fcpa-compliance-policy

Drafts an implementable Foreign Corrupt Practices Act (FCPA) Compliance Policy for U.S.-jurisdictional corporations with international operations. Covers anti-bribery provisions (15 U.S.C. §§ 78dd-1 through -3), accounting provisions (15 U.S.C. §§ 78m(b)(2)(A)-(B)), gift thresholds, tiered third-party due diligence, internal controls, training, and whistleblower protections. Incorporates DOJ/SEC Resource Guide guidance. Use when drafting or updating an FCPA policy, anti-bribery compliance program, corporate ethics policy, or international corruption risk framework.

11 stars

Best use case

fcpa-compliance-policy is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Drafts an implementable Foreign Corrupt Practices Act (FCPA) Compliance Policy for U.S.-jurisdictional corporations with international operations. Covers anti-bribery provisions (15 U.S.C. §§ 78dd-1 through -3), accounting provisions (15 U.S.C. §§ 78m(b)(2)(A)-(B)), gift thresholds, tiered third-party due diligence, internal controls, training, and whistleblower protections. Incorporates DOJ/SEC Resource Guide guidance. Use when drafting or updating an FCPA policy, anti-bribery compliance program, corporate ethics policy, or international corruption risk framework.

Teams using fcpa-compliance-policy should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/fcpa-compliance-policy/SKILL.md --create-dirs "https://raw.githubusercontent.com/CaseMark/skills/main/skills/legal/fcpa-compliance-policy/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/fcpa-compliance-policy/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How fcpa-compliance-policy Compares

Feature / Agentfcpa-compliance-policyStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Drafts an implementable Foreign Corrupt Practices Act (FCPA) Compliance Policy for U.S.-jurisdictional corporations with international operations. Covers anti-bribery provisions (15 U.S.C. §§ 78dd-1 through -3), accounting provisions (15 U.S.C. §§ 78m(b)(2)(A)-(B)), gift thresholds, tiered third-party due diligence, internal controls, training, and whistleblower protections. Incorporates DOJ/SEC Resource Guide guidance. Use when drafting or updating an FCPA policy, anti-bribery compliance program, corporate ethics policy, or international corruption risk framework.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# FCPA Compliance Policy

Drafts a litigation-ready FCPA Compliance Policy anchored in DOJ/SEC enforcement guidance, with specific thresholds, approval workflows, and role-based obligations.

## Prerequisites

1. **Company profile** — jurisdiction, SEC issuer or domestic concern status, geographic markets, high-risk countries
2. **Existing materials** — prior FCPA policies, audit findings, enforcement history, third-party agent inventory
3. **Org structure** — approval hierarchies, Compliance Officer identity, board/audit committee structure
4. **Risk appetite** — facilitation payment election (recommend total prohibition), gift/hospitality thresholds
5. **Third-party landscape** — agents, distributors, JV partners interacting with foreign officials

## Quick Start

1. Gather prerequisites above
2. Draft policy following the nine-section Output Structure below
3. Customize thresholds to company risk profile
4. Run Guidelines checklist before finalizing
5. Attach appendices (approval forms, due diligence checklists, red flag cards)

## Output Structure

Draft a policy with these nine sections:

### 1. Introduction & Scope

| Element | Content |
|---|---|
| Statutory basis | Anti-bribery: 15 U.S.C. §§ 78dd-1, -2, -3; Accounting: 15 U.S.C. §§ 78m(b)(2)(A)-(B) |
| Penalties | Corporate criminal: up to $2M/violation; individual: up to 5 years imprisonment [VERIFY post-inflation adjustments] |
| Enforcement | DOJ (criminal), SEC (civil, issuers only) |
| Tone | Compliance = legal obligation + business integrity; employees who refuse corrupt practices are supported |

### 2. Applicability

- **Covered persons:** All employees, officers, directors, agents globally — including foreign subsidiaries where U.S. jurisdictional nexus exists
- **Nexus triggers:** U.S.-routed emails, wire transfers through U.S. correspondent banks, calls to/from U.S., SEC registration
- **Third parties:** Agents, consultants, distributors, JV partners, customs brokers acting on company's behalf; willful blindness = liability
- **Conflict of laws:** Apply the more restrictive standard; consult Legal/Compliance

### 3. Prohibited Conduct & Key Definitions

Prohibits offering, promising, giving, or authorizing anything of value to a foreign official, directly or through intermediaries, corruptly to influence official action, induce duty violations, secure improper advantage, or obtain/retain business.

| Term | Scope |
|---|---|
| Foreign official | Government employees at all levels; state-owned enterprise officials (even minority ownership); political party officials/candidates; public international organization employees |
| Anything of value | Cash, gifts, meals, travel, lodging, employment offers, charitable contributions, political donations, business opportunities |
| Issuer | Company with U.S.-registered securities or periodic SEC filing obligations |
| Domestic concern | U.S. citizens, nationals, residents; U.S.-organized entities |

**Facilitation payments:** Recommend total prohibition — narrow exception, difficult to document, prohibited by U.K. Bribery Act and many local laws.

**Common schemes:** Consulting fees to officials' shell companies; luxury travel to influence procurement; hiring officials' relatives as quid pro quo; directed charity donations; cash to expedite customs.

### 4. Gifts, Hospitality & Business Courtesies

**All criteria must be met:** reasonable value; lawful under recipient's policies and local law; tied to legitimate business purpose; transparent and documented; not cash; no expectation of official action; infrequent.

**Default thresholds:**

| Category | Limit | Approval |
|---|---|---|
| Single gift (foreign official) | ≤ $100 | None |
| Aggregate per recipient/year | ≤ $250 | None |
| Meals (with business discussion) | Reasonable | Manager |
| Exceeding thresholds | Any | Legal/Compliance written |
| Travel/lodging | Economy; standard hotel | Legal/Compliance written |

**Always prohibited:** Cash/equivalents; first-class travel (unless equal to internal policy); family member expenses; personal side trips; unattended event tickets.

### 5. Third-Party Due Diligence

**Risk-tiered framework:**

| Tier | Risk Factors | Diligence |
|---|---|---|
| Low | No government interaction; low-risk jurisdiction; fixed fee | Registration check; sanctions/media screening; FCPA representation |
| Moderate | Occasional government contact; moderate jurisdiction; commission comp | + References; qualifications; comp reasonableness; anti-corruption policy review |
| High | Regular government contact; high-risk jurisdiction (TI CPI < 50); success fee; government-recommended; official ownership | + Background investigation; ownership verification; site visit; compliance audit; ongoing monitoring |

**Required contract terms:** FCPA compliance reps/warranties; accurate books obligation; audit rights; training obligations; termination right for violations.

**Compensation rules:** Reasonable and documented; prohibit round-sum payments, cash, offshore routing, payments to unqualified parties.

**Monitoring:** Annual recertification; periodic transaction review; immediate red flag investigation.

### 6. Accounting Provisions & Internal Controls

All transactions recorded accurately in reasonable detail — not limited to foreign-official interactions.

**Prohibited:** Off-books accounts; false invoices/expense reports; generic payment descriptions.

**Required controls:**

| Control | Description |
|---|---|
| Segregation of duties | No single employee controls all aspects of high-risk transactions |
| Approval hierarchy | Management review for foreign-official and high-risk third-party expenditures |
| Expense flagging | Automated flags for unusual payments routed to Compliance pre-processing |
| Periodic audits | High-risk accounts and third-party transactions |
| Payment channels | Payments only to contracting party; only in country of service |

**Finance red flags (escalate before payment):** Round-sum invoices lacking detail; third-country/offshore payments; cash requests; shell companies; unusual urgency; unapproved vendors.

### 7. Training Requirements

| Population | Frequency | Content |
|---|---|---|
| All employees (intl ops, finance) | Hire + annual | FCPA overview, red flags, reporting channels |
| High-risk (sales, BD, procurement) | Hire + annual + role change | Scenarios, approval workflows, due diligence |
| Senior management | Annual | Compliance culture, resource adequacy, escalation |
| Board/Audit Committee | Annual | Oversight, key risks, program effectiveness |
| High-risk third parties | Per contract | FCPA fundamentals, policy obligations |

Require written certification of completion; maintain comprehension records (assessments).

### 8. Reporting & Non-Retaliation

**Channels:** 24/7 multilingual hotline (anonymous where permitted); web portal; direct Legal/Compliance access.

**Investigation:** Prompt review; independent investigators; document preservation; escalation to Audit Committee for significant matters.

**Non-retaliation:** Adverse actions prohibited for good-faith reporters or employees refusing to participate in violations. Retaliation = independent terminable offense.

**Protections:** Dodd-Frank (SEC reporter incentives/anti-retaliation) [VERIFY current bounty %]; SOX (public company fraud reporting).

### 9. Enforcement & Accountability

- **Discipline:** Violations subject to termination regardless of seniority; includes demotion, suspension, bonus/equity forfeiture
- **Personal liability:** Company cannot indemnify personal criminal fines; individual exposure includes imprisonment (up to 5 years), civil penalties, disgorgement, debarment
- **Self-disclosure:** Company reserves voluntary disclosure right; cooperation is significant in DOJ/SEC charging decisions
- **Governance:** Designated CCO with board reporting line; annual policy review; Compliance Officer escalation authority; adequate budget for training, diligence, monitoring, investigations

### Appendices

Include: gift/travel approval form template; tiered due diligence checklist; red flag reference card; Compliance contact info and hotline; country risk tier list (current TI CPI).

## Troubleshooting

- **Facilitation payment ambiguity:** Default to prohibition; document policy election and rationale explicitly
- **SOE classification uncertainty:** Always assess government ownership stake — even minority ownership qualifies employees as foreign officials
- **U.K. Bribery Act overlap:** Flag where U.K. nexus triggers stricter standards (no facilitation exception, adequate procedures defense)
- **Threshold calibration:** Adjust gift/hospitality limits to industry norms; document basis for chosen amounts
- **"Paper program" risk:** DOJ/SEC evaluate whether program is operationalized — policy without training, monitoring, and enforcement is insufficient

## Guidelines

- Verify penalty amounts annually — subject to Federal Civil Penalties Inflation Adjustment Act
- Apply the more restrictive standard where local law conflicts; document analysis
- Do not speculate on whether specific historical company conduct violated the FCPA without attorney review
- Mark all jurisdiction-specific or time-sensitive figures with [VERIFY]

Related Skills

managing-telehealth-compliance

11
from CaseMark/skills

Evaluates telehealth program compliance with state licensing, prescribing, and reimbursement requirements. Use when assessing telehealth compliance, reviewing licensure requirements, or managing virtual care regulations.

managing-state-regulatory-compliance

11
from CaseMark/skills

Monitors state-specific healthcare regulatory requirements including licensing, reporting, and scope of practice. Use when tracking state regulations, managing licensure requirements, or monitoring regulatory changes.

managing-research-compliance

11
from CaseMark/skills

Monitors research compliance with federal regulations (21 CFR, 45 CFR 46) and institutional policies. Use when ensuring research compliance, managing regulatory requirements, or conducting compliance reviews.

managing-medical-records-compliance

11
from CaseMark/skills

Evaluates medical records practices against retention, access, and amendment requirements. Use when auditing medical records, managing record retention, or processing amendment requests.

managing-informed-consent-compliance

11
from CaseMark/skills

Evaluates informed consent practices against state law requirements and institutional policies. Use when auditing consent processes, reviewing consent form adequacy, or managing consent compliance.

managing-emtala-compliance

11
from CaseMark/skills

Evaluates emergency department practices against EMTALA requirements with documentation checklists. Use when assessing EMTALA compliance, reviewing MSE requirements, or documenting transfer obligations.

managing-compliance-programs

11
from CaseMark/skills

Structures OIG-model compliance program elements with effectiveness measurement and reporting. Use when building compliance programs, implementing OIG guidance, or measuring program effectiveness.

managing-compliance-audits

11
from CaseMark/skills

Structures coding compliance audit programs with sampling methodology and corrective action plans. Use when conducting compliance audits, designing audit samples, or implementing corrective actions.

managing-clinical-trial-compliance

11
from CaseMark/skills

Evaluates clinical trial regulatory compliance with FDA/IRB requirements and audit readiness. Use when auditing trial compliance, preparing for FDA inspections, or managing regulatory requirements.

managing-billing-compliance

11
from CaseMark/skills

Structures billing compliance programs with audit methodology and corrective action protocols. Use when auditing billing practices, managing compliance programs, or implementing corrective actions.

managing-accreditation-compliance

11
from CaseMark/skills

Tracks Joint Commission/HFAP/DNV accreditation standards compliance with survey preparation. Use when preparing for accreditation, tracking standards compliance, or managing survey readiness.

auditing-hipaa-compliance

11
from CaseMark/skills

Conducts HIPAA compliance assessments with Privacy Rule, Security Rule, and Breach Notification analysis. Use when auditing HIPAA compliance, assessing privacy practices, or reviewing security controls.