In 2016, the International Monetary Fund estimated that corruption amounted to roughly 2% of global economic output — between $1.5 and $2 trillion globally. Consider that in India in 2016, nearly seven in 10 citizens reported paying a bribe to access basic public services such as public schools, public clinics or hospitals, access to official documents, and utilities, according to Transparency International. And despite the many laws against corruption, and increases in enforcement of those laws, bribery in particular continues to thrive and the costs to business and to society continue to escalate.
Since having laws on the books isn’t enough, anti-corruption and anti-bribery efforts need further traction from the private sector. Business needs to play a more powerful role in supporting responsible practices throughout every aspect of their operations. After all, those that find themselves embroiled in bribery scandals, for example, face a host of consequences, including business disruption, steep financial and legal costs, and harm to their brand and reputation.
Companies usually manage bribery and corruption risk through a mix of internal processes, certification requirements, and basic good practices throughout their operations — including with suppliers and vendors. External standards can also be a powerful tool in support of those efforts, helping companies strengthen ethics and compliance practices by offering a clear framework for action. One example of such an external tool is the ISO 37001 Anti-Bribery Management Systems Standard, published by the International Organisation for Standardisation in 2016 and designed by a committee of global business leaders and other stakeholders. The standard offers companies a structure for setting up or benchmarking an effective anti-bribery program aligned with its own risk profile, and building a culture that values ethical behavior. It outlines a program that can stand alone or be integrated into a company’s existing management system, and offers a common language and approach that stretches across borders and industries. It covers bribery in all of its forms — direct and indirect, inbound and outbound. It does not address fraud, cartels and other anti-trust/competition offenses, money-laundering or other activities related to corrupt practices.
There are five important ways a standard like this can help companies strengthen their practices:
Defining clear roles for boards and top management:The standard focuses on leadership roles as central to an effective anti-corruption system. It spells out the responsibilities of the board and top management, including ensuring that the organization’s strategy and anti-bribery policy are aligned. It also requires that the compliance function be staffed by those with the right skills, status, authority, independence, and resources. Having clearly defined roles and the right resources makes it more likely for anti-bribery and anti-corruption policies to succeed. This is supported by a 2016 report from The Ethisphere Institute and Kroll, which found “a significant correlation between the perception of risk and board-level engagement. The more engaged the board and leadership team were, the more likely respondents were to say they believe their anti-bribery and corruption risk will decrease or remain the same in the coming year.”
Embedding a culture of compliance:The standard’s preventative aspects will support companies’ efforts to build a culture that values ethics and compliance within its operations. In addition to the leadership role requirements, the standard requires communication and training to bolster the compliance program, and continual improvement to ensure that programs do not become stagnant but rather respond to changing risks.
Siemens was able to rebuild trust after a bribery scandal that reached the top of the organization, in part by implementing an effective compliance program. This included strict new anti-corruption compliance processes, appointing competent compliance professionals across the organization, launching comprehensive training and a compliance hotline, and investigating and monitoring to ferret out wrongdoing and ensure continual improvement. Through these efforts, the company sought to move away from a culture that has been characterized as seemingly “openly tolerant of bribes” to one that that is “driven by ethical standards.” Siemens implemented the types of processes required by ISO 37001 (although their work happened before the standard was issued.)
Supporting a consistent approach:Chief Compliance Officers are often monitoring business in more than one location and ensuring a consistent approach is critical. In 2010, during an exercise to review and improve its global anti-corruption compliance program, Ralph Lauren Corporation discovered evidence that its Argentine subsidiary had been paying bribes to officials in the Argentinian government. The company promptly disclosed this information to the U.S. Department of Justice (DoJ) and Securities and Exchange Commission (SEC). In that case, the parent company paid $1.6 million in combined penalties to the DoJ and SEC to resolve the matter. This fine was relatively light due to Ralph Lauren Corporation’s self-disclosure, cooperation, and remediation.
The standard offers a uniform framework with measurable, trackable indicators that will promote consistency organization-wide. The standard intentionally does not prefer the legal regime or regulatory architecture of one country over another, but rather is meant to outline a set of practices that can be used by companies regardless of where they have operations.
Cascading good practices through the supply chain: In addition to having subsidiaries and workers around the globe, many companies today have a complex web of third-party partners that support their business. This carries benefits and risks — bribery by a business partner being one of them. In addition to due diligence, monitoring, and auditing of third parties, the standard can be used by an organization as a tool to measure third party capability and the strength of the third party’s compliance program. This can be done by relying on certification or by asking third parties to demonstrate compliance with the standard. Because the standard is a global tool, developed by a global expert stakeholder group that was not tied to the law or guidance of any one country, it may be more readily accepted by some as an anti-bribery common language.
Competitive advantage: Fighting bribery builds reputation and brand value. Companies that can demonstrate conformity to an internationally-accepted anti-bribery standard may more easily attract business partners and investors who expect greater financial transparency and disclosure of activities to determine bribery risks. According to data collected by the Ethisphere Institute, companies that implement effective programs realize a 10.72% “Ethics Premium”. Research also demonstrates that ethical companies have lower turnover among employees. And consumers are placing a higher and higher value on whether a company has ethical practices, too.
Companies are beginning to see these benefits, and many are using the standard to bolster their efforts. The list of certified companies includes Legg Mason, Alstom, Mabey, and CPA Global among others. Even so, the standard is at an early stage of adoption and it will take more time for it to gain traction. The pace of certifications has been slow to date, perhaps because of the small number of accredited auditors available to perform certifications. The standard may see wider adoption if governments start requiring certification for bidding on public contracts.
We will have to wait and see whether ISO 37001 becomes more widely adopted. In the meantime, as companies use the standard and share their experiences, the more those conversations can help reduce the power of corrupt practices on business around the globe.