High profile and costly enforcement actions under the US Foreign and Corrupt Practices Act, and the introduction of newer legislation in the UK and France, has moved bribery and corruption up the board agenda for international companies. The FCPA, UK Bribery Act and France’s Sapin 2 all encourage risk-based approaches. Companies are expected to identify and prevent corruption in third-party relationships such as supply chains, distribution networks and customer bases.

A significant risk control in anti-bribery and corruption (ABC) compliance is to conduct due diligence on third parties. These investigations seek evidence of relationships between a third-party business, its directors and major shareholders and politicians, public servants, entities or individuals with past evidence of corruption, or with overly complex or shielded business structures. The depth of a due diligence investigation is governed by a risk model that takes a series of indicators into account.

One key indicator is the extent of corruption in a local market. It makes sense to target additional investigative resources towards business relationships in Nigeria, which has a reputation for serious corruption, rather than Norway, which does not. At these extremes of the corruption scale it is straightforward enough to make a distinction, but for countries closer to the middle of the scale, it is more difficult to take a targeted approach.

Perhaps unsurprisingly, it is hard to get hold of empirical data that can be used as the basis for a corruption country risk scale. Inevitably, government statistical bureaus tend not to publish data on public corruption. As an illegal activity that takes place in the shadows, it is almost impossible to measure at source. Prosecutions and high profile scandals offer an insight, but mainly into who got caught, rather than where businesses are most exposed.

Apr-Jun 2017 Issue

The Risk Advisory Group plc