With the threat of jail time, massive fines, exclusion from government contract work, and potentially ruinous damage to their reputations, companies should be putting bribery risks committed via third parties high on their risk agenda, says Neil Hodge

Integrity Interactive Corporation, a US-based organisation which helps companies manage and reduce the risk of compliance failures, has found in its latest survey that concerns over new supply chain regulations and negative media exposure from potential supply chain scandals are top of the list of companies’ compliance issues. However, a report by the global responsible investment specialist EIRIS released in the second half of last year has found that only 10% of high risk companies manage their bribery risks to a good standard.

UK firms have already had a sound warning about what courts and regulators expect of them by way of ensuring that third parties act ethically in business dealings carried out on their behalf. A review into business practices at UK defence firm BAE Systems last year by former chief justice Lord Woolf called for tougher anti bribery measures at the company. Of the 23 recommendations made, number 11 is one of the most pertinent. This states that there should be ‘a requirement to undertake face-to face interviews, involving a company lawyer, as part of the due diligence process with all advisers whose activities require the interaction with potential customers.’ Woolf also said that advisers should submit quarterly activity reports to the company for internal audit to review, and that facilitation payments should be stamped out.

Some are sceptical about how the recommendation that company lawyers should interview current and prospective contractors will work in practice. Kate Jones, founder of consultancy Inspired Lives and a former general counsel at Kelloggs, says that ‘Lord Woolf’s recommendation is a nice thought, but very difficult to put into practice. There is a limit as to what an in-house legal team can do in these circumstances,’ she says. ‘What can a lawyer actually achieve in an interview? What is he supposed to ask and how long should the interview last?’

Risk managers also say that it is immensely difficult to try to police their suppliers, as well as their own staff. ‘We don’t have the resources or necessary access to check what our suppliers and contractors are doing overseas. You can only inform them of the way that we want to do business and threaten them with penalties and sanctions if they fail to honour the contract,’ says one risk manager who asked not to be named. Gemma Lacey, a CSR project manager at the John Lewis Partnership, says that ‘it is never possible to provide 100% confirmation that all suppliers are fully observing our code of practice at all times.’

There may also be a growing impetus for UK companies to ensure that they carry out appropriate due diligence when they source locally based third party contractors for their overseas operations. Calum Burnett, head of the finance litigation practice at law firm Allen & Overy, and Arnondo Chakrabarti, a partner in the firm’s banking and finance litigation group, say that the Law Commission’s latest report on reforming bribery, which came out at the end of 2008, proposes a new criminal offence aimed at corporate entities.

“Risk managers also say that it is immensely difficult to try to police their suppliers

The proposal states that if a corporate entity negligently fails to prevent bribery being committed by an employee or an agent on its behalf then the company will have committed a criminal offence. However, while it would be a defence for the corporate entity to show that there were adequate procedures in place designed to prevent such bribery.

Kirsty Searles, partner in the enterprise risk services group at professional services firm Deloitte, says that ‘as regulators step up their enforcement of anti bribery and corruption legislation it is increasingly important that companies know who they are dealing with and can demonstrate that they are taking appropriate steps to manage the risk of their advisers, agents and subcontractors behaving improperly.’

Under the US Foreign Corrupt Practices Act, and similar legislation in the UK, if an agent or subcontractor pays a bribe to secure a contract which the company benefits from, the company may be liable for its supplier’s action. The penalties of non-compliance can be extensive, with multi million dollar fines, penalties, and disgorgement of profit, as well as the disruption of an investigation, imposition of a monitor and a ban on bidding for government contracts.

Peter Smithson, director of risk assurance services at accountants PricewaterhouseCoopers, says that company executives need to ensure that there are physical visits to contractors’ sites. That way, he says, ‘you will get a much better idea about how they run their companies, whether staff are being well-treated, and how their corporate ethics are reflected in their working practices. In an interview, people can say whatever they want to try to impress. But a visit to their premises can be much more revealing.’

Smithson also suggests that companies should ask suppliers for a copy of their ethical business guidelines, and ask how they are embedded and enforced throughout the organisation. ‘By digging deeper into their ethical culture, you are more likely to find gaps between the expectation of how the business should be run, and the reality on the ground. The more holes you find, the more wary you should be. If they cannot enforce their own codes of conduct, how can they follow and enforce yours?’