KPMG – Compliance Building

KPMG Fraud Survey 2009

KPMG Forensic has released their Fraud Survey 2009.

The survey shows that many managers remain concerned about fraud. There are plenty of investigations of fraud that may have helped fuel the financial markets meltdown. Record levels of government spending may usher in record levels of fraud, waste, and abuse. In these difficult economic times, managers may face pressure to do whatever it takes to “make the numbers.” For those companies operating outside the United States, increased investigation and prosecution of anti-bribery and corruption laws mean foreign operations have increased penalties associated with their risks.

Here are some of the key findings:

Nearly 1/3 of executives expect some form of fraud or misconduct to rise in their organizations.

The majority of executives cite fraud and misconduct as posing significant risks to their industry today. If such wrongdoing were to be experienced, the greatest concern for over two-thirds of executives is the potential for a loss of public trust when market confidence is at a premium.

Executives expect the threat of fraud to remain steady or rise in the coming year. About three out of four executives believed that fraud and misconduct risks, such as misappropriation of assets and fraudulent financial reporting, will either stay the same or increase over the next 12 months.

Inadequate internal controls or compliance programs heighten the risks of fraud and misconduct. Twothirds of executives reported that inadequate internal controls or compliance programs at their organizations enable fraud and misconduct to go unchecked.

Roughly a quarter of respondents lack effective protocols on how investigations should be conducted and at what point the board of directors should be alerted to potential concerns.

Those areas where respondents cited the most amount of improvement needed include employee communication and training, technology-driven continuous auditing and monitoring techniques, and fraud and misconduct risk assessment.

Business Codes of The Global 200

In drafting and updating my code of conduct and ethics it is always useful to see what other companies are doing. I look for both approach, content and style. For instance, I collected the Whistleblower Hotlines for Home Builders. It is great to see a comparison of a group of compliance codes. KPMG put together a study of the codes of conduct for the Fortune Global 200 companies: Business codes of the Global 200 — their prevalence, content and embedding (.pdf).

A good and properly implemented business code is not just a nice thing to have; it is based on an all-encompassing business need. A business code contributes to an organization’s strategic positioning, to strengthening its identity and reputation, to an improved corporate culture and work climate, and to improved financial performance. A business code and the compliance program to implement it are the cornerstone of an organization.

This whitepaper illustrates some of the results from a study that KPMG conducted with RSM Erasmus University. In 1990 only 14% of the Global 200 had a code of conduct but in 2007 86% of them have a code, including 100% of North American firms.

A few interesting things jumped out at me.

The codes are mostly directed at employees, with less than half discussing corporate responsibility to shareholders. I found this strange since the purpose of the code should be to protect the shareholder’s investment and provide a long-term result for shareholders. It is the focus on the short-term that leads to trouble.

Although 73% of the codes refer to the acceptance of gifts, only 59% refer to the offering of gifts. You would expect a code to address both. Since both offer the same danger of being viewed as bribery.

See:

Business codes of the Global 200 (.pdf)
Code of Business Ethics for Jones Lang LaSalle – previous post
Whistleblower hotlines for Home Builders – previous post

Right to Audit

From the KPMG 2008 Anti-Bribery and Anti-Corruption Survey:

While 63 percent of those respondents that require periodic compliance certifications said they incorporate a right-to-audit clause in their third-party contracts, a significant majority of these (68 percent) has never exercised the right (see Chart 4). A right-to-audit clause appears to be the kind of oversight expected by regulators and prosecutors, and has been included as an essential element of FCPA compliance in several recent deferred or nonprosecution agreements that companies have reached with the SEC and the DOJ. Recent agreements entered into in 2008 included, for example, stipulations that the parties agree to adopt new or to modify existing procedures to include “rights to conduct audits of the books and records of” agents or business partners “to ensure compliance” with anti-bribery laws and regulations.

KPMG 2008 Anti-Bribery and Anti-Corruption Survey

KPMG Forensic published its 2008 Anti-bribery and Anti-corruption Survey. KPMG surveyed 103 U.S. executives in the summer of 2008.

At a time when bribery and corruption prosecutions and enforcement actions are on the rise across the globe, the results of a new KPMG LLP survey suggest that multinational organizations based in the United States continue to be challenged by a number of key issues, which, if addressed, could lower the risk of violating the Foreign Corrupt Practices Act (FCPA) and other global anti-bribery and anti-corruption standards. The survey, conducted in summer 2008, found that although 85 percent of the respondents reported having an FCPA compliance program, many struggled with fundamental elements, including:

• Performing effective due diligence on foreign agents/third parties (cited as challenging by 82 percent of respondents)
• Auditing third parties for compliance (cited as challenging by 76 percent of respondents)
• Performing due diligence during merger and acquisition (M&A) activities (cited as challenging by 73 percent of respondents).

KMPG Survey Shows Lack of FCPA Due Diligence

KPMG Forensic released aurvey of 103 U.S. executives with FCPA duties. The survey found:

only one-third of respondents reported having an adequate due diligence process, and 27% said such compliance was only “minimal.” The survey also found that while 40% of companies include anti-corruption certifications in their normal business dealings, most of those companies apply the certifications only to their own employees. Only 24% reported using the certifications for outside vendors or suppliers and 35% for outside contractors, both of which are often cited by FCPA experts as a leading cause of briberies.

I could not find this survey on the KPMG websites.