fcpa-compliance-policy
Drafts an implementable Foreign Corrupt Practices Act (FCPA) Compliance Policy for U.S.-jurisdictional corporations with international operations. Covers anti-bribery provisions (15 U.S.C. §§ 78dd-1 through -3), accounting provisions (15 U.S.C. §§ 78m(b)(2)(A)-(B)), gift thresholds, tiered third-party due diligence, internal controls, training, and whistleblower protections. Incorporates DOJ/SEC Resource Guide guidance. Use when drafting or updating an FCPA policy, anti-bribery compliance program, corporate ethics policy, or international corruption risk framework.
Best use case
fcpa-compliance-policy is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Drafts an implementable Foreign Corrupt Practices Act (FCPA) Compliance Policy for U.S.-jurisdictional corporations with international operations. Covers anti-bribery provisions (15 U.S.C. §§ 78dd-1 through -3), accounting provisions (15 U.S.C. §§ 78m(b)(2)(A)-(B)), gift thresholds, tiered third-party due diligence, internal controls, training, and whistleblower protections. Incorporates DOJ/SEC Resource Guide guidance. Use when drafting or updating an FCPA policy, anti-bribery compliance program, corporate ethics policy, or international corruption risk framework.
Teams using fcpa-compliance-policy should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/fcpa-compliance-policy/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How fcpa-compliance-policy Compares
| Feature / Agent | fcpa-compliance-policy | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Drafts an implementable Foreign Corrupt Practices Act (FCPA) Compliance Policy for U.S.-jurisdictional corporations with international operations. Covers anti-bribery provisions (15 U.S.C. §§ 78dd-1 through -3), accounting provisions (15 U.S.C. §§ 78m(b)(2)(A)-(B)), gift thresholds, tiered third-party due diligence, internal controls, training, and whistleblower protections. Incorporates DOJ/SEC Resource Guide guidance. Use when drafting or updating an FCPA policy, anti-bribery compliance program, corporate ethics policy, or international corruption risk framework.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# FCPA Compliance Policy Drafts a litigation-ready FCPA Compliance Policy anchored in DOJ/SEC enforcement guidance, with specific thresholds, approval workflows, and role-based obligations. ## Prerequisites 1. **Company profile** — jurisdiction, SEC issuer or domestic concern status, geographic markets, high-risk countries 2. **Existing materials** — prior FCPA policies, audit findings, enforcement history, third-party agent inventory 3. **Org structure** — approval hierarchies, Compliance Officer identity, board/audit committee structure 4. **Risk appetite** — facilitation payment election (recommend total prohibition), gift/hospitality thresholds 5. **Third-party landscape** — agents, distributors, JV partners interacting with foreign officials ## Quick Start 1. Gather prerequisites above 2. Draft policy following the nine-section Output Structure below 3. Customize thresholds to company risk profile 4. Run Guidelines checklist before finalizing 5. Attach appendices (approval forms, due diligence checklists, red flag cards) ## Output Structure Draft a policy with these nine sections: ### 1. Introduction & Scope | Element | Content | |---|---| | Statutory basis | Anti-bribery: 15 U.S.C. §§ 78dd-1, -2, -3; Accounting: 15 U.S.C. §§ 78m(b)(2)(A)-(B) | | Penalties | Corporate criminal: up to $2M/violation; individual: up to 5 years imprisonment [VERIFY post-inflation adjustments] | | Enforcement | DOJ (criminal), SEC (civil, issuers only) | | Tone | Compliance = legal obligation + business integrity; employees who refuse corrupt practices are supported | ### 2. Applicability - **Covered persons:** All employees, officers, directors, agents globally — including foreign subsidiaries where U.S. jurisdictional nexus exists - **Nexus triggers:** U.S.-routed emails, wire transfers through U.S. correspondent banks, calls to/from U.S., SEC registration - **Third parties:** Agents, consultants, distributors, JV partners, customs brokers acting on company's behalf; willful blindness = liability - **Conflict of laws:** Apply the more restrictive standard; consult Legal/Compliance ### 3. Prohibited Conduct & Key Definitions Prohibits offering, promising, giving, or authorizing anything of value to a foreign official, directly or through intermediaries, corruptly to influence official action, induce duty violations, secure improper advantage, or obtain/retain business. | Term | Scope | |---|---| | Foreign official | Government employees at all levels; state-owned enterprise officials (even minority ownership); political party officials/candidates; public international organization employees | | Anything of value | Cash, gifts, meals, travel, lodging, employment offers, charitable contributions, political donations, business opportunities | | Issuer | Company with U.S.-registered securities or periodic SEC filing obligations | | Domestic concern | U.S. citizens, nationals, residents; U.S.-organized entities | **Facilitation payments:** Recommend total prohibition — narrow exception, difficult to document, prohibited by U.K. Bribery Act and many local laws. **Common schemes:** Consulting fees to officials' shell companies; luxury travel to influence procurement; hiring officials' relatives as quid pro quo; directed charity donations; cash to expedite customs. ### 4. Gifts, Hospitality & Business Courtesies **All criteria must be met:** reasonable value; lawful under recipient's policies and local law; tied to legitimate business purpose; transparent and documented; not cash; no expectation of official action; infrequent. **Default thresholds:** | Category | Limit | Approval | |---|---|---| | Single gift (foreign official) | ≤ $100 | None | | Aggregate per recipient/year | ≤ $250 | None | | Meals (with business discussion) | Reasonable | Manager | | Exceeding thresholds | Any | Legal/Compliance written | | Travel/lodging | Economy; standard hotel | Legal/Compliance written | **Always prohibited:** Cash/equivalents; first-class travel (unless equal to internal policy); family member expenses; personal side trips; unattended event tickets. ### 5. Third-Party Due Diligence **Risk-tiered framework:** | Tier | Risk Factors | Diligence | |---|---|---| | Low | No government interaction; low-risk jurisdiction; fixed fee | Registration check; sanctions/media screening; FCPA representation | | Moderate | Occasional government contact; moderate jurisdiction; commission comp | + References; qualifications; comp reasonableness; anti-corruption policy review | | High | Regular government contact; high-risk jurisdiction (TI CPI < 50); success fee; government-recommended; official ownership | + Background investigation; ownership verification; site visit; compliance audit; ongoing monitoring | **Required contract terms:** FCPA compliance reps/warranties; accurate books obligation; audit rights; training obligations; termination right for violations. **Compensation rules:** Reasonable and documented; prohibit round-sum payments, cash, offshore routing, payments to unqualified parties. **Monitoring:** Annual recertification; periodic transaction review; immediate red flag investigation. ### 6. Accounting Provisions & Internal Controls All transactions recorded accurately in reasonable detail — not limited to foreign-official interactions. **Prohibited:** Off-books accounts; false invoices/expense reports; generic payment descriptions. **Required controls:** | Control | Description | |---|---| | Segregation of duties | No single employee controls all aspects of high-risk transactions | | Approval hierarchy | Management review for foreign-official and high-risk third-party expenditures | | Expense flagging | Automated flags for unusual payments routed to Compliance pre-processing | | Periodic audits | High-risk accounts and third-party transactions | | Payment channels | Payments only to contracting party; only in country of service | **Finance red flags (escalate before payment):** Round-sum invoices lacking detail; third-country/offshore payments; cash requests; shell companies; unusual urgency; unapproved vendors. ### 7. Training Requirements | Population | Frequency | Content | |---|---|---| | All employees (intl ops, finance) | Hire + annual | FCPA overview, red flags, reporting channels | | High-risk (sales, BD, procurement) | Hire + annual + role change | Scenarios, approval workflows, due diligence | | Senior management | Annual | Compliance culture, resource adequacy, escalation | | Board/Audit Committee | Annual | Oversight, key risks, program effectiveness | | High-risk third parties | Per contract | FCPA fundamentals, policy obligations | Require written certification of completion; maintain comprehension records (assessments). ### 8. Reporting & Non-Retaliation **Channels:** 24/7 multilingual hotline (anonymous where permitted); web portal; direct Legal/Compliance access. **Investigation:** Prompt review; independent investigators; document preservation; escalation to Audit Committee for significant matters. **Non-retaliation:** Adverse actions prohibited for good-faith reporters or employees refusing to participate in violations. Retaliation = independent terminable offense. **Protections:** Dodd-Frank (SEC reporter incentives/anti-retaliation) [VERIFY current bounty %]; SOX (public company fraud reporting). ### 9. Enforcement & Accountability - **Discipline:** Violations subject to termination regardless of seniority; includes demotion, suspension, bonus/equity forfeiture - **Personal liability:** Company cannot indemnify personal criminal fines; individual exposure includes imprisonment (up to 5 years), civil penalties, disgorgement, debarment - **Self-disclosure:** Company reserves voluntary disclosure right; cooperation is significant in DOJ/SEC charging decisions - **Governance:** Designated CCO with board reporting line; annual policy review; Compliance Officer escalation authority; adequate budget for training, diligence, monitoring, investigations ### Appendices Include: gift/travel approval form template; tiered due diligence checklist; red flag reference card; Compliance contact info and hotline; country risk tier list (current TI CPI). ## Troubleshooting - **Facilitation payment ambiguity:** Default to prohibition; document policy election and rationale explicitly - **SOE classification uncertainty:** Always assess government ownership stake — even minority ownership qualifies employees as foreign officials - **U.K. Bribery Act overlap:** Flag where U.K. nexus triggers stricter standards (no facilitation exception, adequate procedures defense) - **Threshold calibration:** Adjust gift/hospitality limits to industry norms; document basis for chosen amounts - **"Paper program" risk:** DOJ/SEC evaluate whether program is operationalized — policy without training, monitoring, and enforcement is insufficient ## Guidelines - Verify penalty amounts annually — subject to Federal Civil Penalties Inflation Adjustment Act - Apply the more restrictive standard where local law conflicts; document analysis - Do not speculate on whether specific historical company conduct violated the FCPA without attorney review - Mark all jurisdiction-specific or time-sensitive figures with [VERIFY]
Related Skills
managing-telehealth-compliance
Evaluates telehealth program compliance with state licensing, prescribing, and reimbursement requirements. Use when assessing telehealth compliance, reviewing licensure requirements, or managing virtual care regulations.
managing-state-regulatory-compliance
Monitors state-specific healthcare regulatory requirements including licensing, reporting, and scope of practice. Use when tracking state regulations, managing licensure requirements, or monitoring regulatory changes.
managing-research-compliance
Monitors research compliance with federal regulations (21 CFR, 45 CFR 46) and institutional policies. Use when ensuring research compliance, managing regulatory requirements, or conducting compliance reviews.
managing-medical-records-compliance
Evaluates medical records practices against retention, access, and amendment requirements. Use when auditing medical records, managing record retention, or processing amendment requests.
managing-informed-consent-compliance
Evaluates informed consent practices against state law requirements and institutional policies. Use when auditing consent processes, reviewing consent form adequacy, or managing consent compliance.
managing-emtala-compliance
Evaluates emergency department practices against EMTALA requirements with documentation checklists. Use when assessing EMTALA compliance, reviewing MSE requirements, or documenting transfer obligations.
managing-compliance-programs
Structures OIG-model compliance program elements with effectiveness measurement and reporting. Use when building compliance programs, implementing OIG guidance, or measuring program effectiveness.
managing-compliance-audits
Structures coding compliance audit programs with sampling methodology and corrective action plans. Use when conducting compliance audits, designing audit samples, or implementing corrective actions.
managing-clinical-trial-compliance
Evaluates clinical trial regulatory compliance with FDA/IRB requirements and audit readiness. Use when auditing trial compliance, preparing for FDA inspections, or managing regulatory requirements.
managing-billing-compliance
Structures billing compliance programs with audit methodology and corrective action protocols. Use when auditing billing practices, managing compliance programs, or implementing corrective actions.
managing-accreditation-compliance
Tracks Joint Commission/HFAP/DNV accreditation standards compliance with survey preparation. Use when preparing for accreditation, tracking standards compliance, or managing survey readiness.
auditing-hipaa-compliance
Conducts HIPAA compliance assessments with Privacy Rule, Security Rule, and Breach Notification analysis. Use when auditing HIPAA compliance, assessing privacy practices, or reviewing security controls.