Is progress being made in corporate programs for corruption and bribery?
I am not sure I would draw the same conclusions as KPMG appears to have done in its Global anti-bribery and corruption survey 2011 (by the way, they only surveyed US and UK companies). Their overall tone is that a lot of progress needs to be made and they dwell on the negative. That’s not to say that warning bells should not be ringing in many US companies, but the bells I would ring are not the same.
For example, on their web site’s summary of the results, the first bullet says:
- “Two in five U.K. and U.S. organisations with written anti-bribery and corruption policies do not distribute them to agents, distributors, vendors, brokers, joint-venture partners or suppliers.”
I am surprised that as many as 60% of organizations are distributing these policies to vendors and suppliers. I would expect them to share with agents and distributors, but to see that 60% are also giving copies to vendors is not bad. Yes, progress can and probably should be made but this is not worth ringing alarm bells for – and especially not worth making the #1 item.
The second bullet is:
- “Three in five companies with such compliance programs that incorporate employee training do not require any third-party representatives to participate in the training.”
I don’t know how you feel, but if I had training in corruption and bribery policies, I would not invite third parties to internal training sessions. Who knows what employees will say, and I wouldn’t want to discourage employee questions just because outsiders are present. Instead, where the actions of third parties could represent a risk to the company (and that may be a big ‘if’), I would set the expectation that they would train their employees. If necessary, I would have separate training sessions.
I am also less concerned that KPMG on the last bullet:
- “10 percent of the U.K. companies and more than half of the U.S companies do not obtain periodic compliance certifications from those with whom they do business in other countries.”
Those of us who have worked with external auditors or internal counsel know that it is hard to get third parties to make a compliance certification. In my experience, corporate counsel would not permit the company to make such a certification because of the potential liability. At least in the US, I would think that trying to get a vendor to certify would be dreaming. But, I certainly would include compliance requirements, including a copy of the related corporate policies, in the company’s contracts.
So, these bullets don’t give me much of a heartache. On the contrary, I am somewhat encouraged, especially since the clear trend is to increase the numbers on each item.
However, this report includes observations worth noting. For a start, did you know that “eight of the 10 largest combined criminal and civil fines and penalties against corporations in the history of the Foreign Corrupt Practices Act” were imposed in 2010? Other points of interest:
- One in three (US and UK companies) don’t assess corruption and bribery risk. This will be a major problem, especially since it is required by the UK Bribery Act!
- 80% of those responsible for this aspect of compliance at US companies, and 32% of those at UK companies, have little to no knowledge of the UK Bribery Act. I guess they will learn the hard way! The UK Bribery Act can have a significant impact on US and global companies, if they do business in the UK or their employees or agents have significant connections to the UK
- Only 63% of UK and 72% of US companies have a whistleblower hotline
Although I found different reasons to ring the alarm bells, the KPMG report has good content on what companies need to do if they are to address corruption and bribery risk.
The #1 action is to understand, especially for US companies, the risks they run in their business operations. US companies can’t afford to ignore the UK Bribery Act – it may well apply to some of their operations.