As companies continue to pursue new customers in emerging markets, they must constantly weigh the benefits of expansion with the risks that lurk there, including bribery and corruption risks. Relying on multiple partners in countries where bribes, gift giving, and mutual back scratching are a normal part of every-day business culture can make the chief compliance officer's job seem impossible.
Speakers and delegates at the inaugural Compliance Week Europe conference in Brussels earlier this month were frank about the challenge of working in emerging markets. But they shared their success stories, too.
Cees Klumper, chief risk officer at the Global Fund, told delegates his organization financed health projects in 150 countries, many of which have an appalling record for bribery and corruption, lost only 2 percent of its annual budget to misuse—and 80 percent of that it recovered eventually.
“The lesson is that this risk can be managed, albeit it a cost,” he said in a session titled, “How Do You Identify Third-Party Risks?”
The Global Fund runs an initial light-touch assessment on every organization it funds, then digs deeper depending on what the initial analysis reveals. Deciding how deep to probe “is an art and a science,” Klumper said. With 600 staff performing this kind of work, it's also hard to ensure the assessments are consistent. Another challenge is setting up an effective program to monitor weak partners that have been told to improve.
The corruption threat needs to be seen in context, too. On the Global Fund's list of 19 serious risks, it only ranks at number ten. The organization's purpose is to tackle Aids, TB, and malaria; its biggest risk is that it won't get treatment to the people who need it most. “We have to ask ourselves, given we are there to save lives and fight disease, how much risk are we willing to accept?” he said.
Stefanie Wiegard, global compliance counsel at Johnson Controls Automotive Experience, explained how the company is getting its partners to see the value of good compliance. Johnson, which employs 110,000 people around the world to make car interiors, works with numerous emerging-market joint ventures, including 30 in China.
New partner contracts include clauses on the need to implement a compliance program. But the older contracts typically don't. Some of those agreements have been working well for over ten years, so Wiegard doesn't want to just walk in and start talking about the need to comply with bribery and corruption policies.
“It requires smooth negotiation with the partner,” she said. “We show them we have a multinational program and offer them a tailored version. We explain how it helps to keep us out of trouble, and how it's good for them, too, as it could help them to work with other partners.”
And what if companies refuse to get on board? “We make it clear that this is a requirement for us; it's a core element of our supplier agreement. If they don't sign, they can't do business with us.”
Changing attitudes is an important part of Kyrill Farbmann's job, too. As chief EMEA compliance and ethics manager at International Paper, he has to worry about behavior in a global chain of over 100,000 suppliers.
“The lesson is that this risk can be managed, albeit it a cost.”
—Cees Klumper,
Chief Risk Officer,
The Global Fund
In many countries, people accept that it's wrong to steal from their company, but think it's fine to steal for the company, Farbmann told a session on “Effective Ways to Implement Compliance in Foreign Markets. “We're trying to change that mentality,” he added.
His approach is to travel frequently to overseas offices, visiting employees on the front lines. “You have to see them, talk to them, build bridges with them,” he said. “And you need to build support from local management. Many of the countries high on the bribery risk indices have a hierarchical culture—if the top people respect you, others will too.”
Just Saying ‘No'
Sometimes you just have to draw a line in the sand. Andrew Cheung is general counsel for the U.K., Middle East, and Africa at law firm Dentons. He's responsible for Bribery Act compliance in countries where facilitation payments and bribes are endemic and culturally accepted.
Pictured above: Cees Klumper, chief risk officer of The Global Fund.
He shared his experience of a country where court officials routinely demand extra cash payments for processing papers. “We decided not to do that and said we just wouldn't tolerate it,” he said. “We had pushback initially, but now we are known as a firm that just doesn't pay those bribes. Things sometimes happen more slowly, but it wasn't Armageddon.”
Dentons also has a comprehensive “pay-no-bribes” rule for the third parties it uses, with each of them giving a signed commitment to operate within the U.K. Bribery Act.
Does that give the firm sufficient protection? “The Act doesn't mean we have to become the enforcers of the law internationally,” said Cheung. “We have contracts in place, and we offer training to some key suppliers, but I think that is enough.”
Above right, Daniel Kline, managing director for EMEA at NAVEX Global, talks to the crowd at CW Europe. At left is Stefanie Wiegard, global compliance counsel at Johnson Controls Automotive Experience.
The question of how much digging and monitoring is “enough” warranted a session of its own: “How Far Should Companies Go to Combat Corruption?”
Geoffrey Cruikshanks, chief compliance officer and executive vice president of legal service at logistics company DHL, makes new partners complete a due diligence questionnaire if they meet an initial screen of certain risk criteria.
“That peels the first layer of the onion,” he told the conference. But Cruikshanks was frank about the limited value of the exercise. Sending out a compliance questionnaire at least shows the potential supplier that DHL takes the issue seriously. But the team sends out thousands of questionnaires each year, and it can't follow them all up. What's more, most of those forms come back “clean”—corrupt people are usually happy to lie.
“The basic problem is you can only do so much,” he said. “We want to find problems, but if we miss something we also want some credit for showing that we tried. I wouldn't shy away from that.” Other delegates agreed: Due diligence might be a poor way of rooting out corrupt suppliers, but it at least shows the regulators you've done something.
Some organizations push even further. David Halford is head of ethical sourcing and environmental policy at BBC Worldwide, which uses 500 suppliers in high-risk countries to make BBC-branded products, from Dr. Who toys to Top Gear soap-on-a-rope. He told a session on “Ethical Sourcing and Supply Chains” about the intensive compliance work the public service broadcaster puts into managing supplier risk.
THIRD-PARTY RISK STRATEGY
Cees Klumper, chief risk officer of The Global Fund, spoke at CW Europe on the best approach to identifying and managing third-party risks. An excerpt from his presentation is below.
Up-front due diligence is key
In-country assessments of the most important third parties
Assessing their capacities against clearly defined minimum standards
Providing support to address ‘bridgeable gaps' – and following up on a consistent basis
Background checks of key individuals
Our main challenges
Efficiency: determining how far to go
Ensuring consistency
Translating due diligence outcomes into ongoing monitoring
Articulating risk tolerances
Source: Cees Klumper presentation.
The BBC uses local third parties to audit every new supplier and does its own forensic review of any that come back as high risk—that includes any that the initial audit identifies as “totally compliant,” a rating Halford regards as too good to be true.
If a potential supplier fails on one of ten critical points—such as use of bonded labor or unsafe living quarters—then the BBC won't work with it. Apart from that, Halford's team will try to help the supplier improve its standards so it complies with the BBC's expectations.
“Many firms say you have to be compliant or we won't use you. So the only way for them to do business is to fake their records. We say we won't work with you if you are not transparent with us,” he said.
“What we find in the majority of cases is we rarely come across an evil factory manager. They are good, respectable business people who are tying to do decent trade in challenging circumstances. Most of the time, when there are things that need to be put right they will engage with us.”
No comments yet