Managing Third Party Risk in Anti-bribery Compliance: The Enabling Environment

Fikret Sebilcioğlu
  • Fikret Sebilcioğlu          CFE, CPA, TRACE Anti-Bribery Specialist         
  • Managing Partner
  • Internal Controls&Forensic
  • E-mail to Fikret

To manage third party bribery risks in accordance with the extensive international anti-bribery legislation and the complex ethics and compliance procedures, the company should first have its own house in order to enable a proper environment.

In our November 2017 newsletter we have made an introduction to the third-party bribery risk management. This article is the second one of the series where we will start discussing about the critical aspects of best practices in third party risk management. The first topic is to enable a proper environment.

To ensure third party bribery risk is properly managed, it is crucial that the company create an appropriate environment where the efforts to manage third parties are properly supported. To enable the proper environment, the following aspects should be considered:

Governance and commitment to integrity

Without a culture of integrity, third parties are not held to high standards of integrity and organizations are likely to view their anti-bribery programs as a set of check the-box activities, or even worse, as a roadblock to achieving their business objectives. Third party anti-bribery management can only be effective if it is embedded in a corporate culture of values, integrity and good governance. 

Good governance on managing third party bribery risks is the most critical aspect of all efforts. It means that the senior management including board; monitor the anti-bribery programme; understand regulations and sanctions; agree on the alignment of bribery risks and controls; and ensure that adequate resources are provided. 

A strong tone and action from the top is the indication of commitments of those charged with governance. They should clearly and strongly communicate the importance of managing third party bribery risks to employees across the company.

Structuring the company for anti-bribery management

Having an increased concentration on third parties due to the globalised economy results in complex relationship and different functions across the company’s operations. Undefined responsibilities and misaligned business processes coupled with weak internal controls can lead to increased third party bribery risks. Thus, effective enforcement of the third party anti-bribery programme across the company is fundamental in the management of these risks. 

In other word, the company should prepare itself to manage the relationship with third parties and associated risks. This will require an integrated approach across the company. This approach should highlight the following tasks:

  • Create a team of dedicated senior management for third parties and determine and assign clear managerial responsibilities.
  • Determine your approach regarding bribery risk management and integrate this approach with the overall risk management policies.
  • Engage support function such as legal, compliance, procurement, accounting, internal audit, risk management and human resources and determine and communicate their roles in the provision of supports to the management and countering bribery in third parties. It should also be ensured that the senior management and support team work together in harmony.
  • Localize ethical decision making process regarding third party bribery risks because local management best know the local culture, the way of doing business in the country and associated risks.   

Building trust in your relationships 

Anti-bribery compliance can be seen as unnecessary compliance burden by third parties if the company’s objectives are not aligned with third parties and there are communication gaps between the company and third parties. This may result in undermining anti-bribery efforts such as contractual provisions, effectiveness of training and monitoring controls. To foster strong working relationship with third parties, it is vital that companies build trust in third parties by effectively communicating shared goals. It is the only way that anti-bribery risks can be identified, understood and managed properly in a timely manner. 

Relationship management is an important aspect in building trust. Those who are responsible for relationship with third parties should promote shared goals and the importance of countering bribery.   

With the introduction of the U.S. Foreign Corrupt Practices Act and the UK Bribery Act, companies must take bribery risks in business seriously, because the vast majority of prosecutions and regulatory settlements arise out of payments to agents, distributors, brokers, consultants, or other third parties.

The third article of the series will continue in our next newsletter with the title “The Third Party Anti-Bribery Framework”.