Sunday, September 2, 2012

The G4 Anti-Corruption proposals - explained

Ready for more Thematics ? As promised in my last post on the Thematic Draft of the GHG Reporting Guidelines for the new G4 Framework, I will now discuss the Anti Corruption Thematic Draft. And don't worry, its only 24 pages. Surely there won't be too much to say about that! Think again.

(For clarity (and brevity!) (OK, forget brevity, that's not me), I will focus in this post only on the specific disclosures related to Anti-Corruption - not to changes made to the Ethics profile disclosures or the indicators relating to Public Policy and Political Contributions)

The proposed revisions include:
  • Disclosure on Management Approach: New disclosures and guidance (Anti-Corruption Aspect, Society Category)
  • Indicators
  • Specific edits to Indicators SO2, SO3, and SO4 (Anti-corruption Aspect, Society Category)
You can provide your feedback until 12 November 2012, using the G4 Consultation Platform.

Currently, G3 has three disclosures on anti-corruption (excluding public policy and lobbying):

CORE SO2: Percentage and total number of business units analyzed for risks related to corruption.
CORE SO3: Percentage of employees trained in organization's anti-corruption policies and procedures.
CORE SO4: Actions taken in response to incidents of corruption.
The new proposed Thematic has the same three, with slightly different wording and a lot more guidance on what to report against each one. The new indicators are: 

CORE SO2: Percentage and total number of operations assessed for risks related to corruption
CORE SO3: Information and training on anti-corruption policy and procedures
CORE SO5: Confirmed incidents of corruption and actions taken

Anti-Corruption may hide below the Radar
Remember, that in the new G4 draft, companies will not be required to report on anti-corruption if they have not selected this as a material issue. See my post on the G4 Exposure Draft for an explanation of this. So, unlike today, where every A-level reporter must respond to the Anti-Corruption indicators, in future, any company who does not consider this to be material will happily leave it out. In the Mother of Materiality Matrices Analysis by Fronesys, Bribery and Corruption was found to be only number 33 out of a total of 50 top issues identified as material by 31 leading companies. Given that the average number of material issues listed  per company is 27, Anti-Corruption may just conveniently drop off the radar! (This, I believe, is the single biggest weakness of the G4 proposal - there must be a threshold of basic indicators which all companies should report - and this should include at least some reference to anti-corruption practices.) 
Don't Forget the Juicy Bits
The Thematic Draft includes detailed explanations and specific details which should be reported against each disclosure, ensuring that reporting companies are not tempted to leave out the juicy bits. In fact, the level of detail required is quite daunting - for example, the disclosure on Management Approach for Anti-Corruption contains no less than 11 separate data elements, ranging from whether the organization has a publicly stated commitment to zero tolerance of corruption (that's an easy one, right? If the company doesn't have one, it sure will by the time  it publishes its report!), to processes to prevent, detect, investigate, respond to and remediate forms of corruption to whether and how the effectiveness of the anti-corruption training for governance body members, employees, and business partners is evaluated (errrr... we evaluate our anti-corruption program as effective if no-one has got caught). There is also another interesting disclosure which I haven't seen many companies refer to: "Report policy and procedures in place to ensure that charitable donations and sponsorships (financial and in-kind) that are made to other organizations are not used as a disguised form of bribery. "

Anyway, back to the juicy bits, let's face it, anti-corruption reporting is not the most fun part of any Sustainability Report. Along with reporting on Governance, the Anti-Corruption disclosures are pretty boring and unimaginative. It's not all that easy to make anti-corruption sound sexy and exciting. In G4, it's going to be much more not sexy and not exciting.

The State of Disclosure on Anti-Corruption in G3
This is a random selection of current disclosures  on anti-corruption:

State Street's reporting wouldn't measure up to G4. In fact the company reports partially against the current SO2 and SO4 indicators in this GRI Application Level B+ report.

State Street reports on the existence of an Ethics Office and a Standard of Conduct together with a specific email address for employees to send questions. State Street reports that the Ethics Office is currently updating ethics-related policies, especially Anti-Corruption and that risk requirements were implemented in the UK to respond to the new Bribery Act.

The report contains  a description of a Controls Testing Program in place to analyz risk, and the process for filing of a Suspicious Activity Report in the case of suspected incidents of unlawful activities. All employees must provide annual certification of their compliance with the Standard of Conduct, with 99.9% of employees did in 2011.

All in all, a light-weight disclosure on anti-corruption. State Street is going to have to work hard to be In Accordance with G4, if Anti-Corruption is selected as a material issue. It's could be a lot not more fun at State Street. Except that, Anti-Corruption is not listed as a key material issue for State Street, so it's possible they will not choose to go with the full disclosure anyway. That's a relief for their Sustainability Reporting team, I am sure.

This GRI Application Level A report, the company's 17th CSR Report, is 116 pages long. AMD confirms to reporting fully against the current SO indicators on Anti-Corruption
SO2: "AMD’s Internal Audit Department performs comprehensive risk analyses (including regarding corruption) of all AMD sites/departments." It is not clear if this is every year, and the description of internal audit procedures does not really address this. In G4, a much fuller response to this indicator will be required, including the criteria used for risk assessment for corruption, whether risks related to external stakeholders, and the operations identified as having high risk and what the risks are.

SO3: AMD's response is: "All employees worldwide receive copies of and training on AMD’s Worldwide Standards of Business Conduct, which includes strict anti-corruption provisions. Training typically takes about one hour per employee and must be completed during the employee’s first 90 days of service." In G4, this wouldn't cut it. The disclosure would have to include all forms of training and information on anti-corruption, including the number of business partners informed and the percentage of business or purchasing volume that these partners account for as well as the Board and Management members which are identified as high risk and the type of training they received, for example, web-based, in person or general or specialized training. I think the GRI Working Group forgot to add that the company should report whether lunch was served during the training and what brand of coffee was provided.

SO4: AMD has got this covered in G3: "The response is AMD is not aware of any incidents during or related to 2011." G4 contains several more points in this indicator, but of course, if there were no incidents, there's nothing more to say. It's probably worth avoiding corruption in your business just to avoid the endless details you would have to include in the Sustainability Report to be In Accordance with G4 on Anti-Corruption.

AMD reports only four material issues, and none of them are Anti-Corruption. Looks like this Thematic Revision may not be too useful, in that case.

This is Ford's 13th Annual Sustainability Report at Application Level A of the GRI Framework. The report is online with a downloadable summary, and Ford claims to respond to the SO Anti-Corruption indicators in full. The Disclosure on Management Approach is also noted as being reported in the Sustainability Governance section, though a search on this page reveals no mention of the word Anti-Corruption, as well as on the page on  Ethical Business Practices, which is noted as containing responses to SO2,3 and 4. This page also contains no specific reference to Anti-Corruption.

Reference is made to the Ford Code of Conduct Handbook, which is available in 14 languages and all employees must certify they conform every year. Ford assesses compliance with the Code of Conduct through internal audits. This level of disclosure barely meets the requirements for the current G3 framework, let alone G4. In fact, this report, which is self-declared at Application Level A, in the area of Anti-Corruption at least, would not make the grade. Ford will have more work to do on its 2014 report to be In Accordance with the new G4 guidelines on Anti-Corruption.

Ford's Materiality Analysis, which always has one of the longest list of material issues you can find in any Sustainability Report, also does not specifically include Anti-Corruption as a material issue. Sorry, Thematic Revision.

When is Anti-Corruption Material?
Actually, I found it hard to find a good example of where Anti-Corruption is stated as a top material issue.That's probably not so surprising. Identifying this as a top material issue could be interpreted as the company being plagued with corruption. Not the kind of impression most companies want to leave with their stakeholders. It's much easier to go with climate change and diversity.

Symantec's 2011 Sustainability Report includes Anti-Corruption so far down the bottom of the long list of material issues that it almost falls off the edge of the matrix and actually does fall off the edge of the report.

Wipro India's 2010 Sustainability Report, on the other hand, has two Materiality Matrices and one of them contains Anti-Corruption.

Wipro has a Code of Business Conduct and Ethics (COBCE) which is "is socialized at multiple points of an employee's lifecycle – it is first covered as part of the induction program of new hires and subsequently every employee has to take an online test annually to assert his familiarity with the tenets of the COBCE". Wipro states "We have a zero-tolerance policy for noncompliance with the COBCE,especially on non-negotiable factors – e.g., child labor, anti-corruption,etc." Wipro also discloses a case of financial embezzlement that was committed by a junior level employee during the period from November 2006 to December 2009. After investigation, it was decided that the amounts embezzled were not material, but changes such as enhancing segregation of duties and implementing stronger password controls to access financial systems were implemented. This particular case has an unfortunate consequence: "The employee directly involved died after the embezzlement was discovered."

Wipro also reports the number of complaints received through their Ombudsman process, and in 2010, 451 complaints were received of which 3% related to fraud or financial impropriety.

Would Wipro's reporting stand up to the rigor of G4? I could not locate a response to indicator SO2 - number of operations assessed for risk of corruption, and the disclosures on training would not pass the SO3 sub-clauses. SO4 is covered with the case of embezzlement, but the new cases arising in 2010 are not explained in detail. In other words, Wipro's reporting of this material issue is not significantly more extensive than companies who do not state Anti-Corruption to be material, and disclosures do not meet the requirements of the current G3, let alone G4.

One more point: the Difference between Ethics and Anti-Corruption
Generally speaking, if companies have a Code of Ethics, and this includes prohibition of corruption, and companies make sure that employees sign off on the Code of Ethics (after some training, perhaps), is this an adequate response to the question of corruption? Is ethics training enough to cover off anti-corruption? The answer is probably generally not.
The revised G4  Definition of Corruption is as follows:
"Corruption is ‘the abuse of entrusted power for private gain’ and can be instigated by individuals or organizations. In GRI’s Framework, corruption includes practices such as bribery, facilitation payments, fraud, extortion, collusion, and money laundering. It also includes an offer or receipt of any gift, loan, fee, reward, or other advantage to or from any person as an inducement to do  something that is dishonest, illegal, or a breach of trust in the conduct of the enterprise’s business. This  may include cash or in-kind benefits, such as free goods, gifts, and holidays, or special personal services provided for the purpose of an improper advantage or that may result in moral pressure to receive such an advantage."
There is a very good paper written on Corruption, published by FSG Social Impact Advisors - it's well worth reading.  Some highlights from this paper:

  • Corruption is estimated to cost $2.6 trillion annually, an amount equal to more than 5 percent of global GDP. Each year, over $1 trillion is paid in bribes; not only do these payments undermine fair competition and affect the profitability of businesses operating globally, but they also divert crucial public resources away from their legitimate uses, denying citizens essential public services such as education, clean water, and health care.
  • Emerging markets have higher corruption.
  • Almost two-thirds of executives have experienced some form of corruption.
  • Corporations today largely treat corruption as a legal and risk-management problem requiring a compliance-driven approach. Ethics and compliance officers typically do not view external anti-corruption efforts as part of their jobs, nor do CSR executives often seek to address this social problem.
  • Global or industry-wide anti-corruption initiatives are frequently toothless, inadequate in size, or nonexistent. Compared with other social issues that affect business, corruption has not received a proportionate level of attention.

In other words, a Code of Ethics has a very broad brief and contains many clauses ranging from privacy of information to equal opportunity to protection of company assets and more. Ethics training may not cover anti-corruption comprehensively enough. Ethics training is often broadscale and minimum (completion of an online module), and may not specifically go deep enough for those who are at highest risk of corruption. An example of training in the area of money-laundering, one of the defined forms of corruption,  can be found in the 2011 Sustainability Report of the Landesbank Baden Wurttemburg:

" ...all of our employees who conduct transactions or whose jobs involve initiating and establishing business relationships (such as opening bank accounts and securities accounts, assigning safety deposit boxes) are trained through an educational program at their workplace. In addition, compliance officers are assigned to the various divisions and sales departments to personally support our staff in their money laundering prevention activities directly on site."

A Thematic Conclusion
The GRI G4 proposed disclosures on Anti-Corruption are comprehensive and rigorous in detail - perhaps overly so. The Disclosure on Management Approach clauses and the detailed responses to SO2, SO3 and SO4 are probably more than most of us want to know and it's questionable whether they add to our assessment of an organization's true capabilities in managing corruption risk. If perfect is the enemy of good, then these Anti-Corruption disclosures might just be in enemy territory. 

The best way for most companies to handle this will be to establish a separate multi-year Anti-Corruption Policy, covering all the Management Approach Disclosures and part of SO2 on the way risk assessments are conducted, downloadable from the corporate website  This leaves the actual annual Sustainability Report to refer to this policy and report only those specific instances, percentages and numbers occuring in the reporting period. Assuming, of course, that Anti-Corruption is material for the organization. Who determines materiality? Well, that's another story. I have talked a little about this in my previous G4 post, but I will surely come back to it as a core determinant of effective sustainability reporting.

In the meantime, go and treat yourself to you an ice-cream. (I am glad the GRI doesn't issue guidelines about ice-cream consumption. My report would be 937 pages long!)

Yes, it was as delicious as it looks!

elaine cohen, CSR consultant, winning (CRRA'12) Sustainability Reporter, HR Professional, Ice Cream Addict. Author of CSR for HR: A necessary partnership for advancing responsible business practices  Contact me via   on Twitter or via my business website  (Beyond Business Ltd, an inspired CSR consulting and Sustainability Reporting firm)

No comments:

Related Posts with Thumbnails