Organizations are facing increased exposure to anti-bribery laws and investigations and defined anti-corruption practices. We look at how technology can be used to manage anti-corruption compliance.
Any organization looking to manage and protect against bribery and corruption must begin with active compliance to be part of the organization and culture to prevent and detect corruption, bribery, and fraud. In order to succeed this must be a continuous ongoing process that is monitored, maintained, and nurtured. The key challenge is establishing corruption prevention and detection activities that move the organization from a reactive fire-fighting mode to one that proactively manages, monitors, prevents, and detects risk. To do this successfully requires implementing technology and automation to manage anti-bribery compliance.
A good anti-bribery solution should have the capabilities for:
- Compliance management: To begin with, the organization needs a 360-degree view of compliance activities and reporting. Spreadsheets, Word documents, SharePoint and the like will just not cut it. What is required is an end-to-end solution for managing compliance activities, metrics, and reports. The system of choice should be able to produce reports and metrics for all the stakeholders and most importantly for the board of directors and executives, to provide assurance that they are meeting fiduciary obligations by having a compliance program for anti- bribery in place. The solution must be accessible by all compliance management personnel and employees who should be able to access the solution in order to see tasks and items that are pertinent to them.
- Managing on-going regulatory changes: The integration of regulatory content enables the compliance program to monitor changes in anti-bribery laws, policies and requirements and how new developments impact the business. The use of technology is key to manage changes effectively and efficiently in order to minimize impact on business.
- Risk assessments: Anti bribery risk assessments (usually performed by the audit team) are mandatory for compliance initiatives and using a technology platform with automation to manage risk assessments, and related risk information is essential for reporting, analyzing and modeling risk so that resources are freed up to focus on higher value tasks.
- Managing policies and procedures: The ability to document policies and procedures to maintain a state of compliance is at the core of a good compliance program. Any good technology solution will be underpinned by a solid audit trail and content management capability to ensure all relevant policies related to anti-bribery are correctly documented, maintained, communicated, and attested. Policies should include code of conduct, anti-bribery, and other related policies.
- Communication and training: Written policies in themselves are not sufficient, the organizations also need to train and make individuals aware of the policies on a regular basis. Using online training and quizzes to communicate and raise awareness of anti-bribery should form a key component of the training and awareness effort.
- Third-party or vendor management: Often missed or forgotten is the risk posed by the supply chain. Third parties and their vendors need to be included in your anti-corruption compliance program including the communication and training effort. The use of technology enables the ongoing due diligence effort to monitor and score vendor/third-party risk, communicate policies to vendors, track attestations, and perform surveys and assessments.
- Information processing and automation: A vital component of an anti-bribery program is the ability to process and automate information related to compliance policies and procedures. Everything from contributions, gift, entertainment, and facilitated payments can be managed through automated forms and approval workflows.
- Incident management: A good technology solution enables the organization to manage and monitor incidents, document investigations and capture resolutions. The closed loop of recording the issues together with actions taken, and review of investigations helps the organization learn and improve over time.
To learn more, request a demo, discuss a free trial proof of value or simply start a conversation drop an email to firstname.lastname@example.org.
Share This Blog
Why do you need a Business Continuity Plan and what are the core Objectives of Business Continuity Planning?
Whether it’s pandemics, supply chain disruptions, natural disasters or IT outages,...
GRC Technologys Role in the Three Lines of Defense Risk Management Model
Three lines of defense is a widely adopted model used by many organizations as a...