Organizations need to make concerted, risk-focused efforts that target areas of potential exposure, and management needs to lead by example.
Record levels of fines, penalties and profit disgorgements secured by the US DoJ and SEC in the past year certainly raise the perceived and actual cost of non-compliance.
Companies and their boards must weigh the upside and downside risks associated with varying degrees of compliance enforcement within their organizations.
Moving into new markets, into rapid-growth markets, brings additional risk.
Our survey findings show that boards and audit committees continue to face significant challenges in tackling the risks of fraud, bribery and corruption in their businesses. Many companies are failing to do enough. Meanwhile, boards struggle to effectively absorb the large volume of compliance information they are presented with.
How can boards and those tasked with compliance respond to these challenges?
- First, they must ensure effective lines of communication with a broad range of roles within the business. This will enable the board to question the information that they are given.
- Second, improvements can be made to focus compliance reporting to the board.
- Third, boards must make sure that they are asking the right questions. These could include:
- Does management at headquarter level understand local risks and have strategies been developed to deal with these specific risks?
- Can management demonstrate the contemporaneous effectiveness of its anti-corruption compliance efforts to its stakeholders?
- Does the company know how many third parties and agents represent it, particularly in dealing with those that could be considered "government officials"?
- Is management making the best use of the latest forensic data analytics techniques to monitor compliance in real time?
- Assuming that contracts with third parties normally contain audit rights, how many times has the company conducted an audit principally to gain comfort around bribery and corruption risk?
- Does the company have clear criteria to guide it with respect to how extensive pre- or post-acquisition anti-corruption due diligence should be, or whether to conduct it at all?
Growing beyond, therefore, requires a nuanced view of individual markets and cultural norms balanced against the statutory language of a proliferating number of ABAC laws.
Indeed, changes to a company's culture to mitigate the risks of fraud, bribery and corruption cannot be made overnight. Organizations need to make concerted, risk-focused efforts that target areas of potential exposure, and management needs to lead by example.
Only then will companies be able to properly balance the priorities of growth and ethical business conduct while seizing opportunities in these highly adverse economic conditions.