By Stuart Brock, Director, Seal Software
In the age of specialization, many organizations turn to intermediaries to do business. They take the form of partners, suppliers, distributors, or agents, and many firms can have thousands of “feet on the ground” doing work on their behalf around the globe. This is particularly true when assistance is needed in emerging markets, where bribery, money laundering, bid-rigging, and price-fixing are common ways of doing business.
A global survey of compliance officers conducted by E&Y found 39 percent of respondents reported that bribery or corrupt practices take place with alarming frequency, and in emerging markets, a majority of the respondents indicated that corruption is common. The fact remains that even in the most advanced countries, still too many individuals believe it is acceptable to gain commercial advantage through cash payments or similar means.
Another interesting fact comes from a study conducted by the Organization for Economic Co-operation and Development, which found that 75 percent of bribery-related incidents involve payments made through intermediaries.
The reality is that if your intermediary is exposed for bribery or corruption activities while working on your behalf, whether you are aware of the activity or not, you are at significant risk. The laws addressing anti-bribery and corruption violations include the Foreign Corrupt Practices Act (FCPA) of 1997, the U.K. Bribery Law of 2010, OCC 2013-29, and the HITECH Anti-Kickback Act of 2009 for healthcare.
The agencies enforcing these laws include the U.S. Department of Justice, the SEC, U.K. Serious Fraud Office (SFO), and the British Financial Conduct Authority (FCA) under their Outsourcing Requirements. These oversight entities have been increasing their efforts to investigate and prosecute offenders in recent years, resulting in significant fines and penalties.
For example, Olympus paid $623 million for running afoul of the healthcare anti-kickback statute. Other notable violations resulted in Rolls Royce being fined more than $900 million for bribes to officials in China, India, Thailand, and other markets, and Siemens AG forking out $450 million in penalties for violating the FCPA. Alcoa was forced to pay $175 million in restitution, and a fine of $209 million for paying bribes to government officials in Bahrain and Australia, and even Goodyear Tire paid $16 million for FCPA violations committed by two African subsidiaries
Contracts are at the frontlines of risk
High-risk activities such as procurement, invoicing, payments, and supply chain functions, are the frontline of risk mitigation. Corporate executives including chief compliance officers, COOs, and procurement and legal teams have become acutely aware that prosecution extends beyond the activities of employees to the corrupt actions of third-party representatives. As a result, they are taking a sobering look at Anti-Bribery and Corruption (ABAC) programs. In a growing number of cases, these teams are implementing clear, multi-faceted strategies and policies to reduce exposure.
They have responded with consistent and frequent formalized training programs for their employees and their intermediaries in an attempt to better identify and understand their weak spots. They are attempting to implement stronger vetting and due diligence programs for current and potential intermediaries, and perhaps most importantly, they have also looked to instituting legal protections within contracts and agreements to reduce vulnerability in the case of violations by contracted third-parties.
We have found at Seal Software, for example, that customers and prospects are more frequently engaged on this last point than they were in the past. They are looking for ways, more specifically, to reduce risk with well-written ABAC clauses in vendor contracts. Organizations can create their own high-quality ABAC clauses for contracts, and they can take advantage of resources like the International Chamber of Commerce (ICC), which provides a set of clauses on their website to help organizations protect themselves.
Strong ABAC clauses can provide protection if an intermediary is found guilty of anti-bribery and corruption violations. This can effectively reduce liability in the wake of ABAC violations by an intermediary while also increasing a firm’s own contractual rights to revoke a contract should a violation occur. It can also help organizations claim damages against an offending intermediary when appropriate.
It is crucial in the first instance to institutionalize efforts to review vendor contracts to determine if they have ABAC clauses, and then to ascertain if they meet the legal requirements necessary to make them both effective and enforceable. When contracts fall short, it is imperative to identify those which need amending and then re-paper accordingly. It’s a daunting task for the enterprise that has tens of thousands of contracts siloed across different departments and geographies.
Optimizing the process with AI
When companies embark on vendor risk management initiatives, it often requires a manual effort of tracking down and painstakingly reviewing each document to extract and record the needed information – usually in spreadsheets. Only then can business and legal resources decide which contracts need revision, renegotiation, cancellation, or some other action.
It is, however, possible to sift through massive amounts of data to connect the dots and root out corruption without slowing down the procurement process. Artificial intelligence and machine learning are not simply showing potential, but are already a proven potent weapon. Analytics-driven AI are being deployed by Seal to collect, interrogate, and assess huge ‘data sets’ of contracts and legal agreements, to reveal both potential concerns of corrupt behavior, as well as mitigate risks before a contract is issued. The technology provides a high level of accuracy, speed, and scale in these activities, as well.
Optimizing the process for companies embarking on ABAC risk management initiatives requires finding contracts across the network to determine what terms, provisions, and clauses they contain. This means not just surfacing contracts that do not have any ABAC clauses but going deeper to identify those that do not contain the standard or approved language, and finally, which ones have appropriate language.
Artificial intelligence can also be trained to ‘read’ each document and let users know, very specifically, what decisions and actions are needed to meet organizational objectives. This type of automation is often the first step of the ABAC process, reducing the time and costs associated with managing ABAC risk. It also is more accurate by taking away the subjectivityand judgment errors of human reviewers.
Artificial intelligence as a force multiplier
The potential of AI to improve the procurement process and related risk mitigation is great. Looking at contracts to detect problems has led to experiments in using the technology to probe different types of data, expanding the pool of information and refining its application to drive true digital transformation in the procurement process. Another facet, for instance, of using artificial intelligence to automate anti-bribery and corruption protection, is that once the initial extraction has been done, organizations then have access to a much broader set of data than just ABAC clauses.
It is often seen as a ‘force multiplier’ in that the data can also be examined for insight into a variety of other procurement drivers. Vendor contract terms, renewal and auto-renewal information, pricing details, purchase incentives, service levels and metrics, can often be determined simultaneously with an ABAC program. Other contract terms and provisions that are directly or indirectly affected by ABAC may include limits of liability, assignment rules, termination, and cancellation requirements.
Anti-bribery and anti-corruption practices have historically been underserved by technology, forcing firms to analyze contracts manually and at significant cost. At best, statistics indicate that less than half of violations are detected by whistleblowers or by using legacy processes, leaving firms open to immeasurable legal and reputational vulnerabilities. Artificial intelligence and machine learning are being applied to create automated workflows that smartly address the challenge, and make it easier to uncover risk before it becomes a crisis.