B2B: The Role of Compliance in Relationships With State Regulatory Authorities

The MT Conferences section did not involve the reporting or the editorial staff of The Moscow Times.

There are two reference points for a company's internal control system in terms of compliance with laws and regulations. On the one hand, common rules of conduct must be observed with the least possible expense; on the other hand, risks must be avoided that would result in the legal entity and its officers or other employees becoming liable. It should also be borne in mind that proceedings in a case that entails legal liability may be accompanied by other coercive state measures.

The internal control system of any company is determined by the following factors: its existing business model, corporate structure, applicable statutory requirements, including licensing requirements, the efficiency of its warranties and the loyalty of public authorities. The latter depends on the dynamics of administrative and judicial decisions taken by the administrative bodies that act as regulators, and by the courts when settling disputes. Changes in any of the above factors entail changes in the internal control systems. When the internal control system is designed and implemented, it is necessary to take into account the limitation periods for liability to be imposed, as well as other state coercive measures that may be taken when the company breaks the law in the course of its activities. Beyond the limitation period, there are no risks of adverse consequences; accordingly, internal control need not be reinforced.

Considering the relationships with business counterparties, consumers and employees, it should be borne in mind that their complaints to state regulatory authorities may result in unscheduled inspections. We therefore recommend taking all possible measures to avoid potential conflicts or to settle them if they already exist.

During the inspections, the internal control system must be moulded to the established procedure and forms of state control that are set out in detail in the relevant administrative regulations. Such administrative regulations are registered with the Justice Ministry and are officially published. Regulatory bodies must ensure that the party being inspected acquaints itself with these regulations beforehand. Before Dec. 31, of the previous year, it was possible to obtain, on the website of the General Prosecutor's Office and state regulatory authorities, information for the coming year concerning scheduled inspections of the company to be able to prepare in advance for an anticipated inspection. Notifications of unscheduled inspections are usually sent to the company 24 hours in advance, which also provides it with an opportunity to take its bearings, albeit in a more pressed manner.

When orders are received to eliminate breaches further to the inspections, such orders should be challenged before the administrative body and cancelled, or further challenged in court and found invalid, or duly performed before the time for such performance has expired. In the latter case, the entity must send, via the administrative office, an appropriate written notification to the state regulatory authority which issued such order.

When doing business in Russia, companies usually face corporate, commercial, corruption, anti-monopoly, licensing, tax, currency, management, consumer, customs, environmental, health and fire risks. In its activities, a company may also face risks connected with violating employment law and occupational safety rules, migration law, personal data law, industrial safety rules, and construction standards and rules.

To manage these risks, a company's internal control system involves internal regulations being adopted (provisions, instructions, and orders) which regulate in detail all of the company's activities; functions being allocated between various divisions and officers of the company to ensure that all mandatory legal and regulatory requirements are complied with; ordinary, preliminary, ongoing and follow-up checks being conducted in relation to the company's compliance; and when contentious issues occur, it envisages that the company may contact competent state bodies to obtain clarifications. If the company meets the requirements of the clarifications, this evidences a lack of fault on the company's part, even if it actually violated the law.

The company must have the following documents, duly executed in accordance with Russian legislation, which may be required by state regulatory authorities when performing inspections:

• the company's constituent documents;

• permission documentation (licences, certificates, etc.);

• documents of an administrative nature (orders, appointing instructions in relation to persons who are responsible for ensure that the entity complies in its activities with laws and regulations, as well as job descriptions);

• orders and documents confirming that the orders were complied with and that the relevant state regulatory (supervisory) or municipal regulatory authority received the documents which confirm such compliance;

• administrative case files;

• technical documentation for ensuring power and water supply, fire safety, as well as for complying with technical requirements, standards and rules, etc.;

• certificates of title, lease (rental) agreements for land plots, buildings, premises, property, machines, etc.;

• powers of attorney for the entity's authorized persons;

• other documents which may be requested by authorized administrative bodies (their officers).

An efficient internal control system should allow a company to identify, in a timely manner, and handle circumstances which may serve as a ground for an unscheduled inspection, duly prepare for a scheduled inspection, regularly provide its employees with updated information concerning mandatory requirements of law and regulations applicable to the company's activities, as well as with skills necessary for that information to be implemented. The company should have an effective mechanism designed and implemented to prevent mandatory requirements being eventually violated. Such mechanism may be created by employees efficiently cooperating with the management, controlling document flow, promoting a loyalty policy, but they must keep strictly within the confines of the law in dealings with employees, clients and suppliers.

The MT Conferences section did not involve the reporting or the editorial staff of The Moscow Times.