What are the risks and what prevention steps can you take?
In times of crisis and upheaval, you can expect fraud and misconduct to increase as controls are relaxed and environments become more vulnerable. Instead of allowing your company to be defenseless, you can take steps to reduce or eliminate fraud and corruption before it ever occurs.
How is this occurring now? Many companies have had to lay off key employees, including those who served in a variety of compliance roles as gatekeepers against misconduct. Along with the headcount cut, they may reduce their spending on their corporate compliance efforts, leaving their environment susceptible to fraud, corruption and misconduct. Newly remote workforces are also creating challenges related to direct oversight of local or international business operations. These are just a few of many areas that may be weakened as a result of the crisis.
Fraudsters take advantage of vulnerable environments, especially if controls are relaxed and no one is watching.
This type of behavior is nothing new. For example, the False Claims Act was enacted during the Civil War to combat fraud perpetrated by companies that sold supplies to the Union Army.
Here are some examples of non-compliant behavior you might expect to occur during the COVID-19 pandemic and economic downturn.
Falsifying records and other information. Due to pressure to meet expectations and financial targets, employees might falsify accounting records to manipulate profits and losses in the books.
Lack of due diligence. Disruptions in supply chains have led many companies to seek quick alternative sources and locations and could create additional compliance risks. Without sufficient controls over purchasing, quick turnaround finding alternative sources may prevent the companies from adequately performing screening and due diligence. Potential risks include exposure to fraud, bribery, kickbacks, and violation of trade sanctions.
Bribery and corruption. The focus on finding a vaccine to fight COVID-19 has led many companies, nonprofits and government entities to invest in finding a cure. Charitable donations are going to various organizations to help those in need. The risk of bribery and corruption increase if donations are made as a means of influencing business decisions or improperly securing contracts.
As a result, it is beneficial to be vigilant and be on the lookout for any non-compliant behavior of employees, business partners, agents and third parties. Here are steps a company can take to prevent non-compliant behavior and maintain ongoing compliance:
Promote adherence to controls and procedures with strong and frequent communications. Maintain strong current controls. Identify improper and prohibited conduct and make it clear that prohibitions against fraud, corruption, collusion and bribery in any form, whether direct or indirect, apply to all employees and business partners.
Monitor compliance hotlines regularly. Encourage employees, business partners and third parties to report any suspicious behavior or misconduct and make adequate resources available to respond to the issues reported. Investigate reported events in a timely manner.
Perform periodic transactional testing. Identify red flags and weaknesses, with particular emphasis on certain high-risk accounts and expenses to identify potential risky transactions.
Perform regular risk assessments and compliance audits. Continue to have an effective strategy for identifying red flags indicating bribery-related conduct and acts of corporate fraud and embezzlement. Evaluate and monitor business partners and third parties for potential risk. Ensure that their activities are sufficiently visible to avoid financial and reputational damage as a result of non-compliant behaviors.
Pay close attention to donations. Find out whether parties that receive donations from the company are affiliated with any government entity. Document your corporate social responsibility and rationale for making the donation. Federal regulators, including the DOJ and SEC, are likely to scrutinize such donations and question the vetting process, particularly for overseas donations. Regulators are likely to want to know whether the recipient was legitimate and that donations were used for their intended purpose.
Have targeted conversations about compliance. It may be beneficial to organize brainstorming sessions with relevant employees and managers, especially if they can be led by compliance personnel. These discussions should be aimed at identifying areas of greatest potential compliance risk and preventing risks.
Ongoing monitoring is essential to effectively detect and deter misconduct, both bribery-related conduct and acts of corporate fraud and embezzlement. A comprehensive risk assessment helps companies prepare for a variety of possible outcomes in times of crisis by examining and identifying potential compliance risks associated with an organization’s business and conduct.
To keep a company compliant during the COVID-19 pandemic and economic crisis, companies should develop an informed understanding of their risk exposure and address these in an appropriate and timely manner.
For more information, visit Weaver's Anticorruption, Compliance and Ethics (ACE) Services.
Authored by Guler Ann Wiefling, CFE.