Anti-Corruption – The Role of
Governance and Audit
31st International Symposium
on Economic Crime
5 September 2013
Jesus College, Cambridge University
Anita C. Esslinger, Partner
Bryan Cave
88 Wood Street
London EC2V 7AJ
+44(0)20 3207 1224
acesslinger@bryancave.com
LN01289408
Anti-Corruption – The Role of
Governance and Audit


Role of the private sector in promoting integrity and
addressing corruption
What more can be done by official organisations to
facilitate the private sector and to address corruption
1
Role of the Private Sector



Special responsibilities for preventing bribery and
discouraging subordinates from engaging in corrupt
activities fall squarely on companies, their directors and
senior management
The UK Bribery Act: Strict liability for failure to prevent
bribery by associated persons unless the company has
implemented adequate procedures aimed at preventing
such bribery
US Foreign Corrupt Practices Act (FCPA): Vicarious
liability for the acts of employees and agents
2
Corporate Governance Codes

Listed companies have governance responsibilities
that include requirements for internal control systems
encompassing policies and processes that help
ensure compliance with applicable laws and
regulations and with internal policies in the conduct of
business
● Sarbanes-Oxley
● UK Corporate Governance Code
● OECD and other sources of principles of good
governance
 Non-listed companies also recognise benefits of
good governance
3
Risks of Getting it Wrong
 Serious criminal and civil penalties
 Disgorgement of profits, civil and shareholder suits
 Multiple investigation costs – legal fees
 Diversion of management time
 Debarment from public contracts and by public




international organisations (e.g. World Bank)
Loss of licenses and permits
Loss of value in investments or acquisitions
Loss of business from suppliers and customers
LOSS OF REPUTATION
4
Adequate Procedures and Governance

Elements of both include the need for “tone from the
top” in:
● Establishing a culture of ethical behaviour and
integrity where corruption is unacceptable, and
communicating and embedding it in the
organisation
♦ Unless it is clear that the directors and senior
management of the company take these issues
seriously, they will not be taken seriously by
rank and file employees and associated
persons who perform services for or act on
behalf of the company
● Rules – but more: Values and principles
5
Adequate Procedures and Governance

Tone from the top requires senior management
involvement in:
● Developing internal controls covering anticorruption policies and procedures, including
providing adequate resources, and appointing and
supporting senior managers to “own” and oversee
compliance – with appropriate access to the
company’s governing bodies such as the board
and audit committee
● Monitoring and reviewing the implementation and
effectiveness of compliance policies and
procedures, with appropriate reporting
mechanisms to company’s governing bodies
6
Monitoring and Review Mechanisms





Ongoing transaction monitoring
● Due diligence/risk assessment – agents, M&A,
investments
● Keeping an open door for advice and in training
● Surveys/certifications
Whistleblowing arrangements
Investigations
Audits
Reporting to senior management
7
Whistleblowing


Whistleblowing arrangements form part of a system
of internal controls necessary for good corporate
governance and are an important part of an effective
anti-corruption compliance program
● For example, the UK Corporate Governance Code
provides that the audit committee should review
arrangements by which staff may, in confidence,
raise concerns about possible improprieties
Need for clear and well publicized points of contact
for reporting suspected violations or seeking advice –
including paths for escalation
8
Whistleblowing



In order to encourage employees or others to come
forward, they must be protected and not subject to
retaliation of any sort (even if a good faith report
proves to be incorrect)
Policies must make this clear, but mere statement of
a policy of non-retaliation may not be enough
While anonymity raises difficult connotations and
data protection issues in many European countries,
the importance of being able to provide confidentiality
to the whistleblower is generally recognised
9
Whistleblowing


It is important that employees believe that their
reports and requests for advice will be treated
seriously and that there be confidence that any report
of a suspected violation will be properly investigated
Assuming a report warrants investigation, companies
should explain how such investigations will be
conducted, including
● Fairness for employees under suspicion
● Confidentiality for the whistleblower
10
Investigations

A specific protocol or procedure for conducting
investigations should be communicated in the
organisation
● Legal advice needs to be sought including to
ensure rights are protected
● The investigator must be independent and
impartial
● Confidentiality should be protected where possible
● What to do with results?
● Corrective or remedial action if necessary –
lessons learned communicated
11
Audits

Role of Internal Auditors
● Often improper payments are uncovered by
internal auditors
● But in the past, the role of internal audit has been
more limited to financial audits with a materiality
standard, rather than auditing the effectiveness of
compliance programs, including those aimed at
preventing corruption
12
Audits
 Evolving role of internal auditors
 Need for training and defining key performance



indicators, identifying risks and metrics for measuring
compliance
Petty cash reviews – goes beyond materiality
standard
Sampling techniques
Interviews – a special skill
13
Audits

Some measurable elements of anti-corruption
programs
● Risk identification
● Roles and responsibilities
● Design and operation of policies to prevent bribery
and promote its communication in the company
● Evidence of training
● Evidence of due diligence and contractual
processes and record retention
● Evidence of how reports are received and handled
14
Audits




Pro-active audits of high risk operations have been
required in some settlements with the US Department
of Justice and the SEC
Similar to in-depth transactional reviews but focused
on high risk
Generally require a team approach: lawyers,
auditors and compliance personnel
A detailed protocol of what is to be covered
15
Reporting

Reporting to the board or audit committee of results
of audits and investigations and recommendations for
improvements is an important element in good
governance
16
What can official organisations to do
help in addressing corruption?


Promotion of good governance by governments
● Citizen engagement
● Rule of law
● Effective institutions
● Transparency
UN High Level Panel Report on post-2015 priorities,
calling for a stand-alone goal for good governance,
including a target to reduce bribery and corruption – a
start?
17
What can official organisations to do
help in addressing corruption?
 The problem of “passive bribery” by officials
 Facilitation payments – especially customs clearance
and difficulties faced by freight forwarders and
importers in difficult jurisdictions
● Is the private sector alone capable of eliminating
facilitation payments?
● Is it realistic to criminalise and require zero
tolerance in such situations?
● What can governments and organisations such as
the UN Global Compact and the World Bank do?
18
What can official organisations do to
help in addressing corruption?

Greater protection for whistleblowers?
● Inconsistent legislation
● Lack of protection where complained of conduct is
outside the jurisdiction
● Confidentiality and anonymity issues
● Evidence gathering tensions – public interest?
● Rewards?
♦ Do these discourage internal reporting?
19
What can official organisations do to
help in addressing corruption?
 Continued vigilance and enforcement of anticorruption laws
20