Far too many anti-bribery and corruption compliance programmes are under-funded. This is a particular issue when a parent company is based in a jurisdiction less strict than where its subsidiaries operate, such as the UK or the US. Or when SMEs think they don’t have to be as robust as blue-chip corporates. And even when companies start out with good intentions, the compliance programme often becomes the target of budget cuts because, after a period of plain sailing, management comes to see the risk of non-compliance as low.
But, as with health and safety, if you think compliance measures are expensive, try having an accident! To see what the consequences can be, you only have to look at what happened earlier this year with Smith and Ouzman, a mid-sized company that did not have adequate procedures and thought SMEs would not be of interest to the UK’s Serious Fraud Office.
Whatever your company’s size, sector and markets, it’s important to realise that non-compliance with, say, the UK Bribery Act or export control regulations (especially the US regime) can result in heavy financial and personal penalties plus an overnight loss of reputation.
That’s why anti-corruption and bribery compliance is so important.
The challenges of running the compliance programme
And if it’s your job to run the compliance programme, it can sometimes be a lonely place. It’s unlikely you will remain popular and it won’t take long for even your closest colleagues to express concerns. “Your compliance measures are killing the business,” you’ll hear over again in one way or another.
I liken the role to being a car passenger. To make sure you all get to the destination in one piece and without being stopped by police or caught by a speed camera, you might need to remind the driver of the speed limit and point out unusual road signs that must be obeyed. Sure, you don’t set out to be an unpopular passenger; instead, you earn the driver’s respect with the quality of your advice and your ability to explain why particular actions are needed.
The value of independent advice
Sometimes, it can help to take expert, independent advice from a third party. A well-regarded external source can make management sit up and take notice more than you might achieve on your own as a ‘lone voice’ inside the organisation.
A comprehensive risk audit conducted by an expert compliance professional will highlight the risks of non-compliance in your organisation and the possible financial and reputational consequences if those risks are not addressed. It will also help you see what measures need to be taken.
Finding good anti-corruption and bribery compliance support is not simply a case of engaging legal advisers to tell you what your legal obligations are. You need someone who can do that as a first step but who can also advise you, based on sound experience, of where the gaps are and how to implement practical measures to meet all your obligations.
Make it proactive
The most common conflict occurs when the compliance team is engaged too late. So often we get called in when senior management or programme management had made commitments, often contractual, without reference to the compliance team. We then have to advise that, for good reason, a proposed deal or arrangement cannot happen, at least not in the expected timescale.
So companies need to engage their compliance teams, or take external compliance advice, at the earliest possible stage as part of how they do business. That’s the best way to negotiate the compliance risk minefield. Consider compliance too late, and it could all explode in your face.