This section provides guidance in relation to the requirement that an organisation should implement commercial controls which minimise the risk of corruption by, on behalf of, or against the organisation (Measure 16 of the Anti-Corruption Programme for Organisations).
Commercial controls are the management systems and processes implemented by an organisation to help it ensure that its sales, procurement, supply chain management, operational, project management and other commercial issues and risks are being properly managed. The purpose of these controls is much wider than corruption prevention. However, these controls can also have an anti-corruption effect, and, in designing and implementing these controls, the organisation should consider and take account of their effectiveness in reducing corruption risk.
From a corruption prevention perspective, the organisation should undertake a risk assessment of the corruption risks which face the organisation (see Organisation Anti-Corruption Risk Assessment), and then assess the extent to which its existing commercial controls help reduce these corruption risks. The organisation should consider whether enhanced commercial controls would help reduce or further reduce the assessed risks, and if, so, enhance the controls as far as reasonable and proportionate.
Commercial controls which may have a beneficial anti-corruption impact are listed below. The following list does not attempt to include all possible controls. The type and extent of control will depend on the organisation and the corruption risks it faces. There is sometimes an overlap between these recommended commercial controls and other controls recommended on other GIACC web-pages (e.g. Risk Assessment and Due Diligence, Financial Controls, Decision-Making Process and Procurement Controls). It does not matter under what management control category the organisation deals with these issues, as long as they are dealt with adequately in a reasonable and proportionate manner.
In relation to all commercial matters which require approval, such as (1) the entering into of contracts or commitments between the organisation and any business associate (client, sub-contractor, supplier, consultant etc.); and (2) the approval of any work, services or supplies carried out under those contracts, the organisation should ensure as far as possible as follows:
This control should be designed to take reasonable and proportionate steps to prevent the organisation from entering into a transaction which may be illegal.
The illegality may be due to corrupt reasons. For example, the organisation may bid to a client to construct a building for the client. The client may have obtained planning permission for the building by the payment of a bribe to a government official. In many jurisdictions, paying a bribe to obtain planning permission will result in the planning permission and resultant building being illegal. The authorities could therefore terminate the planning permission, with the result that the construction contract may also be terminated. In addition, any payment made by the client to the organisation under the contract may constitute money laundering.
The illegality may be due to non-corrupt reasons. For example, a public sector client may decide to award a contract to the organisation by directly negotiated award despite the relevant public procurement regulations requiring a competitive tender. The client may be doing so without any corruption (e.g. in the belief that the regulations are slow and cumbersome). However, even if this belief is genuine, it is unlikely to legitimatise by-passing the regulations, as the regulations will normally need to be complied with. If the client is proposing to make a direct award under a potentially legitimate exception to the competitive tender process (e.g. the use of direct award in cases of emergency) then the emergency needs to be genuine, and cannot be a contrived reason by the client to by-pass the tender procedures. If the organisation accepts an award of a contract which has been placed illegally by the client in breach of procurement regulations, the awarded contract may as a result be illegal and unenforceable. In some cases, a client manager may be by-passing the regulations for a corrupt reason (e.g. a bribe may have been paid to a client manager to ensure that the competitive process was by-passed). In this case, the organisation may be implicated both in the illegality of the award and in the corruption.
If the organisation participates in an illegally awarded contract, it is assuming several risks:
It is of course difficult for the organisation in most cases to be able to verify the legitimacy of relevant actions by its potential client. However, the organisation should identify the relevant areas which carry a more than low corruption risk, and take reasonable and proportionate steps to satisfy itself of their legitimacy.
The organisation is likely to derive a higher level of comfort if the planning permission is obtained, or tender procedures are implemented, by a client with a good ethical reputation in a location where corruption is a low risk, than where the planning permission is obtained or tender procedures are implemented by a client with a poor or unknown ethical reputation in a location where corruption is a high risk. If, after suitable consideration, there are no suspicious factors to alert the organisation to any concerns, then the organisation may determine that it is reasonable to proceed with the contract. However, if there are significant concerns or unanswered questions, the organisation may decide that it is too high a risk to proceed with the contract.
In most cases, whether or not the work being required by the client under a contract is necessary is a matter for the decision of the client. However, if work is ordered by the client which on the face of it appears to be suspiciously unnecessary, then this can be a warning sign for an organisation which may be bidding for or asked to undertake this work. Therefore, the organisation should take reasonable and proportionate steps to assess before it takes on work for a client whether any item appears to be on the face of it suspiciously unnecessary.
For example, the client may request the organisation to appoint a consultant specified by the client in connection with the works which the organisation is undertaking for the client. The client says it will pay the organisation for the consultant’s costs, and that the organisation should then pay the consultant. However, the organisation does not need the support of the consultant for the works, and the scope of work of the consultant is vague and/or not necessary for the works. This could be an indicator of a corrupt arrangement under which a client manager is passing funds to the consultant through the organisation. If the organisation participates, it could be criminally liable for participating in a corrupt transaction, and/or could be involved in money laundering. The organisation should decline to appoint the consultant unless it can be reasonably satisfied that this arrangement is legal and not corrupt.
This control should be designed to ensure that the organisation is not receiving some unusual or unexplained payment from a client which could indicate a corrupt transaction. In most cases, the organisation will be fully aware of how its contract price is broken down, and which work items the payments from the client relate to. In a competitive market, these payments will normally be reasonable and proportionate to the work, services or supplies to be carried out by the organisation, as they will be market prices. However, examples of potentially suspicious circumstances are as follows:
If any defects, or quality or quantity issues (“defects”) which are the organisation’s responsibility are identified in the organisation’s work, services, or supplies for a client, they should be rectified. Defects should not be concealed by the organisation from the client. If the organisation hands over work, services or supplies to the client knowing that they are defective, or being reckless as to whether or not they are defective, then the organisation could be committing fraud against the client. In addition, there is a risk that a manager of the organisation may bribe the client’s supervisor to accept defective work. To help prevent this risk, the organisation should implement appropriate quality and quantity inspection measures in relation to key actions or milestones.
If the organisation makes a claim against the client which the organisation knows is inaccurate or is reckless as to whether or not it is inaccurate, then the organisation could be committing fraud against the client. In addition, there is a risk that a manager of the organisation may bribe the client’s supervisor to accept an inflated claim (e.g. if the manager’s bonus depends on a successful outcome). To help prevent this risk, the organisation should implement appropriate checking and approval measures in relation to claims submitted by the organisation to the client. The same approach of honest and accurate dealing should be taken in relation to any claims made by the client against the organisation.
(The term “business associates” in this section includes joint venture partners, sub-contractors, suppliers, consultants, agents; but not clients which are dealt with in the above section).
A suitable pre-qualification or approval process should assess, in relation to potential business associates, their technical and financial capacity to undertake the work, any possible conflicts of interest, and the likelihood of their participating in corruption. This should be undertaken prior to the organisation agreeing to contract with them. (See Business Associate Risk Assessment).
This control should be designed to take reasonable and proportionate steps to prevent the organisation from entering into a transaction which may be illegal. For example:
In the event of such illegal appointment, the organisation may be liable for breaching the relevant law and/or the appointment may be unenforceable or subject to termination. In addition, if the appointment is for a corrupt reason (e.g. if the agent or joint venture partner pays a bribe in relation to their appointment), then the organisation may also be liable for the corrupt act.
If a business associate is to undertake work which on the face of it appears to be unnecessary, then this can be a warning sign of possible corruption. For example:
This control should be designed to take reasonable and proportionate steps to ensure that the organisation is not paying some unusual or unexplained payment to a business associate which could indicate a corrupt transaction. This is particularly important where there is a risk that the business associate may use part of the payment made to it by the organisation to pay a bribe on behalf of or for the benefit of the organisation. For example, if an agent has been appointed by the organisation to assist with sales and is to be paid a commission on award of a contract to the organisation, then the organisation needs to be reasonably satisfied that the commission payment is reasonable and proportionate to the legitimate services actually carried out by the agent and to the risk assumed by the agent in case the contract is not awarded. If a disproportionately large commission is paid, there is an increased risk that part of it could be improperly used by the agent to induce a government official or employee of the organisation’s client to corruptly award the contract to the organisation.
A competitive process assists in the reduction of corruption, in that a corrupt organisation may seek to ensure that it is the only organisation which can be appointed to the contract, and it will normally ensure that any bribe it has to pay to ensure this preferred status is included in its contract price. As a result, a corrupt contract price will normally be higher than a non-corrupt contract price, and the quality may not be as good as its competitors. Therefore, having a competitive process where several organisations can compete on price, programme and technical expertise makes it more difficult for corruption to occur, and normally improves price and quality. Where the organisation is putting work out to tender, it should ensure that as many organisations as is reasonable can compete, so as to reduce the risk of a cartel between the competitors. If, for example, only three organisations are ever asked to tender, the risk increases that over time those three organisations will agree to share the work between them. The risk of corruption is further reduced if the competitive process is as open and transparent as possible (e.g. is advertised on the organisation’s web-site, and the results are published on the web-site). For further guidance on competitive processes, see Procurement Controls.
Tender information can be valuable. For example, a manager may sell information on the competitors’ pricing or the organisation’s budget or evaluation process to a competitor.
There is a risk that there may be defects or quality or quantity issues (“defects”) in the work, services, or supplies which are the business associate’s responsibility. If the business associate hands over work, services or supplies to the organisation knowing that they are defective, or being reckless as to whether or not they are defective, then the business associate could be committing fraud against the organisation. In addition, there is a risk that a manager of the organisation may be bribed by the business associate to accept defective work. If the business associate is undertaking work for the organisation which is in turn part of the organisation’s work for the organisation’s client, then there is a risk that any such defective work undertaken by the business associate could become the organisation’s responsibility to the client (see paragraph (5) above). To help prevent this risk, the organisation should implement appropriate quality and quantity inspection measures in relation to key actions or milestones.
If the business associate makes a claim against the organisation which the business associate knows is inaccurate or is reckless as to whether or not it is inaccurate, then the business associate could be committing fraud against the organisation. In addition, there is a risk that a manager of the organisation may be bribed by the business associate to accept an inflated claim. If this claim by the business associate forms part of the organisation’s claim against the organisation’s client, then there is risk that any such inflated claim by the business associate could become the organisation’s responsibility to the client (see paragraph (6) above). To help prevent this risk, the organisation should implement appropriate checking and approval measures in relation to claims submitted by the business associate to the organisation. The same approach of honest and accurate dealing should be taken in relation to any claims made by the organisation against the business associate.
The organisation should assess the above risks in a manner which is reasonable and proportionate to the size and risk profile of the relevant project or contract. For example:
(16) The following are two examples of how the operation of a combination of some of the above commercial controls may successfully prevent a potential corrupt act.
A procurement manager of the organisation wishes to appoint a supplier owned by a member of the procurement manager’s family to provide equipment to the organisation. The family member promises the manager a share of the supply contract profits. The organisation’s procurement procedures require all suppliers to pass the organisation’s pre-qualification requirements. One of these requirements is the obligation (both on the procurement manager and the supplier) to disclose any conflict of interest, such as a family connection. Therefore, the family connection and consequent conflict of interest should be identified at an early stage, and as a result prevent the manager from being personally involved in this tender. Even if the connection is kept concealed, the organisation’s procedures also require that no contract can be placed unless there has been a competitive process between at least three pre-qualified suppliers. So, the connected supplier still needs to show that it has the technical and financial capability to undertake the project, and needs to win a competitive process. In addition, the requirement that no contract should be placed without a second approval by another manager with knowledge of the circumstances should help prevent this conflicted contract being placed, as the second manager is likely to be aware of the connection (unless it has been very well hidden, which is difficult when frequently the industry participants are relatively well known). All these controls therefore help prevent a potentially corrupt contract from being entered into. Therefore, unless there is agreement with knowledge of the circumstances by all of the managers involved above, or unless some of them are negligent in their review, it is difficult for the procurement manager to favour this supplier.
The organisation is constructing a building. An excavation sub-contractor on site excavates the foundations only to minus 1.5 metres when it should excavate to minus 2 metres. The sub-contractor offers a bribe to the organisation’s site supervisor to certify that the excavation was to minus 2 metres. The organisation has identified in its Project Corruption Risk Assessment that excavation levels are a high risk area, and requires that a second senior supervisor must counter-sign the excavation depth after on-site inspection. The second supervisor identifies that the excavation depth is incorrect, and requires the excavation sub-contractor to rectify it.
Updated on 10th April 2020
© GIACC