Spend Matters welcomes this guest article by Steve Sprague, vice president of product strategy at Invoiceware International.
As we discussed previously, the introduction of Mexico’s e-contabilidad (e-accounting) mandates has resulted in increased visibility into the financial records of companies operating here. This increased visibility has many advantages, including encouraging cash flow efficiencies, but it also results in increased enforcement of tax laws. Many companies approach e-contabilidad as a local issue, but the fines and penalties that can result from inaccurate or delayed reporting can be felt company-wide. This visibility also opens up US-based enterprises to greater scrutiny under the Foreign Corrupt Practices Act (FCPA), one of the most frequently overlooked risks of e-accounting mandates.
With financial records now at their fingertips, the Securities and Exchange Commission can easily examine invoices and journal entries for discrepancies and suspicious transactions. While most companies are familiar with the fraud components of the FCPA law, many are not aware that invoicing is the No. 1 business process that triggers fines and penalties. And these violations aren’t restricted to small companies without strict processes and procedures in place. In fact, some well-known brands have recently made news for FCPA violations in Mexico.
Most notably, printing giant Hewlett-Packard paid more than $108 million to the Securities and Exchange Commission for FCPA violations, in which the company paid more than $1 million to a consultant in Mexico to win a government contract, in addition to similar payments in Russia and Poland. Similarly, Tyson Foods settled Mexico FCPA violations for $4 million for making illicit payments to Mexican government officials in order to certify its products for export. The original payments were for just over $100,000 – hardly worth the millions it ended up costing the processor. Recognizing these risks, Citigroup recently self-identified fraudulent invoices in its Mexico operation and had to adjust its 2013 profits by $235 million dollars.
What can we learn from these examples? First and foremost, they show the ease with which FCPA violations can occur with decentralized processes for accounting and compliance. In all of these cases, the company’s books showed these payments as legitimate expenses. Yet, as the SEC ruled, “companies have a fundamental obligation to ensure that their internal controls are both reasonably designed and appropriately implemented across their entire business operations.”
These companies invest heavily into their accounting and finance procedures and systems like SAP ERP. However, at the corporate level, finance teams often don’t realize that because of local regulations throughout Latin America, their existing systems are not the invoicing and fiscal reporting solutions being used in Mexico and the rest of the region. Frequently, third party bolt-ons to the ERP system of record are used to manage compliance, accounting and invoicing, leaving huge gaps in corporate visibility into financial operations in this region. These gaps leave companies extremely vulnerable to fraud and the resulting penalties.
The best way to apply corporate governance in local markets is an integrated system within your existing ERP to ensure that there is no way to change data outside the system of record. Such integration guarantees that corporate finance teams have necessary visibility into local finances while still complying with local e-invoicing and e-accounting mandates.
The FCPA can be violated easily if employers aren't clear how their accounting IT systems are set up to comply with local laws and track potential issues. Are you managing local compliance in a way that maintains corporate visibility? If not, you face similar risks as these penalized companies.