CEP Magazine (March 2022)

In November 2021, the Organisation for Economic Co-operation and Development (OECD) issued a significant update to its guidance on combating bribery of foreign public officials, replacing its previous recommendations from 2009.^[1] The scope of changes goes far beyond what I could address here, but one change is found in Annex II, which updates OECD’s 2010 “good practice guidance” on internal controls. This guidance has also been improved, including a recommendation that internal controls be periodically reviewed by considering a company’s “evolving risk profile.” Makes sense. Risks are dynamic, so our controls should evolve with them.

This brings me to a second important development regarding the broad topic of bribery and corruption, regardless of whether government officials are involved. We are experiencing a significant strain on the global supply chain. And any one company along that supply chain that is in a position of power, due to their ability to supply something, is also able to ask for, or demand, a little something extra to make sure your company gets what it needs.

Companies are desperately searching for key resources, which in turn are becoming scarcer due to a lack of workers, shortages in the transportation sector, and a host of other issues. The temptation for some of our own employees to take desperate measures in what they think are the best interests of our companies is greater than it would be under normal circumstances.

Now is the time to assess where this risk has changed within our organizations and to take quick action to mitigate this risk. Actions we take might be nothing more than some stepped up communications or training. But we may need more extensive responses to this risk, including improved due diligence of suppliers, tighter controls over the processing of transactions, enhanced analytics, and other measures aimed at identifying red flags of bribery and corruption.

Guidance from government agencies and others on compliance programs often mention a need for “periodic” risk assessments. Don’t let this be interpreted as something that only gets done at fixed intervals of time. Best practices for risk assessment also require risk assessments to be updated as circumstances warrant. And the current circumstances certainly warrant it in connection with certain supply chains.

1 Organisation for Economic Co-operation and Development, “Recommendation of the Council for Further Combating Bribery of Foreign Public Officials in International Business Transactions,” November 25, 2021, https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0378#mainText.

[View source.]