Integrity Due Diligence – Towards an integrated approach to Compliance (I)

Photo by / CC BY

Photo by / CC BY

The serious impact and long-term effects of economic crimes, such as money laundering, corruption and fraud (‘MLFC’), may not seem to be as apparent as those resulting from hard security threats. These crimes do, however, pose some of the most menacing risks currently facing governments, institutions and corporations. The following article aims to discuss an integrated integrity due diligence approach to effectively combat MLFC on all levels of an organisation and across the relevant departments, whilst fulfilling regulatory requirements and ensuring the optimal protection of the institution’s reputation.

The article is divided into two parts. This first part will illuminate the background to the topic and introduce the most important legal frameworks. These legal requirements induce corporations and institutions to set up MLFC prevention structures. The second part of the article, to be published shortly, will outline how integrity and reputational due diligence in its various forms can be used to integrate MLFC prevention requirements more effectively and efficiently.

MLFC threats

The most clear-cut examples of the threats resulting from money laundering, fraud and corruption, are encapsulated in the impact of the 2007-2010 financial crisis, and most recently, in the ramifications of the European sovereign debt crisis, ultimately putting at risk individual state’s sovereignty and the overall stability of the European Union.  According to the World Bank, the global cross-border flow of criminal proceeds is estimated at between $1 trillion and $1.6 trillion per year, which amounts to some 1.5% – 2.5% of the world’s GDP.

Some large-scale investigations, into corruption, fraud and tax evasion – all of which are predicate offences to money laundering – have shaken corporations and catapulted the topic of MLFC onto the top of boardroom agendas, not least as a result of stringent compliance regulations. Given the growing number of requirements to combat MLFC, there is an increased interest amongst companies to improve standards and implementation procedures to ensure that they are effectively compliant.

Some of the most well-known money laundering cases include the US$ 7 billion of Russian capital flight which was laundered through the Bank of New York in the late 1990s or the billions of government assets laundered through the international banking system by the former Presidents of Nigeria, Sani Abacha, the Philipines’ Ferdinand Marcos and Peru’s Vladimiro Montesinos.  The most recent high-profile and currently still ongoing investigations, launched in 2011 into allegations of money laundering, involve the former leaders, toppled during the Arab Spring uprising: Zine El Abidine Ben Ali, Hosni Mubarak and Muammar Gaddafi.

The risks facing corporations as a result of corrupt practices have been drawn to the fore following some large-scale Foreign Corrupt Practices Act investigations launched by the US authorities into Statoil, Baker Hughes, Siemens, BAE Systems and Daimler. Due to the UK Bribery Act, which came into force recently, this investigative trend is likely to continue.

The legislative response

The subject matter of MLFC has received increased attention in recent years due to the precarious political implications emerging from these crimes. As a result, new legislation has been drafted and existing legislation expanded upon.  The following section outlines some of the most important conventions and legal frameworks, which have been enacted since the 1970s, and which have evolved over time.

Money Laundering

The fight against money laundering, with the aim of combating crime, was initiated by the Council of Europe in 1977. In the late 1980s, the US launched the so-called war against drugs followed by counter terrorist measures instated in the US Patriot Act in 2001. More recently, the fight against money laundering is also increasingly being supported by the international asset recovery initiative (‘StAR’), which was set up in 2007 by the UN Office on Drugs and Crime (UNODC) and World Bank, to assist developing countries in recovering stolen assets.

The Council of Europe Convention on Laundering Search, Seizure and Confiscation of the Proceeds from Crime and on the Financing of Terrorism came into force in 2005.  The third European Union Anti-Money Laundering Directive, which has been implemented into national legislation within the EU member states, came into force in 2007, following the first directive in 1991 and the second in 2001.

The Financial Action Task Force on Money Laundering (‘FATF’), an intergovernmental body set up by the G-7 Summit in 1989 in response to mounting concern over money laundering, established a series of Recommendations (40+9) in 1990, which were revised in 1996 and in 2003.  The FATF also monitors progress of anti-money laundering implementation processes and publishes regular evaluation reports.

All anti-money laundering legislation, frameworks and guidance notes underline the requirement of undertaking Customer Due Diligence/KYC (‘Know Your Customer’) and of performing enhanced due diligence when engaging with high-risk clients. In turn, moving from regular to enhanced customer due diligence requires an adequate risk assessment process to be in place.

Within the context of the fight against money laundering, combating tax evasion is increasingly playing an important role. Governments continue to crack down on tax evasion in an attempt to reduce the amount of public debt. One of the most extensive pieces of recent legislation which aims to curtail tax evasion and repatriate funds to their respective home countries is the Foreign Account Tax Compliance Act (‘FATCA’) drafted by the US government, which will come into force in 2013.


There is no single UN convention, which deals specifically with fraud, it is however, included in the UN conventions on money laundering and corruption, mentioned in this article. The implementation of fraud prevention systems have been driven largely by the Sarbanes Oxley Act (‘SOX’), which was enacted in 2002 following a series of large corporate and accounting scandals (Enron, Tyco and WorldCom), which resulted in the collapse of large corporations. The Sarbanes Oxley Act aims to improve corporate governance, quality of financial reports, and credibility of audit functions, and to deter fraudulent activities.  SOX requires that companies undertake third-party due diligence on their business partners and associates, to ensure that there are no issues of concern or ‘red-flags’ attached to their standing and reputation.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a voluntary private-sector organization, established in the United States, dedicated to providing guidance to executive management and governance entities on critical aspects of organizational governance, business ethics, internal control, enterprise risk management, fraud, and financial reporting. COSO was set up in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, an independent private-sector initiative that studied the causal factors that can lead to fraudulent financial reporting.


The Foreign Corrupt Practices Act (‘FCPA’) which was enacted in the United States in 1977 addresses accounting transparency requirements and the bribery of foreign officials.  The OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions came into force in 1999 with the aim to reduce corruption in developing countries by encouraging sanctions against bribery in international business transactions carried out by companies based in the Convention member countries.  The United Nations Convention against Corruption, which was signed in 2003, focuses mainly on prevention but also addresses the issues of criminalisation, international cooperation, and asset recovery.  Most OECD countries apart from Japan, Germany, Ireland and the Czech Republic have ratified the UN convention.

In 2011 the most far-reaching piece of anti-corruption legislation, which is now considered the new gold standard for prosecuting corruption came into force, namely the UK Bribery Act.  Unlike the FCPA, the UK Bribery Act allows for prosecution of an individual or company, doing business with or through the UK, regardless of where the crime took place.  Furthermore, the UK Bribery Act not only refers to the bribing of foreign officials but to the bribing of or by anyone individual.  Finally, the Act does not allow for any facilitation payments.

Anti-corruption conventions and legislation also require corporations to ensure the integrity and reputation of the third parties linked to the company, and to conduct appropriate business partner due diligence in this regard.

Fragmented implementation

As can be seen from the legislative landscape outlined above, UN Conventions, respective legislation and best practices standards are somewhat fragmented, despite the fact that MLFC crimes are inextricably interconnected.  Although significant progress has been made in this area, also in terms of cross-border cooperation amongst institutions seeking to prevent MLFC, it is being increasingly agreed that MLFC initiatives and efforts need to be integrated more rigorously in order to ensure effective and efficient results.

Within institutions and corporations, it is often independent departments, which manage money laundering, fraud and corruption prevention efforts.  It is rarely the case, that one department is responsible for MLFC risks jointly. This might change in favor of more integrated structures, not only because it is more effective but also because it is the more cost efficient approach. The Association of Certified Anti-Money Laundering Professionals (‘ACAMS’) published a survey which showed how the majority of institutions expected to achieve improved efficiency in investigations by integrating their anti-money laundering and fraud programs, and that some 50% expected to see a reduction in the aggregate costs.

The US regulators, who have also made recommendations to institutions to integrate aspects of their anti-fraud and anti-money laundering programs, are also supporting this approach to integration. This drive for integration can also be seen on the level of the institutions setting and implementing best-practice standards in the area of MLFC.  Most recently, in July 2011, the anti-money laundering body FATF published a report entitled Laundering the Proceeds of Corruption and has made an official statement regarding its commitment to supporting the fight against corruption. In August 2011 the Wolfsberg Group, an association of eleven global banks focused on developing financial services industry standards, and related products, for ‘Know Your Customer’, ‘Anti-Money Laundering’ and ‘Counter Terrorist Financing’ policies, published the Wolfsberg Anti-Corruption Guidance, a revised, expanded and renamed version of their 2007 published Wolfsberg Statement against Corruption.

Integrity due diligence – an integrated approach

The second part of the article will elaborate on the integrity due diligence toolkit which contains the necessary instruments for assessing and managing risks attached to business partners and third parties in general.

Integrity due diligence can assist corporations and institutions in fulfilling the most fundamental operational aspects of combating money laundering, fraud and corruption. The integrity due diligence toolkit follows a risk-based approach and can therefore be tailored to meet any one organisation’s needs based on their risk exposure.

Jennifer Hanley-Giersch is Managing Director at Business Risk Research Ltd.