Bribery and Corruption: What’s the best approach?

On Feb. 17, Samsung empire’s heir Lee Jae-yong was arrested on corruption and bribery charges connected to a nationwide political scandal in South Korea. While this is unlikely to directly impact the global tech behemoth in day-to-day matters, it is important to investigate how firms and governments can work together more successfully to combat white collar crime and corruption.

An international affair
The fight against bribery and corruption has historically been led by the United States, the first country to implement tough legislation with the Foreign Corrupt Practices Act of 1977. The federal law was enacted to address accounting transparency requirements and to make bribery of foreign government officials illegal.

Europe is not far behind with a range of legislation designed to prosecute and punish corporate crime. Other emerging market governments are finally cracking down as well, holding both domestic and foreign businesses and their senior management, to account.

Tackling bribery and corruption requires prosecutors and regulators that are properly equipped to investigate and deal with complex factual and legal issues. It also requires a judiciary that is impartial and can operate without political interference.

The United Kingdom’s Bribery Act of 2010 is a good example of tough new legislation that regulators and prosecutors can rely upon when investigating such crimes. It has extra-territorial reach both for U.K. companies operating abroad and for overseas companies with a presence in the U.K. It also introduced a new strict liability offence for companies and partnerships of failing to prevent bribery.

The law is not enough
Unfortunately however, even the best legal framework in the world is insufficient on its own.

Companies need to understand exactly how to go about preventing unlawful behavior, particularly in new and distant markets that their headquarters may not clearly understand. Ultimately, the real responsibility and accountability remains with the business to ensure compliance.

Countries with robust criminal and anti-corruption laws might be able to prosecute those individuals or businesses that commit offences within or outside the jurisdiction but the problem will continue until international businesses rigorously apply universal global standards to tackle corruption across emerging markets.

It’s Still about the culture
In short, this issue is about corporate culture. The following are fundamental steps for fine-tuning your organization’s approach to corruption:

• Develop a culture through education, where turning a blind eye to unlawful activity is not an option. Staff should feel comfortable with speaking out if they see anything potentially suspicious. Anti-bribery and corruption training needs to be repeated and made relevant to the day-to-day scenarios employees at different levels might face.

• The tone must be set at the top. For instance it can be useful to educate your firm’s directors with formal governance training, such as from the Institute of Directors (IoD) in London. This level of top-level attention to corporate compliance programs, including training, should be the norm.

• Proper dialogue needs to be established with regulators—not just a one-way stream of new laws and compliance requirements. A regulator should seek the views of those it is regulating. This two-way approach really does work.

Greenberg, New York State Settle Long-Running Civil Case

One of Wall Street’s longest-running dramas closed Feb. 10 as New York State and Maurice “Hank” Greenberg finally ended a legal clash which began in 2005 under the stewardship of then Attorney General Elliot Spitzer.

Former American International Group, Inc. CEO Greenberg and the Attorney General’s office reached a settlement over accusations that the company engaged in fraudulent transactions to boost reserves and hide losses.

Greenberg, who was chairman and CEO of AIG from 1967 until his ouster in 2005 and now serves as chairman and CEO of C.V. Starr & Co., will pay some $9 million to end his role in the saga. Also, Howard Smith, former AIG CFO and Greenberg’s lieutenant will pay $900,000 to settle the charges stemming from two alleged transactions designed to misrepresent company finances.

This included a $500 million deal in the year 2000 with reinsurer General Re, part of businessman Warren Buffet’s Berkshire Hathaway Inc., to pad AIG’s loss reserves. Greenberg allegedly initiated the Gen Re deal with a call to the company’s CEO.

The two former AIG leaders were also said to be involved in a deal with Capco Reinsurance Co., which masked a $210 million underwriting loss as an investment loss.

The sums paid by the men are related to performance bonuses earned from 2001 to 2004, according to New York Attorney General Eric Schneiderman, who inherited the long-running conflict. Schneiderman sought to ban the men from the securities industry and from serving as directors and officers of public companies as part of the settlement, which ultimately did not include these provisions.

Schneiderman had previously dropped a $6 billion damage claim against Greenberg and others, once a class action settlement was approved in 2013 under which Greenberg paid $115 million to AIG shareholders.

A 2009 settlement with the U.S. Securities and Exchange Commission over charges related to AIG‘s accounting saw Greenberg pay $15 million and Smith $1.5 million to the agency.

Late last year Greenberg and the Attorney General’s office turned to mediation after trial testimony had already begun in state court. The mediation, which ultimately produced the settlement, was run by alternative dispute resolution specialist Kenneth Feinberg.

The finale to the case was perhaps more of a whimper than a bang, with settlements hardly headline-grabbing and no one admitting to much more than accounting slips.

In a press release from the N.Y. State Attorney General’s Office, Schneiderman sounded a triumphant tone. “Today’s agreement settles the indisputable fact that Mr. Greenberg has denied for 12 years: that Mr. Greenberg orchestrated two transactions that fundamentally misrepresented AIG’s finances,” Schneiderman said in the statement. “After over a decade of delays, deflections, and denials by Mr. Greenberg, we are pleased that Mr. Greenberg has finally admitted to his role in these fraudulent transactions and will personally pay $9 million to the State of New York.”

Greenberg, who was unapologetic, in his statement said, “The Gen Re transaction was done for the purpose of increasing AIG’s loss reserves, and the Capco transaction was done for the purpose of converting underwriting losses into investment losses. I knew these facts at the time that I initiated, participated in and approved these two transactions…As a result of these transactions, AIG’s publicly-filed consolidated financial statements inaccurately portrayed the accounting, and thus the financial condition and performance for AIG’s loss reserves and underwriting income.”

The pundits had their say as well, split as to what it all meant.

“The taxpayers of New York State should be furious,” said the Wall Street Journal’s Paul Gigot, editorial page editor. “The $9 million fine amounts to pin money for Mr. Greenberg…It won’t come close to covering the state’s costs for pursuing the case over so many years…The real lessons of the Greenberg case start with the absurd lengths that progressive prosecutors will go to punish capitalists they don’t like,” Gigot said.

Mr. Greenberg’s lawyer David Bois called the deal with the Attorney General a “nuisance settlement,” according to the New York Times.

Others were less forgiving of Mr. Greenberg. “Just because he hasn’t pled guilty to fraud doesn’t mean he’s been vindicated,” David Schiff, a former insurance analyst who followed AIG, told the Times.

Flint Water Investigation Leads to Felony Charges for Mich. State Employees

flint-mich
A driving effort to save the state money was said to be the reasoning behind the Flint, Michigan water crisis, which has been tied to lead poisoning in children, among other issues. On Tuesday the state announced felony charges against former state emergency managers, Darnell Earley and Gerald Ambrose, accused of false pretenses and conspiracy to commit false pretenses. The two were said to have been focused on balance sheets rather than the welfare of citizens when they made the decision in 2014 to switch the city’s water supply from treated water in Lake Huron to water from the Flint River.

A state investigation, which began in January, had led to charges against eight state officials and an employee of the Flint water facility.

According to the New York Times:

Charges of false pretenses, conspiracy to commit false pretenses, misconduct in office and willful neglect of duty lodged against the former managers were lauded by Flint leaders, some of whom said they had feared that blame for the city’s contaminated water might ultimately be pinned only on low-level workers.

The claims also reopened a longstanding debate in Michigan over the state’s emergency management provision, reviving questions about whether the system removes power and control over local issues from those residents who come under state oversight.

For years, governors here have appointed emergency managers as a way to efficiently cut debts and restore financial stability in the most troubled cities. But residents of some majority-black Michigan cities, including Flint, argue that the intense state-assigned oversight disenfranchises voters, shifts control from mostly Democratic cities to the state’s Republican-held capital and risks favoring financial discipline over public health.

After the decision was made to use water from the Flint River, Flint residents had began to notice a peculiar odor, color and taste in the water that flowed from their taps. Some reported skin rashes, hair loss and other physical problems. But they did not know why. Water from the Flint River was used by Flint residents for 18 months, but because it was not treated to reduce corrosion, lead from old plumbing leached into the water. Testing revealed dangerous levels of lead.

Residents soon discovered they had been lied to. Public officials had known about the lead but kept quiet. As a result, between 6,000 and 12,000 children were exposed to the contaminated water, which will likely have serious consequences for their health.

Meanwhile, efforts to fix the problem are underway. State officials switched back to the original water source in October. Michigan Gov. Rick Snyder has estimated that replacing the more than 15,000 lead service lines in Flint would take $60 million and up to 15 years.

Key Steps to a Robust Risk Management Program

rm-monitoring
Our business environment is constantly changing—technologies improve, regulations are modified, competition increases, and demand evolves. Effective risk management grants an ability to adapt to these changes.

Recent headline events, including the Volkswagen emissions deception, the Wells Fargo scandal, and the penalty paid by Dwolla to the Consumer Financial Protection Bureau (CFPB), illuminate powerful motivators for strong risk management programs. Key to a robust program is preventing stressful, and possibly catastrophic, surprises.

When Plains All American Pipeline failed to detect corrosion in its pipeline, for example, the result was a 3,000-barrel oil spill and millions of dollars in fines. The corrosion had run under the radar because the company did not delegate sufficient inspection resources and did not maintain proper procedures and systems for preventing problems from escalating into emergencies. Risk management best practices, however, could have standardized these procedures throughout the organization and prevented the disaster from occurring.

Complying with regulators like the SEC and CFPB
Dwolla, a small, private e-commerce and online payment company, was found by the CFPB to be guilty of risk management negligence for inadequate data security practices. The catch is that Dwolla did not suffer a data breach and none of its customers were compromised. The CFPB fined Dwolla $100,000 as part of its increased focus on companies’ existing prevention strategies. Regulators are no longer simply pursuing organizations that have suffered risk management incidents; organizations need to take proactive approaches rather than simply hope to get by.

Improving productivity and encouraging innovation
An independent, peer-reviewed report, “The Valuation Implications of Enterprise Risk Management Maturity,” published in The Journal of Risk and Insurance, proved that organizations with mature ERM programs (as defined by the RIMS Risk Maturity Model) can achieve a 25% firm valuation premium over those without. Risk management does not have to be a burdensome addition to daily responsibilities—and if it is executed properly, it won’t. It simplifies daily operations by increasing transparency and allowing more resources to be devoted to value-add activities, like product development and customer services.

Checklist for evaluating your risk management efforts

A better question than “does my organization perform risk management?” is “how effectively does my organization identify and mitigate risks?” The following checklist outlines characteristics common to effective risk management programs. Your organization should prioritize development in these areas.

  1. Effective risk management governance

Boards, through their risk oversight role, are accountable for a risk’s material impact, whether the cause is at the executive level or on the front lines. The SEC considers “not knowing about a material risk” negligence, which carries the same penalties as fraud.

  • The board must monitor the effectiveness of the organization’s risk management process, ensuring it reaches all levels and business areas.
  • Internal auditors must independently confirm the board is informed on all material risks.
  • All material risks must be disclosed to shareholders, along with evidence that they are effectively mitigated.
  1. Performance management and goal management
  • Divide corporate objectives into business-unit contributions.
  • Identify business processes contributing to a goal within each business unit.
  • Cascade goals to all front-line managers within contributing processes.
  • Aggregate goal assessments and determine links between contributing business processes.
  1. Consistent risk identification and prioritization

Risk assessments must address more than high-level concerns. Effective assessments drill into risk events, uncovering the root cause, or problem “driving” the risk. Repeatable risk assessments are based on common numerical scales and scoring criteria across departments.

  1. Actionable risk tolerances

Risk appetite is a high-level statement that serves as a guide for strategic decisions. In order to be actionable, it should be accompanied by its quantitative cousin, risk tolerance. Risk tolerance is an effective monitoring technique for key performance goals and risk metrics.

  1. Centralized risk monitoring and control activities

Risk managers need to do more than design processes to identify risks and appropriate responses. A critical third component—monitoring—is the verification of a control’s effectiveness over the risk. A few key things to keep in mind to make monitoring effective:

  • Adjust risk assessments over time (spend less time on risks with decreasing indexes).
  • Reduce testing by identifying areas that can share controls (increase organizational efficiency).
  • Link risks and activities to determine which processes need to be monitored (prioritize activities/initiatives).
  • Monitor business metrics (discover concerning trends before they affect the organization).
  1. Forward-looking risk and goal reporting and communication

In order to continue funding their organizations’ risk management programs, boards need evidence that those programs are working. Risk managers should ask two basic questions before reporting to the board:

  • How might identified risks affect the board’s strategic objectives and key concerns?
  • Which metrics or trends most validate the program’s effectiveness?

These items are just a starting point for an analysis of your organization’s program. For a more in-depth blueprint and “state of ERM” report, take the RIMS Risk Maturity Model (RMM), a free best-practice assessment tool that scores risk management programs and generates an immediate report of your organization’s risk maturity.