Or scrutiny than modest and routine gifts and entertainment. business partners.*!* For example, many larger companies Similarly, performing identical due diligence on all third- have implemented a mix of web-based and in-person train- party agents, irrespective of risk factors, is often counter- ing conducted at varying intervals. Such training typically productive, diverting attention and resources away from covers company policies and procedures, instruction on those third parties that pose the most significant risks. applicable laws, practical advice to address real-life scenar- DOJ and SEC will give meaningful credit to a company ios, and case studies. Regardless of how a company chooses that implements in good faith a comprehensive, risk-based to conduct its training, however, the information should compliance program, even if that program does not pre- be presented in a manner appropriate for the targeted audi- vent an infraction in a low risk area because greater atten- ence, including providing training and training materials tion and resources had been devoted to a higher risk area. in the local language. For example, companies may want to Conversely, a company that fails to prevent an FCPA viola- consider providing different types of training to their sales tion on an economically significant, high-risk transaction personnel and accounting personnel with hypotheticals because it failed to perform a level of due diligence com- or sample situations that are similar to the situations they mensurate with the size and risk of the transaction is likely might encounter. In addition to the existence and scope of to receive reduced credit based on the quality and effective- a company’s training program, a company should develop ness of its compliance program. appropriate measures, depending on the size and sophisti- As a company’s risk for FCPA violations increases, cation of the particular company, to provide guidance and that business should consider increasing