* Any views expressed in this opinion piece are those of the author and not of Thomson Reuters Foundation.
Steven Fox is the managing partner of Veracity Worldwide, an external risk advisory firm that focuses on emerging markets. David Matesanz is a project manager at the same company, focusing on anti-corruption matters. Based in New York with offices in Singapore, New Delhi, Johannesburg, Moscow, and London, Veracity advises some of the world’s leading companies on corruption and other risk issues. Veracity also works closely with top-tier law firms to investigate allegations of corruption.
A trend toward more aggressive enforcement of anti-bribery statutes and a broadening view of liability present companies operating in some of the world’s more opaque business environments with growing risks.
In addition to the U.S. Foreign Corrupt Practices Act (FCPA), investors in emerging markets now face a new and even more stringent UK anti-bribery law- binding on all companies with UK listings or subsidiaries- and a growing willingness by local governments in challenging places like Nigeria and Ghana to enforce long dormant anti-corruption codes.
The will to prosecute corruption is intensifying around the world, and companies’ need for risk management programmes that ensure compliance with existing regulations is growing apace.
The foreign agents and other third parties that many international companies rely on represent the most likely source of corruption-related problems.
The sheer number of third-party agents engaged by many companies renders verification of their bona fides difficult, but companies and their officers are liable for the actions of their agents regardless of actual knowledge of corrupt activities, making it essential to conduct rigorous due diligence and ongoing reviews.
The costs of enacting robust processes to handle these tasks can appear prohibitive, but inaction can carry a far higher price in the form of jail time for company executives or directors, stiff civil penalties, disgorgement of profits, legal bills, reputational harm, downgrading by rating agencies and the loss of the right to participate in U.S. government or international tenders.
Risk management efforts should begin by compiling dossiers on all third-parties, leading to further scrutiny of individuals of particular concern with the potential support of specialised firms.
THIRD-PARTY AGENTS AND TRANSFERRED LIABILITY
It is not unusual for a major multinational corporation to have thousands of sales agents, export agents, business development consultants, government strategy consultants, distributors, and others working abroad on its behalf. Smaller companies typically have fewer such relationships but face the same challenges in assuring their agents’ adherence to international standards of conduct.
In the eyes of anti-corruption enforcement authorities, the actions of a company’s agents are indistinguishable from those of the company itself.
The new UK bribery bill establishes particularly exacting standards for the management of third-party relationships. Going above and beyond the FCPA, the UK law specifically penalises companies and individuals for failing to prevent bribery, making a head-in-the-sand approach to business activities abroad a considerable risk.
Boilerplate representations and warranties signed by third-party agents pledging to abide by corruption laws offer little, if any, protection. In the event of a problem, the UK’s Financial Service Authority (FSA) likely will require an explanation of the active steps that a company took to verify and monitor the conduct of its agents.
DUE DILIGENCE QUESTIONNAIRE
Developing a mandatory third-party questionnaire is an excellent starting point for actively vetting all agents. The questionnaire provides a basis for building a comprehensive set of agent dossiers and for determining the level of follow-on due diligence appropriate to each case.
The questionnaire should request key information to help the company’s business unit and compliance team understand the need for proposed as well as existing relationships and to establish the particulars of each agent or third party. The questionnaire alone may turn up “red flags,” especially in high-risk jurisdictions.
Common Warning Signs on a Due Diligence Questionnaire
Subject company:
- Appears to be unqualified or understaffed
- Refuses to disclose business practices
- Requests unusually high compensation in relation to the value of services rendered
- Requests cash or off-shore payments
- Has expired or missing business licenses
- Has made sales to government entities, quasi-governmental agencies or state-owned ventures
- Has undisclosed or suspicious beneficial ownership structures
- Was recommended by a prospective customer
A STRATIFIED APPROACH TO DUE DILIGENCE
Particularly when dealing with a large number of agents distributed across different countries and regions, devoting the same level of due diligence to each subject is likely to be impractical. The assessment of third-party relationships should instead flow through a framework that places agents into low-, medium-, and high-risk categories.
Not all situations or individuals will require the same degree of scrutiny and the necessary amount and rigor of due diligence will depend on where the proposed agent or third-party is based and what is expected of them.
The most important single factor in deciding how much due diligence to apply is the agent or third-party’s geographical locale. While corruption certainly happens in developed countries, Transparency International’s Corruption Perception Index is a good indicator of the places where companies need to be especially alert.
As reflected in the index, Nigeria, Angola, Egypt, Iraq, Russia, Ukraine, China, Indonesia, Vietnam, and Honduras offer particularly perilous operating environments.
In low-risk environments, media reviews and basic reference checks are sensible safeguards. In medium-risk environments, companies should have a process in place for checking regulatory filings, legal records and local language media to gain insight into the background and trustworthiness of local agents.
In high-risk environments such as Angola, China, Iraq, Nigeria, or Vietnam, however, a higher level of vetting is necessary and companies need to have in place a special set of procedures. Weak public record systems may not reveal much of value from an anti-corruption perspective. Relying on media can also be dangerous in high-risk jurisdictions, since press coverage may be limited or journalists may be unwilling to report negatively on well-connected local figures.
For example, after an expensive and highly damaging FCPA investigation that exposed numerous incidents of bribery, Siemens now employs some 500 in-house compliance staff to monitor the company’s anti-corruption efforts and third-party relationships.
Others operate on a far leaner, and perhaps more effective, footing. In high-risk instances, best-in-class companies engage accounting or risk advisory firms with sophisticated capabilities to vet agents and third parties. Following Ronald Reagan’s old adage “trust but verify” is a good rule-of-thumb.
In such instances, independently sourced reputation information and other intelligence collected by specialised firms is a company’s best line of defense against costly discoveries down the road.
Any views expressed in this article are those of the authors and not of TrustLaw, Thomson Reuters or Thomson Reuters Foundation.
