According to Darryl Bernstein, partner and head of the Dispute Resolution Practice at Baker McKenzie in Johannesburg, all companies operating in Africa need to ensure they are not only compliant with local law but also are aware of the so-called extraterritorial legislation that may impact their operations and business outside of their regional headquarters.
Areas of interest to law enforcement and other regulatory authorities include the appointment of third parties, whether as agents, distributors or other general contractors, as well as the integration of newly acquired operations. Companies who rely on the support of third parties in their regional business operations, whether these third parties are procuring local licenses, rendering services or obtaining and maintaining business, need to be aware that the unlawful conduct of such third parties have become grounds for prosecutions of the companies that appoint them. Similarly, a failure to integrate newly acquired business following mergers and acquisitions also results in significant fines and penalties arising out of the conduct of these new business units.
Bernstein notes that compliance law has both proactive and reactive elements. While most businesses tend to commence compliance investigations as a reactive measure to bad behaviour, businesses are able to be proactive in managing their exposure to compliance risk.
“Compliance diligence has become an absolute necessity in the context of due diligences carried out either on the appointment of a new third party in a high risk environment, or in the context of an intended acquisition, as is making sure that there is comprehensive integration plan in place following a corporate acquisition. Conducting ongoing risk assessments should not be overlooked and businesses should be periodically kicking the tyres to ensure operations are running smoothly,” he says.
He notes that a proactive approach by organisations operating in Africa is simple to implement against some basic guidelines.
“In the current opaque environment, an entity's links to parties potentially involved in misconduct are not always easily ascertainable. A thorough due diligence review of business partners and, in certain circumstances, customers is critical. Given the potentially significant damage to a company's reputation by affiliation, companies should screen their business partner and customer lists against organisations that have been implicated in recent corruption scandals, and indirect beneficiaries should be scrutinised,” he notes.
“Businesses should also confirm the appropriate ongoing monitoring and, in some cases, re-vetting of partners that may be necessary in light of the ongoing allegations. For all third parties, companies should be able to document how the business partner was selected, demonstrate a clear business justification for hiring the partner, confirm bona fide tasks performed commensurate with compensation, and establish that all applicable controls and procedures were properly followed. In many circumstances, such controls for partners should be expanded and companies should consider exercising audit rights included in contracts agents, have partners sign (or re-sign) certifications of compliance, and update diligence files where warranted,” he explains.
Bernstein explains that, based on risk profile, companies should consider revisions to any existing usage of agents in state contracting.
“Where warranted, it may be prudent to revise a partner's responsibilities to limit interactions with officials on a company's behalf. In certain cases, terminating the partner may be the best course of action. Revising compensation structures of partners involved in state business can also mitigate risk and increase transparency,” he says.
Companies should also confirm full compliance with local content regulations.
“Companies should ensure that their compliance with local content law is legitimate and upholds the purpose of the framework, and that the local criminal offense of "fronting" is not committed (the feigned use of a black economic empowerment partner to obtain contracts without actual value-add by the partner),” he notes.
“Lastly, companies should consider a targeted risk assessment of operations in Africa.
“Right now is a good time for any company doing business in Africa to consider conducting a practical, risk-based compliance assessment of all their operations in Africa, tailored to the company's operation and following best practices. This includes investigating all reports of illegal or improper activities and promptly remediating all issues that are identified,” Bernstein adds.