The anti-bribery case against Glencore, one of the world’s largest mining and commodity-trading companies, illustrates how serious the repercussions can be for GRC noncompliance. Within six months, authorities in the United States and the United Kingdom have slapped the Switzerland-based multinational with more than $1.1 billion in fines for corrupt practices in several countries that persisted for more than a decade.
The U.K.’s Southwark Crown Court ordered Glencore to pay over $400 million (£281 million) in fines in a ruling on Nov. 3, 2022, according to the U.K.’s Serious Fraud Office (SFO). The order came after the company pleaded guilty to charges of bribery in relation to its oil operations in Africa. It’s the largest ever penalty handed down to a company in a U.K. court.
An investigation by the SFO has revealed that Glencore paid bribes to foreign officials in exchange for preferential access to oil in five African countries: Cameroon, Equatorial Guinea, Ivory Coast, Nigeria, and South Sudan. The company used local intermediaries to funnel bribes into state-owned oil companies and government ministries and disguised them as service fees or signing bonuses.
The penalties include a fine and a confiscation order for the profit Glencore obtained from the bribes, plus the SFO’s investigation costs. “Other companies tempted to engage in similar corruption should be aware that similar sanctions lie ahead,” said Justice Peter Fraser.
Glencore reported $127.5 billion in total assets in 2021. It has 135,000 employees and contractors in 35 countries.
U.S. Antibribery Penalties
The U.K. ruling came on the heels of the penalties imposed by the U.S. Department of Justice (DOJ) on Glencore earlier this year. The company pleaded guilty to violations of the Foreign Corrupt Practices Act (FCPA) in the U.S. District Court for the Southern District of New York on May 24, 2022.
Glencore and its affiliates agreed to pay more than $1.1 billion in fines, the largest penalty, and disgorgement ever ordered by the U.S. Commodity Futures Trading Commission (CFTC).
The DOJ’s investigation exposed numerous FCPA violations, including paying bribes to foreign agents to secure oil contracts and avoid government audits, as well as paying bribes to judicial officials to end lawsuits in Cameroon, Equatorial Guinea, Ivory Coast, Nigeria, Brazil, Venezuela, and the Democratic Republic of the Congo. For several years, Glencore has also manipulated fuel oil prices at two of the busiest commercial shipping ports in the United States.
Beefing Up Antibribery Compliance
Glencore’s convictions in the U.S. and the U.K. represent a major victory for authorities and a fair warning to companies to beef up their antibribery and anticorruption efforts.
“The rule of the law requires that there not be one rule for the powerful and another for the powerless,” said U.S. Attorney General Merrick B. Garland. “The Justice Department will continue to bear its resources on these types of cases, no matter the company and no matter the individual.”
Perhaps the most important lesson the Glencore case offers is this – complacency in compliance can have huge consequences in the constantly evolving business landscape today. If your organization still relies on manual processes for third-party due diligence, you run the risk of falling into issues. Automation can easily remedy many issues common in manual due diligence, such as labor-intensive and duplicative work, irrelevant facts, and outdated information.
Whether you’re switching from a manual to an electronic system or planning to improve your existing system, here are some of the things you should look for in a risk-management system:
End-to-end Platform: Equip your business with a robust platform that can be configured to your particular GRC and ESG requirements, covering all aspects of your compliance program. Many enterprise solutions claim to perform risk management, but be sure to pick one designed to specifically address the requirements of laws such as:
U.S. FCPA
U.K.’s Bribery Act
France’s Duty of Vigilance Law
Australian Modern Slavery Act
German Supply Chain Due Diligence Act
Risk-Based Due Diligence
Not all risks have the same impact. Conduct screening and due diligence proportionate to a third party’s risk level. Choose a platform with the capability to escalate due diligence instantly for timely risk mitigation and remediation.
Effective Third-Party Questionnaire (TPQ): An effective questionnaire allows you to quickly gather information about third parties. You should screen them for such things as sanctions, adverse media, political exposure, litigation, criminality, bankruptcy, and ultimate beneficial ownership (UBO).
Thorough Background Checks: You should have the capability for benchmarked, comprehensive background checks for your entire supply chain and third-party network. Research should include reports and analysis of both positive and negative aspects of third-party risks.
Dealing with High-Risk Third Parties
It’s sometimes impossible to completely avoid dealing with high-risk parties, especially for global companies. For this reason, your due diligence platform should be able to provide research in the local languages of the countries where you operate. Also, just because a third party is compliant upon onboarding doesn’t mean it will always remain compliant. It’s important to conduct continuous risk monitoring for high-risk third parties and their associates. Training, verification, and certification of third parties can go a long way in maintaining long-term relationships with them.
Under the carrot-and-stick approach to regulatory enforcement, the Glencore case shows just how hard authorities can wield that stick. Now more than ever, take the carrot instead by increasing transparency in your entire supply chain, mitigating third-party risks, and ensuring compliance.