INTEGRITY & COMPLIANCE · CORPORATE COMPLIANCE

PLENA Corporate Anti-Corruption Compliance

Contemporaneous, externally referenced receipts of bribery refusals, third-party due diligence, training, and internal controls — designed to produce records intended to support later review. Built for compliance and legal departments at multinationals operating under the US Foreign Corrupt Practices Act, UK Bribery Act, French Sapin II, Brazilian Clean Companies Act, and equivalent global frameworks.

Truth boundary. PlenaProof has not established admissibility or audit-defensibility, and offers no legal opinion on either. External anchoring and multi-archive replication describe the intended architecture; PlenaProof does not claim live blockchain anchoring or multi-archive replication unless actually implemented and populated. The institutional integrations described below (single sign-on, role-based access, hotline / screening / LMS integration) are roadmap, not currently available.

The five workflowsRequest institutional pilotLanguages

Start with the witness layer. PLENA's primary, on-thesis anti-corruption offering is the citizen- and employee-controlled receipt — the bribery-refusal receipt and the citizen, NGO, and journalist anti-corruption documentation the witnessing party retains and releases on their own timing. Corporate compliance, described on this page, is the later enterprise track built on the same receipt grammar.

Opening problem

Multinational anti-bribery enforcement actions have produced settlements measured in hundreds of millions to over a billion US dollars per case across the past decade. Glencore, Goldman Sachs (1MDB), Airbus, Ericsson, Petrobras (Lava Jato), SBM Offshore, Odebrecht, Telia, and others have paid combined settlements in the tens of billions. The pattern in nearly every major case has been the same: the company's compliance documentation — built up over years through hotline reporting, internal investigations, third-party screening, and training records — proved insufficient when enforcement authorities required clear evidence of contemporaneous refusal of specific bribery requests, of due diligence on specific third parties, of training reaching specific employees at specific moments, and of internal controls actually applied at specific transactions.

The compliance infrastructure that produces today's records is mature in places and patchy in others. Screening platforms (LSEG/Refinitiv World-Check, Dow Jones Risk & Compliance, LexisNexis WorldCompliance) identify counterparties with elevated risk. Hotline providers (NAVEX Global / EthicsPoint, Convercent, SAI Global) receive employee reports into corporate-controlled databases. Compliance management software tracks training completion and policy attestation. External counsel is retained when investigations become necessary. None of these systems produces what enforcement authorities increasingly request and what audit committees increasingly require: contemporaneous, externally anchored receipts of the events themselves — the moment a bribery request was made and refused, the date a third-party due diligence file was reviewed and approved or rejected, the specific employees who completed specific training at specific times, the specific suspicious payments declined.

Internal records can be modified after the fact. Hotline databases can be searched but the records remain corporate-controlled. Training-completion logs can be reconstructed but not contemporaneously witnessed. The records that exist when an enforcement matter arrives are records the company maintained on its own systems, with timestamps the company controls, accessible to the company's executives during whatever period precedes the matter.

PLENA Corporate Anti-Corruption Compliance produces externally referenced receipts of the events that matter to enforcement authorities. Receipts of bribery refusals captured by the employee at the moment of refusal, retrievable for the duration of any enforcement matter regardless of how many years elapse. The intended architecture anchors these receipts on the Bitcoin blockchain through OpenTimestamps and stores them on a decentralized archive — where actually implemented and populated; PlenaProof does not claim live blockchain anchoring unless it is in place. Receipts of third-party due diligence reviews that survive employee turnover, system migrations, and corporate restructuring. Receipts of training events that demonstrate exactly which employee completed exactly which training on exactly which date. Receipts of internal control events that demonstrate the policy was applied to a specific transaction at a specific time.

The product complements rather than replaces existing compliance infrastructure. Hotline providers continue to operate as the channel for internal reporting. Screening platforms continue to identify counterparty risk. Compliance management software continues to track program-level metrics. PlenaProof adds the externally referenced receipt layer beneath all of them — the contemporaneous record that the compliance program produced specific events at specific times, in a form designed to support later review. PlenaProof does not assert that any record is admissible or will survive a specific enforcement challenge.

Five workflows PlenaProof covers

Each workflow produces four artifacts: a sealed declaration, the underlying evidence packet, refresh discipline across the program's arc, and a multilingual handover packet calibrated to enforcement authorities.

Bribery Solicitation and Refusal Receipt

Captured by the employee at the moment of refusal, or immediately following. Documentation of the request (who made it, on what date, in what context, with what consequence), the refusal (when, by whom, how communicated), and any retaliation or business impact that followed. Audio or video capture where the employee's safety and legal context permit; structured declaration where they do not.

  1. Refusal Declaration. Sealed statement of the solicitation and the refusal as the employee experienced them.
  2. Sealed Evidence Packet. Audio, video, screenshots, contemporaneous notes.
  3. Witness Attestation where applicable.
  4. Multilingual Handover Packet calibrated to relevant enforcement authorities (DOJ FCPA Unit, SEC, UK SFO, French PNF, equivalent globally).

Third-Party Due Diligence Documentation

Receipt of the due diligence file reviewed for a specific counterparty on a specific date: the screening results obtained, the questions asked of the counterparty, the responses received, the risk assessment concluded, the approval or rejection decision and its authority. Demonstrates contemporaneous review rather than after-the-fact reconstruction.

  1. Due Diligence Declaration.
  2. Sealed File Hash of the screening output and supporting documents.
  3. Decision and Authority Attestation identifying the approver and the basis.
  4. Multilingual Handover Packet.

Anti-Corruption Training Attestation

Per-employee receipt of training completion: the training module, the date, the employee's identity, the completion of any required assessment. Eliminates the dispute that arises in enforcement actions about which employees received which training when.

  1. Training Declaration.
  2. Sealed Completion Evidence.
  3. Refresh Yearbook across multiple training cycles.
  4. Multilingual Handover Packet.

Internal Control Event Documentation

Receipt of specific internal control applications: a payment declined for failing anti-bribery review, a contract revised for compliance reasons, a relationship terminated under the company's anti-corruption policy, a gift or hospitality logged. The granular events that demonstrate the program is operational rather than nominal.

  1. Control Event Declaration.
  2. Sealed Control Evidence.
  3. Cumulative Control Yearbook.
  4. Multilingual Handover Packet.

Enforcement Action Defense Packet

When enforcement scrutiny arrives, structured handover of the cumulative documentation, calibrated to the specific authority and statutory framework. DOJ FCPA Unit, SEC FCPA enforcement, UK Serious Fraud Office, French Parquet National Financier, Brazilian Federal Public Ministry, German prosecutors, Italian prosecutors under Decree 231/2001, equivalent authorities globally — each receives a handover packet structured to their evidentiary expectations, drawn from the same underlying receipts.

  1. Defense Packet Declaration.
  2. Forum-Specific Compilations.
  3. Cross-Forum Continuity across multiple authorities pursuing the same matter.
  4. Multilingual Handover Packet.

Institutional version (roadmap — not yet available)

Planned API access and enterprise integration for corporate compliance departments at scale. Roadmap, not a current capability.

The institutional offering is on the roadmap and is not currently available; multi-tenancy and role-based access controls do not exist yet. As planned, it would include single sign-on integration with the company's identity provider, role-based access controls aligned to the compliance organization's hierarchy, audit-trail visibility for compliance leadership, periodic compliance reports calibrated to board audit-committee requirements, and integration with the company's existing hotline, screening, and learning-management systems. Pricing by negotiation; planned institutional contracts would be annual subscriptions calibrated to employee count and the company's enforcement exposure.

Target institutional buyers: Chief Compliance Officers, General Counsel, Heads of Ethics and Compliance, FCPA Practice Leaders, Internal Audit Heads at companies subject to the major anti-bribery regimes. Partner channels: anti-corruption advisory practices at Deloitte, PwC, EY, KPMG, Control Risks, K2 Integrity, Kroll, Mintz Group, FTI Consulting, Ankura, BDO; specialized anti-corruption law firms (Davis Polk FCPA practice, Latham & Watkins FCPA practice, Gibson Dunn anti-corruption practice, Hogan Lovells, Linklaters, Freshfields, equivalent globally).

Same complement-not-replace disclaimer. PlenaProof does not constitute a compliance program. It documents events that compliance programs produce. Hotline providers continue to operate; screening platforms continue to identify risk; compliance management software continues to track metrics. PlenaProof adds the externally referenced receipt layer beneath all of them.

The 100-Year Operating Commitment

SEC and DOJ FCPA matters routinely extend across five to ten years from initial scrutiny to settlement. UK Serious Fraud Office investigations have run longer. French PNF matters operate on similar timelines.

This product is built on the multi-year arc of corporate enforcement actions. The documents produced today are designed to remain readable and verifiable in proceedings that may not commence until well into the future; PlenaProof does not assert their admissibility. The intended architecture replicates each artifact across multiple independent archives and anchors it cryptographically to public records that do not depend on any single jurisdiction — where actually implemented and populated — so that records can be verified offline by the company's compliance counsel or successor counsel. Receipts survive corporate restructuring, executive turnover, system migrations, hotline-provider changes, external-counsel transitions, and the multi-administration arc of governmental enforcement.

Read the full 100-Year Commitment

Why this differs from existing compliance infrastructure

Existing compliance infrastructure operates on internal corporate systems with corporate-controlled records. PLENA Corporate Anti-Corruption Compliance adds the externally referenced layer beneath. Hotline providers (NAVEX, Convercent, SAI Global) receive employee reports into platforms owned by the hotline provider, with records subject to platform-provider data policies and to litigation discovery. Screening platforms identify counterparty risk but do not document the company's response to that risk. Compliance management software tracks program-level metrics but not event-level evidence.

Contemporaneous capture

At the event rather than retrospective reconstruction.

External anchoring (intended)

Intended architecture anchors to a public blockchain rather than internal database storage, where actually implemented and populated.

Multi-forum handover

From one source rather than re-collection per enforcement authority.

Verifiable offline

By counsel even if every relevant provider were to discontinue service.

Demonstrable to audit committees

And to enforcement authorities through the same underlying architecture.

Provider-independent

Survives hotline-provider changes, software migrations, and external-counsel transitions.

Existing instruments this complements

  • US Foreign Corrupt Practices Act (FCPA) and the DOJ FCPA Corporate Enforcement Policy
  • SEC Rule 10b-5 and 13b-2-2
  • UK Bribery Act 2010 and its Section 7 corporate offence
  • French Loi Sapin II (2016) and the AFA's compliance program review
  • Brazilian Lei Anticorrupção (Lei 12.846/2013)
  • German Federal Office of Justice anti-bribery enforcement
  • Australian Criminal Code Division 70 (Foreign Bribery)
  • Canadian Corruption of Foreign Public Officials Act (CFPOA)
  • Italian Decree 231/2001 corporate criminal liability framework
  • Singapore Prevention of Corruption Act
  • OECD Anti-Bribery Convention 1997 and the Working Group on Bribery's country review framework
  • ISO 37001 Anti-Bribery Management Systems standard

What this does not do

PLENA Corporate Anti-Corruption Compliance does not constitute a compliance program. It documents events that compliance programs produce. It does not provide legal advice on anti-corruption regulatory frameworks. It does not certify program adequacy under any regulatory regime. It does not screen counterparties (screening platforms do that). It does not receive employee reports (hotline providers do that). It does not investigate compliance matters (counsel and forensic investigators do that). It produces externally anchored receipts of the events the compliance program produces.

Languages

Launches in PLENA's 8 live languages, with English, French, German, Italian, Spanish, Portuguese, Mandarin, and Russian as immediate priorities given the geographic distribution of multinational compliance functions. Human-reviewer queue specifically for this product covers the languages of corporate operations in major enforcement jurisdictions. Contact hello@joinplena.com for translator inquiries.

Scholarship and norms

This product is built in conversation with:

  • DOJ FCPA Resource Guide (Department of Justice / SEC)
  • Mike Koehler, The Foreign Corrupt Practices Act in a New Era
  • OECD Foreign Bribery Report and country review reports
  • Transparency International Exporting Corruption report series
  • FCPA Professor legal scholarship
  • ABA Anti-Corruption Committee publications
  • ICC Rules on Combating Corruption
  • ISO 37001 standard documentation
  • The PLENA white paper Beyond the Will

Related PLENA receipt grammar

Procurement & Aid-Chain Attestation Beneficial Ownership Attestation Anti-Corruption Documentation Whistleblower Documentation Investment Documentation Financial Services Attestation ORIGINA for Institutions Exchange Proof-of-Reserves Refusal Receipts Translation Roadmap

For Chief Compliance Officers, General Counsel, FCPA Practice Leaders, and Internal Audit at multinationals

Deloitte / PwC / EY / KPMG anti-corruption practices; Control Risks, K2 Integrity, Kroll, Mintz Group, FTI Consulting, Ankura, BDO; Davis Polk, Latham & Watkins, Gibson Dunn, Hogan Lovells, Linklaters, Freshfields FCPA practices: PlenaProof welcomes pilot conversations. Annual subscription pricing by negotiation, calibrated to employee count and enforcement exposure.

Request a pilot conversationhello@joinplena.com