Firms have focused resource on anti-money laundering and sanctions compliance. Meanwhile, regulator focus has turned to anti-bribery and corruption (AB&C)—and now firms should reconsider how they manage this risk.
We have seen continued regulator focus and enforcement action around bribery and corruption issues. Few could have missed the headlines and fallout of the FIFA corruption scandal. But the FIFA example is just one of many such stories, and financial services firms are particularly vulnerable. We’ve seen a handful of financial firms make headlines due to bribery or corruption issues.
Why are we focusing in on anti-bribery and corruption?
The management of AB&C risks is in a less mature phase than other financial crime areas. Firms are in the early stages of evaluating their risks and designing their operating models to cover this area. There is increased focus on strong governance to prevent corporate wrongdoing. This requires defined senior management roles and responsibilities, and strong management information to promote accountability and facilitate a robust challenge process where necessary.
Many firms are in the process of hiring a head of AB&C and building out the function. Finding individuals with the right experience and knowledge is challenging. Firms need to be sure that staff working in this area will be able to succeed.
What are the challenges for firms?
In the current regulatory and competitive environment firms should take steps to fully understand AB&C risk, monitor it and provide information on it to senior management promptly. All of this should be done as cost effectively as possible.
In our experience many firms are struggling with the following:
- Understanding the complex bribery and corruption risks in their business;
- Managing intermediaries to better understand the true level of risk associated with their relationships;
- Conducting meaningful ongoing monitoring of risks;
- Producing valuable and insightful management information that allows senior management to understand the true risk and take any required decisions;
- Assessing where to expend their effort to manage risk most effectively;
- Identifying opportunities for streamlining leading to a duplication of effort;
- A lack of “off the shelf tools” to conduct surveillance and monitoring.
What can be done?
We would encourage firms to consider:
- Strategy and operating model: Reevaluate the firms’ AB&C risk strategy and framework to validate that they are effectively managing risk. Firms should consider integrating AB&C into wider financial crime programmes to build an efficient operating model.
- Processes and streamlining: Review end-to-end processes and consider where effort is wasted or would be better utilised to manage risk effectively. Simple changes could result in large cost savings, as well as repositioning resources into the correct areas,
- Monitoring and management reporting: Monitoring and review of early warning signs can help a firm deal with an issue before a problem crystalizes. Using analytics to make the most of the numerous data sources can translate into useful insight that helps senior management take actions to prevent these risks from crystallising. Many firms are combining AB&C into broader conduct surveillance and monitoring.
AB&C risk will remain a priority for US and UK regulators. Likewise, firms should keep reviewing how they manage this risk in a cost effective way.