9
|
Anti-Corruption Compliance Program Benchmarking Survey
Which of the following best describes Anti-Corruption risk assessment at your company?
3.9%
My company does not conduct an Anti-Corruption risk assessment
11.8%
2% Other
A largely informal, undocumented process
33.3%
A stand-alone, documented process dedicated solely or largely to Anti-Corruption risk
26.5%
Part of a documented, enterprise-wide process focusing on risks of all kinds – meaning not only compliance risks, but others encompassed within an “ERM� framework
22.5%
Part of a documented process focusing on compliance risks of all kinds
Comments of note about risk assessment included the following: Fewer than 4% of respondents do not conduct any type of Anti-Corruption risk assessment, and fewer than 12% have a largely informal, undocumented Anti-Corruption risk assessment process.
t
A combination of internal and external assessments.
t
No formal risk assessment has been performed; however, during an FCPA investigation [a] significant amount of information was gathered and used in the same manner as if a risk assessment had [been] conducted.
t
Global and focused risk assessment in each of the big ticket compliance areas, i.e., AntiTrust, Anti-Bribery.
t
On an annual basis, we distribute a self-assessment for our locations around the world to complete. The self-assessment includes information such as % of sales to government entities, third party sales agents, training, etc. The information is then included in the risk assessment and scored to identify the higher risk locations who then receive an on-site review of transactions the following fiscal year.