Walmart addresses corruption risk by cutting back on foreign third-party representatives

1 May 2018 1:53pm
North America on Globe

25 April 2018. By Robert Thomason.

Walmart is reducing the corruption risk posed by its third-party representatives by reducing the number of them it engages to interact with government officials.

"Over the last year we significantly reduced the number of third parties that we use for these services, so we have fewer, stronger business relationships," said Walmart CEO Doug McMillon in his 2018 update on anticorruption efforts.

Walmart's action highlights the risks that third-party representatives pose to a corporation.

Risks, penalties

A survey by Kroll said that 40 percent of responding worldwide companies said they saw third parties as presenting the greatest corruption risk last year. That is three times higher than either of the next two most vexing risks: the complex regulatory landscape and their own employees making improper payments.

In Africa, third-party risk is seen as much more severe. A study by law firm ENSafrica said that 76 percent of responding firms said the most significant corruption risk was the use of third parties.

Penalties can be significant for companies that use third parties as part of a scheme to pay the bribes or to distance themselves from the payments. Siemens in 2008 was fined $1.6 billion by US and German authorities for a wide-ranging bribery scheme that relied in large part on "business consultants" making illegal payments to government officials. Alstom, a construction firm, in 2014 paid $772 million to settle FCPA charges that stemmed in part from the construction firm's use of consultants to conceal bribe payments.

And Telia, a Swedish telecom, in 2017 paid $965 million to the US, Sweden and other authorities for paying bribes to the daughter of the president of Uzbekistan to acquire licenses there. Third parties were used to carry out some of the bribery, including an instance in which one was paid to assume $15 million in debt of a company owned by the daughter.

When the DOJ in November modified its policy to increase the likelihood that a company could avoid prosecution by self-reporting FCPA violations, the agency expressly reiterated the importance it attaches to third-party liability.

The new policy said that a company must provide all facts about third parties and their employees that are relevant to the case. It must also produce documents and witnesses from the third parties; and if the company claims a foreign law prohibits such production, then the burden to prove that falls on the company.

Walmart

The costs are not limited to criminal and civil fines. Walmart spent about $877 million developing and deploying enhanced anticorruption programs before reserving $283 million in anticipation of an FCPA settlement with the US government.

The global retailer's annual spend has been tapering off after it invested heavily in starting the programs, the company said, but it was still $40 million in its most recent fiscal year.

The company's most recent corporate responsibility reports shed light on how Walmart is merging its anticorruption work into broader compliance efforts.

In its report for the fiscal year ended January 31 2017 Walmart said more than 100,000 associates had been trained in anticorruption policy and practice; chief ethics and compliance officers and anti-corruption officers were appointed in each market; and a system to monitor 56,000 governmental licenses had been put in place. In the fiscal year ended January 31, it disclosed that it had reduced third parties.

Third parties in Mexico, known as "gestores," figured prominently in allegations against Walmart. A 2012 series by the New York Times said that Walmart executives in Mexico had relied on gestores to make payments to gain regulatory approvals.

Walmart had self-reported possible FCPA violations to US authorities before the articles were published. The self-reporting extended beyond Mexico and included activities in Brazil, India, China and elsewhere.

As it has negotiated a possible resolution to those allegations it has also initiated programs and practices its says are designed to address the root causes that led to the investigations.

"We have been reshaping Walmart’s ethics and compliance program over the last five years," the firm said this week. "We established an integrated, worldwide structure to enhance transparency and accountability. We built processes, aided by innovative technology systems, to reinforce that acting in the right way is part of the company culture. And we are taking similar steps to promote integrity with our many suppliers and vendors, particularly those that interact with governments for us."

Due diligence

Key to mitigating third-party risk is due diligence and crafting strong agreements before the independent agents begin representing a company. Various platforms exist to manage and standardize the collection and assessment of information about potential third parties.

The World Economic Forum's Partnering Against Corruption Initiative published a sample questionnaire. It contains questions that seek to find common red flags pointing out corruption risks.

For instance, due diligence inquiries should reveal whether officials or employees of third parties are related to public officials, and whether the third party has a written anticorruption policy. The location of bank accounts used by a third party also can indicate risk if the accounts are in a country considered a high money-laundering risk.

Companies have also begun to integrate other questions about regulatory risks into their initial questions directed towards third parties. The process, sometimes called 'connected compliance' or 'integrated compliance', serves to expand compliance and control costs.

Because bribery is both a driver and a result of other types of crime, inquiries about the anticorruption posture of third parties provide a relevant moment to ask about those other types of liabilities. For example, while asking a third party about its relationship to environmental regulators, a company might ask if it has been involved with businesses that have been sanctioned for environmental violations. 

Due diligence is also tailored by sector, allowing integrated compliance inquiries to focus on relevant areas of risk. If a third party is an independent logistics firm that moves freight by sea, the questionnaire could be modified to ask whether the company adheres to maritime anti-slavery treaties or other protocols.

	Eliot Gao