Integrated Compliance: Companies Need to Think Holistically and Act Globally

Photo Credit: CIPE

In recent years, compliance has become an increasingly complex landscape. The need for strong anti-corruption controls, both in multinationals’ own operations and extending to their suppliers, distributors, and agents in emerging markets, has been clearly evident. Significant enforcement actions under the U.S. Foreign Corrupt Practices Act (FCPA), the great majority of which involved violations through third parties, sent a clear message to the global business community that corruption is no longer an acceptable part of conducting business. Similar laws passed by other countries, such as the UK Bribery Act (UKBA) or Brazil’s Clean Company Act, further emphasize this point. There is also a growing trend of regulators either requiring companies to put in place compliance programs – such as France’s Sapin II law – or providing what UKBA calls “adequate procedures” defense in hope of a reduced penalty.

Another important trend has to do with the authorities paying greater attention to other aspects of compliance such as human rights, labor, and environmental standards. Traditionally, companies considered these spheres a part of their corporate social responsibility (CSR) reported to the public voluntarily. Increasingly, however, these areas of compliance are becoming regulated and companies are required to disclose their risk assessments and mitigation plans. Under California’s law on supply chain transparency, for instance, companies must publicly disclose their anti-forced labor policies and procedures. Speakers at a recent event on supply chain risks and rewards in emerging markets, organized by Baker McKenzie in Washington, DC, emphasized that relevant criminal statutes are also in place. They have not been strongly enforced so far but that is likely to change, creating what one presenter called “FCPA of the future.”

It is also important to keep in mind that the risks companies face are not just associated with legal enforcement. Even in its absence, exposure of questionable behavior can lead to brand and reputational damage affecting the bottom like. One example is Houston, TX-based Cobalt International Energy. The company was involved in a controversial oil exploration deal in Angola involving a local firm with alleged links to the government. U.S. regulators investigated and ultimately did not find Cobalt liable. However, shareholders sued for being kept in the dark about the risk of the venture. Cobalt was ultimately delisted from the New York Stock Exchange when it market cap dropped, and declared Chapter 11 bankruptcy.

Together with my colleague Frank Brown, Director of CIPE’s Anti-Corruption and Governance Center, I recently had a chance to explore these issues at a session we led at the 6th Annual European Compliance & Ethics Institute organized by the Society of Corporate Compliance and Ethics (SCCE) in Frankfurt, Germany. We were joined by a group of experienced compliance professionals who shared their global knowledge. The clear conclusion of our session was that corruption, labor, and environmental risks are closely intertwined and must be addressed as such through holistic, integrated compliance programs.

With the recent introduction of ISO 37001, a new certifiable standard on anti-bribery management systems, there has been significant convergence in defining what a robust anti-bribery & corruption compliance (ABC) program should look like. Having a strong anti-corruption program can in turn become a foundation for addressing other compliance risk areas. As a former Chief Ethics and Compliance Officer of Telia, Michaela Ahlberg, put it, “If you do the ABC program right, a lot will be done also for all other topics of responsible business and an effective ABC program is a minimum requirement for all companies, small or large, global or local, irrelevant of nationality.” Telia found itself embroiled in a high-level corruption scandal in Uzbekistan but was able to limit the severity of penalties and improve how it does business overall thanks to revamping its compliance program. The company has also worked to shift its culture to better appreciate human rights and other local impact of its operations on countries where it does business. Telia’s case offers important lessons on the value of integrated compliance in today’s global marketplace.

Anna Kompanek is the Director of Global Programs at CIPE