These are in no particular order, however I do like to start with the first bullet which is financial services firms must have written policies in place. As [inaudible 00:11:42] dealers, as investment advisors, as hedge funds, private equity firms, registered entities, we are used to having written supervisory procedures in place, right? So we need to have written policies in place around the Foreign Corrupt Practices Act. I'll show a sample towards the end of the presentation on what some of those things could possibly look like, but it's key that we protect ourselves by having written policies in place.

Annual training for our staff around FCPA. We are beginning to see more of that in our industry. I think people are reading the newspapers and recognizing how significant these fines are, and what it does to the brand of our organizations, right? So we want to make sure that everyone is aware of the policies, and we want to make sure that we train our employees on the policies and what it means, particularly those of us that have a lot of subsidiaries in foreign countries and deal with foreign officials and individuals in those countries. We must know about the policies and rules, and not just written, but we need to bring those to life through training, right?

Annual attestation to the above policies for the following individuals. Obviously senior managers, right? Senior management of the organization must attest to these policies, and they should be aware of them, but not only senior managers, we also now have sales and finance people that should be aware of these policies, as well as the accounting staff who approve expenses.

As I stated before, under the accounting rules aspect, a significant amount of briberies can be detected through the finance department, through the accounting staff, through the review of expense and expense reporting. These are all areas that allow us to get a view into what is happening within our organizations around gifts and entertainment, and things that just generally do not look right on paper. It gives you as the Chief Compliance Officer and others an opportunity to question some of those expenses that are being paid out, to say, "Hey, you know, is this ... Is this bona fide? Is this legitimate? If not, uh, let's look a little deeper, let's take a deeper dive." That's how a lot of these cases, quite honestly, start. It starts through finance. It starts through people looking at vendor receipts and saying, "I think there's something wrong here." So that's very key.

Review of contracts with vendors and business associates, and ensuring that they have a code of conduct to be in compliance with FCPA. Those are important. You should request those from your vendors. You should review those. I can't impress upon this audience how important that reviewing those vendor business relationships are. It's of paramount ... especially when we're dealing with this particular act and foreign officials and so forth. 

Firms should have disciplinary procedures for those that violate the policies. Absolutely. If you detect an issue, if you detect a violation, what do you do with it? You can't just sit on it and say, "Okay, I think something is happening, but, uh, you know, I'm not gonna do anything." You have an affirmative determination to really act. I always recommend that when something like that happens and you do a internal investigation, that that investigation should be conducted under the auspices of, at a minimum, your general council's office within the firm if you're a large organization, but it may also be a good idea to have outside council, external council, help you with these type of situations, because these are significant, they're significant fines that are a part of it.

Consultants and temporary staff should be scrutinized. We just want to make sure that we are aware of that, and that will be important, and that will be key. A lot of people do not think about consultants working for you for a short period of time being subject to this rule, but absolutely they should be considered, and temporary staff should be scrutinized in terms of potential expenses as well.

Okay, so record keeping. So record keeping internal control provisions, as we see they're applied to companies that are registered with SEC, publicly traded companies. I spoke about that in terms of how important record keeping is, because this is where most of these cases emanate from. So we want to make sure that we have accurate records.

Review of marketing expenses. Once again, we should scrutinize marketing expenses in foreign jurisdictions to make sure that we deem them to be legitimate, and not being paid for or characterized as marketing expenses when they're actually bribes. That's very important, so we need to be sure of that.

Affiliates reporting to parent companies. We should have a strong control structure so that we get all of the reporting right around expenses, so that we have a view into making sure that we review that and that it's up to date, right?

Outside experts to review your overall program. Obviously being a consultant myself, obviously, I recommend that because sometimes you just need a different pair of eyes from a different perspective to take a look at what your policies and procedures are about, and in fact whether or not they really get into all of the issues and highlighting all of the potential red flags. This is something that you may also want to put on the list of things to do for your external auditors, if you don't want to go the consultant firm way. This is an opportunity for them to get that in their scope for review, and take a look at that as well.

Implementation of technology tools to track, assess the efficacy of the compliance programs, I think are very important. MyCompliance has a tool around gifts and entertainment that Steve will talk about a little later, but it's important when you have a large, especially large organizations with desperate employees that you know you can capture all of the information that you need.

So these are some of the things to do. As I said, today's session is about giving you guys some ideas and some optics into what needs to be done under this act. There's obviously more as well, but from best practice perspective I think if we hit these two key things from the previously slide and this slide, I think that will take you a long way.