In December, the Organization for Economic Cooperation and Development (OECD) released an analysis of all corruption and bribery cases involving the crime of bribery of a foreign public official in international business transactions since 1999. The report is titled “OECD Foreign Bribery Report: An Analysis of the Crime of Bribery of Foreign Public Officials.” While there have been many reports of annual FCPA activity by the U.S. DOJ and SEC, this report goes further and details all 427 international matters brought against any individual or entity.
In a related press release, OECD Secretary-General Angel Gurría said, “Corruption undermines growth and development. The corrupt must be brought to justice. The prevention of business crime should be at the centre of corporate governance. At the same time, public procurement needs to become synonymous with integrity, transparency and accountability.”
Pinpointing Your International Bribery Risks
Compliance officers and general counsels all over the world are—or should be—asking themselves, “Do the findings in this report mean I should be worried about my anti bribery and corruption program?” The short answer is “yes.”
Hopefully most of you have already recognized this risk of foreign official bribery as a result of your compliance risk assessment and you have been taking steps to identify and minimize or the risks. But even for you, this report may help crystalize your particular areas of risk and the likelihood that, unattended, these risks could materialize into a bribery or corruption allegation.
Three Key Report Findings & Recommendations for Risk Mitigation
Let’s look at some of the key findings for compliance programs along with how these findings relate to risks and lastly some suggestions for mitigating the risk.
Key Finding #1: Bribes are Discovered Through Internal Audits, Due Diligence and Internal Whistleblowers
- 31% of cases were self-reported while only 2% of the cases were instigated by whistleblower complaints.
- In 31% of these cases, self-reporting companies became aware of issues due to internal audits.
- 28% identified and reported the issue as a result of M&A due diligence.
- 17% of issues were being raised by internal whistleblowers.
Contributing Risks: Even after all of the prosecutions, fines and publicity about bribery and corruption’s costs as well as the risks to a company’s reputation, bribes still happen. Failure to have a robust monitoring plan, a partnership with internal audit and an internal reporting process (without fear of retaliation) could reduce a company’s ability to identify issues early, address necessary concerns and report to regulators, if necessary.
What Businesses Can Do to Mitigate Risk:
- Of course the best course of action is to have a compliance program and culture that eliminates the expectation that bribery is an option. However, recognizing that even in the strongest corporate culture some failures may occur, it is critical to have detection and monitoring process to look for issues.
- This includes an ethics hotline and compliance case management system, as well as a strong anti bribery policy. It also means robust, regular online training and awareness activities, and a strong partnership between the ethics and compliance leaders and the internal audit team.
Key Finding #2: More Than Half of the Bribery Cases Cited in the Report Involved Senior Managers
- Senior management was involved in over 50% of the cases.
- Management was involved in 40% of the cases.
- CEOs were involved in 12% of the cases.
Contributing Risks: This may be the most troubling finding of all from the analysis. For too long, many have claimed that the bribery is being conducted by “rogue” employees seeking to gain personal benefit for themselves and that bribery was not part of the cultural DNA for the company. This statistic also suggests that in many cases, senior management or the CEO is often the “bag man.”
What Businesses Can Do to Mitigate Risk:
- Business must have a clear, written anti-bribery and corruption policy.
- “Tone at the top” must set the expectation that this policy applies to employees at all levels in the organization.
- Additionally, senior executives must understand the risk to themselves and the company’s reputation bribery scandals could cause. Fines, penalties, jail time and disbarment are all options.
- Live and online senior leadership training can help raise awareness. The board can also be enlisted to ensure that leaders clearly understand that there is zero tolerance for bribery and corruption at any level.
Key Finding #3: Third Parties are Involved in Bribery
- Third parties were involved in 9% of the cases.
Contributing Risks: Third parties may be enlisted to “grease the skids” of contract approval or customs clearance. Often they are engaged without proper due diligence or direction by the company. Most of the time this is not intentional. However, in some egregious cases use of a third party may lead to overt support and enlistment of these well connected vendors—or sometimes just looking the other way in hopes that blame will be placed on the vendor. This is not a good strategy as third party liability is strict liability in most bribery cases—and in any event the taint will still reach the company that engaged the vendor.
What Businesses Can Do to Mitigate Risk:
- Have a clear, written policy on third party engagement and activity. Ensure that your employees—
- especially those most likely to deal with third parties (supply chain, procurement, marketing, sales, etc.)—are trained on the policy, recognize the risks and how to spot inappropriate requests.
- Leverage E&C tools, including:
- Use an automated, third party due diligence platform to continuously screen for third party risk and ensure your company is less likely to do business with 3Ps who may have improper connections or negative corruption records.
- High quality third party bribery and corruption training. Periodic reminder training using a short-form training burst learning approach can also be effective. NAVEX Global offers 4-5 minute training modules, also known as micro learning courses or bursts.
Additional Data Points of Interest
A few other findings should be of interest to compliance professionals in several industries that appear to be at a higher risk for foreign official bribery crimes:
- Almost two-thirds of the cases involved one of four industries:
- 19% Extractive (mining)
- 15% Construction
- 15% Transportation and storage
- 10% Information and communication
- Both the largest percentage were offered to and the largest amounts were paid to officials of State Owned Enterprises (“SOEs”)
- Customs officials were offered bribes at the second highest rate, 11%, followed by health officials, 7%, and defense, 6%.
Final Thoughts: Bribery and Corruption Risks Are Pervasive
The risk of bribery and corruption is an international one, and more countries are participating and cooperating in enforcement actions designed to uncover and punish violators. This is likely to continue for the near future.
The risk manifests itself at all levels of companies and in every industry. The best solution is an active program designed to educate employees and third parties as well as prevent, detect and resolve violations.