Risk managers back anti-bribery standard
The International Standards Organisation (ISO) is in the final stages of developing a new standard, ISO 37001 Anti-Bribery Management Systems, which will be “designed to help organisations implement effective measures to prevent and address bribery and instil a culture of honesty, transparency and integrity”, said the ISO.
Reassurance
The standards body also believes that its new management standard will give investors and other stakeholders more reassurance if there is evidence that the company has an effective measurement programme in place for what is a growing corporate concern. The World Bank estimates that more than $1trn in bribes is paid each year.
For Asia, bribery and corruption has long been a problem. Various surveys have highlighted the relative scarcity of anti-corruption programmes at Asian corporates. A 2013 survey from Ernst & Young reported that just four out of ten Asian corporates had any kind of anti-corruption policy in place, compared to the global average of eight out of ten.
China in particular has been an unwelcome centre of attention for a number of corporate corruption cases, including state-owned organisations like PetroChina and multinationalslike GlaxoSmithKline.A sweeping anti-corruption program led by President Xi Jinping has led to thousands of arrests but has failed to quell the negative influence of corruption on China’s corporate world.
hide
“Outside of the financial services industry, bribery is not seen as a major exposure among Asian risk managers,” said Franck Baron, chairman of the Pan-Asia Risk and Insurance Management Association. “This lack of awareness needs to be tackled as bribery carries numerous potential risks to organisations, from reputational damage to regulatory fines and a loss of business licences, to name a few.”
A standard and management system, such as ISO 37001, would “provide organisations with a marker that can be used to help risk and compliance officers identify potential gaps within their respective companies”, said Mr Baron.
The ISO standard will be backed by risk managers because reputation is one of the most important assets a company has but one of the most difficult to protect, said Mr Baron. “A poor culture in terms of honesty, transparency and integrity systematically creates a major threat to the long-term reputation and brand of a given organisation.
“One may say that briberies constitute a ‘business enabler’ but they are totally wrong as it creates very damaging ripple effects. Such behaviours initiate shortcuts and wrongful arbitrage at a local authority level with regard to health and safety priorities and related investments. Such shortcuts do have a human and environmental cost in terms of casualties in factories, working places and immediate communities.”
Moral ethics
In addition to the use of anti-corruption management systems, Mr Baron believes it is also important to promote an anti-corruption culture within the company. “As an experienced risk manager, I personally believe that an organisation cannot create financial value without moral values: the ethics and a strong culture are pillars of long-term successful organisations. This is how virtuous organisations solidify their license to operate, their long-term resilience. This is what I call true sustainability.”
The ISO’s draft standard, which is expected to be finalised later this year, has also received overwhelming support from 91% of the ISO members involved in its creation and is set to be available for use later this year.
“Bribery can be prevented if organisations in the public and private sectors, with genuine intent, implement effective controls,” said Neill Stansbury, chair of the ISO project committee developing the standard. “The overwhelming positive vote on the draft version of ISO 37001 gives us further confidence that it will be an effective tool to help organisations of all kinds take effective measures to combat bribery in all its forms.”
Undue diligence
The timing of the new ISO standard could not be better, judging by a recently published report that suggests there is a worrying lack of confidence in many corporates’ anti-corruption programmes amid doubts about just how thoroughly suppliers and partners are checked.
The report, produced by Dow Jones Risk and Compliance and research firm MetricStream, surveyed more than 300 companies worldwide, including 108 in Asia-Pacific, and found that 37% were only ‘somewhat confident’ or less in their due diligence programmes.
French Caldwell, chief evangelist at Metric Stream, said these doubts are a reflection on the quality of information being collected, a view that is supported by the fact only 27% of firms monitor their partners on a quarterly basis or more.
While many organisations have developed anti-corruption programmes that include due diligence on their business partners, they do not go far enough and only focus on initial on-boarding or contract renewal, said Mr Caldwell.
“Even when information is complete and accurate, it can become stale quickly. To maintain confidence in business partner practices, companies should implement ongoing monitoring as a minimum with those partners that are considered medium to high risk.”
Mr Caldwell also cited the reliance of companies on inefficient systems to manage their anti-corruption programmes such as manual tools and spreadsheets that do not provide the necessary visibility. “Today, risks and regulations—including those related to anti-corruption—are more complex and intertwined than ever before.
“Therefore, companies that manage their anti-corruption risks and compliance requirements in an integrated and automated manner, as part of their larger enterprise risk management and GRC framework, are better positioned to preserve their integrity, protect their brands and reputations, and perform exceptionally.”
The survey’s findings come against a backdrop of increased regulation around anti-corruption, such as the UK Bribery Act and the Foreign Corrupt Practices Act in the US. “We’re seeing large-scale anti-corruption investigations and record fines targeted not only at companies, but also at individual executives,” said Joel Lange, managing director of Dow Jones Risk and Compliance. “In this heightened regulatory climate, a company’s success, reputation and very survival is largely dependent on the effectiveness of its anti-corruption programmes.”
Regional differences
The survey also shows a regional disparity in attitudes to corruption, with respondents highlighting Iran, China, Russia, Iraq and the Ukraine as the countries most prone.
Mr Caldwell said it is important that any due diligence programme reflects the different level of associated risk. “For example, a partner in the UK that only does business with other western European organisations is much lower risk than a partner in central Asia that does business in countries that have high levels of official corruption.”