One of the challenges of FCPA compliance is developing a framework that is sufficiently comprehensive to address the entire range of pertinent issues.  In this regard, one of the outcomes of the Justice Department's investigation of Deutsche Telekom AG and Magyar Telekom Plc. was a non-prosecution agreement with Deutsche Telekom.  It included an appendix laying out the particulars of an effective corporate compliance program.  

The appendix provides useful guidance for developing an FCPA compliance program.  A clear and concise list of critical components are identified and described.  They include:

  1. A clear corporate policy against violations of the FCPA and other anti-corruption laws.
  2. A system of financial and accounting procedures, including a system of internal accounting controls.
  3. Promulgation of compliance standards and procedures designed to reduce the prospect of violations that are made applicable to all directors and employees and, where necessary, outside parties acting on behalf of Deutsche Telekom in foreign jurisdictions, including agents, consultants, representatives, distributors, teaming partners and joint venture partners (collectively referred to as "agents and business partners").
  4. Assignment of responsibility to one or more senior officials for the implimentation and oversight of compliance with policies, standards and procedures regarding the FCPA and other applicable anti-corruption laws. Such officials shall have authority to report matters directly to Deutsche Telekom's Board of Management and Supervisory Board.
  5. Mechanisms designed to ensure that policies, standards and procedures are effectively communicated to all directors, employees, and where appropriate, agents and business partners.  The mechanisms shall include periodic training for all such directors, employees, agents, and business partners and annual certifications from the foregoing certifiying compliance with the training requirements.
  6. An effective system for reporting suspected criminal conduct and/or violations of the compliance policies, standards and procedures.
  7. Appropriate disciplinary procedures to address, among other things, violations of FCPA and other anti-corruption laws.
  8. Appropriate due diligence requirements pertaining to the retention and oversight of agents and business partners.
  9. Standard provisions in agreements, contracts, and renewals thereof with all agents and business partners which are designed to prevent violations of the FCPA and other applicable anti-corruption laws, which provisions may, depending upon the circumstances, include:  (A) anti-corruption representations and undertakings relating to compliance with the FCPA and other anti-corruption laws; (B) rights to conduct audits of the books and records of the agent or business partner to ensure compliance with the foregoing; and (C) rights to terminate an agent or business partner are a result of any violation of anti-corruptions laws, and regulations or representations and undertakings related to such matters.
  10. Periodic testing of the integrity code, and policies and procedures designed to evaluate their effectiveness in detecting and reducing violations of the anti-corruption laws and Deutsche Telekom's internal controls system and integrity.