Anti-Bribery and Corruption (ABC) Risk Assessment

• Overview

Corruption is an unfortunate reality throughout the world in developed and underdeveloped countries alike. It weakens and undermines democratic institutions, distorts national econ-omies, contaminates business practices, fosters government instability, discourages external investments, unjustly enriches public officials and private sector business people, worsens social conditions and public services, and impacts hundreds of millions of people each day.

Major Governmental Regulatory Enforcements

UK Bribery Act 2010

The Bribery Act is an Act of the Parliament of the United Kingdom that covers the criminal law relating to bribery replacing all previous statutory and common law provisions in relation to bribery being bribed, the bribery of foreign public officials and the failure of a commercial organizations to prevent bribery on its behalf.

US Foreign Corrupt Practices Act (FCPA) of 1977

This act was enacted for the purpose of making it unlawful for certain classes of persons and entities to make payments to foreign government officials to assist in obtaining or retaining business.

 

• Risk assessment

As part of the subsequent requirements to have proper program in place to ensure compliance, organizations should conduct a well-informed, documented and regularly updated risk assessment by determining the nature and extent of its possible external and internal corruption risks.

By having a proper framework in place, financial institutions can play an important role in fighting bribery and corruption in the markets where they operate.

Methodology:

Key to achieve the above, institutions need to implement effective risk assessment methodology. Below are guidance of 6 stages to be followed as issued by Transparency International UK:

1. Ensure top level commitment and oversight.
2. Plan scope and mobilize.
3. Gather information.
4. Identify the bribery risks.
5. Evaluate and prioritize the risks.
6. Use the output of risk assessment.

Approach:

The ABC risk assessment exercise need to follow a three phased approach for each line business segment in order to undertake the ABC risk assessment, as per guidance by the Wolfsburg Group:

Stage 1: Inherent Risk

This is the risk of a breach of regulatory requirements in absence of controls.

Stage 2: Control Effectiveness

Determining the effectiveness of the controls deployed to mitigate the inherent ABC risk.

Stage 3: Residual Risk

Being the risk of a breach of regulatory requirements based on the assessed effectiveness of controls.

As risk assessments should assess both inherent risk and corresponding controls to arrive at a residual risk level.

Elements:

There are many elements of a risk assessment, but the core assessment should include:

• Potential liability created by Intermediaries and other third-party providers as appropriate
• Corruption risks associated with the countries and industries in which the FI does business, directly or through Intermediaries
• Transactions, products or services, including those that involve state-owned or state controlled entities or Public Officials
• Activities of the FI’s branches and subsidiaries
• Corruption risks associated with gifts and hospitality, hiring/internships, charitable donations and political contributions
• Changes in business activities that may materially increase the FI’s corruption risk
• Conclusion

Residual risk reporting should then be leveraged for Management Information, which is provided to stakeholders and risk oversight forums to ensure relevant functions are operating within its risk tolerance levels.

In summary, being able to do more than check-off actions against those set out in guidance notes, employing a customized understanding of the risks and responses through an ABC lens, and utilizing a wide approach across all lines of defense, will effectively manage risk and truly differentiate any ABC programme.