The Foreign Corrupt Practices Act (FCPA) has been seemingly more newsworthy than usual recently (even impacting Hollywood elite), with somewhat conflicting accounts of the US cracking down on bribery both here and abroad, and the rationale for the US to accept some level of bribery for the sake of broader national interests.


The interesting issue here is not the level of enforcement, but the inability of companies to keep track of legislation applying to them. This article quotes a KPMG spokesperson referring to a study that found that nearly half of respondent didn’t know that the FCPA applied to their operations, specifically commenting, “Companies appear to be exposing themselves to increased risk of prosecution through a mixture of lack of awareness of the anti-bribery rules, and a lack of engagement even when they are aware.”


Tracking, understanding, updating, and communicating regulatory requirements are often significant gaps in corporate compliance programs, and certainly gaps that the vendor community is looking to solve. Note how the leading compliance management platforms are demonstrating leadership with some of these capabilities in The Forrester Wave™: Enterprise Governance, Risk, And Compliance Platforms, Q4 2007 released last week.


As companies continue to expand operations overseas, exposing themselves to new and changing regulatory environments, these capabilities will likely play an even more crucial role in 2008 in the competition of leading compliance platforms.  Compliance officers should certainly keep these as criteria when evaluating possible solutions.  Expect more research from Forrester in this area as well.