Understanding Corruption: Navigating Third-Party Risk in Supplier and Vendor Relationships: Guest Blog by Michael Rasmussen

Modern organizations are not defined by brick-and-mortar walls and traditional employees; they are extended enterprises comprising third-party relationships, which often nest themselves in layers and transactions of complexity. In today’s interconnected business landscape, the complexity and scope of supply chains are expanding, bringing significant third-party risks, especially related to bribery and corruption. Managing these corruption risks is crucial for maintaining compliance and upholding a company’s integrity.

Organizations need a clear understanding of corruption in the context of third-party risk in supplier and vendor relationships, particularly when faced with the U.S. Foreign Corrupt Practices Act (FCPA), U.K. Bribery Act, France’s Sapin II, and other notable enforcement actions.

Corruption within supply chains typically manifests through bribery, kickbacks, and other unethical practices. When suppliers or vendors engage in corrupt practices, it tarnishes their reputation and puts the hiring company at risk of legal repercussions, financial loss, and reputational damage. Corruption risks in supply chains can arise from various sources, including:

• Bribery and Kickbacks. Suppliers may offer bribes to secure contracts or give kickbacks to individuals within the company to ensure preferential treatment.
• Fraudulent Invoicing. Inflating invoices or creating fake transactions to siphon off money.
• Conflict of Interest. Personal relationships between company employees and suppliers can lead to biased decision-making and favoritism.
• Supply Chain Opacity. Lack of transparency in the supply chain makes detecting and preventing corrupt practices difficult.

The FCPA is a pivotal legislation addressing corruption in international business transactions. Enacted in 1977, the FCPA aims to combat bribery of foreign officials and requires companies to maintain accurate books and records and implement adequate internal controls. It prohibits U.S. companies and individuals from offering, paying, or promising anything of value to foreign officials to influence their actions or secure an improper advantage. It also requires publicly traded companies to maintain accurate records and implement internal controls to prevent and detect bribery and corruption.

Enforcement of the FCPA has become more stringent, with the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) actively pursuing violations. I estimate that more than 90% of FCPA enforcement actions include third parties involved in the scheme in some manner. Here are a few of the more notable enforcement actions that highlight the risks and consequences of corruption in supplier and vendor relationships:

• Siemens AG (2008). Siemens, a German multinational corporation, paid over $1.6 billion in fines for engaging in systematic bribery worldwide, including significant violations in its supply chain operations. The case underscored the importance of robust compliance programs and due diligence in third-party relationships.
• Avon Products Inc. (2014). Avon paid $135 million to settle FCPA charges for failing to detect and prevent payments to Chinese government officials through its subsidiary. The case highlighted the risks associated with inadequate oversight of third-party intermediaries.
• Walmart (2019). Walmart agreed to pay $282 million to resolve FCPA violations, primarily related to its operations in Mexico, India, Brazil, and China. The enforcement action emphasized the need for rigorous compliance protocols and continuous monitoring of third-party activities.

To effectively manage third-party risks related to corruption, companies should implement comprehensive third-party risk management processes, including:

• Due Diligence. Conduct thorough background checks and due diligence on all suppliers and vendors. This includes assessing their reputation, financial stability, and previous compliance history.
• Contractual Safeguards. Include anti-corruption clauses in contracts with third parties, ensuring they commit to complying with anti-bribery laws and corporate policies.
• Training and Awareness. Train employees and third parties regularly on anti-corruption laws, company policies, and ethical business practices.
• Monitoring and Auditing. Implement robust monitoring and auditing mechanisms to detect and address suspicious activities in real-time. Regular audits can help identify potential risks and areas for improvement.
• Whistleblower Mechanisms. Establish confidential reporting channels for employees and third parties to report suspected corruption or unethical behavior without fear of retaliation.

Understanding and managing corruption risks in supplier and vendor relationships is crucial for maintaining compliance and protecting a company’s reputation. The FCPA is a vital framework for combating bribery and ensuring ethical business practices in international transactions. Still, others, such as the U.K. Bribery Act and Sapin II, are just as critical. By learning from past enforcement actions and implementing robust risk management strategies, companies can mitigate third-party corruption risks and uphold their commitment to integrity and compliance.