Piecemeal approach to anti-corruption leaves companies exposed
July 2016 | SPECIAL REPORT: WHITE-COLLAR CRIME
Financier Worldwide Magazine
Corruption in a range of forms poses a considerable threat to businesses. Be it bribery, fraud or extortion, falsifying results to meet targets or anti-competitive behaviour, all have the potential to do considerable damage and make companies – as well as individuals – the subject of intense investigations. Besides the potential for direct monetary losses from fraud, and of course government penalties, the biggest losses can come from reputational damage and subsequent loss of brand value. For start-ups where the value of the company is largely based on future expectations, reputational damage can be devastating.
To better understand attitudes to corruption and how some of the leading companies in the world are managing their anti-corruption programmes, MetricStream and Dow Jones recently surveyed compliance professionals from 330 companies as part of its annual ‘Global anti-corruption report’. The report suggests that, as anti-corruption regulations have become increasingly complex, businesses have failed to react in kind. Many of the tools and services used to root out and prevent corruption still remain woefully unsophisticated, with many businesses trusting the execution of anti-corruption measures to siloed operations, a patchwork of systems, manual approaches and ad hoc monitoring.
Attitudes to corruption around the globe
First and foremost, it is important to understand businesses’ attitudes to corruption. Then, and only then, can the successes and failures of anti-corruption policies be assessed. Starting with bribery, one of the most common and overt forms of corruption, the survey found that nearly one-third (31 percent) of respondents do not believe that bribery should always be reported to the authorities. Furthermore, fewer companies reported bribery in 2016 (22 percent) compared to 2015 (31 percent). It is important to note that this might not be as damning a statistic as it first appears. One possibility is that companies are actually improving their business practices, meaning there is less to report overall. Notably, the number of respondents who reported losing business to an unethical competitor was 26 percent, which was down from 28 percent in 2015, and 33 percent in 2014. However, the bribery figures certainly seem to suggest that business leaders have some way to go in communicating that they want to know the bad news just as much as the good news.
Survey respondents listed Iran, China, Russia, Iraq and the Ukraine as the countries where business endeavours are most likely to be interrupted due to corruption concerns. There are no great surprises here, but one of the new trends is that some countries that have traditionally turned a blind eye to official corruption are changing. China, for instance, number one on the 2015 list, has, over the last two years, initiated a very aggressive anti-corruption programme. Some analysts say that the programme is politically motivated, targeting enemies of the leadership, but there is also evidence that the programme is quite real with a recognition that corruption is undermining growth of the economy in China.
Indeed, around the globe, the anti-corruption laws and penalties being introduced are becoming ever more severe. Governments have demonstrated their willingness to enforce regulations imposed by the likes of the Foreign Corrupt Practices Act (FCPA), the Foreign Account Tax Compliance Act (FATCA) and the UK Bribery Act. This year’s survey respondents demonstrated the latter’s significance, with 53 percent citing likelihood of the Bribery Act having a major impact on anti-corruption policies, up 19 percent on last year.
All companies need to be acutely aware of the precise circumstances or actions that could result in a regulatory violation and subsequent punitive action. Ignorance renders companies ill-equipped to identify and prevent practices that leave them exposed. Robust anti-corruption programmes can help ensure the protection of the brand, preservation of a reputation and safeguarding of stakeholder interests.
Leaders must also be cognisant of the fact that employees can get caught up in trying to support the attainment of aggressive company growth targets. This cannot be at the expense of good practice, or achieved through the taking of ‘shortcuts’ that contravene standards. Aggressive goals can introduce risk – it’s been suggested this was a factor in the VW emissions scandal, with the company’s goal at the time to be the number one car manufacturer in the world.
Managing anti-corruption campaigns
Customers expect the companies they do business with to act with integrity and to operate ethically. Companies therefore have to take more responsibility for their end-to-end activities, including the behaviour and practices of employees and partners in their supply chains.
Simply put, the better a company knows its partners and supply chain, the better it can identify and prevent unethical or corrupt activities. Thankfully a high percentage of survey respondents – 86 percent – noted that they conduct due diligence on new partners (down from 91 percent in 2015) but only 79 percent do so on existing partners. For partners of over a fifth of companies, it would seem that once you’re in, you’re in. More worrying still, only 58 percent of respondents include training for partners in their anti-corruption programmes.
The loss of confidence in due diligence may reflect the reality of the value of the information that is provided. Even when the information is complete and accurate, it can become stale quickly. To maintain confidence in business partner practices, companies should implement ongoing monitoring – as a minimum with those business partners that are considered medium to high risk. However, the survey noted that only 27 percent of anti-corruption programmes include monitoring of business partners on a quarterly or more frequent basis.
As with other operational processes and procedures, anti-corruption can’t be left to best efforts. Policies, procedures, measurement and reporting need to be comprehensive and integral. Internal communication with employees and external communication with partners needs to outline expectations, reinforce how expectations should be met, and share progress and outcomes.
After all, these practices would come under the scrutiny of investors, stakeholders, the media and the general public should the company’s standards ever be called into question. In today’s modern business, anti-corruption systems need to cover an ever broader spectrum of issues relating to ethics and integrity on everything from fair treatment of suppliers to environmental impact. For investors, a company’s systems, procedures and safeguards stand testament to its standards and values, to the way it conducts itself and the effective management of its business.
Protecting the brand
How well a company manages risk, and how appropriately it conducts itself can have as much impact on the bottom line as successful financial management. By taking positive action to safeguard against corruption, a company reinforces the ethical stance of its brand with employees, and establishes a reputation for integrity.
The survey identifies a range of systems in use to help with anti-corruption compliance, such as HR and enterprise resource management systems, but less than half (48 percent) of survey respondents report using dedicated governance, risk and compliance (GRC) systems. With 95 percent using some sort of technology to manage the company’s anti-corruption programme, a strong emphasis is placed on sanctions and watch list services (72 percent are users). When it comes to automation, over half (58 percent) of respondents’ programme include automated monitoring of all partners, yet this is a reduction of almost one in 10 (9 percent) on last year.
The report discovered that many companies continue to rely on manual tools, spreadsheets and siloed applications that often don’t provide the required level of efficiency and risk visibility. In today’s business environment, this is pretty remarkable, as well as troubling. Indeed, companies that manage their risks and compliance requirements in an integrated and automated way, as part of a larger enterprise risk management and GRC framework, are better positioned to protect the company from contraventions, to establish and reinforce good practice and to perform well.
Piyush Pant is the vice president of strategic markets at MetricStream. He can be contacted on email@example.com or by email: +44 (0)203 318 8554.
© Financier Worldwide