Anti-Corruption: Effective Compliance Begins with the Assessment of Risks


Virtually every authoritative source of guidance on effective anti-corruption compliance emphasizes the importance of conducting a company-wide “risk assessment.” For example, U.S. authorities have stressed with regard to the Foreign Corrupt Practices Act (“FCPA”) that “the assessment of risk is fundamental to developing a strong compliance program.” U.K. authorities have similarly emphasized the importance of risk assessments as an essential component of developing “adequate procedures” under the Bribery Act, noting that “the fuller the understanding of bribery risks an organization faces, the more effective its efforts to prevent bribery are likely to be.” The reasons for this are straightforward: to prevent a company’s involvement in bribery and corruption, compliance measures need to be positioned in a way that addresses the forms such conduct is likely to take.

Nevertheless, companies may be tempted to gloss over this step. Although a risk assessment can provide key information to those responsible for anti-corruption compliance, such an exercise is unlikely to have much visibility outside the company, and the failure to perform one may well go unnoticed. Yet without a clear vision of its particular corruption risks, a company's compliance efforts may turn out to be needlessly costly and inefficient and, even more importantly, fail to provide the protection that the company hopes to obtain. Yogi Berra may have said it best: if you don’t know where you’re going, you might not get there.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.