Bribery and corruption risks are often elevated in times of crisis and affect all aspects of the compliance world. This is particularly true in respect of the COVID-19 pandemic due to a number of factors, including a financially volatile climate, increased cyber-security threats and diverted corporate focus towards other COVID-19 risks. These factors make it all the more crucial for companies to re-assess bribery and corruption risks and have in place adequate anti-bribery and corruption (ABC) mitigation measures.
This article explores several new bribery and corruption challenges faced by organisations in light of COVID-19, and ways in which internal compliance policies and procedures should be updated to address such challenges. See our earlier ABC newsletter here for an overview of the rise of fraudulent activity during COVID-19 and other key updates in this area.
A changing risk landscape
Given the speed in which lockdown measures were implemented, there was limited chance (if any) for organisations to assess the kinds of bribery and corruption risks that could arise as a result of new working or operational processes. Companies may have also found existing procedures to control bribery and corruption risks have taken a back seat while key focus is placed on addressing operational concerns and business disruption due to COVID-19 and the transition back to work.
Day-to-day operations are not the only processes that have been affected. COVID-19 global restrictions, including pressure on government resources, have affected due diligence investigations into potential targets located in foreign jurisdictions. With in-person meetings and access to authorities rendered more difficult, potential ABC risks associated with such targets are more challenging to assess.
Recognising these risks, the Working Group on Bribery at the Organization for Economic Cooperation and Development (“OECD”) recently announced that, in light of the corruption risks inherent in the current global crisis, they would examine the possible impact and consequences of the coronavirus pandemic on foreign bribery, particularly in the health industry. The OECD also re-iterated that “it is vital that countries remain actively engaged in anti-corruption efforts and work together to ensure their efforts to overcome this crisis are not weakened by corruption”.
Striking the right balance
Striking a balance between, on the one hand, the need to adjust controls to manage issues relating to business and supply chain disruptions, illness and cash flow shortages and, on the other hand, maintaining sufficient controls to limit potential exposure to bribery and corruption risks is a tricky but crucial part of corporate risk management.
This balancing requirement has been the subject of focus of Transparency International, which published 'Anti-bribery and corruption during Covid-19 - six tips for compliance officers' on 9 April 2020. The ICGN, a non-profit leading authority on global standards of corporate governance, have also recently published updated 'Guidance on Anti-Corruption Practices', which makes it clear that investors should consider corruption to be a systematic risk that should be addressed alongside other critical systems risks such as the COVID-19 pandemic, climate change or wealth inequality.
Practical Next Steps
With this in mind, the following best practice steps should be considered to help redress the balance:
- New materials may mean new suppliers. If a company's business model has changed as a result of COVID-19, for example with certain manufacturers turning to the production of personal protective equipment or other supplies, businesses may need to seek new suppliers. As always, this presents a compliance risk. Make sure new suppliers go through proper on-boarding channels with written contractual agreements requiring ABC compliance. If they have not, retrospective analysis of the supplier and implementation of ABC contractual requirements should be considered.
- Communicate and re-highlight ABC policies, procedures training and other guidance to employees (including in relation to codes of conduct and ethical business practices). Ensure that employees are reminded of their legal and ethical obligations, and of the consequences of breaching the company's compliance policies, even in times of business disruption. Any new controls, such as those relating to new suppliers and contractors, should be communicated and explained to employees in charge of managing these relationships.
- Revisit your Risk Assessments. ABC risk assessments that are regularly reviewed will continue to play a key role in a company's risk compliance programme. Such risk assessments will need to be updated to reflect any changes in a company's operations, customer base, or business prospects. For example, companies may decide to increase their commitment towards charitable donations in light of the COVID-19 pandemic. Whilst a laudable development, this also presents an increased bribery and corruption risk if appropriate verification and mitigations measures are not implemented.
Consider also whether any such changes may require an update of your internal ABC Policy and related risk mitigation measures.
- Re-start any ABC processes which may have been placed on pause. For example, check that gift and hospitality registers continue to be properly updated and monitored and consider whether any other diligencing controls should be re-tightened. Any new gift and hospitality procedures implemented as a result of an increase in home working, such as the increased use of gift-vouchers and other online rewards instead of physical hospitality, should be carefully considered and included as part of the company’s ongoing risk assessment.
- Deal diligence and other forms of customer/ payment diligence should continue to be prioritised, but flexibility is key. Where in-person meetings are impossible, video conferences facilitate face-to-face meetings. With responses from customers or authorities likely to be delayed, flexibility with transaction and other deadlines could be relaxed to allow proper controls to remain in place.