E: dliu@kroll.com
W: www.kroll.com
Anti-bribery and corruption risks are expected to stay the same or worsen during 2018, but regulators remain the top worry.
An astonishing finding emerged from this year’s Anti-Bribery and Corruption (ABC) study jointly conducted by Kroll and the Ethisphere Institute: 93 percent of all risk and compliance professionals surveyed worldwide expect their organisation’s ABC risks to stay the same or worsen in 2018. One might have expected a more optimistic outlook after more than four decades of regulatory and organisational attention to the issue. Why are so many compliance professionals worried?
Regulatory enforcement of current laws and emergence of new laws leading to greater ABC concerns
As in last year’s ABC Report, third party violations of anti-bribery and corruption laws and reputational worries were still major concerns for respondents. However, regulatory enforcement of current laws and the emergence of new laws is the number-one reason respondents expect greater ABC-related risks in 2018.
New anti-bribery and corruption laws were enacted or introduced in numerous countries in 2017, including the UK, France, Germany, Ireland, Slovakia and Brazil. Certainly, China’s sweeping anti-corruption campaign over the past five years is top of mind for many in the region. With more than 1.5 million Communist Party and military officials disciplined so far, President Xi Jinping has raised the stakes with the March 2018 formation of a new anti-corruption agency — the National Supervision Commission — which will vastly expand oversight to “all public servants exercising public power”. This will apply to all management-level public servants across all sectors, including but not limited to commercial, healthcare and educational enterprises.
Regulatory and reputational risks driving greater focus on determining ownership
Opaque corporate structures have forged their way up the list of risks for compliance officers worldwide, and Asia is no exception. Recent laws on the matter include China’s State Administration of Taxation Announcement No. 9 of 2018, and Hong Kong’s Companies (Amendment) Ordinance 2018, while the Singaporean government strengthened its beneficial ownership regime earlier in 2017.
Furthermore, in January 2018, the China Banking Regulatory Commission published rules limiting individual ownership stakes in commercial banks. Fallout from the 1MDB scandal (Malaysia’s state development fund) as well as Xi Jinping’s ever-expanding anti-corruption campaign also continue to have an impact. Ultimate beneficial ownership will continue to be a concern for all involved, from firms being considered for investments by foreign companies to firms looking to invest in foreign companies.
ABC risks converging with data security concerns
A vast majority of respondents, 85 percent, have significant concerns about data security risks, many of which are tied to how they collect, process, share and store information related to their due diligence efforts. A positive development noted by my colleague Paul Jackson, Asia-Pacific leader for Cyber Security and Investigations at Kroll, is a growing collaboration between compliance and information security teams: “We see examples of organisations formulating cyber onboarding requirements similar to those of conventional anti-bribery and corruption programmes,” he says. “Some compliance departments are even partnering with their internal technology teams to develop creative solutions to address the use of mobile technology like WhatsApp or WeChat and the vulnerabilities that they may pose.”
Continuing monitoring, data refresh, and cyber due diligence helping to inspire greater confidence
• Continuing monitoring helped 50 percent of respondents discover risks that didn’t exist at
the time of onboarding and nearly one-third found problems that were actively hidden at onboarding. A regular data refresh can also help ensure a third party’s risk profile has not fundamentally changed.
• In our hyper-connected world, weak cyber defences at a third party can have major repercussions for organisations. As such, more and more clients are approaching Kroll to conduct cyber due diligence exercises, such as vulnerability or penetration testing, as part of third party onboarding.
Th
is article focuses on just a few major concerns expressed by compliance officers. The ABC Report contains other troublesome findings relating to M&A due diligence as well as more positive news on leadership involvement.
By David Liu, Head of Asia Pacific for Kroll’s Compliance practice
