Stericycle disclosed in its August 2017 filing with the U.S. Securities and Exchange Commission (SEC) that it received a subpoena from the SEC in June 2017 “requesting documents and information relating to the company’s compliance with the Foreign Corrupt Policy Act (FCPA) or other foreign or domestic corruption laws concerning certain of the company’s operations in Latin America.” The Department of Justice (DOJ) also notified the company that it was investigating the matter in parallel with the SEC.
In this case, the root cause(s) may be linked to Stericycle’s poor corporate governance and failure to properly monitor key risks. Other contributing factors are rapid growth, lack of post-acquisition integration, a poor organizational and financial reporting structure, and the failure to implement a culture of compliance with proper controls. The DPA mentions that Stericycle strengthened its corporate governance “by appointing numerous new individuals to senior management and Board of Directors positions and establishing a Safety, Operations, and Environmental Committee to enhance Board oversight, but is silent on overall governance practices and the internal audit initiative. Isn’t the role of internal audit to provide an independent assurance that an organization’s risk management, governance, and internal control processes are operating effectively?
Read the full article on bakertilly.com.