Wednesday, 27 May 2020 18:55

Compliance in times of COVID-19

Diego Abeo Sabogal, director of penal law and compliance at Estudio Olaechea in Lima, identifies and analyses the principal risks created by the COVID-19 pandemic, and the measures companies should adopt to prevent and/or mitigate them.

Diego AbeoThe global crisis created by the COVID-19 pandemic has caused a severe impact on businesses and especially on the state, from a labour, fiscal and economic points of view, and amid this uncertain scenario it is essential that we keep in mind risk prevention systems and compliance programs.

Although business activity has decreased considerably, this does not imply the absence or reduction of risk in questions of compliance. On the contrary, the implementation of remoteworking and the on-going supply of goods and services considerably increases the existence of both criminal and non-criminal risks, making it necessary to strengthen a company's internal policies and procedures.

Peru is currently acquiring infection-prevention equipment, such as face masks, and personal protective equipment for medical personnel, but, regrettably, such acquisitions have not been free of irregularities, with products in some cases overvalued, or collusion between employees and public officials to obtain illicit benefits.

A number of irregularities have also been observed in the procurement and distribution of foodstuffs to the most vulnerable communities in the country. Such procurement and distribution was carried out by local authorities with the authorization of the state through an emergency decree (No. 033-2020), however, taking advantage of the emergency and in order to obtain economic benefits, local authorities purchased foodstuffs without using the full amount of money provided by the government, and some even affirmed that food had been distributed when deliveries had not been carried out.

A risk of corruption also exists in the budget transfers to the Ministry of Environment, authorised by the Ministry of Economy to acquire goods and services to meet the needs of people travelling from Lima to other regions of the country. The direct contracting for the acquisition of products had a very low level of control.

Another situation that has been occurring during the current health emergency are acts of bribery, with payoffs to the police by citizens seeking to violate the lockdown.

Greater risk is also to be expected in remote financial operations and online purchases of goods and services, which may be seized to commit fraud or cybercrimes.

Given the current high rate of unemployment, former employees with valuable company information could try to sell it, for example. There also are criminal risks in the area of health and safety at work. Companies that fail to comply with the health measures imposed, or whose employees become infected with COVID-19 as a result of their failure to comply with the lockdown requirements could be subject to a criminal investigation as a liable third party.

There are already investigations under way by the National Prosecutor's Office and the Labour Authority (SUNAFIL) into companies that are operating without permission, and company directors can be implicated in the crime of violation of health measures regulated in Article 292 of the Criminal Code.

There exists a clear need for companies to review the controls they have implemented and redefine them by applying due diligence in risk prevention to avoid incurring in actions that could affect them from a criminal, economic, operational and reputational point of view.

How can companies prevent/mitigate the risks in times of a pandemic?

• Review financial controls (for example: Invoices should reflect actual service or purchase, increase review of payment approval, etc.) and non-financial controls implemented by businesses, and adapt them to current needs

• Modify the “know your supplier” and “know your customer” policies to adjust them to the current needs

• Review policies for dealing with public officials • Allow the compliance officer remote access to information and maintain constant communication between the compliance officer and the company's senior management

• Establish anticorruption and anti-money laundering clauses in contracts with public and private entities

• Establish information protection mechanisms and toughen internal sanctions in the event of improper use of company data

• Implement policies that regulate conflict of interest • Provide online training to all the company employees on the prevention of corruption and money laundering

Encourage the use of reporting procedures, noting that despite the health emergency, complaints will be investigated

• Inform the company's employees and suppliers about the health prevention measures that have been implemented, ensuring documentary evidence of these measures through confirmation by e-mail or other mechanisms

• Define (if applicable) an organisational structure that develops the functions and responsibilities in each area of the company.

More in this category: « High times? Wellness as a priority »

Iberian Lawyer
N.105 • June 2021

IL98 cover SP IL94 cover EN

The Latin American Lawyer
N.19 • May - June 2021

IL98 cover SP IL94 cover EN

IpTmtAwardsSpain 2021 300x100 finalists 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LatamAwards STD 300x100 1

IL LabourAwardsPT 300x100 Finalists3

This website uses cookies

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the IberianLawyer website. However, you can change your cookie settings at any time. Learn more

I agree

What do I need to know about cookies?

A cookie is a small text file that’s stored on your computer or mobile device when you visit a website. We use them to:

  • Remember your preferences
  • Tailor our sites to your interests.

There are different types of cookies

First party cookies

These are set by the website you’re visiting. And only that website can read them.  In addition, a website might use a separate company to analyse how people are using their site. And this separate company will set their own cookie to do this.

Third party cookies

These are set by someone other than the owner of the website you’re visiting. 

Some IberianLawyer web pages may also contain content from other sites like Vimeo or Flickr, which may set their own cookies. Also, if you Share a link to a IberianLawyer page, the service you share it on (e.g. Facebook) may set a cookie on your browser.

The IberianLawyer has no control over third party cookies.

Advertising cookies

Some websites use advertising networks to show you specially targeted adverts when you visit. These networks may also be able to track your browsing across different sites.

IberianLawyer site do use advertising cookies but they won’t track your browsing outside the IberianLawyer.

Session cookies

These are stored while you’re browsing. They get deleted from your device when you close your browser e.g. Internet Explorer or Safari.

Persistent cookies

These are saved on your computer. So they don’t get deleted when you close your browser.

We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use them to remember your preferences for the next time you visit.

Other tracking technologies

Some sites use things like web beacons, clear GIFs, page tags and web bugs to understand how people are using them and target advertising at people.

They usually take the form of a small, transparent image, which is embedded in a web page or email. They work with cookies and capture data like your IP address, when you viewed the page or email, what device you were using and where you were.

How does the Iberian Lawyer use cookies?

We use different types of cookies for different things, such as:

  • Analysing how you use the IberianLawyer
  • Giving you a better, more personalised experience
  • Recognising when you’ve signed in

Strictly Necessary cookies

These cookies let you use all the different parts of Iberian Lawyer. Without them services that you have asked for cannot be provided.

Some examples of how we use these cookies are:

  • Signing into the IberianLawyer
  • Remembering previous actions such as text entered into a registration form when navigating back to a page in the same session
  • Remembering security settings which restrict access to certain content.

Performance cookies

These help us understand how people are using the IberianLawyer online, so we can make it better. And they let us try out different ideas.
We sometimes get other companies to analyse how people are using the IberianLawyer online. These companies may set their own performance cookies You can opt out of these cookies here.Some examples of how we use these cookies are:

  • To collect information about which web pages visitors go to most often so we can improve the online experience
  • Error management to make sure that the website is working properly
  • Testing designs to help improve the look and feel of the website.
Cookie nameWhat it's for
Google DoubleClick The IberianLawyer uses Google DoubleClick to measure the effectiveness of its online marketing campaigns.Opt-out of DoubleClick cookies
Google Analytics From time to time some IberianLawyer online services, including mobile apps, use Google Analytics. This is a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate use of those services and compile a report for us.Opt-out of Google Analytics cookies