What are some specific bribery and corruption risks that arise out of the pandemic?
Business integrity refers to the intersection between ethics and business practices. Bribery and corruption affect business ethics and confidence and constitute a hidden cost of doing business. The aim of bribery and corruption is to influence the behaviour of decision-makers to make decisions based on unethical (and often hidden) considerations.
The COVID-19 health crisis has resulted in a lot of disruption across the world, with businesses experiencing unprecedented and unpleasant changes. Governments around the world are taking extraordinary measures to minimise the spread of the disease and this is having an effect on supply chains, availability of specific skillsets, employee mobility and market reach. Many states are also rolling out financial and economic policies geared towards cushioning both businesses and individuals from the disruption caused by the spread of COVID-19. In these difficult circumstances, businesses have to explore strategies to remain resilient.
Some potential risks that may arise include:
- Illegally influencing government and enforcement agencies to overlook non-compliance or grant favours to the organisation – such as movement of staff and transportation of produce and other essential items during curfews and lockdowns;
- Illegally influencing government policy to influence allocation of financial benefits;
- Bribery/corruption risks within urgent procurement – engaging politically exposed persons and high risk intermediaries;
- Increased gifts and donations from suppliers and politically exposed persons to ‘support’ businesses during the pandemic, in exchange, for favourable business terms when business is back to normal; and
- Facilitation payments and bribes to regulators for non-compliance with industry practises e.g. tax return deadlines.
A robust anti bribery and corruption (ABC) risk management framework focuses on preventing bribery & corruption, detecting any exceptions and responding to any identified non-compliance.
An illustration of the framework is below, and elements of the same discussed further below.
Will bribery and corruption increase during the COVID-19 crisis?
The spread of COVID-19 infections and the resultant disruption has presented organisations with new risks and challenges that have impacted normal operations, as businesses try to respond to the health crisis. As a result, new government regulations such as curfews and lockdowns have forced some businesses to temporarily close or operate at greatly reduced levels.
Furthermore, organisations have had to engage in urgent procurement to secure supplies such as disinfectants, face masks and other hygiene supplies, often through intermediaries in the supply chain.
The health crisis and government operations have made business operations “uncomfortable” and it will not be unusual for businesses to seek to ease this discomfort through all means possible, some of which may be unethical such as bribery and corruption.
Issues can arise based on internal factors and external factors.
Members of staff can be offered or demand bribes during procurement. For example, many firms had to undertake unplanned procurement of IT equipment for remote working as well as of cleaning and sanitary supplies. This risk can be intensified by the urgency to procure and the limited experience that companies have procuring sanitary equipment such as masks and disinfectants.
Many regulations on bribery and corruption hold an organisation liable for the actions of its staff in such situations, if the organisation cannot prove that its anti-bribery and corruption procedures were robust.
Counterparties and intermediaries – Third parties used by the organisation may constitute a substantial source of risk in case they are operated by politically exposed persons or have been sanctioned for previous concerns relating to corruption. The risk here arises from inadequate due diligence procedures or inadequate mitigation to address identified risk.
Interactions with government authorities – Local and cross-border transport has been substantially affected by the health crisis. Also, the authorities have issued new regulations affecting normal operations and this provides an opportunity for businesses to influence the authorities to either seek exemption or avoid being penalised for non-compliance. Further, many governments have sought to cushion businesses financially. This may present a bribery and corruption risk, as businesses seek to influence government policy or be prioritised in receiving bailouts.
What controls and measures should organisations consider putting in place to prevent, detect and respond to some of these risks?
- Leadership and Governance
There should be top level commitment to establishing the appropriate anti-bribery and corruption (ABC) culture within the organisation, including requiring executive involvement in high risk situations. This also involves regular reinforcement of the ABC message. There should also be a heightened review and impact analysis of current decisions.
- Policies and Procedures
These should be aligned to the risks faced, which are based on country risk and type of business among other factors.
The organisation should put in place a structure that holds individuals accountable for specific activities, events and roles.
- Risk assessment
Management should explore the areas within the organisation that are most susceptible to bribery and corruption and assess the adequacy of the related controls. There should be active review of business terms, conditions and liabilities in outsourcing agreements and company contracts which have the potential to cause significant business risk
- Specific compliance processes and controls
The organisation should develop controls specifically meant to address this risk, by:
- Examining high risk areas such as politically exposed persons in internal and third party relationships;
- Evaluating the extent of interaction with government agencies;
- Evaluating the extent of involvement of intermediaries;
- Communicating with relevant industry regulators and updating them on business impact; and
- Documenting alternative business protocols, approvals, and business decisions for future review
- Record keeping
The organisation should maintain records detailing adequacy of the ABC program. A data log and tracklist is important to know all confidential and/or third party information the organisation holds that may be irregularly exchanged for money in such times of crisis and business volatility. The organisation should review its policies on employees filing or holding confidential business information outside the workplace.
- Training, Culture and Awareness
Regular training and certification helps in proving that the relevant individuals in the organisation understand their obligations and that there is robust communication. Employees should be sensitised on the whistleblowing hotlines or other reporting channels in the organisation.
- Continuing Monitoring and Testing
The organisation should regularly review and monitor operations to identify suspicious/high risk transactions and situations.
Having in place a whistleblowing facility is key as it enables internal and external users to be able to report delicate concerns such as those relating to bribery and corruption.
- Data and Systems
Appropriate ABC controls can be built into enterprise systems, and these can flag high risk transactions/situations for further review.
- Evidence collection
An organisation’s procedure should enable the organisation to identify and safeguard information that could be considered to have evidentiary value.
Where non-compliance is suspected, investigative procedures should be robust to evaluate the extent of exposure.
When an exception arises, the organisation should have in place a way to rectify the situation – for example, obtaining expert guidance on managing the situation to avoid it deteriorating.
If you have detected an instance of potential economic crime within your organisation, what steps should you take to address the situation?
The approach to take when faced with potential bribery and corruption will depend on the response plan adopted by the organisation, the type of issue, the authority level of the suspected perpetrators in the organisation and the potential impact of the incident.
The first step should be to stop the suspected corruption scheme to limit the extent of damage. A preliminary assessment should be conducted to establish whether an investigation should be conducted and the approach to the investigation. Nonetheless, an organisation has to review its existing anti-bribery and corruption policies during an investigation.
Initial steps that can be taken include:
- Ceasing any engagement with the entity involved until a suitable time when an investigation findings are available;
- Suspending employees from work until investigations are complete; and
- Collecting and securely storing relevant potential evidence.
Ultimately, the organisation should seek to continuously evaluate and improve its anti-bribery and corruption framework to minimise the risk as well as damage that may arise.