While for some of us, 2010 may not feel so long ago, much has happened in the last decade. 2010 was the year Apple released the first iPad and X Factor gave us One Direction. 2010 is also the year the UK Bribery Act was unveiled to much discussion[1].
思考,你可能会记住一些季度在某些地方表达的疑问是关于立法是否会产生“真正的”影响,怀疑主义显然是由于如何有效和积极地执行立法的不确定性。从那时起,已经提出了重要的关注,包括使用延期起诉协议,技术辅助审查的出现,以及监管机构之间的跨境合作。虽然这些都是重要的发展,但我们认为这也是适当的,反思贿赂和腐败的合规在过去10年中是否发生了变化。
A change in focus
One of the most striking developments we have observed is the increasing sophistication of discussions about bribery and corruption compliance programs.
The “Adequate Procedures” guidance released by the UK Ministry of Justice, following the UK Bribery Act, made a significant contribution to moving compliance conversations beyond discussions about policies, procedures, and controls, to broader questions of communication, training and monitoring. The Adequate Procedures guidance also encouraged organisations to consider what compliance measures arereasonablefor a particular entity given their resources and risk profile. By 2010, the US Foreign Corrupt Practices Act (FCPA) had been in force over 30 years and, although OECD Good Practice Guidance, released in 2009, already signposted how views on best practice compliance programs were evolving, the change in the tone of Boardroom compliance discussions accelerated following the release of the UK Bribery Act.
After the UK Bribery Act guidance, the FCPA Resource Guide, which was issued by the US Department of Justice and SEC in late 2012, included a section on “Hallmarks of Effective Compliance Programs”, which largely echoed the UK Ministry of Justice Six Principles. Others followed including, for example, SAPIN-II in France, the Clean Company Act in Brazil and ISO 37001, all of which reinforced the emerging consensus around compliance best practice. While there are still differences in approach between countries, a shared view of what some of the key building blocks of good looks like has certainly provided a helpful starting point for many organisations. Detailed guidance associated with the different regimes will continue to change, but it is hard to see agreement on the need to build and maintain effective, holistic, risk-based compliance programs changing any time soon.
The net effect has been a greater focus on compliance discussions, with “best practice” expectations being raised and an increasingly familiar view of the key pillars of a robust compliance program. While greater clarity over what good looks like does not guarantee the right result, it’s certainly an important step along the way and we think some credit should go to the UK Bribery Act for encouraging this development.
Embracing technology
Over the last decade the effective use of data as an essential component of risk management has, in our experience, been almost completely accepted. Looking back to when the UK Bribery Act was published, red-flag data analytics and visualisations were still seen as relatively sophisticated and not routinely performed. This was in part due to data as well as technological limitations.
Challenges to data analysis certainly remain, both in managing the various data sources that are a feature of most organisations and in navigating data privacy obligations. Despite these challenges, red-flag analytics are now a core part of many compliance programs and have been incorporated into a host of proactive exercises from compliance audits to third party monitoring.
More generally, the last decade has seen an explosion in the range of technology at the disposal of investigations and compliance teams. Developments in artificial intelligence and machine learning are now being used to support the analysis of increasingly complex and extensive data more efficiently. Over time these new tools have also been embraced by regulators and enforcement agencies and are now seen as a core part of the toolkit.
改善技术也被用来facilitate decision making. In the past, companies struggled with inconsistent approaches to important processes. Companies today are investing in workflow delegation technology with defined risk thresholds, automated end to end processes and centralised document trails. While there is still a need for human review, technology has come a long way in facilitating a robust and consistent approach.
Persistent challenges
A recent Parliamentary review described the UK Bribery Act as the “international gold standard” of anti-bribery legislation. Unfortunately, despite the developments in technology and approach that we have described above, it is difficult to observe the seemingly relentless stream of enforcement cases and record-breaking penalties across the world and not conclude that fundamental challenges remain. While there is always a lag between misconduct taking place and sanctions being announced, it is hard to argue the corruption problem has been solved.
Given the time, effort and sacrifice that has been spent tackling corruption, this is a disappointing reality to face.
在我们的经验中,组织continue to face fundamental challenges in dealing with bribery and corruption risk. To take one example, risk arising from third party relationships still cause problems for many. With diverse markets, varying levels of economic development and different political and legal realities, this should not be a surprise. Compliance teams are challenged to establish practical solutions tailored to the unique environments and challenges of their global footprints, not only for third parties but all aspects of bribery and corruption risk. And they many must do this with tight budgets and limited resources.
Conclusion
Reflecting on the changes in corporate compliance over the last ten years, we believe many aspects look and feel different. How much of this progress can be directly attributed to the UK Bribery Act is open for debate; but there have certainly been some positive developments.
与此同时,随着合规计划融合的同时,已经对企业和政府进行了公共压力,以解决持续的腐败祸害。在世界范围内,这种巨大的不耐烦是通过社交媒体的扩散和多次敏感数据和通信泄漏来推动的,使组织更加难以掩盖他们的错误。但是,在世界各地的地方立法和更重要的是,在世界范围内仍存在显着差异。
This combined social and regulatory pressure will be essential to drive further change over the next decade. We hope that with increasing use of collective action, organisations can continue to influence the political, economic, and enforcement conditions that sustain corruption. It will certainly be interesting to see what the next ten years have in store.
[1]英国贿赂法随后于2011年7月开始生效
 |
 |
|
| 迈克尔·齐默尔, Partner at Control Risks | Lorynn Demetriades, Director at Control Risks | |
Michael leads the investigations and forensic accounting practice for Control Risks in EMEA. As a qualified chartered accountant with more than 15 years forensics experience Michael advises on clients on regulatory, reputational and financial issues. Michael frequently supports clients on complex, cross-border investigations working alongside Governments, regulators and enforcement agencies to help clients manage and respond to risk. Michael has performed investigations and compliance work in the UK, Europe, the Middle East, Russia, India and Africa (including South Africa, Nigeria, Kenya, Ivory Coast, Ghana, Tanzania, Ethiopia, Cameroon, Zimbabwe, DRC and Angola) and has extensive experience supporting clients with issues in emerging markets. |
Lorynn Demetriades is a forensic accountant and a Director of Control Risks forensic investigations practice in Europe & Africa.Based in London, Lorynn supports clients undergoing complex and international challenges including forensic investigations, compliance advisory projects and forensic M&A due diligence.She often works alongside internal and external counsel, compliance officers and internal investigation teams. Lorynn has been a consultant to multinationals, legal advisors and global investors for nearly 10 years and has worked on the ground in Africa, the Americas, Asia, Europe and the Middle East. She has particular experience in dealing with regulatory enquiries, including SEC, DOJ and FCA related investigations, and has served a range of sectors including energy, defence, pharmaceuticals and infrastructure. |
