportionality principle applied by publicly-traded companies who adopt a “one vote, one share” policy for common stock shareholders.
The principle of proportionality may be applied in many ways by public and private organizations as part of.the development of anti-corruption controls and policies.
What is Proportionality in Corporate Compliance?
In developing a corporate compliance policy, the principle of proportionality tells a company to respond to each individual compliance risk based on its perceived likelihood and the potential impact of non-compliance on the business objectives of the organization.
In developing anti-corruption policy, companies apply the principle of proportionality in several ways, including:
- Establishing Preventive Measures – Preventive measures are the systems and procedures that mitigate the possibility of employees engaging in corruption. They include policies like the separation of duties in procurement, training programs, due diligence processes, and other safeguards.
- Establishing Detective Measures – Detective measures are the systems and procedures that detect possible occurrences of corruption or non-compliance within a company. They include software-based compliance monitoring systems, whistleblower programs, financial disclosure policies, audit policies, and other measures.
- Establishing a Remedial Framework – A company’s anti-corruption policies should establish a framework for remedying non-compliance where individual penalties are proportional to the severity of the violation.
Successful application of the proportionality principle ensures that the company’s responses to a perceived risk are appropriate based on the evaluated probability and impact of the risk.
How Do Companies Establish Proportionality?
Companies establish proportionality in their compliance policies by conducting a thorough assessment of compliance risks and impacts.
The assessment begins with risk observation, bringing together data and knowledge from multiple departments to achieve a greater understanding of where compliance risks may exist in the business. Once potential compliance risks have been identified, the next step is to evaluate each risk across two dimensions:
- Probability – What is the probability that this risk would occur if we did nothing about it?
- Impact – What is the potential impact to our organization if this risk would occur?
Probability may be rated on a 10-point scale, while the impact of a non-compliance incident might be assigned a dollar-value or range. Companies often calculate a risk rating for each identified risk by multiplying its probability and impact. The items with the highest risk rating represent the greatest sources of compliance risk to the organization.
Having established risk ratings, organizations can craft measured, proportional responses to each individual risk that are appropriate based on the probability and impact of that risk occurring.
Why is Proportionality Important?
Applying the principle of proportionality produces two key benefits:
- Optimizing Resource Allocation – Proportionality helps companies efficiently allocate their financial and human resources to the compliance risks that present the greatest threats to the business. A proportional approach cuts the cost of compliance and eliminates waste while ensuring that companies achieve their compliance objectives.
Ensuring Fairness – A zero-tolerance policy for non-compliance does not mean that the company must respond in exactly the same way to every incident. A proportional response ensures that employees can receive leniency for accidental indiscretions, but that egregious violations are duly punished.