Risk leaders at companies in China and the United States expressed the highest level of confidence in their approach to mitigating bribery and corruption risk, according to a new global benchmark report.

The 2021 Global Fraud and Risk Report, released by Kroll last week, surveyed 1,336 senior decision-makers for risk strategy—including chief compliance officers and general counsel—across 17 countries. At a high level, the report assessed the attention boards are giving to bribery and corruption risks today; the frequency in which companies have conducted risk assessments; and the current state of companies’ data analytics usage.

Leading the way, 93 percent of China-based respondents said their organization’s anti-bribery and anti-corruption (ABC) controls are effective, followed by 89 percent among U.S. respondents. In terms of board-level support for ABC initiatives, China once again led the way in sufficiency (94 percent), followed by Singapore (85 percent) and the United States, United Kingdom, and Italy (84 percent each).

On the opposite end of the spectrum, a need for greater boardroom attention was cited most by respondents in Colombia (54 percent), the Middle East (45 percent), Australia (42 percent), and Canada (40 percent).

U.S. respondents were among those to have most likely undertaken a recent enterprise-wide bribery and corruption risk assessment (89 percent vs. 82 percent globally), according to the report. Worldwide, few companies have updated their risk assessments to account for the changing post-COVID-19 landscape, which effectively makes many current risk assessments insufficient, Kroll stated.

The report also found 86 percent of respondents use data analytics to detect bribery and corruption risk proactively. Adoption is especially high in China (98 percent), Singapore (97 percent), Italy (93 percent), India (92 percent), the United Kingdom (91 percent), and the United States (91 percent).

Threat landscape

Even as companies put ABC compliance measures in place, bribery and corruption risk persists. According to Kroll, 82 percent of survey respondents still feel illicit activity is significantly impacting their business.

Respondents indicated the top five regions of the world where bribery and corruption are most likely to take place are the Middle East and North Africa (61 percent), Sub-Saharan Africa (59 percent), Latin America (49 percent), Asia Pacific (43 percent), and North America (35 percent).

“Some regions are frequently perceived to be higher risk because of certain accepted business practices, lack of transparency in government, and weak public institutions,” Kroll stated. “Understanding and adapting to these local elements and cultures is a key part of managing bribery and corruption risk.”

Both internal and external threats still make many companies feel vulnerable to bribery and corruption risk, according to the report. Global supply chains pose the biggest concern, with 46 percent of all respondents citing lack of visibility over third parties—suppliers, customers, and distributors—as their top threat. This particularly affects more developed markets that are increasingly dependent on global supply chains, including Canada (56 percent), the United States (53 percent), and the United Kingdom (49 percent).

Following third-party risk, weaknesses in internal recordkeeping (31 percent) and employee actions (23 percent) were cited as other top threats. By country, U.S. respondents were least likely to perceive their own internal recordkeeping as their greatest threat (19 percent vs. 31 percent globally).

Most respondents (74 percent) expressed overall confidence in their internal controls to detect and prevent bribery and corruption. By industry, respondents in consumer goods were most confident (87 percent), followed by transportation, leisure, and tourism (85 percent) and retail, wholesale, and distribution (82 percent). Respondents in the banking sector expressed the least amount of confidence at 60 percent.

Compliance lessons

That bribery and corruption risks persist might have to do, in part, with compliance and enterprise risk management deficiencies. “Poor recordkeeping or the inability to adequately monitor frontline teams and regional offices are typical vulnerabilities that are often overlooked,” said Zoë Newman, a managing director in the Forensic Investigations and Intelligence practice at Kroll, in a statement.

“Then there’s the human factor,” Newman added. “An organization can have the best possible compliance program in place on paper, but if the human elements of the chain aren’t well managed, educated, or equipped to act, non-compliance or illicit behavior will continue to prevail and go undetected.”

Additionally, companies must have a firm grasp on both their internal and external risks, said Howard Cooper, also a managing director in the Forensic Investigations and Intelligence practice at Kroll. Through training and educating suppliers on ABC standards, such as knowing how to spot and report risks, they become less vulnerable, he said.

According to Kroll, the main drivers of a robust ABC program include a strong commitment by senior leadership to implement an ethical culture; an enterprise-wide view of the company’s internal and external risks; and a robust control framework, using data analytics to properly identify and assess the ever-evolving threat landscape.