Organisations, both old and new, are increasingly under scrutiny to be doing the right thing, by their customers and for their employees. For my fifth article in ‘The future of the organisation’ article series, I spoke with Annabel Reoch, Partner, Head of Anti-bribery and Corruption and Anti-Tax Evasion Facilitation at KPMG UK, about trust and transparency, as it really applies to organisational transformation and TMT clients. Annabel is an experienced anti-bribery and corruption (“ABC”) and anti-tax evasion facilitation subject matter expert with over 15 years of investigations and compliance experience. Annabel has led a wide variety of forensic assignments in the UK and internationally.
We have a number of very fast-growing technology and media companies that have grown up with great agility to capture their place in the market, and in doing so, developed great collaboration and great team spirit.
Trust takes many years to build and seconds to destroy. Certainly, in the media and technology space, consumers trust the organisations with their data, very private data. But what we're seeing now is, as the regulation that the financial services industry faced comes across into the TMT sector, some of those companies are really struggling to be able to demonstrate to the regulators that they have the right controls and processes in place.
Although they might actually have a really great culture of trust amongst themselves and their employees, that doesn't translate into a clear policy, process and framework, which often the regulators need to see in order to establish confidence that risk is being properly mitigated.
It is a really challenging aspect to get right because you want to find the right balance of being able to remain agile, have speed with which you can change, move with the market and customer demand, but also meet your regulatory expectations. I work a lot in regulations, such as anti-bribery and corruption, modern slavery, fraud, money-laundering, sanctions, and there are very stringent rules and regulations that you are required to demonstrate to comply with those laws.
Indeed, a number of those laws have an inbuilt defence within them, where if something were to go wrong, you need to be able to demonstrate to a regulator that you have what is known as adequate procedures. That is where a number of very fast growth tech and media companies haven't got that framework in place and they are working effectively with their own sort of business operating model.
When we talk about TMT, of course, there is also the telco sector within that. The telco sector, actually, from a bribery and corruption perspective, has had the spotlight on it for a little while now, and there have been a number of high profile finds in that area around entering into foreign jurisdictions and challenging markets. There is a lot to learn from how the telecom industry is responding to that, as well as from a lot more mature industries, such as oil and gas, pharmaceuticals, financial services, in respect of how to respond to regulation and risk.
One of the critical pieces is around having the right governance structure and understanding at the board level and the accountability within the organisation. In those mature sectors the framework is there - the policies and the procedures, and the governance. However, it's the culture that those mature organisations are now trying to grapple with. You can have all the rules and all the guidance, but if you have the wrong culture, it is really not worth the paper it's written on.
From the TMT side of things, organisations actually work with a great culture from the start, but they don't have the right framework to work within from a regulatory perspective. There's just a little bit of work that needs to be done around having the right people being made accountable for responding to regulation and putting in place the right things, and perhaps learning from some of those mature entities about how they did it, but doing it with that sharp focus on keeping the culture right.
Trust and transparency need to run through the heart of an organisation from the front to the back office. Clearly, there is a prioritisation piece - you cannot build Rome in a day - and it starts at the board and the governance level. It is critically important for organisations to almost put together a trust and transparency map and understand the stakeholders with whom they are interacting. That is everything from their employees, to their shareholders. And so, it is mapping out those different stakeholder groups and understanding the touchpoints and the interactions that you have as an organisation with them, and how you need to either change that narrative or reconsider your approach, or make sure that you've embedded the right process to demonstrate transparency in what you're doing.
One thing that I did not mention there, but is a significant risk for all organisations, is around third party risk. It's very easy to get your arms around your own population, you have easier communication channels, you can put in place policies and procedures. Once you go down your supply chain and your business development, as well as your agents and your third parties, there is an additional layer of risk that you bring to your organisation. Things like the Modern Slavery Act, the UK Bribery Act, they are all looking at how an organisation considers that third party relationship, what due diligence you do, and whether you really understand who you do business with.
That is a critical area for organisations to get right, because that is where it can all fall down, and third parties can bring liability to your organisation. This is the area that companies need to focus on to make sure that they can really stand behind it.
First of all, understand who those third parties are, because many organisations actually don't have that complete picture of them. Once you have understood that, ensure that there is a business justification and a rationale for using them, both from a commercial point of view and from a risk and regulation point of view. Lastly make sure you have undertaken proper diligence to understand who they are and whether they are the right type of organisation that you want to be working with and for you.
If you would like to explore how to tackle today’s anti-bribery and corruption challenges in financial services and how can organisations overcome these download our ‘Today’s anti-bribery and corruption challenges in financial services’ report.
Watch the final video: