Six best practices for combating fraud and corruption
A rising awareness of ongoing fraud, bribery and corruption has reached boards of directors and senior management of companies in multiple countries, but pressure to generate growth, especially in rapid-growth markets, keeps many managers from addressing problems, an Ernst & Young fraud survey suggests.
The number of employees who encounter fraud on the job has increased across the globe as companies started branching out to developing economies following the financial crisis. With instability continuing in some markets and sluggish growth in others, E&Y’s 2013 fraud survey found that 42% of board directors and senior managers in Europe, the Middle East, India and Africa knew about irregular financial reporting linked to meeting financial targets.
The survey, which polled more than 3,000 board members, executives and managers and their teams in 36 countries, also suggested that bribery and corruption are perceived to continue unabated. Fifty-seven per cent of respondents felt corrupt practices were widespread in their country. A 2012 Ernst & Young survey that polled about 1,800 CFOs worldwide reported that 39% of respondents expressed awareness of rampant bribery and corruption in their country.
“Whether this behaviour is driven by pressure to deliver unrealistic results in difficult markets, or a desire for increased personal recognition and reward, the fact that it is as widespread as our results suggest will be of real concern to management and boards,” David Stulb, E&Y’s global leader for fraud investigation and dispute services, said in the 2013 fraud survey report.
Companies have options to deal with fraud, bribery and corruption, especially if the awareness of fraudulent or corrupt practices is high amongst employees.
A fraud response plan holds management accountable to detect fraud, makes internal auditors responsible for investigating fraud and involves the IT staff to provide technical advice on how to gather evidence, a CGMA report on fraud risk management recommends.
Tools to prevent fraud include a whistle-blower hotline, employee training in fraud awareness and computer-driven internal controls, according to a 2011 AICPA survey.
But the results of E&Y’s 2013 fraud survey suggest many in business ignore fraud, corruption and bribery risks or think compliance programmes are more effective than they actually are:
- Amongst board directors and senior managers, 67% thought their commitment to anti-bribery and anti-corruption policies had been communicated strongly. Amongst non-management employees, only 44% agreed.
- Sixty per cent of board directors and senior managers felt that the company would support whistle-blowers who reported suspected fraud, bribery or corruption, compared to only 34% of non-management employees.
- Forty-nine per cent of board directors and senior managers said their company had a whistle-blower hotline, compared to 30% of non-management employees.
- Half of all board directors and senior managers believed the company offered training on internal anti-bribery and anti-corruption policies, compared to only 29% of non-management employees.
- Forty-nine per cent of sales staff didn’t think their company’s anti-corruption policy was relevant to their work.
- Seventeen per cent of respondents felt that their company’s compliance programme harmed their competitiveness.
Six best practices
Multinational companies that successfully address fraud, bribery and corruption – in spite of the challenging economic environment – share six traits, according to E&Y:
They own the problem. In companies where compliance is not seen as a “check the box” exercise, boards and senior management acknowledge the risk is real for them and their business. That also means boards challenge management to ensure risk is prioritised and issues dealt with effectively.
They ask questions and demand answers. Rather than ask fewer questions – as 20% of respondents in rapid-growth markets experienced in E&Y’s 2013 fraud survey – directors and senior management should leave no stone unturned even though they might find hidden problems. Companies that do a good job protecting themselves against fraud, bribery and corruption risks exercise their audit rights on third parties and insist that suppliers regularly answer requests for information.
They make compliance real. Companies whose employees understand compliance programmes are relevant and effective regardless of what their jobs are do not bend or dilute the rules. Instead, they make sure their approach is robust and consistent by engaging with local teams to manage specific requirements.
They communicate the risks. Companies with strong ethics codes consistently punish unethical behaviour, which communicates to employees the risks of noncompliance and helps control employee behaviour. Information about how many people were sanctioned for ethical breaches is shared freely.
They communicate the benefits. Companies with effective compliance programmes have a common culture that guides ethical behaviour. Managing the risk of third-party relationships effectively helps protect a company that does business across a range of markets. Forensic pre-acquisition due diligence can make the difference between a successful transaction and the loss of investor confidence. Several leading companies in Germany even audit the effectiveness of their compliance function.
They focus resources. Those that are most successful in protecting their businesses focus on identifying and addressing key risks by taking steps such as conducting third-party checks. To conduct these checks efficiently, companies leverage available technologies, such as forensic data analysis.
Related CGMA Magazine content:
“To Prevent Fraud, Offer a Hotline, Train Employees on Fraud Prevention, Report Says”: The typical business loses 5% of its revenue to fraud, a global Association of Certified Fraud Examiners (ACFE) report estimates. See what sectors are most vulnerable to fraud risk, what types of schemes are most common and most costly, and get tips for detecting and preventing fraud.
“Finance Teams Require Better Data Skills to Tackle Fraud”: UK businesses are monitoring risks better than ever and increasing their coverage of fraud risk. However, significant challenges around data analysis, staff training and a lack of routine risk assessments remain, according to a study from Deloitte.
“Pay to Play? Survey Shows Increased Risks of Bribery, Corruption”: An erosion of ethical standards amongst decision-makers leaves companies increasingly vulnerable to corruption, a new fraud report shows.
“Companies Do Poorly Managing Corruption Risks in Emerging Markets”: Emerging markets have great potential for rapid growth, but corruption can run rampant. Existing processes exist to identify and mitigate corruption risks, but fewer than 40% of companies doing business in countries most prone to corruption use them well in mergers and acquisitions, with third-party agents or when establishing new operations.
“Despite Exposure to Corruption Risk, Due Diligence on Third-Party Business Partners Remains Low”: All of the Foreign Corrupt Practices Act enforcement actions brought last year by the Department of Justice and the SEC involved alleged bribes by companies’ third-party business partners, Deloitte researchers found. Nonetheless, a poll shows that corporate due diligence and risk assessments on third-party business partners remain low.
—Sabine Vollmer (svollmer@aicpa.org) is a CGMA Magazine senior editor.