Internal to external

Written by: Kroll Posted: 22/12/2021

BL75_Kroll_EdShorrockEd Shorrock, Director, Regulatory Consulting, at Kroll, discusses a change in approach to managing bribery and corruption risk

John le Carré once wrote: “There’s only one thing worse than change and that’s the status quo.” Just because a business has seen success with internal audits and enterprise-wide risk assessments doesn’t mean it should consider its risk management strategy a job well done. 

While internal departmental structures and processes may experience slow, tectonic-like shifts, the external environment, not least in financial services, is far more turbulent.

In the Channel Islands, such an environment keeps the pressure on the finance industry to remain vigilant. In respect of the threat from bribery and corruption, it is frequently clients of financial services businesses who are exposed to such risks. 

On the other hand, those running structures might themselves be exposed to, or even facilitate, bribery and corruption.

Connecting the dots between internal controls and external scrutiny is crucial. Because they move at different speeds, their integration has to be well nurtured and properly cultivated. 

Kroll’s research in the Global Fraud and Risk Report 2021 suggests that nearly half (46%) of all organisations surveyed put lack of visibility over third parties as their number one vulnerability when it comes to managing bribery and corruption risk. 

With the best will in the world, this cannot be fixed by continually looking inward. These days, businesses need to see the wood and the trees; in other words, they need to have a tight grasp of their internal data as well as the ability to zoom out to the external environment.

Unfortunate Covid-19 catalyst

The pandemic is continually mentioned alongside the word ‘unprecedented’, but few words better describe its impact on businesses and the global economy. 

As demand for digital goods and services skyrocketed, the opportunities for bad actors to peddle their unethical practices also boomed. The OECD even put out an official warning in 2020 about the escalating risks of bribery and corruption specifically related to the pandemic. 

Dramatic shifts in supply chains (the effects of which we are currently feeling), digital migration and customs controls were all highlighted as potential avenues of exploitation.

Thanks to cloud transformation and digitalisation, supply chains are now more like entangled webs that are nearly impossible to map and analyse. 

Nevertheless, the mantra ‘a chain is only as strong as its weakest link’ holds true. If businesses are to curb the ever-increasing threat of bribery and corruption, they must look beyond internal blanket control functions and off-the-shelf solutions. 

This is as much the case in the Channel Islands and the offshore sector as it is anywhere else.

To do so, businesses need board-level engagement, robust internal control frameworks and the application of data-driven analytics to assess and identify risks as they emerge. 

This is only possible if a business is able to step outside of its own environment and close the gap between internal policies and external developments. 

It’s one thing to run internal controls and clamp down on unethical practices within an organisation, but if a business doesn’t keep one eye on external threats, it runs the risk of becoming complacent and set in its ways. This is difficult, but not insurmountable.

Beyond compliance

Part of the challenge here is that some local firms have been relying for some time on existing tools and processes to stay on the right side of a rapidly transforming compliance landscape for financial services. 

This might be possible internally to a degree, but what about external risks? 

That is where firms need to embrace technology but also be realistic about their exposure to clients who operate in industries or jurisdictions where bribery and corruption are prevalent.

Cultural cues

While often underrated and undervalued, company culture should be front and centre of any strategy to curb bribery and corruption risk. 

Cultivating a culture of education, transparency and openness within a business and extending that to third parties where possible will give businesses an incredibly strong foundation on which to build out their future efforts. 

This will almost certainly involve some level of investment when it comes to communicating and instilling the company message throughout an organisation.

Given the Global Fraud and Risk Report respondents’ concerns about third-party risk, these cultural checks may need to extend outside the organisation. Businesses are also increasingly conducting a culture check on a target company as part of an acquisition process or similar transaction in order to look for issues that might be hidden from public view. 

This is where regulatory and compliance due diligence exercises can prove their worth. With the level of transactions in the local market, fuelled by private equity, we are certainly seeing a significant uptick in this area.

Culture checks extend far beyond the now well-worn ‘tone from the top’ approach that businesses are used to taking internally. Instead, values and their accompanying messaging need to be formed on the ground with people who frequently represent the organisation and engage with clients and third parties. 

Those actors also need to be engaged and influenced. It is only then that businesses will be able to see an organic shift in culture and communication that in turn creates a ‘hostile environment’ for bribery and corruption.

This change in approach to risk management will become ever more crucial in response to the renewed vigour in which the regulators in Jersey and Guernsey seek to uphold international standards by increasing enforcement penalties.

Such visible measures help the islands retain their reputation for probity and were also a necessary response to the recommendations of MONEYVAL. 

The EU-based organisation is set to return soon for a further assessment of the regulatory authorities in each island and how they deal with infringements and failings by regulated firms. 

Find out more

Kroll is the world’s premier provider of services and digital products related to valuation, governance, risk and transparency. It works with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber risk, corporate finance, security, restructuring, legal and business solutions, data analytics, due diligence and regulatory compliance.

• This advertising feature was first published in the November 2021 - January 2022 Technology Edition of Businesslife magazine

Add a Comment

  • *
  • *
  • *
  • *
  • Submit

It's easy to stay current with

Just sign up for our email updates!

Yes please! No thanks!