Fresh news from the world of surveys: corruption risks have risen sharply around the world in the last few years, and while compliance officers agree that an anti-corruption risk assessment is critical, many say their companies still struggle to perform that assessment well.

OK, maybe those conclusions aren’t exactly news unto themselves, but KPMG’s latest anti-bribery & corruption report does bring them into sharper detail.

The report, released Sept. 8, surveyed more than 650 corporate risk and compliance managers. KPMG last conducted this survey in 2011, so the findings in this year’s report reflect many modern compliance challenges: law enforcement agencies around the world cooperating more closely; more worries about third parties as companies keep adopting longer supply chains; and an acute awareness that companies should use data analytics for more effective compliance, even if they aren’t sure how to do that.

Some of the statistics from KPMG’s report that fall more into the “good news” camp:

80 percent of respondents say they have a formal, written anti-bribery and corruption compliance program;

69 percent of U.S. and U.K respondents say they include anti-corruption considerations in pre-acquisition due diligence (only 55 percent of non-U.S. or U.K. companies said the same);

59 percent of respondents say they translate their anti-bribery policies into local language for employees.

Findings closer to the “bad news” end of the spectrum tended to deal with third parties. Only 53 percent say they have a formal process to identify high-risk intermediaries and third parties; another 34 percent say they do not. Thirty-one percent admit they have no formal risk-based process to on-board third parties or intermediaries. That is not comforting, given how often third parties are the culprits for corporations facing anti-corruption enforcement.

“When Asian companies say they do due diligence for onboarding, it is mostly around credit risk,” says Lem Chin Kok, a partner in the KPMG forensic practice in Singapore. “If they really put in place a formal approach to assessing ABC risk at the onboarding stage, it would be much more effective.”

Auditing third parties for anti-corruption compliance was the top concern cited in the KPMG report this year.

“There’s a significant internal reluctance from the likes of the procurement function and the sales force to enforce compliance on third parties,” says Jimmy Helm, global head of anti-bribery and corruption services for KPMG. “Then there is push-back by the corporate’s business partners; on the other side, management is often hesitant to offend them, particularly strategic suppliers or distributors.”