A new survey released by Kroll Advisory Solutions last week found that 47 percent of global corporations take no steps to train their third parties and business partners on anti-bribery and corruption efforts — despite expectations by 50 percent of respondents that their companies’ bribery and corruption risks will increase in the next 12-18 months.
“That gap is just astonishing,” said Lonnie Keene, Managing Director for Kroll Advisory Solutions. “Take a look at any recent enforcement action in the United States about bribery. They always involve a third party, and regulators have been clear that they expect corporate compliance departments’ anti-corruption efforts to include third parties as well. We should not be seeing numbers like this.”
The survey also found that of the 53 percent of respondents who do train their third parties on anti-corruption, only 30 percent of that group believe their efforts are effective, that 20 percent of corporations based outside North America do not even conduct anti-corruption training with their own employees and that 18 percent of respondents say they either have an anti-corruption policy but don’t require employees to read it, or don’t have an anti-corruption policy at all.
Given all of the attention to the Foreign Corrupt Practices Act (FCPA) and all of the enforcement, why are the companies taking these risks?
“There is an underappreciation for the risk,” Keene told Corporate Crime Reporter last week. “The lack of understanding of the law and its scope and what is expected of them under the FCPA is a significant issue that companies need to come to grips with and unfortunately not everyone is.”
Kroll released last week its Third Party Risk Assessor, “a new anti-bribery and corruption solution that provides companies with a cost-effective way to determine which third parties present the highest level of corruption risk to their organizations.”
“It can import from a client massive amounts of information about third party relationships, categorize the relationship according to a number of risk attributes, and then rank the third party relationships,” Keene said. “It does this very quickly in an automated fashion such that the clients are able to quickly discern where the risk is and focus their due diligence resources accordingly.”
“It allows you to identify the relationships that are of highest risk and apply enhanced scrutiny or your deepest diligence effort to them. In that respect, you get a proportionate diligence effort and focus on where the risk is, as opposed to just taking a generic standardized effort across the entire base of the third party relationships.”
Keene said there are ten attributes that go into the Kroll algorithm for this product.
The ten attributes for the third party are the country of operation, the country of payment, length of relationship, nature of the relationship, government involvement, criticality of the relationship, level of oversight, industry, time in business, and annual revenue.
“It takes those factors and it runs the information from the client about each of their third party relationships for each of those factors,” Keene said. “Each risk factor has an individual weighting. It is then aggregated to a final score. The third parties then can be listed in order of risk based on where the individual relationship falls out within the weighted list of attributes.”
“Quite often companies with very large international networks of agents, distributors, and resellers are attempting manually to parse through the risk characteristics, the risk factors of those individual relationships,” Keene said. “And handling any large volume of those relationships becomes a very difficult task for them to handle.”
“This tool delivers the ability to distinguish among them in a way that allows them to target due diligence of increasing scrutiny as the risk profile increases.”
“Instead, what you often see are companies applying the same level of due diligence across their third party relationships in a way that either isn’t cost effective or isn’t conducted on a risk based approach.”
[For the complete q/a transcript of the Interview with Lonnie Keene, see 27 Corporate Crime Reporter 23(14), June 10, 2013, print edition only.]