1-2-3s of ABAC Compliance Programs
Despite the proliferation of laws aimed at fighting bribery and corruption, a recent international report found that most countries are failing to stop corruption. How can organizations ensure they’re doing their part? Certa’s Jag Lamba offers nine signs that your company’s ABAC program is on the right track.
Anti-bribery and anti-corruption (ABAC) laws and standards govern business transactions and prohibit the exchange of anything of value (cash as well as goods and services) that would illegally influence either party toward taking, or not taking, a certain action. For example, the FCPA, one of the most prominent ABAC laws in the U.S., states that it is unlawful for “persons and entities to make payments to foreign government officials to assist in obtaining or retaining business.”
Keeping up with these laws is crucial in keeping risk down at any organization and doubly so if it does business internationally. Many countries have their own set of ABAC laws that must be adhered to, and it’s inadvisable to embark on a new campaign in those markets without preparing to meet those standards. Such laws include the UK Bribery Act, the Clean Company Act in Brazil, Canada’s Corruption of Foreign Public Officials Act and many others in Germany, Russia, China, Malaysia and beyond.
Transparency International’s Corruption Perceptions Index (CPI) ranks countries with the highest corruption levels. Its 2022 rankings found that most countries are failing to stop corruption, and the organization ranked Denmark, Finland and New Zealand as the least corrupt countries with Somalia, Syria and South Sudan coming in as the most corrupt.
Additionally, some industries are at a higher risk for corruption and bribery than others. Extraction (mining, oil and gas sectors) have for a long time been a hotbed of corruption, while construction has seen bribery and corruption rates escalate in recent years. And other sectors like technology, aerospace and defense are rife with corruption and bribery risks.
ABAC laws are important safeguards in countries and industries, and the penalties for violating them can be severe, so it’s crucial for companies to follow them at all times. The cost of noncompliance is not cheap — just ask Glencore Energy or ABB.
Of course, it’s one thing to want to adhere to these ABAC laws, but how can companies know if they’re compliant in practice with, say, the FCPA? There are some essential signs of anti-bribery compliance like employee and stakeholder training, systematic onboarding of third parties, documented and written codes of conduct and more.
Let’s touch on nine signs that a company’s ABAC policies are likely healthy and are keeping the company in a low-risk position when it comes to bribery and corruption.
1. Clear direction from the top
The tone coming from company leadership has an incredible impact on preventing bribery up and down the entire organization. If the CEO and other executives and managers regularly speak out about not tolerating bribery or corrupt business dealings, that will help to create a culture of compliance with ABAC regulations.
On the other hand, if no attention is paid to corruption and bribery prevention and the repercussions of breaking ABAC laws, and the culture is one that is more concerned with “getting the deal done, whatever it takes,” there is a heightened risk of such actions being taken by individuals throughout the company.
2. Anti-bribery and anti-corruption training
Even more than just talking the talk, businesses need to walk the walk. That can mean a number of the following items on this list, but a big part of taking action includes proper anti-bribery and anti-corruption training for all relevant parties. Depending on a company’s unique situation, those relevant parties can include all officers, directors, employees, stockholders and third-party agents, among others.
Those third-party agents can include consultants, distributors, joint-venture partners and more — the key here is making sure everyone is on the same page and trained consistently across the board.
3. Robust onboarding processes
A robust way to systematically onboard third parties can close a lot of the gaps that sometimes lawbreakers take advantage of (like not having a supplier or partner properly on the books for a period of time, providing cover for illicit transactions or negotiations before they’re in the system).
Further, some third-party management and onboarding software can help to screen for potential supplier and partner risks right at the point of onboarding. If a third party has a history of corruption, or is at a higher risk of bribery entering the picture, being able to flag that during onboarding goes a long way toward preventing the problem from growing.
4. Codes of conduct and compliance
More than just talking about expectations around bribery and corruption prevention, it’s extremely important for companies to actually have their codes of conduct and compliance requirements written down and available to all parties in advance.
A written code of conduct and compliance policies and procedures (for example, what to do if you suspect illicit dealmaking happening or if a partner offers a bribe?) will help guide employees through situations that may arise. It also might provide cover if any cases come to light, since a printed and posted code of expectations around ABAC compliance is key in demonstrating that any employee who is engaging in bribes or corruption is explicitly doing it against the stated company policy.
5. Solid disclosure capabilities
It’s not unusual for a lack of visibility into a company’s ties to other businesses, government officials or state-owned entities to accidentally land a well-intentioned business deal into ethically (and legally) perilous waters.
Companies should put in place the technical capabilities to identify or capture any disclosures indicating any ties to relevant individuals or organizations as early as possible — even potentially in the onboarding or discovery steps.
6. Compliance screening and ongoing monitoring
Beyond just capturing disclosure information, companies should make sure they are doing their due diligence to reduce bribery and corruption risks by screening partners and third parties for compliance with relevant laws.
This should happen at the point of onboarding, but not end there. Ongoing monitoring is necessary. After all, just because a partner is compliant today does not mean they will remain so tomorrow. Automation capabilities in certain third-party management tools make ongoing monitoring possible without an undue burden being placed on employees to do it manually.
7. Oversight and review processes
It’s not enough to put these capabilities and expectations in place; follow-through is needed. Thorough oversight and review processes will help dissuade individuals from trying to sneak an illicit deal past management, and catching any corruption in its early stages will reduce the potential ramifications and allow management to deal with it swiftly.
Additionally, all companies should make sure that they also have the ability to, once they have identified high-risk entities or relationships, escalate those to appropriate parties for careful review.
8. Audit trails
At some point, any organization may need to provide documentation about its ABAC prevention methods and what, specifically, was done in the case of a bribery or corruption incident.
Proper books and records will save many headaches down the road if they’re being kept along the way. Organizations should look to record as much as they can, so looking for that documentation feature in any tool or process that involves the coordination or communication between the company and a third party should be a priority.
9. Employee hotlines
No matter how much a company puts in place to make their operation bribery- and corruption-free, there’s always the possibility that one of the people working at that company goes against this training and breaks an ABAC law.
Providing a way for others to contact upper management to make them aware of what transpired—anonymously and without reprisal—is an important part of empowering an employee base to stop corruption in its tracks.
Each of these items can help keep a company compliant with anti-bribery and anti-corruption laws where they do business. Some can easily be implemented on top of existing activity, while others will require a more fundamental change to the way certain things are done at an organization.
Either way, the lack of any of these aspects might be a signal that there is a hole in a company’s defenses against bribery and corruption. To reduce risks during this crucial time ahead of us, patching those holes sooner than later should be at the top of a company’s to-do list.