Maybellene And The 2014 Anti-Bribery And Corruption Benchmarking Report

by Thomas Fox

Chuck BerryToday, we celebrate an event, which is not ‘the day the music died’ but one that might properly be called one of the seminal moments in the creation of Rock N’ Roll. On this date in 1955, Chuck Berry recorded his first song, Maybellene. John Lennon once said of Chuck Berry “if you tried to give rock and roll another name, you might call it ‘Chuck Berry.’” Chuck Berry created the do-it-yourself template that most rock-and-rollers still seek to follow. If there can be said to be a single day on which his profound influence on the sound and style of rock and roll began, it was this day in 1955, when the unknown Chuck Berry paid his first visit to a recording studio and cut the record that would make him famous.

I am attending Compliance Week 2014 for the 5th consecutive year. Once again Matt Kelly and his team have put together one of the top compliance events of the year. The sessions have been first rate, the conversations highly informative and the sponsors are talking about their compliance solutions in an exciting and engaging manner. If you did not make Compliance Week 2014, I hope that you will make it next year for Compliance Week 2015.

One of the sessions I attended was a presentation of the joint Kroll/Compliance Week 2014 Anti-Bribery and Corruption Benchmarking Report. Compliance Week Editor, Matt Kelly, moderated the panel with Kroll Inc., representatives Alan Brill, Senior Managing Director, and Lonnie Keene, Managing Director, which discussed some of the reports key findings, the highlights of which are as follows.


For the second year in a row, large US Corporations were much more likely to say they expect bribery and corruption risks to increase than smaller or overseas

Corporations do. Some 51 percent of respondents said they expect more such risks in the next two to three years – as did 57 percent of US companies, and 57 percent of large companies, which was defined as having $5 billion or more in annual revenue. However, only 37 percent of overseas businesses, and 46 percent of smaller companies expect their corruption risks to keep rising. A question that Chief Compliance Officers (CCOs) may ask, then, is whether their assessment of bribery risks is accurate? The “risk perception gap” between large and small, or US and overseas, does exist, and an erroneous understanding of one’s risk profile can have dire consequences.

Third Part

The conundrum of third party risks continues to be a major weakness for anti-corruption programs and the problem may well be getting worse. The respondents this year reported an average of 3,868 third parties, yet 58 percent say they never train third parties on anti-corruption efforts. That number is higher than last year, when 47 percent said they do not educate third parties on anti-corruption policies. Significantly, the number of companies that conduct due diligence on third parties has increased, from 87 percent in 2013 to 97 percent this year – which suggests that companies do now grasp the importance of performing due diligence and have the processes in place to do so. That next step of training third parties (which can indeed be expensive) is where compliance programs start to falter.

Third party risks do hinge on several factors, such as the number of third parties one has or the corruption environments where they are. Another question that CCOs can ask themselves, then, is how the need for the services provided by their third parties matches up with the risk they pose to their companies.

Due Diligence

This was an area noted to be “a bright spot in the 2014 ABC Report.” In addition to the 97 percent of respondents who perform due diligence on third parties, 92 percent say they perform at least some due diligence on merger and acquisition (M&A) targets to identify possible corruption risks before a deal is done. What’s more, 74 percent say they start by investigating the target company’s management team – which is where the most serious corruption risks typically hide. Due diligence on a target company’s third parties fell off sharply: only 54 percent also performed due diligence on a target’s agents, 52 percent on its distributors, 50 percent on its consultants, and 46 percent on its suppliers. The report indicates that larger companies were much more likely than smaller ones to perform due diligence on a target’s third parties.

Overall Compliance Program Effectiveness

The Report revealed that seventy percent of respondents rated their policies for domestic employees as effective or very effective – and larger companies were more bullish about their domestic employees than smaller ones (77 percent to 61 percent, respectively). That statistic edged downward for confidence in training overseas employees, to 66 percent, driven by considerably fewer companies saying they were very confident in their training of overseas workers.

However, compliance practitioners were more confident in their ability to vet third parties at the start of a relationship, but less confident in monitoring third parties once that onboarding examination had passed. Fifty-seven percent of respondents rated their vetting procedures as effective or very effective. Then the numbers marched downward for monitoring compliance after a relationship starts, auditing compliance of third parties, and training third parties on anti-bribery and corruption procedures.

This led to the conclusion that effective compliance programs can help a company identify corruption risks when the CCO is not specifically hunting for them. That may come from strong training in a speak-up culture, or strong audits of third parties, or any number of other techniques. The key question here is to ask what metrics and corruption risk indicators match the risks you believe you have, and how your compliance can implement those solutions.

These trends stand against a background where large US Corporations report that they expect bribery and corruption risks to increase considerably more than smaller or overseas corporations do. Given the globalized nature of modern business, with more regulatory scrutiny from more regulators, and the “extended enterprise” extending to include even more third parties, the Report then asks “Do smaller or non-U.S. businesses truly have fewer corruption risks, or do they misunderstand the risk profile they have?”

While perhaps not as groundbreaking as Chuck Berry’s achievement in 1955, this 2014 Anti-Bribery and Corruption Benchmarking Report, captures important information about the current state of compliance and, more importantly, where it may need to go.

For a YouTube clip of Chuck Berry belting out Maybellene, click here.


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Thomas Fox, Compliance Evangelist | Attorney Advertising

Written by:

Thomas Fox

Compliance Evangelist on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.