For the treasury and finance functions of companies that do business around the world, bribery and corruption are a serious concern.
In an Ernst & Young study released last month, 57 percent of respondents in the developing world said that bribery and/or corruption is widespread in their country. Another survey, conducted by Kroll Advisory Solutions and Compliance Week, provides further support for the idea that these risks are growing—and suggests that companies’ efforts to battle bribery and corruption are not extremely effective.
Nearly 300 executives from around the world responded to the Kroll/Compliance Week survey; the median company represented by the survey has $3.5 billion in annual revenue and more than 9,600 employees. Among these respondents, 43 percent said their bribery and corruption risks have increased in the past two years, while only 7.7 said those risks have fallen. Fifty percent of respondents expect their bribery and corruption risks to rise again in the next year.
Why do bribery and corruption risks continue to grow? One major reason is that businesses continue to expand into new markets. Respondents to the Kroll/Compliance Week survey also cite the proliferation of new anti-bribery/corruption laws, and increased enforcement of laws already on the books, as reasons that their risk is increasing. (See Figure 1, below.) In addition to the U.K. Bribery Act are new laws designed to combat corruption in Russia and Brazil.
Moreover, half of all respondents to the survey said their companies are increasing risk by increasing the numbers of third-party relationships in which they engage. In fact, the average respondent’s company does business with more than 3,500 third parties.
To mitigate their bribery and corruption risks, the vast majority of companies perform due diligence on their business partners—87.3 percent in the Kroll/Compliance Week survey. Among large companies, due diligence frequently involves dedicated investigations of prospective business partners, as well as having their local business units collect information on the prospects and having corporate legal, accounting, and/or finance departments conduct third-party reviews. Within smaller companies, due diligence generally focuses more on self-reporting by prospective business partners and obtaining references from trusted sources or U.S. government agencies.
However, once they’re working with a third party, the majority of companies neglect to train that business on their anti-bribery and corruption policies. Most include an anti-bribery and corruption certification in their contracts or include an anti-bribery statement in their code of conduct. But just over 40 percent provide in-person or Web-based training.
Perhaps most alarming, few respondents think their company is effective or very effective at training third parties on its anti-bribery policies and procedures (30 percent), monitoring compliance after a business relationship begins (37.7 percent), or auditing compliance among third parties (35.4 percent). (See Figure 3, below.)
For organizations that don’t have the resources to effectively monitor all their third-party relationships, Kroll recommends responding to bribery- or corruption-related incidents with a thorough investigation and the most severe discipline possible. “You’re not going to catch everything, but an incident-based response and investigational approach will sometimes give you a lot of leverage in terms of managing staff and third-party risks,” says Violet Ho, senior managing director with Kroll.