How can we effectively manage and reduce corruption risks?

Bribery – as the most common form of corruption – was once considered a fairly common and socially acceptable practice in the business and private spheres. However, in the last twenty years, especially business rules around the world have changed considerably, which has led to a sharp tightening of anti-corruption legislation.

In the European Community, this happened after amended OECD Convention against Corruption entered in force in 2009. In Slovenia, the Integrity and Prevention of Corruption Act (ZIntPK) has been in force since 2011, which also determines the operation of the Commission for the Prevention of Corruption.

The common denominator of these new laws are high penalties for companies and individuals and the so-called extraterritorial reach in prosecuting offenders. This means that bribery committed by employees abroad can be punishable by imprisonment for directors of parent companies.

Harmful practices of giving and accepting bribes therefore pose a major business risk that threatens the financial and legal position and reputation of companies and individuals.

From a legal point of view, companies and individuals are held responsible for active and passive bribery at home and abroad.
The financial consequences of corruption are irrational spending of money and high fines and costs of legal proceedings that last for several years.

Companies found guilty of corruption lose their reputation. This includes the favor of the media, customers, suppliers and other business partners, which can even jeopardize their very existence.

Due to investigations of corrupt practices, operational delays and obstacles also occur that slow down the operation of companies and the fulfillment of obligations to customers and business partners in general.

Podkupovanje v številkah

Due to the prevalence of bribery and its destructive effect, companies and other organizations began introducing Anti-Bribery Management Systems = ABMS.
In October 2016, the first ISO standard “Management systems for the prevention of bribery” was adopted with the code ISO 37001: 2016.
The latter is currently intended to prevent bribery on the part of employees or representatives acting on behalf of or on behalf of organizations and acting corruptly for the benefit of the organization or for their own benefit.
It also helps companies and organizations to establish an ethical culture and practices with zero tolerance for corruption. It makes it easier for business partners to identify companies that are actively involved in bribery. In the future, this may become a condition and a competitive advantage over comparable bidders in (public) procurement procedures.
The ISO 37001 management system determines the scope of the organization’s anti-corruption compliance and operates on the principle of the PDCA Deming Circle:

It means assessing the risks of corruption according to the characteristics of the organization. This allows the identification of risk areas and the status of current control measures.

It stands for formulating policy, determining responsibilities and means to ensure compliance with anti-corruption requirements, and delegating decision-making and also, the introduction of support procedures, operational control and action objectives for identified risks of bribery.

It means improvements and updates to anti-corruption prevention and control mechanisms, in view of identified deficiencies and inconsistencies during day-to-day operations, inspections or audits.

Pomeni izboljšave in posodobitve protikorupcijskih preprečevalnih in nadzornih mehanizmov, glede na ugotovljene pomanjkljivosti in neskladnosti med vsakdanjih delovanjem, pregledi ali presojami.


Providing protection for whistleblowers

Most organizations identify bribery in their business in one of three ways: 31 per cent in internal audits, 29 per cent in due diligence in mergers or acquisitions, and 17 per cent based on whistleblowers.

Among other things, ISO 37001 requires the introduction of procedures that allow employees to report suspicions of corruption through anonymous reporting channels. It is necessary to ensure the confidentiality of the content of the applications and to prevent all forms of revenge against informants. Based on the rules and training, employees need to know who they can turn to if they encounter corruption-related issues in their work.


And what are the key benefits of a governance system to prevent corruption?

Ethical culture of the organization. One of the most durable safeguards against bribery is the moral culture of the organization which starts from the top-down, with management communication with employees, commitment and personal example, and the introduction of systemic measures such as ABMS.

Employees and managers understand their roles. It clearly sets out responsibilities for exposed individuals and ensures that they know their role in preventing bribery.

Message to business partners. The anti-corruption system is a message to business partners that the organization is actively combating bribery. In this way, it works to prevent providers from even attempting corruption.

It allows easy integration with other management systems. The ISO 37001 system can operate alone or in conjunction with other ISO management systems. This is ensured by its basic structure, which enables the harmonization of judgments and reporting with different standards.

Reduction of business risks. By strengthening the ethical culture of the organization, the system for the prevention of bribery, clearly defined responsibilities of exposed persons, reporting channels and open communication to business partners, the exposure to the risks of corrupt activities and their consequences is also reduced.

As we know, there is no complete security. The same is true of corruption, which cannot be eliminated due to the human factor of corrupt individuals.

However, with the introduction of a system such as ISO 37001 and the consistent implementation of organizational and control measures, we can introduce an additional level of protection and at least significantly reduce the risk of bribery.


Contact our team if you need help risk management.

For more information about risk management follow our LinkedIn & Twitter account. You can join the debate in Linkedin group ERM – ENTERPRISE RISK MANAGEMENT.

SOURCES (in Slovene language)
– Komisija za preprečevanje korupcije: Ocena stanja korupcije v RS v letu 2016; 2017
– Bureau Veritas: Sistemi vodenja za preprečevanje podkupovanja/Vgrajevanje kulturnih sprememb z ISO 37001; 2019