Regulatory Compliance No Trivial Pursuit

If serious trivia seems like a contradiction, maybe you need to be more quizzical when it comes to anti-corruption compliance. January 4 is the one day of the year when there’s an excuse to be trivial—even in an area as serious as compliance in anti-bribery and corruption, anti-money laundering and terrorist financing, and the avoidance of forced labor in supply chains. This is because, all over the world, January 4 is Trivia Day.

As trivia goes, it’s ironic that how this day came about is lost in the comparatively recent mists of time. The meaning of ‘trivia’ as we understand it today—facts that are of little value or importance beyond their own peculiarly interesting novelty— dates to the early 20th century and use of the word as it pertains to quizzes emerged in the 1960s.

Then came Trivial Pursuit, which turned useless knowledge into a full-blown craze. It even gave trivia its own trivia: the board game was created in 1979 by two Canadian blokes who mapped out its structure in an hour, over a round of beers. Annual sales peaked in 1984 at around US$800 million. (If you’re old enough, these facts are in the small but irksome category of trivia known as “wish I’d thought of it first”.) Some years later, someone in the United States decreed that January 4 will henceforth be National Trivia Day. It caught on, and the internet did the rest in making the concept global.

Bribery and snakes

In the area of bribery, corruption, money laundering and the like, it’s natural to assume there’s no scope for fun trivia, right? Well, not quite. While it may not constitute the proverbial barrel of laughs, it does lend itself to a bag of snakes. Three of them, actually.

In northern India in 2011, a couple of farmers became so fed up with the bribes demanded to access their own tax records, they upended three sacks containing 40 snakes, including several deadly cobras, on the floor of their local tax office. Apparently, a new world record was set for in-office sprinting, although uncertainty remains as to which staff member set it.

Okay, so one snake protest doesn’t make a quiz. But how about this for a question: Which country recently elected as its president a former TV comedian who campaigned on the slogan “neither corrupt, nor a crook”? He was elected in 2015 and is still incumbent, despite several close relatives and advisers being embroiled in corruption allegations and prosecutions. If you don’t know the answer, see the * below.

If you’re still not convinced there’s a quiz in this, visit the ProProfs Quiz Maker website. It has more than a million quizzes to choose from, ranging from the Ultimate Taylor Swift Quiz, to the Are You the Type of Person Who Cheats in a Relationship? quiz, to… wait for it... the excitement is mounting... the First Quiz For Training On Anti-money Laundering the Anti-money Laundering Policy Quiz and several others in a similar vein. The multichoice questions focus on U.S. legislation and corporate practice, but you could use them as templates for writing your own anti-money laundering/anti-corruption quiz for employees and associates in any other country, to partake in as a training and awareness-raising exercise.

Conventional statistics

Statistics constitute a sizeable continent in the world of trivia, and there’s no shortage of stats in compliance. As a case in point, let’s look at the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (commonly known as the Anti-Bribery Convention) because—trivia alert!—2019 marks the 20th anniversary of its introduction.

Party to the convention are the 36 OECD members and eight other nations. Together they constitute 81 percent of the world’s outbound foreign direct investment and 66 percent of the world’s exports. They are also home to 95 of the 100 largest non-financial multinational enterprises and all of the top 50 financial multinationals. I mean, this thing has impressive reach. And you get one guess as to which superpower is now being wooed on the edge of inclusion (**).

A few months ago, the OECD Working Group on Bribery published a report, Fighting the Crime of Foreign Bribery, in which it explained: “Parties to the Anti-Bribery Convention agree to establish the bribery of foreign public officials as a criminal offence under their laws and to investigate, prosecute and sanction the offence. The convention is the first and only international anti-corruption instrument focused on the ‘supply side’ of the bribery transaction—the person or entity offering, promising or giving a bribe.”

In its graphic summary of the convention’s achievements, the report notes that bribery is now a crime in all of its 44 member countries; and all 44 have strengthened or created corporate liability laws in compliance with commitments made under the convention, allowing them to hold companies, and not just individuals, liable for foreign bribery. Eighteen countries have introduced or strengthened whistleblower protection in response to peer evaluation reports and recommendations.

Between signing the convention in 1999 and up until the end of 2017, in a total of 20 of the countries, 560 individuals and 184 entities have been sanctioned under criminal proceedings for foreign bribery. At least 102 individuals and 247 entities in 11 countries have been sanctioned for other offences related to foreign bribery, such as money laundering or accounting. The fact that 21 of the countries were yet to conclude any foreign bribery enforcement action is an indication of the uneven spread of activity. But in a total of 30 countries, another 500 investigations are ongoing.

Laboring the point

It’s drawing a dubious bow to claim that the statistics on forced labor could constitute anything resembling trivia. But how about this: Which country’s population most closely equates to the estimated number of people in forced labor around the world?

It’s Australia, with a population of 25 million.

Similarly (and also according to the International Labor Organisation’s 2016 estimate): Which country’s population is closest to the number of children, aged 5 to 17, who are subject to child labor around the world?

At a staggering 152 million, it’s Russia. Almost one in 10 of the world’s children; 64 million girls and 88 million boys. Almost one third of these children aged 5 to 14 are excluded from any education system, and 38% of those in that age bracket are involved in hazardous work.

It makes you think, doesn’t it? And isn’t that what trivia is all about?

Next Steps:

1. Download our eBook on ISO 37001 to learn how this anti-bribery and corruption compliance standard can help your organization avoid becoming a risk statistic.
2. Learn how Lexis Diligence and LexisNexis Entity Insight empower enhanced risk management.
3. Share this article with your colleagues and connections on LinkedIn.

FCPA Hangover: Whiskey Maker's $8M Settlement Puts Food & Drink Industry on Notice

The makers of Jim Beam whisky have paid $8 million to settle allegations of bribing government officials to enter the Indian market. The settlement is a timely reminder of the continued threat of FCPA enforcement action, and the particular risks posed by third parties in the food and drink industry.

Beam Suntory Inc has agreed to pay $8 million to settle allegations by the US Securities and Exchange Commission (SEC) that it violated the Foreign Corrupt Practices Act (FCPA). The SEC alleged that, from 2006 to 2012, Beam’s Indian subsidiary used third party sales promoters and distributors to make illicit payments to government employees in India. These payments would allegedly help Beam to get licenses and prominent placements on shelves. In one instance, senior managers reportedly agreed to pay an Indian official $18,000 to get approval for a new product.

Risks in the food and drink industry

Companies in the food and drink sector face an elevated risk of bribery and corruption. With their long and complex supply chains, it can be difficult to document each link in the chain and to demonstrate that it complies with regulations and meets consumers’ expectations of quality. Moreover, products are often sourced from countries in parts of the world where corruption is more entrenched, so third parties can be tempted to make illicit payments to secure contracts.

But bribery is not the only risk facing food and drink companies. The industry has problems with forced labor. A 2016 report by the campaign group Know the Chain found examples of forced labor in the supply chains of some of the world’s biggest food and drink retailers. Forced labor has been uncovered in poultry production in Thailand. Given that the EU is Thailand’s biggest export market for poultry, European companies must do extra checks on their Thai suppliers. Forced labor has even been uncovered in countries where corruption risk is lower, including strawberry picking in Germany.

Food safety is also a major risk facing the food and drink industry. Last week, eggs produced by a German company had to be recalled from Aldi and Lidl because of salmonella risk. In 2013, the UK supermarket Tesco suffered significant reputational damage after its own brand of spaghetti Bolognese was found to contain up to 60% horsemeat. Its supplier Comigel processed the meat in a factory in France. Recalls not only means a company loses money on the recalled products, but it can lose the long-term trust of its consumers, who may no longer believe that company can provide their family with food that is safe. So, companies must make sure their supply chain meets regulatory standards and increasingly demanding consumer expectations on food safety.

No last orders for FCPA enforcement

The Beam settlement is a reminder that FCPA enforcement is very much here to stay and remains a major regulatory driver for U.S. companies and firms with offices registered in the U.S. Midway through 2018, there are currently 130 active FCPA investigations in 49 countries and 55 industries. FCPA enforcement actions in the second quarter of 2018 led to nearly $1 billion being paid to settle allegations. The Act expects that businesses should conduct reasonable due diligence background investigations on third parties and determine that they are not involved in corruption.

While the FCPA remains strong, regulation elsewhere is getting stronger. Recent laws which affect the food and drink industry include the U.S. Food and Drug Administration’s Food Safety Modernization Act and its rules on sanitary transportation and foreign supplier verification programs. In addition, the California Transparency in Supply Chains Act and the Modern Slavery Act in the UK address the issue of forced labor anywhere in an organization’s supply chain.

How can companies manage the risks?

Due diligence is essential to meet supplier verification expectations. Companies should assess prospective suppliers against criteria such as quality, safety, cost, and timeliness. In addition, ongoing monitoring within a PESTLE framework enables companies to identify emerging threats based on their specific risk considerations. Do you have the transparency needed to spot third-party risks before they become a headache?

Actions You Can Take Now

1. Check out our new eBook on compliance issues for the Food & Drink supply chain.

2. Download our white paper on the FCPA Corporate Enforcement Policy.

3. Share this post on LinkedIn to keep the conversation going.

Danske Bank and Siemens invite ABC compliance in the boardroom

Danske Bank and Siemens have appointed chief compliance officers to their boards of directors this summer. We explore why compliance has become accepted as a critical function in any company.

At the next board meeting of Denmark’s biggest bank, a chief compliance officer will be at the table for the first time in the company’s history. Danske Bank has announced that it has hired Philippe Vollot, who previously handled anti-financial crime and anti-money laundering for Deutsche Bank. The elevation of the status of compliance is a growing trend in the U.S. and Europe. Just last month, Siemens nominated its compliance chief Sylvie Kandé de Beaupuy to its board of directors. It shows that compliance, as distinct from legal and audit functions, has become accepted as one of the most important aspects of a business.

Regulatory pressure drives compliance

Perhaps the most significant driver of the rise of compliance is the global spread of anti-bribery and corruption legislation and regulation. Nine out of ten firms say regulatory reforms are increasing their compliance costs, according to a 2017 survey of 183 senior finance professionals by Duff & Phelps. New anti-bribery and corruption legislation with tougher penalties has been introduced in the UK, U.S. and EU in the last few years. If a company is charged with bribery and corruption, it will suffer significant fines and reputational damage.

A recent regulatory trend has been to offer incentives for companies which take compliance seriously. Last year, the U.S. Department of Justice introduced a Corporate Enforcement Policy which offers “additional benefits” to companies that self-disclose a breach of the Foreign and Corrupt Practices Act and meet certain conditions. A key condition is the “implementation of an effective compliance and ethics program”, including “the resources the company has dedicated to compliance” and “the authority and independence of the compliance function and the availability of compliance expertise to the board”.

Compliance budgets are growing

A bribery and corruption scandal is often the catalyst for a company to overhaul its compliance operation. Danske Bank’s decision to elevate the status of compliance could be an example of that. It is currently carrying out an internal investigation into allegations that its Estonian branch was used by customers to launder money from 2007 to 2015. The Brazilian construction company Odebrecht has invested in compliance to help turn around its fortunes after a major bribery scandal. Last year, it paid $3.5 billion to the American, Brazilian and Swiss anti-corruption authorities to settle allegations of bribery in Brazil. Since then, it has appointed a chief compliance officer and boosted its compliance budget from $3 million in 2015 to $20 million this year.

But scandal-hit companies are not alone in increasing their compliance budgets – surveys of compliance professionals indicate that their budgets are increasing in most companies. This is because companies have found that focusing on compliance is good business. Customers and investors want to buy into companies that are seen to be ethical. A good example is David Helgason, the co-founder of a major Danish video games company, who moved his account to a different bank in response to Danske Bank’s money laundering allegations.Trustworthy companies have better relationships with third parties. Companies that comply with anti-bribery and corruption legislation are eligible for lucrative contracts from organizations such as the World Bank. As more companies realize this, we should expect to see compliance officers being added to boardrooms around the world.

C-suite setting the tone

The move by Danske Bank and Siemens shows that the C-suite is recognizing the importance of setting a clear tone from the top on ethics and anti-bribery and corruption. Even the best designed compliance programs can only be effective if a company’s senior managers are fully committed to the principle. If not, more junior staff may not feel empowered to report suspicions of unethical practices. CEOs also have fiduciary duties to act in the best interests of the company and its shareholders, and a corruption scandal on their watch can be seen as a breach of those duties.

Make the most of your compliance budget

Giving compliance a seat at the board and increasing its budget are important steps in managing the risk of bribery and corruption, but they are not enough by themselves. Companies must ensure they are getting the most from their investment by adopting best practices, including a risk-based approach to due diligence by identifying which of customers, suppliers and third parties pose the greatest risk of bribery and corruption, then conducting enhanced due diligence on them. Technology can help companies reduce the time and expense of compliance by allowing for automated screening and risk monitoring to identify current and emerging risks among thousands of entities and individuals against a wide range of sources, from sanctions lists to negative news coverage.

3 Ways to Enhance Your Compliance Process

1. See how Lexis Diligence® and LexisNexis® Entity Insight enable companies to implement robust due diligence and risk monitoring processes to mitigate ABC compliance risk.
2. Find out about additional ethical expectations—from investors and consumers—that companies must address in our newest eBook.
3. Share this post on LinkedIn to keep the conversation going.

4 ways to mitigate third-party risks

Lower operational costs, enhanced supply chain stability, smoother entry into new markets—the benefits of outsourcing business functions to third parties are undeniable. As the third-party networks that organizations rely on grow larger and more complex, however, identifying and mitigating the associated regulatory, financial, reputational and strategic risks becomes more challenging. How do you achieve the needed transparency to build trust, safeguard against third-party risk and demonstrate a commitment to ethical business practices?

Strategies for addressing third-party risk

No risk mitigation program is infallible, but organizations can reduce their third-party risk exposure and improve their ability to respond proactively in the face of a risk event.  Here are four key components of an effective program.

1)      Establish a culture of integrity—Regulators around the world have stressed the importance of corporate leaders setting expectations for ethical business conduct. This requires more than an inspiring speech by the CEO. Make sure that the employees who engage with third parties on a day-to-day basis have periodic training on corporate anti-bribery and corruption policies, regulatory expectations, and the reporting process for suspected violations. In the event of a compliance violation, reporting is particularly crucial. Thanks to regulators’ carrot-or-stick programs that incentivize self-disclosure of violations—such as the FCPA Pilot Program and the French and British governments’ Deferred Prosecution Agreements—a company that self-discloses a suspected violation and cooperates with the subsequent investigation can substantially reduce the financial and reputational costs of prosecution.

2)      Follow best compliance practices – While there are other areas of risk to consider, regulatory compliance is one of the most challenging to address for several reasons. Global third-party networks span many borders, and as such, are accountable to regulatory requirements of each country. In addition, organizations must deal with a constantly evolving array of sanctions, watch lists and PEPs. Adopting best practices, such as the ISO 37001 anti-bribery and corruption certification introduced by the International Standards Organisation last year, can help you build out and independently certify your compliance processes.

3)      Invest in due diligence and ongoing monitoring—Faced with budget pressures and staffing shortages, a one-size-fits-all approach to vetting third parties either exposes your organization to greater risk or over-taxes your resources. The end result, either way, is higher costs. Instead, you should tailor due diligence based on risk to optimize the efficiency and effectiveness of your investigations. In addition, organizations should implement ongoing, risk monitoring using a PESTLE framework to help surface risks related to Political, Economic, Socio-Cultural, Technological, Legal, or Environmental factors.  By monitoring for risk warning signs in near real time, you can manage your supply chain or third-party risk more proactively.

4)      Use technology—It’s not unusual for organizations to rely on hundreds or even thousands of suppliers and other third parties. With the right technology and data sources—including legal cases, sanctions, watch lists, and negative news coverage— organizations can automate third-party screening. When screening identifies risk red flags—such as third parties operating in sectors or countries with reputations for corruption—organizations can target those specific entities or individuals for deeper due diligence. Allowing more time- and cost-effective to use of resources. Look for technology solutions that support documenting the screening, due diligence, or monitoring process to address regulators’ expectations.

Increased transparency in third-party relationships helps organizations reduce risk and foster trusted relationships—and not just with third parties. Demonstrating corporate social responsibility in how you choose and manage third parties—and avoiding negative headlines related to a bribery scandal, forced labor in the supply chain or a defective product—helps you develop stronger relationships with shareholders and consumers. Ultimately, increased third-party transparency and trust can open doors to new supply sources, lucrative markets, sustainable business growth and higher profits.

 3 ways to apply this information

1. See how LexisNexis technology can help you support documenting the screening, due diligence or monitoring process. 

2. Read more about risk on our blog.

3. Comment below to tell us your tips for mitigating third-party risk

States Seek to Maintain Net Neutrality

At least 32 states have introduced legislation this year that would require internet service providers to uphold net neutrality principles, according to analysis by the National Conference of State Legislatures and LexisNexis State Net. Many of those states introduced resolutions expressing opposition to the FCC’s decision last December to repeal net neutrality regulations and urging Congress to enact legislation reinstating net neutrality, but most of the states also considered net neutrality bills. Four states – California, Oregon, Vermont and Washington – have enacted such measures. In addition, governors in six states have signed executive orders dealing with the issue.