May 4, 2020
This year’s Corporate Fraud and Corruption Annual Review 2020 gathers expert analysis on these key issues and how they impact organizations as well as the wider economy.
Ankura expert Richard Chalk, based in London, shares his insights on corporate fraud and corruption in the United Kingdom in an interview with Financier Worldwide Magazine for the Corporate Fraud & Corruption Annual Review 2020.
Richard talks about significant legal and regulatory developments in the UK, how the UK’s ‘Economic crime plan 2019 to 2022’ could act as a roadmap to improving our future standing in Transparency International’s Corruption Perception Index (CPI), and many more issues.
Reprinted with permission.
Q1 – To what extent are boards and senior executives in your region taking proactive steps to reduce incidences of fraud and corruption from surfacing within their company?
Financial penalties and settlements are often key incentives for boards and senior executives to prevent these types of incidents. The recent Airbus settlement acts as a poignant reminder around the potential impact on corporate earnings associated with non-compliance. Organisational culture and tone from the top are key to maximising the effectiveness of preventative measures. Many companies still limit their mitigation techniques to policies and procedures, coupled with improving online training, and fail to go further. It is often only those operating in heavily regulated sectors or connected to the US who proactively enhance their controls. We have seen examples where senior executives are enhancing analytics and management information (MI) to aid in incident detection.
Q2 – Have there been any significant legal and regulatory developments relevant to corporate fraud and corruption in your region over the past 12-18 months?
Deferred Prosecution Agreements (DPAs) continue as the tool of choice when addressing offences relating to Section 7 of the UK Bribery Act 2010. Airbus SE, Serco Geografix Ltd, Güralp Systems Ltd are all recent examples of enforcement by the SFO. Their integrity is still being questioned by many, with the failure to convict the individuals involved continuing to be a concern. The individuals implicated at Güralp were acquitted pre DPA. Why did Güralp agree, if all individuals had been cleared of wrongdoing? The SFO guidance on an ’Effective Corporate Compliance Programme’ was published in January 2020, however this is seen by some as lacking specific detail, with more information required to establish exactly what constitutes adequate procedures. The UK has also fallen in Transparency International’s Corruption Perception Index (CPI) for the second year in a row, due to global perceptions around public sector corruption. The UK’s ‘Economic crime plan 2019 to 2022’ could act as a roadmap to improving our future standing.
Q3 – When suspicions of fraud or corruption arise within a firm, what steps should be taken to evaluate and resolve the potential problem?
We saw the SFO release its ’Corporate Co-operation Guidance’ in late 2019, which provides key information to consider from the outset. This should be integrated into any existing company response plans. Do you have suitable investigations experts available? Working with independent parties to preserve and analyse a variety of data and financial sources reduces the risk of trampling the crime scene and increases reliability of the internal investigation. These experts understand the critical steps involved in responding to what will most likely be an alien situation to your organisation. The SFO appears to be moving closer towards the US model, where companies are expected to perform an independent internal investigation and report their findings.
Q4 – Do you believe companies are paying enough attention to employee awareness, such as training staff to identify and report potential fraud and misconduct?
Companies are continuing to build out mandatory employee training to raise awareness of red flag events. As with other areas of economic crime, using relatable examples to outline any industry specific typologies and the impact to the firm are believed to resonate the most. Does online training every two years qualify as enough attention? For low risk departments, geographies, and industries — probably. Are many companies assessing risk and developing deeper training where appropriate? Probably not. While machine learning enabled technology solutions continue to improve, employees are still seen as the strongest internal control to detect and report these types of activities.
Q5 – How has the renewed focus on encouraging and protecting whistleblowers changed the way companies manage and respond to reports of potential wrongdoing?
The EU Whistleblowing Directive was approved on October 7 2019 and introduced minimum standards for the protection of whistleblowers. Without mentioning the ’B’ word, the UK already has comprehensive legislation in place through the Public Interest Disclosure Act 1998 (PIDA) and does not intend on adopting the EU directive into law. There are still concerns around the internal management of whistleblower lines, with recent case examples around companies trying to investigate or buy off individuals. Companies should provide individuals with both internal and external reporting options. Building a strong culture within the organisation will give companies the best chance of addressing issues internally.
Q6 – Could you outline the main fraud and corruption risks that can emerge from third-party relationships? In your opinion, do firms pay sufficient attention to due diligence at the outset of a new business relationship?
Third parties are often a main part of the story. This can be seen in many recent SFO settlements. Trying to circumvent using agents/middlemen/consultants/third parties appears again and again. This must be treated as high risk for any business. What does their compliance and ethics program look like? How are they managing their risks? Deeper due diligence at the start and throughout relationships is important, based on a risk-based approach. Corporates are nowhere near financial institutions in terms of refreshing due diligence on third parties. It’s often very much a ‘one and done’ mentality. Refreshing provides ongoing assurance around these relationships.
Q7 – What advice can you offer to companies on implementing and maintaining a robust fraud and corruption risk management process, with appropriate internal controls?
Visible engagement by management in the fraud and corruption programs sets the expectation across the organisation. Ensuring policies, procedures, and controls are periodically reviewed and approved by leadership is important. This shouldn’t be delegated down and into the distance. Corporate culture is key, as aggressive strategic pressures can drive negative behaviours. Ensure your program is suitably staffed and funded, based on your associated risks, while also keeping current with industry-specific themes. Leverage management information and data analytics to monitor known and emerging risk areas. Robust risk management is entirely achievable internally, working with experts throughout.