In terms of global anti-bribery compliance, whether it be in the context of the FCPA, the UK Bribery Act, Canada’s (CFPOA), or other anti-bribery regimes, assessment of risk is an important component of any compliance program or set of internal controls. Unfortunately, often overlooked is the precise form of risk that should be evaluated.
Far too often the assessment focuses on the likelihood that a bribe or corrupt act may be discovered. Another and similar misconception is assessing the likelihood of whether enforcement action will be undertaken by local authorities or even enforcement authorities in foreign jurisdictions, like the United States, the United Kingdom, Canada, or any number of OECD member countries like Germany or Brazil.
In assessing risk, focusing on the risk of being discovered or enforcement action taken is entirely misplaced. Rather, the focus should and must be on the likelihood of an individual or entity being subject to situations where a bribe or some form of corrupt act may in some way be solicited or induced.
As opposed to assessing the likelihood of “getting caught,” the assessment must focus on the likelihood of becoming involved in some form of an improper inducement to advance the interests of an individual or entity. In other words, what are the risks of an individual or entity being put into a situation or situations where a bribe or an improper inducement may be sought.
A multitude of factors must be taken into consideration. Among others, factors such as the locale, the nature of the industry, and the structure of the business or relationships involved must be taken into consideration as well as their reputations. But the factor that should not be part of any assessment process is the likelihood of being caught.