On January 29, 2014, Law No. 12,846/2013, also known as the Anti-corruption Law, came into force in Brazil. This law stipulates in what way and to what extent legal entities may be placed under administrative and/or civil responsibility for corruption or other acts considered detrimental to either a national or foreign public administration.  The Brazilian Anti-corruption Law is based on a strict liability regime, which means that legal entities will be held liable for illegal acts committed by any of its employees or by third parties, without the need to evidence intent or that the company’s management had actual knowledge or approved the specific improper acts.  The authorities only need to evidence that the illegal acts were committed in the benefit or interest of the legal entity. This law is of such import that it may be considered one of the Brazilian Government’s biggest steps in its efforts to combat corruption and bribery. As one of its key innovations, the Anti-corruption Law expressly recognizes the pre-existence of effective Compliance Programs and internal controls as a mitigating factor in the calculation of the sanctions. If the company demonstrates that it had an effective Compliance Program in place when the illegal act was committed, the sanctions to be imposed on the company will be significantly reduced.  While the Anti-corruption Law came into force in January 2014, it was only in March 18, 2015 that the Federal Government issued a Decree with regulatory details for the application of Law No. 12,846/2013.  Among other topics, the Decree provides guidance on what needs to be covered in an entity’s Compliance Program (reference to as the Integrity Program) for that program to be considered effective. According to the sole paragraph of the Decree’s article 41, the Integrity Program must be individualized and structured in accordance with the characteristics of each legal entity and with the particularities of its activities. This provision is important and solidifies the understanding that there are not “off-the-shelf” Compliance Programs.  The creation of an adequate Compliance Program must assess the specific risks of each legal entity, as well as the particularities of its activities.  In this sense, the Office of the Comptroller General (Corregedoria Geral da União) has expressed that a program which is not custom made according to the specific risks assessed by each legal entity tends to be inefficient and might be disregarded during a Sanctioning Administrative Procedure[1]. The Decree provides 16 parameters according to which the Compliance Program will be evaluated. Chief among them is the “the commitment of the legal entity’s senior management, including board members, demonstrated by clear and unequivocal support to the program” (Article 42, item I).  Top level commitment is not only listed as the first parameter for the evaluation of Compliance Programs, but it is also a factor expressly taken into account in the determination of the sanctions to be imposed on the company.  In fact, the Decree sets forth that in the event of tolerance or awareness of the wrongful acts by the legal entity’s management or by members of its board of directors, the fine to be imposed on the company will be increased by one to two and a half percent of the company’s annual gross revenue. The Decree also highlights as one of the essential elements of effective Compliance Programs the “independence, in structure and authority, of the internal department responsible for enforcing the integrity program and monitoring its compliance” (Article 42, item IX).  It is at this moment that the Brazilian Compliance Officer burst upon the scene. In Brazil, until the recent past, Compliance Officers were in general only found in US-subsidiary entities concerned with the FCPA; however, the Anti-corruption Law has now made that position one of the most important in any company doing business in Brazil, including Brazilian companies. The importance of a Compliance Officer, or even of a legal counsel who takes on that function, can be particularly defined by the legally mandated independence – in structure and authority – of the compliance function. In other words, the Decree has created an “untouchable” in-house organ that will monitor and control, from an anti-corruption perspective, the decisions of officers and directors, in line with the company’s Code of Conduct and other policies.  Certainly, the Compliance function’s independence, in structure and authority, as provided for by the Decree, is fundamental.  Lacking such independence, no Compliance Officer could intervene against wrongful acts, and the Compliance Program would thus be rendered ineffective. Both elements (leadership commitment and an independent compliance structure) should be interpreted in conjunction. While producing evidence of “tone of the top” may be a difficult task, an independent compliance structure, with direct reporting line to the company’s leadership, certainly supports such a commitment. It is essential that the Compliance Officer is proactive and actively participates in all company’s activities. A Compliance Officer who acts as a “figurehead” reduces the Compliance Program to a symbolic “off-the-shelf” item, nice to look at but of very little practical worth.  This is probably the greatest risk that companies implementing a Compliance Program from scratch should avoid: the creation of a compliance function should not be seen simply as needed to comply with a newly created legal requirement, but rather as an important measure to ensure that the Compliance Program is properly implemented, enforced and followed in the organization. In the end, at the time of significant changes in Brazilian anti-corruption legislation and enforcement scenario, as well as increased civil society awareness and participation in the fight against corruption, the Compliance Officer can play a significant role and make the difference. More than an independent anti-corruption authority within the company or a technician helping it to structure its Compliance Program and related internal policies, the ideal Compliance Officer must guarantee that, rather than gathering dust in the drawers of employee desks, the Compliance Program will assume a vigorous, essential role in an entity’s culture, as a necessary part of the daily routine of everyone from senior manager to intern. [1] According to article 18, item V, of Decree No. 8,420/2015, during the process to calculate the fine that may be imposed on a legal entity, if the legal entity can prove the pre-existence and application of an in-house Compliance Program according to the parameters set forth in Chapter V of the Decree, such a fine will be reduced by one to four percent.

Previous articleThe Case for a Gender Diverse Board
Next articleU.S. Department of Justice Appoints Compliance Expert and Outlines Key Evaluation Metrics