Corruption
An International Perspective on FCPA, Anti-Bribery and
Compliance
Dec 22, 2014
Alison Taylor, Senior
Managing Director, Control Risks, in a white paper, “Risk, An
Organizational Perspective,” states “the traditional preventative
approach to risk management is proving inadequate in the face of regulatory
complexity, volatility and an environment of constant change. What should
replace it is not yet clear.” Indeed, lately there has been a great deal of
writing relating on the subject of risk, specifically corruption risk,
including the recent OECD Foreign Bribery Report.
The reports include a
number of comprehensive surveys, such as the one I commented upon from E&Y. When I read these
pieces I always try to remain focused as to what practical use they might have
to practitioners and professionals who confront corruption risk on the front
lines of business, as well as to those who are tasked with helping them to
manage that risk.
Accordingly, with that
viewpoint in mind, I strongly recommend a ‘deep read’ of a recently released
Control Risks survey “International
Business Attitudes To Corruption,” which articulates a
key-finding right up front: “Paper compliance is not enough.” As the authors
continue, when it comes to compliance, companies fall into two categories
“those who mean it, and those who don’t.” So, with respect anti-bribery
compliance “what do companies need, and what do they lack?” According to the
authors, whose data set includes 638 respondents among legal, audit and
compliance executives, those elements include:
·
Board level leadership and
responsibility.
·
A strong and consistent message
communicated to staff.
·
Penalties for
breaches.
·
An appreciation that the benefits of a
robust and meaningful anti-corruption program go beyond simple compliance
(emphasis added).
What about the “those
who don’t mean it?” Where and why do they fall afar? One dynamic which the
authors elevate, and which I echo from my own perspective, is the ‘remote
office’ problem, where there is a “disconnect between what the head offices
believe about the adequacy and effectiveness of their anti-corruption program
and what actually happens in high-risk markets.” In these cases, compliance
runs afoul, sometimes due to “general ignorance; sometimes it is a form of
willful blindness,” but as the authors remind us “neither is a credible
explanation in the eyes of the regulators.” As the survey addresses in a
section called “Failure to follow through,” “these days many companies are good
at talking about principles. Not all of them are able to demonstrate that they
put them into practice.”
As Alison states in
her paper, “numerous research studies have determined that rules and processes
do not exist in a vacuum and that organizational culture is a critical
explanatory factor of employee behavior.” The survey, in my opinion, provides
significant value to the compliance community by going beyond the data to drill
into what a more robust compliance program necessitates. In other words, what
are the “lessons learned” from failed programs in order to embrace compliance
as going beyond a set of rules and procedures that might be viewed as a ‘work
around’ at the front lines of international business.
Accordingly, here are
the “three key qualities” relative to a “robust and meaningful” compliance
program that the survey addresses:
Invest in leadership
The work speaks to the
fact that less than half of their respondents had an anti-corruption program at
the Board level. Not surprising given the OECD finding that “in 41% of the
cases management level employees paid or authorized the bribe, whereas the
company CEO was involved in 12% of the cases.” As the survey addresses, when
there is a Board level commitment, it cascades down throughout the organization
by “providing compliance teams with the support they need.” Indeed, having
employees sign anti-bribery representations and watch on-line corruption videos
does not exactly demonstrate a firm leadership commitment to anti-bribery
compliance. Nor do executive proclamations of “we don’t break the law” when
combined with aggressive financial forecasts and lucrative short-term incentive
plans in high-risk (low integrity regions). As Alison states in her white paper
“if employees do not believe that risk management is an essential component of
organizational success, processes will not solve the problem.”
Consistency,
Consistency, Consistency
“Having an
anti-corruption program is not sufficient in itself,” Accordingly, as the authors
state “effective two way communication is essential.” Furthermore, when it
comes to third parties, “well-drafted contracts are essential but not
sufficient,” as companies need “to be able to demonstrate that they have
assessed the potential integrity risks thoroughly and consistently.” Indeed, as
I have often shared, companies need to start bringing in their business teams
to listen to the risks which they are facing in the field, and the more upset
they are by what they hear, the better those conversations are going. You can
fix what you know, and corruption risk in the Middle East is very different
from corruption risk in Asia.
As Alison states in
her white paper “all risks are not created equal, and different risks require
fundamentally different responses.” Hearing the specifics of how risk is
confronted on a regional or country-by-country basis is an important step in
establishing that response. Listening to those who confront risk on the front
lines of international business will help organizations to develop practical
tools calibrated to the industry and region. In addition, attending to the
concerns of field personnel will go a long way in getting front-line buy in as
the participants in such discussions will likely takeaway a vision that “management
is serious” about supporting risk management. I call that front-line “buy-in.”
As Harvard Business
School Professor Paul Healy states in an article Corrupting
Silence: Companies Must Speak Up Against Bribes, “It’s harder to
rationalize corruption if you are receiving a consistent message that we don’t
do this.”
Get ready to resist
Here is where it can
get challenging, as “the third requirement is a willingness to resist bribery,
even in, or especially in, high risk environments.” According to the authors,
“resistance to demands is tough but entirely feasible,” requiring “skill,
determination-and vision.” The ‘how to,’ is best elevated by Alison when she
states that “companies must therefore make strategic decisions as to whether to
enter some markets, accepting a certain level of inherent corruption risk, or
stay out of them so they can maintain stated ethical commitments.” But where
those markets are entered, if delays, sales targets and growth plans to do
reflect the inherent market risks, then those at the front line will at some
point take compliance decisions into their own hands as they ponder “what does
management really want, compliance or sales?”
As the survey states
“often the most realistic approach is to accept a short-term failure to win
business, while preparing the ground for greater success in the future.”
Indeed, when field personnel see that management understands that to be
successful and compliant, short-term sacrifices will be
necessary, then an important step will have been reached to embrace a more
“robust and meaningful anti-corruption program” as going “beyond simple
compliance.”
From my perspective,
when those who confront risk in the field see that management has embraced
anti-bribery corruption as reflected in business strategy and growth forecasts
through making “clear-eyed” strategic decisions, especially in low integrity
regions, then the “what we say” will be well balanced and aligned with the “way
we do things around here.” This commitment, as Alison states, will then go
beyond the traditional “bolt on” compliance model as to “tackle the full scale
of the corruption challenge, which cuts across every aspect of a multinationals
company’s business.”
No comments:
Post a Comment