2022 ABC Regulatory Landscape - What Concerns Are on the Horizon

As with prior years of the Kroll Anti-Bribery and Corruption Benchmarking Report, respondents who have concerns with the regulatory horizon primarily worry about a stricter and increased regulatory environment (60% compared to 55% in 2021). The leading causes for concern also include increased enforcement activity (51%) and an increasing reliance from regulators on self-reporting (41%). These reasons for regulatory concern are proportionally similar across all surveyed regions globally and are consistent with prior years.

This is despite the lull in Foreign Corrupt Practices Act (FCPA)-related enforcement in 2021. Prior Kroll benchmarking surveys found a majority of respondents expected increased activity that did not materialize, at least not based on FCPA enforcement actions from the U.S. Department of Justice and U.S. Securities and Exchange Commission. The lull may have been caused by the broader slowdown in government processes due to remote work. Enforcement actions are also based on the duration of time to conduct complex investigations and self-disclosures occurring, which may materialize into more resolutions in 2022.

Concerns with an increased regulatory environment may also influence an expectation for heightened compliance burdens, as 70% of survey respondents believe that the compliance function will generally take on increased responsibilities to meet expectations in 2022. However, organizations continue to feel well-equipped for these new responsibilities. The majority report that senior management supports their compliance function (79%), that their compliance program has sufficient technology (68%) and that their organizations are meaningfully committed to a culture of integrity (79%).

What Could Cause ABC Risks to Increase in 2022?

Similar to prior years, a plurality of respondents believed that their ABC risks would stay the same in 2022 compared to 2021 (44%), and particularly in the U.S. and Canada (69%). Of the 38% who said their ABC risks would increase, cybersecurity and data breaches continue to be the leading cause (34%). Twenty-two percent of respondents cited the impact of remote working/decentralized management as the leading factor for ABC risks to increase. 

Compared to 2021, financial pressure is increasingly mentioned as a leading cause for growing ABC risks (17% in 2022 versus 6% in 2021). This growing trend was the leading cause for ABC risks to increase in the U.S. (36%), Brazil (26%) and Hong Kong S.A.R. (21%), which could be due to varied reasons such as slower post-pandemic recoveries or the increasing costs of doing business. As we’ve observed since the start of the pandemic, financial pressures can create challenging conditions for compliance professionals when those pressures result in an insufficient workforce, particularly as it relates to the compliance functions and an inadequate budget for which fraud or misconduct can occur, including layoffs or other reductions in compliance resources that would otherwise be able to prevent fraud or misconduct.

How Are Companies Responding to the Latest Anti-Corruption Measures?

Because Kroll's 2022 Anti-Bribery and Corruption Benchmarking Report found an increasing concern for ABC regulatory enforcement in the year ahead, 2022 respondents were surveyed on how they are specifically addressing the latest U.S. and EU efforts to combat corruption. Companies are primarily responding to these new and potential measures by reviewing their compliance programs (44%), refreshing their risk assessments (43%) and evaluating their existing policies and procedures (42%). Globally, only 31% of compliance professionals are responding to these latest measures by considering enhancements to their compliance programs in expectation of additional scrutiny. This may be either due to muted concern for enforcement or their broad confidence in the effectiveness of their programs. 

Whistleblowing has become increasingly important in recent years due to new regulatory developments and the reliance from regulators on self-disclosures. In particular, companies with operations in the EU were required to implement the EU Whistleblower Directive (2019/1937) in December 2021.¹ 

Seventy-two percent of global respondents said they are operating a whistleblower program. Unsurprisingly, U.S. and Canada were the countries with the highest use of whistleblower programs (81%) and the Middle East was the lowest (61%). Although the EU Whistleblower Directive came into effect in 2021, companies with less than 250 employees are not required to comply until December 2023, which may be reflected in the benchmarking survey, where only 89% of Europe respondents were either currently developing or operating a whistleblower program.

Globally, organizations with programs in place overwhelming say they include policies to protect whistleblowers from retaliation (86%). Communicating anti-retaliation policies is key for a whistleblower program to be effective, and respondents detailed how their organization uses multiple methods for this communication–64% said anti-retaliation policies are shared in their annual mandatory trainings, 68% of organizations share the policies in a company-wide email and 51% of organizations also use in-person trainings to reinforce anti-retaliation.

In the U.S., anti-corruption developments are primarily centered around the U.S. Strategy on Countering Corruption issued by the Biden administration in December 2021. The interagency reviews resulting from this strategy are ongoing, and in certain departments, are beginning to materialize. For example, the U.S. Department of Justice’s Criminal Division has signaled strong support for resources for prosecutors and a robust pipeline of enforcement activity in 2022. Among the key pillars from the White House strategy is a promise to focus on specific industries and professional roles at higher risk for illicit finance. These include real estate, digital assets, investment providers, “gatekeepers” and other intermediaries.² Third-party gatekeepers, often a hidden risk for multinational corporations, can be lawyers, accountants, insurance professionals or investors. Similarly defined by the Financial Action Task Force (FATF) as designated non-financial businesses and professions (DNFBPs), FATF’s December 2016 U.S. Mutual Evaluation Report had identified limited regulatory requirements on third-party gatekeepers as a gap in the U.S. anti-money laundering (AML) regime. Globally, 56% of respondents agreed that third-party gatekeepers increase ABC or money laundering risks; this belief was the strongest in the UAE (78%), Saudi Arabia (76%), Italy (70%), Singapore (68%) and China (64%).

The U.S. Combating Global Corruption Act (CGCA) was introduced in Congress in June 2021, and if implemented, would provide tools for governments, civil society organizations, and the public to hold government officials accountable for failing to fight corruption.³ Of note, the CGCA would include a rating system for assessing countries on their anti-corruption efforts, require the U.S. State Department to publish a list of potential Magnitsky Act sanctions targets in low performing countries and direct diplomatic engagement. The proposed CGCA rating system alone would be a gamechanger for compliance programs, as it would provide a predetermined corruption rating as a jurisdictional risk category when assessing third parties. Along with the pending ENABLERS Act,⁴ such legislation is among a set of measures that advance the broader U.S. anti-corruption agenda and support compliance organizations in assessing their ABC risks. 

In the UK, the Economic Crime (Transparency and Enforcement) Act received approval in March 2022 in response to Russia’s war on Ukraine.⁵ The Act was initially drafted in 2018 to address the use of UK property as a safe haven for illicit wealth, and later expanded to bolster the government’s Unexplained Wealth Order (UWO) regime and the power of the Office for Financial Sanctions Implementation (OFSI) to issue and enforce sanctions. While this reform, if implemented effectively, could become a tidal shift in the UK government’s ability to tackle financial crimes, it is a key example of how Russia’s war on Ukraine can bring political commitment to close known gaps in various regulatory regimes. Similarly, in an attempt to have a standardized global approach, pending U.S. legislation like the CGCA and the ENABLERS Act may see increased U.S. congressional support in 2022.

In addition to new tools governments are providing for prosecutors, civil society and the private sector to enforce sanctions on Russia, we may ultimately look back on 2022 as a significant leap forward in regulatory complexity for ABC programs. The strains on globalization and the shifting world order have caused ABC regulatory complexity for years, and the response from Western governments and their allies to Russia’s invasion will hasten this trend. Similar to the U.S.-China trade war since 2018, globally-integrated multinational companies are forced to pick sides commercially, and the compliance function’s role is to support the company in mitigating the resulting regulatory risk. 

One of the many impacts on ABC programs from Russia-related sanctions is the additional challenge of knowing who their companies are doing business with. While 44% of survey respondents use due diligence to assess risks in their third-party networks and 47% use screening tools, these methods alone may be insufficient in identifying hidden connections that cause additional sanctions and reputational exposure. Thirty-seven percent of respondents also use questionnaires, which depending on the risk tolerance of the ABC program, may require third parties to disclose their shareholder structure. The challenge with each of these methods is when regulators expect ABC programs to validate counterparty disclosures or use publicly available data to identify risks. The ongoing use of offshore or low transparency jurisdictions to hide illicit wealth is a particular roadblock for private companies expected to enforce sanctions. This is why a dramatic event like the multilateral sanctions on Russia necessitates companies with exposure to refresh their ABC risk assessments and reevaluate their risk-based due diligence protocols.

The Road Ahead

By all measures, 2022 will have heightened regulatory complexity for compliance professionals, and corruption risks and global regulations will continue to diversify. This complexity necessitates a continued commitment to anti-corruption and bribery programs that meets regulatory expectations and are prepared the future. This year’s survey demonstrates that compliance professionals maintain their focus on preparation for the unknown.

Sources: 
¹ https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32019L1937
² https://www.whitehouse.gov/wp-content/uploads/2021/12/United-States-Strategy-on-Countering-Corruption.pdf
³ https://www.congress.gov/bill/117th-congress/senate-bill/14
⁴ https://www.congress.gov/bill/117th-congress/house-bill/5525
⁵ https://commonslibrary.parliament.uk/research-briefings/cbp-9486/