Can you Certify Anti-Corruption Compliance?
Today’s Q & A is with Philippe Montigny, CEO, Ethic-Intelligence
Q: Hello Philippe and thank you for participating in this Q and A. Having been invited to your own “Experts Corner,” it is a pleasure to engage with you as well on this side of the Atlantic! So, perhaps you can share with our readers some of your background and experience?
PM: Thank you Richard. I joined the OECD in 1987 and was later appointed to the OECD Private Office of the Secretary General. Thus, I was involved in ministerial negotiations, including those which eventually led to the Anti Bribery Convention of 1997. Later as Executive Director of a London-based consultancy in 1998, I advised companies on developing their business internationally. It was following these professional experiences that I came to understand the importance of anti-corruption compliance as an integral part of business strategy.
I started ETHIC Intelligence in 2001 to assist companies in their development using effective risk based anti-corruption compliance programs. In 2006, in order to transform the costs of anti-corruption compliance into strategic investment, ETHIC Intelligence became a certification agency. To avoid any conflict of interest we have then stopped consulting business to focus our work on our “terms of reference” in order to ensure that they always correspond to the highest standard and evolving best practices.
Q: Thank you Philippe. Can you share some of the history regarding certification?
PM: Anti-corruption compliance is one of the areas of corporate governance that has progressed the most over the past few years. Remarkable progress has been made since the day I remember well in the 1990s when, Alan Larson, then US Ambassador to the OECD, invited member states to condemn corruption of foreign public officials. Twenty years later, most multi-nationals have adopted anti-corruption compliance programs, ranging from rudimentary to sophisticated, risk-based systems reflecting international best practices standards.
Q: From your practice and perspective, how does an anti-corruption compliance program meet international best practices standards?
PM: In a nutshell, an anti-corruption compliance program needs to:
effectively prevent corruption regardless of the countries in which the company operates;
provide sufficient legal defense to the company in the event that a ‘rogue’ employee breaks the rules;
be business-oriented: administrative procedures are useful to prevent corruption while rewarding innovation and development.
Q: How would a company develop a compliance program that would reach these objectives?
PM: We at ETHIC Intelligence, together with our accredited inspection companies and committee of international lawyers, have identified three main sources of information that help companies build their programs: (1) The national anti-corruption legislations of Italy, the United States, the United Kingdom and Russia which have provided concrete guidance to companies on how to observe the law; (2) International organizations such as the OECD, the International Chamber of Commerce and Transparency International whose consultative processes have resulted in further guidance and recommendations on the subject, and (3) best practices developed by companies themselves in an effort to meet international standards in the most efficient way possible while ensuring business development. From our perspective, the third source is the most insightful because it takes into account the first two sources as well as experience of what works well in the field.
Since 2006, ETHIC Intelligence has integrated all three sources in its terms of reference to certify corporate anti-corruption compliance programs. We are particularly interested in integrating emerging best practices designed to maximize the efficacy of compliance programs. To this end, we organize a yearly Excellence in Compliance Day for our certified companies, auditors and committee members to discuss ways in which we can improve and update our terms of reference.
Q: What are the greatest challenges, or obstacles to success?
PM: Keeping a corporate anti-corruption compliance program up to date is a constant challenge for two reasons. First, because those who want to corrupt will find imaginative and innovative ways to bypass even the most sophisticated system. Second, because compliance must change and adapt to business imperatives; if it does not, employees will see it as yet another bureaucratic necessity which they will eventually ignore.
As a certification agency specialized entirely on anti-corruption compliance, we at ETHIC intelligence are in a unique position to monitor the evolution of best practices. We see the companies’ certification files as they pass from accredited auditors to committee members – who ultimately decide on the certification award and make concrete recommendations for improvement.
I have observed an evolution in how large companies organize their anti-corruption compliance. Fifteen years ago compliance was mainly in the hands of the Legal Department because, at that time, the primary objective was to mitigate the new legal risks resulting from the entry into force of the OECD Convention. Later, I occasionally saw anti-corruption compliance in the portfolio of CSR departments along with environmental and human right risks where the challenge is mainly to respond to the expectations of the community or NGOs or to mitigate reputational risks. Today it is striking to observe a trend toward the decentralization of anti-corruption compliance to the branch or subsidiary level as a way to empower local management with anti-corruption compliance.
In spite of over 20 years of work on anti-corruption I still would not presume to know what the best “theoretical” solution is – but I have learned that companies need processes which are lean and efficient. In other words, they need a program which i) has the greatest buy-in from employees and ii) is well integrated into the company’s business strategy. I believe that although compliance is based on clear and well-defined principles (risk assessment, due diligence….) companies recognize that there is no one compliance organization that fits all.
Q: Given these complexities, how is a company to best understand the internal (corporate) and external (market) challenges?
PM: This is the reason for which I have decided to write an anti-corruption compliance blog (link here), and as I share in my first post, it is “Not Just Another Anti-Corruption Compliance Blog .” I plan to share the lessons learned from companies considered best in class in terms of anti-corruption compliance. These lessons are important as they demonstrate repeatedly that the most successful companies in terms of business are those whose anti-corruption compliance programs are the most rigorous. I will expand on this fundamental and encouraging development in blogs to come.
Q: Congratulations on your Blog, Philippe, and what will your first post address?
In my first post I explain how 35 years of professional experience (French Ministry of Industry, the OECD, private sector international trade, Chairman of ETHIC Intelligence Certification Committee) has led me to look at anti-corruption issues from very different but complementary perspectives.
The second post addresses one issue which I consider crucial: “why is anti-corruption compliance a Board issue”…in other words why is it not just a legal issue!
Q; Recently I have been reading about the development of an ISO Standard. Is that relevant to this discussion?
In the mid-2000s I and a few experts including Mark Pieth, then Chair of the OECD working Group, had the conviction that certification of anti-corruption programs would be useful for companies. However, most people at that time were skeptical. I remember that the first draft of the UK Bribery Act guidance did not include any reference to certification. When we were consulted by the SFO we suggested adding certification as a way for companies to verify the quality of their compliance program… and it was added to the end of the last section. This prompted the BS 10500 standard on an “anti-bribery management system” which is, needless to say, included in our own certification process.
This British standard is at the origin of the ISO 37001 on anti-corruption compliance which is under discussion and for which a vote might take place in 2016. Before the vote it is difficult to know whether or not the standard will enter into force or not, and, as a member of these on-going negotiations, I must refrain from making any further comment on it. However, I participated in the negotiations of a similar standard on compliance, which is the ISO 19600. This standard was initiated by Standards Australia and was published in December 2014. I find this very positive.
Q: Finally, Philippe, let’s turn our attention to the OECD, where you spent many years of your own career. The Secretary General, Angel Gurria, leads the High-Level ‘Advisory Group on Integrity and Anti-Corruption’ of which I have recently been asked to join by the Secretary General, and which you are currently a member. In one of the first sections of “Purpose” the Secretary General states that the goal is to define “what are the most emerging corruption issues, and how can the OECD better address them?”
Thus, I was curious to hear your perspective, and as we are both participants in the “OECD Integrity Week,” (link here) do you see that forum as a major opportunity to address those questions?
Angel Gurria addressed these emerging corruption issues in an interview for our website two months ago. In my opinion the most important issues are:
How to encourage majors players like China, India, Indonesia, etc. to join the OECD Convention.
How to address the demand side of corruption, in other words, we have extraterritorial laws to prosecute companies for transnational bribery, but a lot remains to be done to prosecute the foreign public officials who are often at the origin of transnational bribery.
I believe that the OECD has become the most efficient Forum to address these issues for different reasons. The OECD working group on the implementation of the Convention has performed, first under the leadership of Mark Pieth and now with Drago Kos, a remarkable job on the effective enforcement of the Convention. Second, over recent years, this intergovernmental organization has managed to involve both the private sector and civil society in the discussion. Integrity week is a perfect example of this success. Third, the OECD, with 34 member countries, maintains an ongoing dialogue with non-member countries seven of whom have signed the OECD Convention. Fourth, the OECD plays a central role in the G20/B20, which accounts for 85% of global trade.
In any event I look forward to sharing the panel discussion with you and learning from your experience in order to improve our Certification terms of reference to ensure they correspond to emerging best practices.
Thank you Philippe and I look forward to seeing you via video feed on the 26th.