Helping SMEs on how to resist corruption in business

Why businesses need to identify risks of corruption?

Regardless of the size, structure, type or geographic location, any organization in operation must confront all kinds of risks.

Being warned about the areas of corruption risk, companies are able to identify weaknesses in corporate governance as well as finding where corrupt acts occur in order to address them. According to COSO, risks are uncertain events that affect the realization of the organization’s objectives. The more risks we can identify, the more proactive measures we can take to manage.

Risk identification appears to be the continuous and systematic process that arises in business operations, in order to define a complete list of risks and events affecting the ability of business to achieve business goals and effective corporate strategy.

Firms doing business in different sectors might face different risks. Risk identification aims to collect information about subjects likely to be at risk  (personnel, assets, corporate liability ), sources of risk, risk factors, hazards, all types of losses and risks that may cause damage to the business activity. The functional departments (marketing, accounting, manufacturing, …) need to participate in the process of  risk identification. Normally, risk identification is performed  periodically and whenever any event occurs (internal and external events).

Risk identification and analysis

Risk identification requires coordination between risk experts and those who well understand organizational structure and operation of the company.

Risks that businesses have to face will depend on the type of business activities such as: political risks, market risks (prices, interest rates, exchange rates …), personnel risks, technology risks, environmental risks and regulations on environmental protection, risk of construction timeline and engineering, risk of capital, risk of inputs, weather risk, risk of progress, extended construction time, risks of labor safety, market risks of raw material prices, labor, risks of final setllement, debt collection, regulatory risks …; In the financial sector, the banking sector has to confront risks of non-performing loan, financial investment risk, liquidity risk …

Risk analysis activity aims to determine the level of influence and risk probability . There are many types of risks, indeed it is necessary to analyze risks and distinguish what kind of risks occur with a high frequency or less frequently, cause more or less serious consequences… since then taking appropriate risk management measures. Risk analysis and assessment is the measurement of the severity of the risk in order to deal with set priorities. Based on the level of severity, risks are generally classified into three groups including:

  • Dangerous group (risks whose consequences can lead to bankruptcy of the business);
  • Critical group (risks whose consequences force the business to borrow in order to continue operating);
  • Unimportant group (risks that the company can overcome by itself without having huge financially difficulties).

Risk analysis essentially aims to analyze causes and consequences of risks. Based on the scale of impact and probability of occurrence, risks will be assessed either quantitatively (financially) or qualitatively (non-financial). Enterprises must develop and agree on a scale of impact assessment and probability. This scale describes the impact of risks in terms of finance (revenue, profit, cost …) or non-financial (reputation, brand, legislation, personnel …). During the analysis process, it should be noted that a risky event can cause different consequences and have great impact on many corporate goals, so adequacy should be considered in all aspects that risk are damaging .

To reduce damages caused by risks, managers need to follow a risk assessment process with following steps:

  • Determine the objectives of enterprise;
  • Identify existing and potential risks likely to affect the achievement of your business goals;
  • Analyze their impact, even including their frequency of occurrence;
  • Identify measures to manage and minimize their damage.
Areas at high risk corruption

Depending on the business sector and the model of organization and management, there will be appearing  its own risks. Although, sectors with high corruption risk indicators are fundamentally quite similar among firms.

Areas with corruption risk stay within internal of business. Some are related to your behavior and  your customers, some related to the agency or affiliate.

  • The customer or agent claims for an unusual high commission or fee.
  • There is no agreement or written contract between your business and the client.
  • The contract is not consistent with the standards of the business industry and the provisions of the law
  • Incomplete technical or financial documents are detected in contracts and bidding packages.
  • The customer appoints another agent to negotiate the contract and accept payments.
  • Enterprise staff /branch agents posses relationships with government officials and employees.
  • You cannot have a full assessment of a client or their representative.
  • The customer or their representative desires to receive advances or payments from an overseas account or from bank account of another person. .
  • The customer or their representative prefer to receive a cash payment rather than bank transfer
  • Your employees are allowed to make direct transaction with suppliers or customers in cash.

Areas at risk of corruption are related to customers, government officials and entities such as:

  • Officer demands money to speed up customs clearance.
  • Inspectors and examiners cause difficulties for businesses to gain personal benefits.
  • Government procurement officer claims for money if you want get a contract.
  • Group of businesses collude with each other when bidding to discard competitors.
  • Officials, licensing agencies (medical and hygiene, food safety, environment, fire protection …) solicit an inducement to award license or certificates.
  • Your company is extorted for money by another company to be handed over contracts
  • You treat the procurement manager of another company in a luxurious party or offer with a tourist travel.
  • Tax authorities solicit money if your company wants to simplify procedures or not to having to be checked.
  • Your siblings (biological or cousin) is the local leader and gives the contract to your business.

In fact, identification of corruption risks differs in every business. We should identify the probability of corruption occurrence based on internal control environment, the existing resources to handle corruption as well as significant efforts of Board management to detect acts of corruption and develop corporate culture and ethical standards.