ETHIC Intelligence was very pleased to host its second annual international conference on Standards and Guidlines: Recent developments in Anti-Corruption Compliance on September 11, 2017 at the OECD conference centre in Paris. You can now view photos and video from the conference where experts from business, civil society and government exchanged and debated on how best to progress in the fight against corruption.
Philippe Montigny is CEO of ETHIC Intelligence and Chairman of its Certification Committee. Philippe has over 20 years of experience in advising companies on strategies to prevent corruption and leverage business integrity.
The compliance community must navigate amidst an ever-changing landscape of laws, recommendations, emerging corruption risks, trends in investigations and the threat of prosecution. The ambition of this blog is to bring this landscape into focus while raising compliance effectiveness from both a business and legal perspective.
After 20 years, the OECD Convention is still capable of so much to ensure more transparent, equitable and efficient business practices.
The very existence of a corruption prevention program for active corruption has a direct impact on the efficacy of a corruption prevention program for passive corruption.
An ISO 37001 certification will only have value if the auditors who carried it out are specialists in the field.
Full respect for corruption prevention procedures even more vital at mid-sized companies than at multi-nationals.
Full respect for corruption prevention procedures even more vital at mid-sized companies than at multi-nationals.
The ISO 37001 audit can strengthen the corporate anti-corruption compliance culture.
The question of which budget should be allocated to anti-corruption compliance is a difficult one for any company.
Compliance officers have long been preoccupied by their potential exposure to legal liability. Recent cases of prosecutions – and convictions – of Compliance Officers justify this preoccupation.
From this standpoint, the ISO 37001 reflects the philosophy of the UK Bribery Act and its Guidance which has required companies to be equipped with “adequate procedures” since 2011.
The publication of the ISO Standard 37001 and the fact that it is certifiable has caused companies to get in touch with us for clarification as to whether the standard offers legal protection in the event of the discovery of an act of corruption at the company.
The imminent publication of ISO 37001 on Anti-Bribery Management Systems has sparked many questions on the details of the Standard which demonstrates a certain level of interest by the business community. As I have participated in the drafting of the ISO 37001 over the past four years, more and more people are questioning me about its content and potential repercussions. I would like to share my views on its features
The multiplication of national guidelines published on the issue of anti-corruption compliance over the past few years has some Compliance Officers shaking their heads in perplexity.
My last blog Human Resources: the last frontier for compliance drew comments from the blogosphere specifically on the issue of variable remuneration for sales people ie. results-based bonuses. I suggested, as others have before me, that a disproportionally high bonus vis-a-vis a fixed salary in countries of weak governance could lead sales people to conclude contracts at any price.
After all, bribes are always paid by individuals. Moreover, this is the sentiment behind the Yates memo in which US Attorney General Sally Yates states that not only will she be targeting companies but also individuals who represent the “flesh and blood” of corrupt activities.
Recently, I shared a few thoughts on LinkedIn on the subject of corporate monitoring. The comments generated from those posts as well as previous discussions I have had with compliance officers, lawyers and others lead me to address three recurring themes.
As I mentioned in my previous blog I would like to consider the organization of a compliance system and, in particular, the controls in place to ensure appropriate implementation. Once again, I will use examples that I have witnessed over ten years of observing certified companies meet the evolving challenges of anti-corruption compliance.
An efficient anti-corruption compliance system prevents corruption and detects misconduct.
After ten years as President of the ETHIC Intelligence Certification Committee, I would like to share some common principles that I have noticed in the compliance programs of companies we have certified.
Beyond the formal requirements issued by various jurisdictions (American, British, Italian, Russian, Brazilian, Spanish, French, etc.) the following are some essential points that allow for an effective program capable of preventing corruption and ensuring efficient controls of its implementation.
The publication of the Anti-Bribery standard, as ISO 37001 is already known, in the autumn of 2016 will be the most significant event of the year for those in the anti-corruption compliance community.
Currently, it is a « Draft international Standard » and is being voted upon by the countries who have participated in its development. The voting ends in April 2016 and if the result is positive, which is the likely outcome, the reference document will be finalized during the next ISO meeting in Mexico the week of May 30, 2016 and the standard will be published officially by ISO before year’s end.
In 2016, ETHIC Intelligence will celebrate its 10-year anniversary of certifying corporate anti-corruption compliance programs. Also expected in 2016, is the publication of the new ISO Standard 37001 on “Anti-corruption Management Systems.” It is apparent that corporate anti-corruption compliance programs and their effective implementation are becoming standard business practices. For the past ten years, I have been asked why I thought that companies would be interested in certifying their anti-corruption compliance programs years before the issue took on the importance it enjoys today.
Should a compliance officer be completely independent of company/corporate operations or should he play an active role as part of the operations team?
Very often the tendency is to assume that the Compliance Officer should retain his independence. The answer, however, is not straightforward and it is an important issue as it has a tangible impact on the efficacy of the Compliance Officer.
Having dedicated several blogs to the importance of Tone at the Top and training in the fight against corruption I would now like to turn my attention to the anti-corruption compliance program itself: its organization, pillars and implementation.
A manager oversees a compliance program. Sometimes this manager is called a Compliance officer, other times an Ethics Officer. For a long time I did not think this distinction was important. I believed it was more important to focus on his or her responsibilities, scope and view of how the challenges of anti-corruption compliance could be met most effectively.
All national guidelines currently issued on anti-corruption compliance contain a section on the importance of training. Every company committed to anti-corruption compliance develops comprehensive training programs. The financial investment made on face-to-face training or eLearning is significant especially if you take into account the time spent by the employees who follow the sessions.
The number of employee hours spent on training could be used by the company as a legal defense in the always-possible instance of an act of corruption. However, these quantitative considerations should play no role in the qualitative dimension of anti-corruption training. In order to optimize a company’s return on investment in the anti-corruption training sector the quality of the sessions shouldbe evaluated and updated continuously.
In a recent post, I mentioned the four pillars of any effective anti-corruption compliance program. Four pillars which have demonstrated their effectiveness in the domain of industrial accidents and which can be readily transposed for corruption prevention: Tone at the top, training for relevant personnel, tools adapted to risk and controls of the implementation.
Having explored the importance of Tone at the Top, I would now like to share my experience with you on the issue of anti-corruption training. For 15 years, I have been traveling the globe training companies from management boards to sales staff on anti-corruption compliance. Through this, I have been able to identify a common error made by trainers, which makes their task unnecessarily difficult.
In my last blog, I analyzed the reasonsfor which CEOs hesitate to communicate on corruption prevention. I would now like to draw attention to CEOs who not only communicate on it and the company’s zero-tolerance for corruption, but who do so with imagination!
What follows are ten examples of communicating on anticorruption compliance that I have observed over the 10 years I have spent chairing the ETHIC Intelligence Certification Committee, which reviews the best practices of corporate corruption prevention programs. Some examples are company or personality specific but they all contain elements which can be adapted to any company’s anti-corruption compliance program in order to meet international best practices.
In my last post, I emphasized the need for management to state loudly and publicly the company’s ban on corruption. The tone at the top is the base without which an anti-corruption compliance program cannot be efficient. This is also reflected in the fact that all national guidelines addressing the issue of anti-corruption compliance emphasize the importance of tone at the top.
In spite of this, many Compliance Officers are faced with CEOs or senior executives who, even though they are convinced of the importance of doing business with integrity, are hesitant to speak out on the company’s zero tolerance for corruption. I regularly hear the same five bad “good reasons” not to communicate on corruption prevention. I will offer an argument against each.
Years ago when I was examining ways to design the terms of reference to be used for the certification of corporate anti-corruption programs I noted that the ways in which companies designed and implemented processes to prevent industrial accidents had many similarities to those needed to fight corruption.
This analogy with industrial accidents is useful for Compliance Officers who can use it to explain and illustrate the steps necessary for preventing corruption. Most companies take security very seriously regardless of the location of their factory or office. Comparing newly established anti-corruption processes to those of the long accepted practices of work safely is an efficient way to convince employees of the importance of the new procedures.
In my previous blog, I insisted on the importance of adapting an anti-corruption compliance program to the local social and cultural environment all the while respecting a zero tolerance for corruption.
Ensuring respect for a zero tolerance policy on corruption is relatively easy in companies, which operate in countries who are well ranked on the Transparency International Corruption Perceptions Index (CPI). Staff understand the importance of integrity in business and respect the compliance processes readily.
However, in countries where acts of corruption are more the rule than the exception it is difficult to convince staff of the importance of doing business with integrity.
In my previous blog, I tried to demonstrate that corruption is not related to a particular culture. That said, today I will expand on the importance of integrating culture into an anti-corruption compliance program.
I believe that the efficiency of an anti-corruption compliance program depends on its success in including social and cultural factors in regions where it is implemented. The days of a headquarters imposed, culturally insensitive program, are over.
In order to sell goods and services on a global scale, sales strategies need to be adapted to the multiple specificities of local environments. However, one element remains invariable: retention of the profit margin. With respect to implementing an anti-corruption compliance program, the same principle applies: it must be adapted to the local environment with one invariable element: zero tolerance for corruption.
In my last blog, I referred to the importance of the human factor in an anti-corruption compliance program. After all, individuals pay bribes to other individuals.
Once this fact is accepted as a given I am then challenged on the issue of whether or not corruption has a cultural dimension. This assertion is used to argue that corruption is inevitable in certain countries as it is part of the culture. Moreover, management’s willingness to show zero tolerance for bribe paying is in fact contrary to local customs and is thus doomed from the start. Compliance officers are occasionally thrown by this argument, which suggests that the payment of bribes could, potentially, be considered a sign of respect for local customs and traditions.
On this point, I am emphatic: corruption is not a cultural issue.
In my previous post, I outlined the reason for which an anti-corruption compliance program is important for the board in terms of business strategy and competitiveness. I explained how obtaining business through corrupt practices results in a false sense of security vis-à-vis market expectations and, consequently, produces inappropriate – sometimes even incoherent – decisions by top management regarding business development.
Today I would like to focus on how top management’s approach to compliance, and the degree to which compliance drives their decisions, is essential to the effectiveness of any compliance program.
Of course,compliance stillrequires a system of organization includinga network of compliance officers, risk analyses, written procedures and policies.More than anything, though, compliance is an approach, a way to manage individuals and organizations and a factor in strategic decisions.
Let’s be honest: a compliance program, no matter how robust, will never be able to fully eliminate corruption risk.We have to accept that compliance safeguards will always be slightly behind the imagination of someone determined enough to break the rules. More than anything, a compliance program provides the meansnecessary to fight corruption; but the program itself is not a guarantee that corruption will never occur.This is why top management’s approach to compliance, and more precisely its management style, is so important.
Many compliance officers have voiced frustration that their boards don’t take the anti-corruption compliance issue seriously; that is, that they treat it as a purely legal issue and not as a strategic concern that can have an important impact on business development.
For many boards, the sole purpose of an anti-corruption compliance program is to mitigate a (very real) legal risk. They espouse the point of view that, albeit justifiable in terms of legal protection, anti-corruption compliance programs represent a ‘non value generating’ cost center. They therefore seek to keep the functioning costs – travel, training, due diligence, number of team members, etc. – to a minimum.
In return, all they expect from their anti-corruption compliance program is that it minimizes the risks brought about by their sales operations. In short, it offers them a certain level of protection from a risk which they perceive to be purely legal.
But what if corruption was not just a legal risk? What if it were, above all, a business risk? This is where compliance officers have some serious board-level convincing to do.
It’s no secret that the anti-corruption compliance issue has been gaining momentum these last few years, and with good reason. Prosecutions for corruption violations are on the rise. Companies are gaining awareness of the advantages of doing business with integrity.There is an increased level of public scrutiny. And with growing risk and interest in the issue, compliance officers now must navigate as best they can amidst the changing landscape of recommendations, laws, newly-identified corruption risks, trends in investigations and the threat of prosecution. In all, a worthwhile discussion to contribute to in the hopes of helping compliance officers find their way.