Brazil Introduces Mandatory Compliance Program Law

Brazil has adopted a new law that requires all companies, foundations and foreign entities that perform public construction or sell goods or services to the government to implement a full compliance program if they haven’t already.  The introduction of this new law shows Brazil’s desire to protect its public administration by minimizing risks through improving transparency of its contracts and guaranteeing that the contracts are compliant with applicable laws.    

The new law (Law 7,753) was approved by the Governor of Rio de Janeiro on October 17, 2017 and states that companies have 180 days to adopt a compliance program after signing a contract, concession or partnership agreement with the government that is valued over R$650,000.00 (approximately $202,000).  If the entities are able to provide proof that they have a compliance program tailored to the specific structure and needs of the company in place at the time of the contract’s execution then they are given a credit.  However, if they are unable to prove that an adequate compliance program is in effect, they face hefty sanctions which are calculated daily. Punishments for companies that fail to comply include paying 2% of the contract value per day with a maximum penalty set at 10% of the contract’s value until the breach is fixed, possible suspension from the contract, or even banishment from other public tenders.  

A similar law (Law 6,112/2018), which was passed last month by the Brazilian Federal District, requires companies and foreign entities to follow a compliance program if the value of the government contract is less than R$80,000.00 (approximately $24,500).  With both laws in effect, the Brazilian government now has the power to evaluate the implementation of these mandatory compliance programs.  Inspectors who are tasked with carrying out evaluations must follow a guideline in an effort to organize reports and reach successful results.  

The guidelines for an adequate compliance program include:

  1. Commitment and support for the compliance program from management and board members
  2. Clear standards of conduct, ethics and policies that apply to all employees and third parties when relevant
  3. Daily program training and risk assessments to strengthen the program
  4. Records of all transactions
  5. Use of internal controls to assure accurate reports and financial statements are available when needed
  6. Procedures in place to prevent fraud in tender processes
  7. Self-operating of the department in charge of the program
  8. Channels used to report misconduct among employees and third parties in order to safeguard whistleblowers
  9. Punishments for violations of the program and procedures in place to immediately stop misconduct and remediation of the damage
  10. Due diligence on third parties
  11. Constant monitoring of the program to avoid false positives
  12. Other various steps which promote ethical culture through workshops, lectures, etc

While there are companies that already have a compliance program in place, these programs must be reviewed and updated on a regular basis in order to deter risks and ensure that they comply with the new law’s parameters.


For the full article, click here.