Howard Kerr , global chief executive officer at British Standards Institution (BSI), was in India to launch an anti-bribery management system designed to help businesses reduce the risk of prosecutions under the UK’s Bribery Act of 2010. He spoke in an interview about this and issues related to corporate corruption in India and other countries. Edited excerpts:
What brings you to India?
India is already an extremely important part of BSI’s international operations. We are in 27 countries around the world. India is one of our top five in terms of size. More importantly for the future, I see India as being a much more significant market for BSI, not just for doing business in India, but actually as a source of innovation and product development for our global business. I have spent two days down in Bangalore talking to some very innovative internationally minded organizations, and we want to tap into the knowledge and expertise that is emerging. So our relationship with India is increasingly two way—we are building a very successful string business in India and we want to keep investing, so we are looking at investment opportunities here.
What is an anti-bribery management system? How does it work?
A management system generally is based on a standard. A standard is a repeatable best practice which has been developed by experts who really focus on this issue. So, in the case of the anti-bribery standard, it’s been created by a group of international experts who work in the area of anti-bribery and risk management. A management system is that method by which a standard can be adopted and implemented into a real-life organizational situation. It’s a working tool, it’s a business process, like anything else in business. Managing anti-bribery is no different to managing risks in health and safety or environment. It’s a definition of best practices in an organization which you can implement, communicate to your employees, train your employees and test in your organization. So it’s a framework, it’s a benchmark, it’s some hard rules, definitions, which are implementable across an organization with protocols, audit trails, which employees at any one time can go back to refer to. So if you are not sure about what to do, if you are in a difficult situation, where potentially bribery is coming into play, what do I need to do, where do I need to go to? It’s been defined, it’s been communicated and the leadership team have very clearly laid out the expectations for all of the employees and the third parties. The management system encompasses not just the employees but all of the stakeholders in that business, because that’s normally where the risk of bribery is imported through third parties and supply chains.
Tell us about the new anti-bribery management system BSI has introduced. Is it different from what is being done in the UK?
This is a British standard and we are introducing it at the same time in the UK. The issue is exactly the same in the UK. Bribery is not a unique Indian phenomenon. The reason we developed this standard and this certification scheme is because it’s an increasing problem. The research shows from organizations like Transparency International that bribery is on the increase in the world, not on the decrease. There is more evidence of it, at the same time there are increasing reputational and legal risks for organizations if they don’t address it.
Over the years, as the Indian economy has liberalized, has the nature of corporate corruption, especially bribery, changed?
I have been coming to India for 30 years, so I have seen India evolving and liberalizing and many things have changed. Bribery, at one level, is about human nature, so that never changes. So the issue of suitcases I think, is always there. More subtle bribery now, which is perhaps more around political relations, lobbying the use of technology and cyber influence, for example, is there. So definitely, there are more opportunities for bribery, there’s more wealth in India, so there is more temptation. As people become richer and stakes become higher, that increases the possibility of bribery, and it brings potentially more people into the sphere of influence. Traditionally, research from corruption experts will tell you that often bribery stems from public institutions.
As India liberalizes and more the economic activity is in the private sector, that creates different challenges. The private sector is not immune to this, but I think (it) has to set the standards and I think it’s beholden on the private sector to take a leadership position and show consumers, regulators, the media and NGOs (non-governmental organizations) that it can be responsible and not just replicate the track record of public institutions, which is not good. And I think the pressure on public institutions from consumers and from the media is really important too. So our message to private bodies and to government bodies is, take a leadership position. This is good for business, good for reputation. Don’t wait to be caught in a reputational scandal, take ownership of it and manage it.
What is the efficacy of an anti-bribery management system and by what metrics do you measure it?
It’s quite new, so we don’t have any empirical information there. An easy answer to your question would be, well, if your organization has not been fined or has not been exposed in the media, or if your employees have not been imprisoned, the system has worked, because you have identified or prevented or mitigated the risks of bribery. So it’s rather like an insurance policy.
Or you are just effectively hiding it?
Or you haven’t been caught. Proactive organizations will recognize that you might get away with it one year, or for five years, but it’s always there as a business risk. Good companies who run good governance will recognize that it’s a bomb waiting to explode. I worry, my board worries that one of our employees or third party agents somewhere in the world might do something, which may come back to London, and under the bribery Act in the UK it’s a criminal offence to bribe a government official around the world, for which I can go to jail and my company can be substantially fined. So as the penalties increase, the reason for hiding it becomes lesser. You can no longer take a risk as a responsible business that wants to do the right thing. The Internet puts everybody under scrutiny.
How useful would such a system be in preventing say a Wal-Mart bribery scandal of Mexico from happening in India?
I can’t comment specifically on the Wal-Mart case. But the learning point for me is that this happens from the top. Was that a local initiative that was carried out by the management in Mexico, was it happening with or without the knowledge of the head office, that is the fundamental issue. If the head office is very, very clear about the expectations of its businesses, then maybe this situation might not have happened. It may have been identified earlier by the corporate office or declared.
Each time a bribery case comes out, do you tailor your systems accordingly?
Yeah. Standards are constantly being revised and kept up-to-date on a semi-regular basis, every three-five years to reflect new legislation and market practices. A standard is owned by a committee of stakeholders, which will include people who have a keen interest. So they will adapt to technology, to regulation and use their experiences where there are gaps and where new ways of corruption will develop. You can’t define everything, but yeah, it’s an iterative process. And it’s not just big companies. You know a lot of this is about companies that are very small. So it’s about understanding geographies and about understanding position of multinationals and even SMEs (small and medium enterprises). So the standard tries to encapsulate as much as possible.
How eager are senior management people in implementing such systems? Is there inertia and hesitation?
The question is, do you do it proactively or do you do it when you really have to. Excellent companies do it proactively. Is this a boardroom issue or is it a factory floor issue? If you make it a boardroom issue, I think the organization will embrace it and it will become real.
What do companies tend to do?
If you look at large listed companies now, I think it’s now on the normal routine issue of governance of any large publicly listed company on FTSE or Wall Street or BSE. Public companies are under such scrutiny from shareholders, analysts, the media and government, that I think they can no longer afford to ignore this.
For smaller companies, it’s a risk assessment. Organizations have to make their own risk assessment based on “where do I do business, how do I do business, who do I do business with.” Clearly, if organizations feel that they are not running a disproportionate risk, it’s something that they might not make a priority. And that’s fine if you have done a proper risk assessment. But I think if you have identified bribery as a high risk area, you should do something about it.
How well does Indian enforcement and legislation against corruption compare with that in the UK? Where is it lacking, and what do you think India needs to do more?
I cannot compare specific legislation, but if you look at the world rankings of corruption, India is very high compared to the UK. India would be in the upper quartile and the UK would be in the lower quartile. So based on the evidence, you have to say that it hasn’t been effective and corruption in India clearly continues to be prevalent and therefore the legislation and the agencies enforcing it, have not been effective. And that is, to be fair, the perception of most people outside India, and most Indians would also recognise that.
In the UK, the serious fraud office, for instance, and the police forces are increasingly active in this area. There have been and I think there will be more high profile, high scale prosecutions in this area. And certainly in Europe, countries like Switzerland and Scandinavia have very active prosecution regimes and some very high profile cases.