This article first appeared in El Mostrador on July 25, 2021.
A good reputation can take years to build and only seconds to destroy. Under this premise, I would like to highlight how important it is for companies to safeguard this earned capital and not settle for minimal efforts to maintain it.
The first thing we must understand is that organizations are not machines programmed to carry out a specific mandate, but are ecosystems made up of people, each with different instincts and behaviors, and influenced by their own histories and the environments in which they operate.
In this context, it is important to implement a culture of integrity under ethical leadership that guides the actions of its members and prevents corruption risks, preserving or increasing both the reputation and the health of the business.
The issue must be taken with the seriousness that deserves the especially complex times we live in, because having a compliance program and internal prevention policies are not a sign of success if there is no real control and, above all, a real conviction that investing in this item is not an expense, but an investment.
Many companies are involved in corruption cases because they thought that the mere fact of having a compliance program would be enough to avoid bad practices, or because they implemented standard policies without adapting them to their own business or industry, clashing the expectation of compliance with reality.
Some of the biggest compliance (or non-compliance) risks that organizations are involved in are inefficient controls, minimizing risks, having little interest in fostering a culture of integrity, being guided by misaligned incentives or objectives, and above all, because companies believe they are doing it right.
Many of the preventive tools that are implemented are not used, because there is the erroneous idea that having them allows control per se. An example of this can be seen in the whistle-blowing channels, through which companies are “invited” to report irregularities, but when it comes down to it, they do not receive complaints, not because irregularities do not occur, but because there is no good leadership or commitment to promote whistle-blowing, nor to protect the identity of the whistle-blower, because of fear of reprisals and little confidence that they will actually prosecute the act.
Indeed, according to EY’s Global Integrity Report 2020, 35% of respondents believe that unethical behavior in their organization is often tolerated when those involved are senior managers.
Another example of why controls fail is the lack of due diligence or proper risk assessment to clear conflicts of interest in business opportunities, hiring of personnel or suppliers, as well as having an unimpeachable resume.
Another source of problems arises when companies do not train workers on fundamental matters such as the compliance program, the gift policy or the code of ethics, and it becomes a mere piece of paper in some lost file. And, what may be more serious, is that they do not train in relation to possible business risks, where there are areas particularly exposed to corruption, such as the risk of bribing or being bribed, or getting involved with organized crime in companies used to launder money.
According to PwC’s Global Fraud and Economic Crime Survey 2020, fraud hits companies from all angles, as its perpetrators can be internal, external or acting in complicity. In addition, the study reveals that companies that already had a crime prevention program in place were able to act faster and with fewer resources, in addition to paying 16% less in fines.
All of the above should be considered as an urgent matter, not only because of the penalties -which are being toughened and increased by the Foreign Corrupt Practices Act (FCPA)-, but also because beyond the cliché, the reputation gained can really be lost in seconds; and it is better to invest time, effort and money in prevention and control, than in penalties and reputational costs.
By Susana Sierra