Global Tax Fraud: Combating Bribery And Corruption by EY
Global commitments to combating corruption and enhanced cooperation by international law enforcement agencies have increased the pressure on companies to mitigate fraud, bribery and corruption risks. There is also a growing consensus that prosecuting individual executives, and increasing government efforts to apply international standards on the transparency of company ownership will help tackle these issues.
In this context, our 14th Global Fraud Survey provides powerful insights from over 2,800 senior executives in 62 countries and territories across the world. It shows that while many businesses have made significant progress in tackling fraud and corruption, there remains a persistent level of unethical conduct – 39% of respondents consider bribery and corruption to happen widely in their country, with almost half able to justify unethical behavior to meet financial targets.
The report explores these issues in detail and provides insight as to how businesses can take steps to minimize the risk of corruption in their operations. It also provides specific regional insights in Africa, Brazil, China, Eastern Europe and India following interviews conducted by EY Partners with executives from leading companies about the survey’s findings.
Combatting corruption as a global priority
- 91% of respondents believe it is important to know the ultimate beneficial ownership of the entities with which they do business
- 83% of respondents view enforcement against management as an effective deterrent against fraud, bribery and corruption
Justifying unethical behavior and misconduct
- 51% of respondents in emerging markets consider bribery and corruption to happen widely in their country
- 1 in 10 of respondents would make a cash payment to win or retain business in an economic downturn rising to 1 in 4 in the Far East
- 42% of respondents could justify unethical behaviour to ensure they met financial targets
- Almost half of all finance team members interviewed stated that they would be prepared to engage in at least one form of unethical behaviour to meet financial targets or safeguard a company’s economic survival.
- While 55% of companies have a whistle blower hotline in place – 19% of respondents cited loyalty to their company and 18% cited loyalty to their colleagues as deterrents to reporting incidents of fraud, bribery and corruption
- Only 50% of respondents globally are using specialist monitoring software to identify fraud risks
- 1 in 5 respondents are not identifying third parties as part of their anti-corruption due diligence
What steps should businesses take to minimize risk?
- Adequately resource compliance and investigations functions, so that they can proactively engage before regulatory action is taken
- Establish clear whistleblowing channels and policies that not only raise awareness of reporting mechanisms, but encourage employees to report misconduct
- Undertake regular fraud risk assessments, including an assessment of potential data-driven indicators
Combating Corruption As A Global Priority
Never before have governments and multinational institutions cooperated so extensively in combating bribery and corruption. The transnational nature of the issue led the G20 major economies to recognize bribery and corruption as an important impediment to economic growth and the group’s focus on corruption has continued under its Chinese presidency in 2016. The G20 outlined its priorities in the “2015-2016 G20 Anti-Corruption Action Plan” identifying key areas where economies and multinational organizations must strengthen their cooperation.
Among the issues identified, the G20 highlighted the abuse of legal and corporate structures to hide or conceal criminal activity as a “critical issue in the global fight against corruption.” It committed to increasing transparency over the beneficial ownership of companies and assets through the application of international standards on the beneficial ownership of legal persons and arrangements set by the intergovernmental body, the Financial Action Task Force.
The respondents to our survey suggest this move has popular support – 91% of respondents believe it is important to know the ultimate beneficial ownership of the entities with which they do business.
The World Bank too is aligned with the G20 approach, issuing guidance in 2015 requiring greater beneficial ownership transparency in its contracting processes. Again, the respondents to our survey indicate that they believe this level of transparency would help mitigate the risk of fraud, bribery and corruption, with 83% supportive of the World Bank’s guidance.
Ongoing Challenges Of Bribery And Corruption
Globally, bribery and corruption are still perceived to occur widely, and our respondents do not believe that the situation has improved since our last survey in 2014. Thirty-nine percent of those surveyed considered bribery and corrupt practices to happen widely in their countries, consistent with 38% in our last survey.
The situation appears to have deteriorated in developed markets where 21% of respondents reported that such behaviors were widespread, increasing from 17% in our last survey. This contrasts with the trend seen in emerging markets, where our results indicate a small improvement, with the perceived prevalence of bribery and corruption perceived to be down from 53% to 51%.
The worsening view in developed markets may reflect an increased awareness of bribery and corruption in those markets. This may be a result of numerous high-profile corruption cases affecting major U.S. and European corporations.
Consistent with previous years, our respondents continue to believe that bribery and corruption are less likely in their business sector. Only 11% of respondents stated that bribery and corruption happened in their sector, far lower than the 39% of respondents who believed that it happened in their country.
This sector-level perception also appears at odds with our respondents’ observations regarding their personal experience of such risks, with 32% of individuals recognizing that they have had concerns over bribery and corruption at work. Could it be that certain respondents remain unclear as to what constitutes impropriety or that they do not recognize certain corrupt actions as such?
Our survey indicates that a persistent minority of executives continues to justify certain behaviors, including making corrupt payments, when facing an economic downturn or in an effort to improve the perceived financial performance of their company. We highlight significant areas of concern regarding executive behaviors that should raise alarm bells for boards and other stakeholders.
Justifying Unethical Behavior And Misconduct
Our survey found that a significant minority of executives continue to justify unethical acts to improve a company’s performance. When presented with a series of options, more than one-third would be willing to justify inappropriate conduct in an economic downturn, while almost half would justify such conduct to meet financial targets.
While the behaviors that these respondents can rationalize differ between regions, they should be deeply concerning to all companies.
The continued prevalence of such unethical behavior places businesses at risk of illegal conduct, which could lead to subsequent enforcement action. Board members and companies’ audit committees should be aware that regulators are focusing on these behaviors and are keen to hold individuals accountable.
Despite 84% of respondents believing that the board is giving the correct level of attention to fraud, bribery and corruption-related issues, almost half believe that boards need a more detailed understanding of the business if it is to be an effective safeguard against these risks. In this context, awareness of risks is not sufficient – companies need to adapt and strengthen their existing controls to mitigate them.
Worryingly, deeper analysis of our survey results identifies that many respondents who are CFOs and finance team members, individuals with key roles in protecting companies from risks, appear ready to justify unethical conduct.
Given the subjective nature of the accounting judgments often required when preparing financial reports, it is perhaps unsurprising that members of finance teams can rationalize some actions that might help their companies to meet financial targets as falling within a “grey” area. However, given the potential impact that such behaviors could have on a company, and the reliance that boards place on CFOs and finance teams to provide them with accurate financial information, these results are worrying.
Executive Misconduct Under The Spotlight
Board members and senior management should be aware that they and their employees are under increased personal scrutiny in matters in which, in the past, only the company might have been held accountable. A 2015 memorandum issued by the Deputy Attorney General of the United States, Sally Yates, (“the Yates Memo”) detailed steps that prosecutors will take to strengthen their pursuit of individuals.
Regarded by some as a response to criticism about the lack of executives held accountable for the financial crisis, the Yates Memo prioritizes individual prosecutions. The memo states that individual prosecutions are one of the most effective ways to combat corporate misconduct.
“One of the most effective ways to combat corporate misconduct is by seeking accountability from the individuals who perpetrated the wrongdoing. Such accountability is important for several reasons: it deters future illegal activity, it incentivizes changes in corporate behavior, it ensures that the proper parties are held responsible for their actions, and it promotes the public’s confidence in our justice system.”
Yates Memo, September 2015
Furthermore, in April 2016, the DoJ announced the introduction of a one-year pilot program which will make companies which came forward and cooperate with it fully – including culpable individuals – eligible for a 50% reduction in fines and potentially avoid being subject to a court-appointed monitor.
These policy initiatives are consistent with recent enforcement trends, with 175 individuals charged by the SEC for financial reporting violations in the past two years. In light of the increased focus on the prosecution of individuals, especially in combination with the SEC’s continuing effort to incentivize whistleblowing, companies can increasingly expect their executives to have a clear incentive to cooperate with regulators.
The trend is global. In January 2015 the Serious Fraud Office (SFO) announced its first successful prosecution for an individual under the UK Bribery Act, and it continues to investigate individual executives among its active cases. Many other jurisdictions in Europe, Asia and South America are taking similar actions.
Our survey found that the majority of our respondents support this type of action, with 83% of respondents viewing enforcement against management as an effective deterrent.
The spotlight on individuals places additional pressure on boards. Boards should confirm that their company’s compliance and investigations functions are sufficient and independent enough to manage such eventualities and that procedures are in place when necessary to protect the functions’ independence. If not, companies may receive little or no cooperation credit in any eventual settlement.
In this evolving context, board members need to recognize that they may be held accountable in the event that fraud or impropriety happens under their watch. They must therefore be alert to the potential risks their companies face and how they can demonstrate that they have responded appropriately.
With a significant minority of global executives willing to justify unethical activity, and given increased enforcement efforts of regulators, boards need to continuously assess their ability to identify and mitigate fraud, bribery and corruption risk.
Such actions take particular importance as companies enter emerging markets such as Africa, Brazil, China, India and Eastern Europe, where they may be exposed to heightened risks. Companies need to continually update their risk management policies and procedures so that they are able to identify new risks and respond to new challenges.
To identify and mitigate risks, companies should utilize both traditional and innovative fraud detection tools. Fraud, bribery and corruption are frequently exposed by whistleblowing. Recognizing this fact, regulators are adopting new tools to support and encourage individuals to come forward. In the U.S., for example, the Dodd Frank Act provides financial incentives for whistleblowers to provide information. The SFO, for example, actively encourages company insiders to provide it with information at the start of any investigation.
Such efforts appear to have paid off – last year the SFO received more tips from whistleblowers than from self-reports.
Despite this progress, there remain obstacles to the use of internal reporting channels. Beyond fear for personal safety, respondents highlighted their loyalty to the company as one of the main deterrents to reporting an incident of fraud, bribery or corruption.
Globally, 19% of our respondents cited loyalty to their company and 18% cited loyalty to their colleagues as impacting them in this way. These issues were more prevalent in emerging markets, with 24% of respondents citing loyalty to their company and 22% citing loyalty to their colleagues as a factor.
Boards need to recognize the role that misplaced loyalty can play in stopping people from coming forward with their concerns and hide unethical behavior. They must also lead by example and demonstrate the same behaviors that they expect of their employees and their business partners. Executives need to be aware that they can raise uncomfortable issues without being seen as disloyal; the absence of such openness can cause far more harm than good.
Data is becoming an increasingly important monitoring tool
In an environment where employees are reluctant to raise concerns, the data that a company holds can be the key to identifying instances of potential impropriety.
Regulators are using increasingly sophisticated tools to analyze data and identify trends to highlight potential fraud.
In contrast, our survey found half of respondents did not believe that their companies are utilizing specialist software to identify fraud risks. Our recent Global Forensic Data Analytics Survey, “Shifting into high gear: mitigating risks and demonstrating returns” found the reluctance to fund forensic data analytics was a key hurdle to introducing new software, with only 55% of respondents confident that their company had invested enough. It further identified a lack of awareness of the benefits of FDA for anti-fraud programs, with 68% of respondents identifying a growing need for management awareness (an increase from 62% the previous year). Do companies not yet recognize investing in such technologies as a priority?
Despite record levels of M&A activity in recent years, our survey also finds that respondents are not yet taking potential steps to identify and mitigate key corruption risks before entering into joint ventures or local partnerships.
Businesses should be aware that entering into such partnerships can bring additional risks and that there is appetite from regulators to hold companies responsible for the conduct of any third party acting on its behalf. Regardless of whether the inappropriate conduct is by a company itself or a third party acting on its behalf, there is potential liability for the company.
Foreign Corrupt Practices Act (FCPA) enforcement activity has continued to focus on relationships with third parties, particularly the use of agents to win business in emerging markets. In 2015, the SEC and DoJ revised their guidance on the enforcement and application of the FCPA, providing greater clarity on issuers’ obligations to joint ventures and minority-owned affiliates. The revised guidance made it clear that issuers should use “good faith efforts” to influence these entities to devise and maintain a system of internal accounting controls consistent with the issuer’s obligations.
Despite the DoJ’s focus on relationships with third parties, almost 1 in 5 respondents are not identifying third parties as part of their anti-corruption due diligence. A greater proportion, more than 1 in 3, are not assessing country or industry-specific risks before an investment.
What Does Good Look Like?
With a global focus on combating fraud, bribery and corruption, and regulators scrutinizing executive behavior, companies need to do more. Businesses should take steps to minimize the risk of corruption in their operations, so that it is quickly identified and mitigated in the event that it occurs:
- Adequately resource compliance and investigations functions, so that they can proactively engage before regulatory action
- Establish clear whistleblowing channels and policies that not only raise awareness of reporting mechanisms, but encourage employees to report misconduct
- Undertake regular fraud risk assessments, including an assessment of potential data-driven indicators of fraud and/or forensic data analytics (FDA) indicators of fraud
- Develop a cyber-breach response plan that brings all parts of the business together in a centralized response structure
- Undertake robust anti-corruption due diligence on third parties, before entering into a business relationship
- Execute a comprehensive anti-corruption compliance program that incorporates FDA and tailored bribery and corruption training
Companies and their boards need to deliver on these priorities. The risks faced by companies as they continue to expand their global reach are evolving, and the scrutiny under which businesses and individuals now come is greater than ever. Boards must respond proactively and be able to demonstrate that they are stepping up to the challenge.
Leading companies we interviewed highlighted what they saw as the increasing risk posed by local content rules in certain jurisdictions. Such rules progressed from being requirements to use local personnel and make purchases from local businesses, to being required to enter into joint ventures with local companies. Identifying the good from the bad is not straightforward. Virtually all respondents to our survey reported that their companies have policies, procedures and controls in place (for example, 95% of respondents in Africa said they had an anti-bribery and anti-corruption code of conduct and were subject to regular internal audits). However, with one in five Kenyan respondents to our survey saying that they would be willing to make cash payments to win business and 24% of Nigerians saying that they would be willing to offer personal gifts, simply having policies and procedures is clearly not enough to win hearts and minds.
- Confirm they understand the ownership, conduct and track record of third parties
- Enforce audit rights
- Treat due diligence as an on-going process
- Confirm that compliance is adequately resourced
The early identification of issues is critical to a company’s ability to manage risk. All evidence suggests that the people best placed to know about the issues facing a business are the employees within the business. So when almost one in four Kenyan respondents and more than 15% of Nigerian respondents said they would be prepared to ignore unethical conduct if it would help their own career progression or remuneration package, this is a serious cause for concern. Equally worrying is that almost one in ten respondents in Nigeria and Kenya said that they felt under pressure not to report concerns they had about business conduct. Similarly, almost half of respondents in Kenya and Nigeria said they would fear for their personal safety if they reported concerns internally.
- Have detailed policies and procedures for whistleblowing
- Confirm confidentiality for whistleblowers
- Encourage the use of reporting mechanisms
With the increased focus on companies to have effective compliance structures in place, regulatory authorities are also placing emphasis on the need for these structures to allow for companies to respond quickly to any claims of internal fraud or corruption. Under the new legislation, a lack of knowledge of intention to benefit from fraud does not serve as a limitation to liability.
The introduction of the Clean Company Act has reinforced the need for whistleblower hotlines as a critical requirement for a robust compliance program. Although 86% of our Brazilian respondents confirmed they have a whistleblower hotline, only 32% felt that it has become easier in the past three years for employees to report their concerns. If channels are not supported by clear guidance or support from top level management, employees may be deterred from reporting.
- Evaluate the accessibility of the whistleblowing channels
- Confirm that their investigation capabilities are adequately resourced to respond
- Utilize technology to monitor potential indicators of fraud
- Confirm their commitment to compliance throughout the organization and reinforce this commitment
Although 38% of respondents think efforts by governments and enforcement authorities to combat fraud, bribery and corruption have increased, 70% felt that although there was a willingness to prosecute, authorities are not effective in securing convictions.
However, Brazilian survey respondents were unanimous in thinking that prosecution of individual executives will help deter fraud, bribery and corruption. In the context of the new compliance landscape in Brazil, and recent high-profile enforcement action, this suggests that the country is moving in the right direction. Recent developments have demonstrated an increasing appetite at the board and C-suite levels to address fraud and corruption.
In addition, leading companies informed us that they measure their employees’ performance against values and behavior, as opposed to purely financial performance – the intention being that the “motivation to cheat decreases and doing the right thing increases.”
Global instability and slower growth in China mean companies need to proceed more carefully in their operations and acquisitions, or risk reputational loss, low morale, regulatory penalties, or short-seller attacks.
Under growth pressure, companies are looking beyond organic growth and searching for opportunities via acquisitions, with China leading the way in M&A activity across Asia Pacific in 2015. In this context it is imperative that companies conduct robust pre-acquisition due diligence to confirm the integrity of the target’s management and books and records.
Internally, companies must also recognize that soft markets encourage fraud and corruption risk-taking. Taken in tandem with the reality of increased anti-corruption enforcement, fraud schemes are becoming more and more sophisticated in efforts to avoid detection. Chinese enforcement agencies have not shown leniency towards companies for well-intentioned compliance programs if violations have nevertheless occurred, so active monitoring is more important than ever.
Not only do companies have to consider known schemes for financial misstatement and/or misdirection of funds, management and boards have to consider new methods such as indirect collusion with third parties to launder corrupt payments or inflate sales.
- Apply forensic data analytics to monitor transactions
- Layer this alongside traditional forensic due diligence
Corruption is widely perceived to be a deep-rooted problem in the region. As a consequence, it is vital that businesses establish the right tone at the top and practice values-based compliance. A representative of one of the leading companies we interviewed observed that in their experience most people want to do the right thing; the key is in making them proud to act ethically.
As with any region perceived to have a high corruption risk, anti-corruption due diligence should be undertaken on the target before entering any business transaction. It was surprising, therefore, that significant proportions of respondents in Eastern Europe reported that their companies did not undertake key elements of effective anti-corruption due diligence before entering into transactions.
Only 36% reported that their companies considered country-specific corruption risks. More than half of respondents reported that their companies sought to identify a target’s third-party relationships as part of their due diligence. Only 10% of respondents from Russia stated their companies undertook either of these procedures. This provides context for the many cases of corruption, financial statement and tax fraud that are discovered during the post-acquisition stage in this region.
- Tailor their due diligence for the market risk
- Focus attention on ownership of third-party business partners
Corruption continues to be a significant risk for companies working with government bodies. Companies engaging with state-owned businesses and government departments need to have strong compliance programs in place to mitigate these risks. Although 76% of companies have anti-bribery and anti-corruption policies in place, they must realize that “paper-based compliance” will not suffice.
Leading companies in India not only have strong policies but are embedding ethical behavior into their daily business practices, with teams empowered to do the right thing by a strong tone from the top. From an operational perspective, companies can find it a challenge to define key performance indicators for their compliance functions and to demonstrate the value that they deliver to the business.
Leading companies highlighted to us the imperative of the compliance function capturing and reporting data on sanctioned conduct within the company to the board.
In addition, the risk of cybercrime is also rising in India. Our survey found that 42% of the respondents in the region believed that cybercrime has been discussed by the board in the past year.
- Conduct thorough due diligence on third parties
- Recognize the impact of culture on business risk
- Introduce training about cyber threat to employees