Keeping to the right

Recent developments in the US surrounding charges and arrests for alleged wrongdoing by officials from soccer's global governing body FIFA should be a catalyst for audit, risk, compliance and governance professionals to re-evaluate the strength of their entity's moral safeguards.

According to Deloitte's 2014 Global Survey of Reputation Risk, around 87 per cent of executives across the world believe that reputation risk is the most important strategic risk. A reputation that has taken decades to build can be ruined very quickly when the media or law enforcement agencies report instances of fraud, corruption or other wrongdoing.

Any evaluation of an entity's moral landscape should extend to reputational risks posed by the potential wrongs of associated entities, such as third-party suppliers, joint venturers, sponsored sporting groups and the like. For example, allegations of Wrongdoing by Securency in 2007 – then operating as a joint venture company, with 50 per cent owned by the Reserve Bank of Australia (RBA) – were damaging to the RBA.

A number of elements must be considered in any evaluation of integrity safeguards, including an analysis of corporate culture, proactive management of reputational risks, the changing legal landscape (including anti-corruption legislation globally), fraud and corruption control arrangements and, within those, the management of conflicts of interest. Tight contractual arrangements should be established with third parties, so that associated entity integrity safeguards are at least equivalent to your own.

Fraud and corruption

According to the Crime and Corruption Commission (CCC), "Fraud and corruption can take many forms. Fraud is normally characterised by some form of deliberate deception to facilitate or conceal the misappropriation of assets, whereas corruption involves a breach of trust in the performance of official duties". Like the CCC, this article does not treat fraud and corruption separately, nor does it give one priority over the other.

From a financial perspective, fraud losses may prove to be hefty, with about 5 per cent of an entity's revenues typically lost to fraud each year, according to the Association of Certified Fraud Examiners' Report to the Nations on Occupational Fraud and Abuse (2014 Global Fraud Study). However, allegations of "rampant, systemic and deep-rooted corruption" à la FIFA will potentially have much longer-term negative consequences to entities, their leadership cohort and their brand as a whole.

According to the NSW auditor-general's Fraud Control Improvement Kit, fraud education and awareness arrangements need to include guidance materials that deal with real-life situations, conflicts and fraud risks that employees face. Further, third-party management systems should require staff disclosure of conflicts of interest, with records i of conflicts of interest reviewed and kept up to date.

Conflicts of interest

About a decade ago, then Australian prime minister John Howard reflected that "good governance is a great enemy of corruption". More recently, the Organisation for Economic Co-operation and Development (OECD) recognised "there is a growing consensus that managing conflict of interest is critical to curbing corruption."

Reports indicate that unmanaged conflicts of interest continue to cost entities millions of dollars. The UK National Audit Office defines conflict of interest as: "A set of circumstances that creates a risk that an individual's ability to apply judgement or act in one role is, or could be, impaired or | influenced by a secondary interest"

To minimise related fraud and corruption risks, entities need a clear and well-understood conflicts-of-interest policy, coupled with practical arrangements to both implement and monitor policy requirements.

Practical steps

Audit, risk, compliance and governance professionals have an opportunity to evaluate whether key elements for managing conflicts of interest have been established and are operating in practice within their entities and for associated entities. These will typically cover both prevention and detection elements, with the framework to include:

. the promotion of ethical standards through an explicit conflicts-of-interest policy, coupled with well-articulated values and clear conflicts provisions contained in the staff code of ethics;

. the identification, understanding and d management of conflicts of interest through open and transparent communications that ensure decision-making is efficient, transparent and fair, and that everyone is aware of what to do if they suspect a conflict;

. a requirement to inform third parties of their responsibilities and the consequences of non-compliance through a Statement of Business Ethics and formal contractual requirements; in safeguards that ensure transparency through well-established arrangements for declaring and registering gifts and other benefits;

. safeguards that ensure decisions are made : independently, with evidence that staff and contractors routinely declare all actual, potential and perceived conflicts of interests involving at-risk areas like procurement, management of contracts, human resources, decision-making and governmental policy advice;

. effective management, internal controls and independent oversight to detect breaches of the conflicts-of-interest policy and to respond appropriately to non-compliance.