by Scott Moritz
Managing Director – Leader, Protiviti’s Investigations and Fraud Risk Management Practice
Over the past week, since its December 2, 2014 release, anti-corruption nerds everywhere, myself included, have been poring over the recently released Organization for Economic Cooperation and Development (OECD) Foreign Bribery Report – An Analysis of the Crime of Bribery of Foreign Public Officials. For those of you unfamiliar with the report, it is a study of 427 prosecutions of bribery offenses that have been brought in countries that are signatories to the OECD Anti-Bribery Convention, enacted in 1999. The report is a very comprehensive analysis of cases involving bribery of foreign officials, and it debunks some widely held beliefs about bribery and corruption. It also provides valuable insights into the industries in which bribery is most prevalent, categories of bribe recipients and the role of intermediaries, as well as how often corporate management is aware of bribery and how these cases come to light.
Widely Held Belief Number 1: Most Bribes Are Paid in Emerging Markets
The report found that “two-thirds of bribes were paid to officials in countries higher on the UN Human Development Index.” The UN Human Development Index is a composite statistic of life expectancy, education and income indices used to rank countries into four tiers of human development as a means of measuring how developed a country is. While the OECD report pointed out that this number may be somewhat skewed by the fact that more developed countries may be less reticent to share details of their bribery cases, it is a surprising finding nonetheless.
Widely Held Belief Number 2: The Majority of Bribe Payments Are the Acts of Rogue Employees
The report found that 53 percent of cases involved corporate management or CEOs. More specifically, it found that in 41 percent of cases, management-level employees paid or authorized the bribe, and in 12 percent of cases, the CEO was involved. Corporate culture is set by its leadership, and the “tone at the top” is considered one of the ten hallmarks of an effective compliance program. Corporate leadership that tacitly approves bribery with a wink and a nod and gives lip service to compliance but fails to back up compliance personnel and instead overrules them in favor of meeting sales goals or quarterly earnings contributes greatly to this staggering figure.
Widely Held Belief Number 3: Bribery Is Usually the Result of Corrupt Government Regulators or Inspectors
The report examined the unfair business advantages that bribe payers were seeking and found that in 57 percent of cases, bribes were paid to obtain public procurement contracts. The other business advantages sought by bribe payers included customs clearance (12 percent), tax relief (6 percent), other preferential treatment (7 percent), obtaining a license, permit or other form of governmental approval (6 percent) and access to confidential information (4 percent).
The fact that the majority of the 427 cases examined involved bribery to obtain public procurement contracts should cause any company operating outside the U.S. selling to governments and state-owned companies to sit up and take notice. If there is a positive to be gleaned from this statistic, it is that companies involved in bidding on public procurement projects have now been signaled that strengthening controls around public procurement will go a long way toward lowering their exposure to liability under the various anti-bribery statutes to which they may be subject.
Widely Held Belief Number 4: There Is a Staggering Array of Categories of Foreign Official that Could Trigger Corruption Liability
There is, indeed, a wide range of individuals who meet the definition of “foreign official” or “foreign government official.” However, the report shows that 95.1 percent of all bribe value was paid to public officials in only five categories: officials of state-owned enterprises (SOEs) (80.1 percent), heads of state (6.97 percent), government ministers (4.08 percent), defense official (2.93 percent) and customs officials (1.14 percent). Given the volume of bribe value being paid to officials of SOEs, is it any wonder that defense attorneys have been seeking to challenge the terms “foreign official” and “instrumentality of a foreign government”? When considered together with the fact that 57 percent of bribery cases relate to public procurement, this statistic makes board room discussions even more critical within any organization seeking a government contract and engaging with officials of SOEs, heads of state and government ministers in the process.
We’ve had numerous discussions with clients over the years that started with the sentence: “We just had a very uncomfortable conversation with the SEC.” They continue by elaborating that they couldn’t answer basic questions, including “Which of your customers are state-owned, how do you arrive at those conclusions and what is the heightened standard of care that you hold them to?” You either know the answers to these questions or you don’t. Given the statistics we just quoted, companies with international operations would be well served by being able to distinguish readily between the SOEs and government agencies and the private enterprises in their customer base. Companies that can’t answer this basic question and articulate how they go about mitigating the risks associated with interacting with employees of SOEs are not likely to receive a determination of an effective compliance program from anyone who matters.
Other Findings of Note
Numerous Signatory Countries to the OECD Anti-Bribery Convention Have Never Prosecuted a Single Bribery Case
Aside from debunking some widely held beliefs about bribery, the OECD Foreign Bribery Report offered some other very interesting facts, including in what it didn’t explicitly point to. One such noteworthy implication is that there are 41 signatory countries to the OECD Anti-Bribery Convention, yet the 427 prosecution cases brought since its going into force in 1999 come from only 17 countries. Thus, 24 signatory countries to the OECD Anti-Bribery Convention have not prosecuted a single bribery case since signing. Worse still, seven of the 17 who have prosecuted bribery schemes have only prosecuted one scheme each since signing.
The “Hall of Shame” of non-prosecutors includes Argentina, Australia, Austria, Brazil, Chile, Colombia, Czech Republic, Denmark, Estonia, Finland, Greece, Iceland, Ireland, Israel, Latvia, Mexico, New Zealand, Portugal, Russia, Slovakia, Slovenia, South Africa, Spain and Turkey. Nor do Belgium, Bulgaria, Hungary, Luxembourg, Netherlands, Poland and Sweden have much to brag about, as they have each prosecuted only one bribery scheme since signing to the Convention.
Internal Audit and Mergers & Acquisitions (M&A) Activities Triggered Nearly 20 percent of Cases
According to the report, one-third of cases were instigated by self-reporting. Of those, 31 percent were triggered by internal audits and 28 percent by M&A due diligence activity. In total, nearly 20 percent of cases reported to law enforcement were uncovered through this combination of internal audits and M&A due diligence. This fact clearly demonstrates the importance of two of the ten hallmarks of an effective compliance program: Continuous Improvement: Periodic Testing and Review, and Mergers and Acquisitions: Pre-Acquisition Due Diligence and Post-Acquisition Integration.
Internal Audit. In most organizations, internal auditors are generalists. But when considered an extension of the organization’s anti-corruption program – as supported by the report finding – it’s obvious why internal audit should receive advanced anti-corruption training. Specifically, internal auditors should understand key concepts comprising the various anti-corruption statutes to which the organization is subject, the risk factors that can trigger liability, the types of red flags indicative of potential problems, and the investigative steps to follow in the event they suspect a potential violation.
Due Dilligence. According to the Resource Guide to the U.S. Foreign Corrupt Practices Act (FCPA Guide), jointly published by the SEC and the U.S. Department of Justice in 2012, “Inadequate due diligence can allow a course of bribery to continue – with all the attendant harms to a business’s profitability and reputation, as well as potential civil and criminal liability. In contrast, companies that conduct effective FCPA due diligence on their acquisition targets are able to evaluate more accurately each target’s value and negotiate for the costs of the bribery to be borne by the target.”
An important and sometimes overlooked aspect of acquisition due diligence is the performance of an anti-corruption risk assessment. In a perfect world, all acquisition targets have robust anti-corruption programs. In actuality, many small and midsize companies operating overseas do not have any type of anti-corruption program. That is why the performance of a high-level anti-corruption risk assessment is so important.
Gaining an understanding of the company’s ownership group, executive team, customer base, distribution channels, sales and marketing, products and services, activities, and ties to foreign officials will better position a potential acquirer to evaluate the true purchase price, inclusive of any compliance remediation work that may be necessary to properly integrate the entity post-acquisition. Not only will doing an anti-corruption risk assessment on the front end lower the risk of a future bribery violation, it could provide the acquiring company with additional leverage in negotiating a more favorable purchase price.
75 Percent of Cases Involved Payments Through Intermediaries
The OECD Foreign Bribery Report validated what most everyone in the anti-corruption field has known for a long time: the majority of bribes (75 percent) are paid by intermediaries. Of these, 41 percent fall into the category the report refers to as “agents.” The term is actually broader than the name suggests and includes sales and marketing agents, distributors and brokers. The next most popular type of intermediary (35 percent) is what the report calls “corporate vehicle.” Corporate vehicle is a term for a mishmash grouping of subsidiary companies, local consulting firms, offshore companies in tax havens and companies established under the beneficial ownership of bribe payers or recipients.
While third-party anti-corruption due diligence has become a cottage industry in the past five years or so, many organizations still employ a fairly minimalist approach to vetting their intermediaries, focusing most if not all of their efforts on commissioned sales agents since they represent the greatest degree of risk. While for most companies placing their initial focus on agents is justified, many other categories of intermediaries also pose potential corruption liability. Companies would be well served by conducting an inventory of their business intermediaries so that they can categorize them based upon the relative bribery risk they may represent. Such categorization should include how long the intermediary has been in existence, whether its primary role is to engage with a specific government agency or state-owned company on behalf of its clients and whether any of its control persons were previously in senior roles within those agencies or SOEs.
Often overlooked in the group of intermediaries are service providers such as attorneys or accountants. And before the GlaxoSmithKline case, who would have thought that there was intermediary risk associated with travel agents? A critical success factor for understanding third-party risk is to identify the universe of business intermediaries and focus attention on what they do rather than what label is used to describe them. Often, entities working in a commissioned sales agent role are referred to as “consultants,” which could cause this category to be overlooked, especially if the third-party management program is sales agent-centric. A more useful approach is to focus on compensation, including whether the intermediary is paid as a percentage of a sale or on a contingency fee or success fee basis.
The OECD Foreign Bribery Report provides the latest evidence that foreign bribery remains pervasive, and enforcement outside of just a handful of OECD signatory countries ranges from infrequent to non-existent. It paints a vivid picture of corruption as global and spanning multiple industries, with bribe payers who are increasingly sophisticated in how and through whom they pay bribes and how they conceal their activity through a web of opaque legal entities in offshore safe havens.
The report should be required reading for anyone in compliance and for any company’s senior leadership. By studying the report and understanding the various ways that companies can trigger liability under the FCPA and other international anti-bribery statutes, companies can develop better anti-bribery controls and raise awareness across their organizations, through their sales and distribution channels and into their customer bases. By applying the lessons learned from the report and through their own experiences and tailoring their programs accordingly, companies will become less attractive to bribe takers, and unscrupulous third parties and employees may think twice before paying bribes if they think they are at risk of detection and prosecution.