Discussing Ethics, Compliance and International Law

Posted by: Yvonne Luker - Global Chamber on Wednesday, June 10, 2020

We recently discussed Ethics, Compliance and International Law in a globinar, and here's a wrap-up. 

It's important to navigate the global business world safely including adhering to country laws where you're operating. In this globinar we had a conversation with experts on the international legal implications when your business grows overseas and how you can be in better compliance in different countries. Watch and listen to the globinar HERE.

We urge you to check out the TRACE Bribery Risk Matrix® HERE that summarizes business bribery risk in 200 countries, territories, and autonomous and semi-autonomous regions.

The overall country risk score is a combined and weighted score of four domains: Business Interactions with GovernmentAnti-Bribery Deterrence and EnforcementGovernment and Civil Service Transparency; and Capacity for Civil Society Oversight, including the role of the media. Pia Vining discusses this information and more during the globinar.

Some additional information from some questions posed in the session are shown here.

1) What more can you say about the decision processes in determining whether to enter a country or not?

When deciding whether or not to enter a new market, companies must consider a myriad of factors that could increase the possibility of being asked for a bribe by a foreign public official. The factors include the individuals involved; the dynamics of the industry; and the specific corruption risk to a given market, region or country. Quantifying that risk can be a challenge, particularly given the range of contributing elements and how they can combine to improve or degrade a country’s ethical climate.

A good starting point to assist in the evaluation is a corruption index such as the TRACE Bribery Risk Matrix, which provides nuanced and multidimensional analysis of the root causes of business bribery risk—such as levels of governmental transparency and freedom of the press. The TRACE Matrix aims to help companies make more informed decisions about bribery risk and where to allocate compliance resources.

However, it’s important to examine the data closely. A simple ranking doesn’t capture all the nuances, such as that certain forms of bribery occur more frequently in some regions and countries than others. The separate domain and subdomain scores of the TRACE Matrix are intended to help companies understand the different sources of bribery risk, but even those may be subject to differing interpretation depending on a country’s circumstances and profile.

2) From #1 is there a third option where more than go or no go, that it would be go, but with qualifications, or special preparation, and what would that preparation be, given a concern about a country or market?

Companies cannot eliminate all risk, but the goal is to design a risk-based compliance program in order to allocate resources strategically. That includes targeted training and third party due diligence.

While the process of identifying red flags in the course of due diligence can be somewhat mechanical, deciding what to do about them is anything but. Some flags, as a matter of company policy, may on their own be flatly disqualifying—but for the most part, it won’t be so clear-cut. 

In many instances, a red flag will serve primarily as a caution: identifying a potential risk that requires some form of constraint or oversight. Other flags may, upon further investigation, turn out not to be of serious concern. Often, though, you will be presented with a dilemma: a significant risk of corrupt behavior that can be mitigated but not eliminated. At that point, you will need to balance that risk against your company’s needs and goals, assess any alternative options for the engagement, and decide whether to proceed.

The appearance of a red flag doesn’t mean that your intermediary will definitely engage in bribery, just as the absence of red flags isn’t a guarantee that it won’t. But in the event that you do proceed with the engagement, having identified those flags will help you understand the nature of the risks you’re dealing with and find appropriate administrative measures to mitigate them. You will also have a better idea of how best to monitor the engagement so that if something improper does happen, you can catch it early and respond appropriately.

3) You mentioned ongoing audits... are there ones that you normally recommend? Are some of those country-specific, such as: for entering Russia, here are the things you should set up?

Audit clauses are an important but frequently challenging tool. Third parties may see them as offensive and showing lack of trust, and audit rights are not always enforceable. In Russia, for example, local law allows business partners to not disclose commercially sensitive information.

There is a cost associated with gathering and sorting information and providing personnel to answer questions, and small businesses often don’t have resources to allocate to an audit. Additionally, the third party often treats requested information as confidential, as they may have information about competitors’ products and pricing structures in their books.

The best way to proceed is to define the scope of your audit carefully. You should stay focused on your risks, limit the inconvenience and be cognizant not to overreach. Audit rights can be exercised regularly at periodic intervals (for example, every two to three years). Some exercise audit rights only after a triggering event occurs, i.e.: improper behavior or credible allegations. 

4) If I suspect that partner of ours is doing something unseemly, what is your recommendation on how to proceed? Should we do some sort of investigation that he might discover? Or confront? Or case by case? And then how should we document that either way?

A company determined to defraud others will usually succeed for a while, but this does not undermine the value of due diligence. No due diligence review is a guarantee against wrongdoing. Due diligence should fit not only the risk profile of the agent, but the risk profile of the deal. You must be ready to walk away from an intermediary—and potential business—if the risk is too high. When you reach this point depends on your company’s risk appetite.

There is no such thing as “foolproof” due diligence. While robust due diligence can help companies understand the level of risk a third party is likely to bring, a clean past is no guarantee against future misconduct. Relationships have to be managed, commissions monitored and suspicious conduct audited. Due diligence is a process, not an event.

5) Is the podcast you mentioned free and open to the public?

The Bribe, Swindle or Steal podcast is a publicly available resource that focuses on financial crime. In the podcast, TRACE’s president and founder, Alexandra Wrage, explores the world of corruption, fraud, money laundering and sanctions. Through interviews with investigative reporters, business people and prosecutors, the podcast examines different angles of financial crime and explores what motivates people to break the law, how wrongdoers cover their tracks and what can be done to put a stop to the looting. You can download at www.traceinternational.org/resources-podcast and wherever you listen to podcasts.


00:00 – Multi-Metro Globinar begins

  • Bill Papazian - CEO & Founder at Lightstone Solutions, "On Corruption, Background Checks and Managing Through"
  • Pia Vining - Senior Director of Due Diligence at TRACE International, "Reduce Bribery Risk When Entering a New Market"

00:30 – Q&A Session

01:00 - End

Speaker Bios

Bill Papazian - CEO & Founder of Lightstone Solutions.  Bill is a seasoned regulatory compliance and investigative professional with over 30 years of relevant experience since he began his career in 1986. His experience includes International Due Diligence, Compliance, Investigation, Background Checks, Foreign Corrupt Practices Act (FCPA) Compliance, Third Party Vetting, Vendor Due Diligence, Gaming Regulatory Compliance, Title 31 Compliance, Tribal Gaming Commissions and International Corporate, Commercial, Finance and Transactional Affairs. Bill also specializes in internal investigations, programmatic audits of Tribal Gaming Agencies and other Tribal non-Gaming governmental agencies/businesses and start up Tribal Gaming Commissions. Services are GDPR complaint.


Pia Vining - Senior Director of Due Diligence at TRACE International.As Senior Director of Due Diligence at TRACE, Ms. Vining assists multinational companies with selecting and executing the appropriate due diligence solution. Her team of multilingual due diligence analysts and lawyers has completed reviews on thousands of commercial intermediaries in most countries and across all industries. She helps develop customized, best practices third party management programs for TRACE members and customers. Prior to joining TRACE, Ms. Vining was a litigation specialist in the tax department of Miller & Chevalier. She graduated from the University of Helsinki, Faculty of Law, and holds an LL.M. degree from The George Washington University Law School. She speaks Finnish and Swedish. Ms. Vining is a member of the New York bar association.


Contact the Speakers



TRACE is a globally recognized non-profit business association dedicated to anti-bribery, compliance and good governance and leading provider of shared-cost third party risk management solutions. Members and clients include over 500 multinational companies located worldwide. TRACE is headquartered in the United States and registered in Canada, with a presence on five continents. For more information, visit www.TRACEinternational.org.




0 comments on "Discussing Ethics, Compliance and International Law"

Leave a Comment