The question of what budget should be allocated to anti-corruption compliance is a difficult one for any company. For Top Management, compliance has a cost – undoubtedly necessary – whose expenditure cannot be reconciled in a tangible manner or with a physical receipt. The impossibility of defining return on investment often results in the compliance budget being kept to a minimum. The Compliance Officer, on the other hand, is aware of an allegation or act of corruption’s potentially dramatic effects on the company and views a compliance budget as a sort of insurance policy which should cover the company’s identified risks to an appropriate degree.
In addition, as previously mentioned, a compliance program with an inadequate budget could be viewed by enforcement authorities as a mere window dressing exercise. There is a real possibility that an underfunded, inappropriate program could engage the responsibility of the Compliance Officer. Thus, the debate over the compliance budget continues. Ultimately, the final decision will be taken by Top Management, whether it pleases the Compliance Officer or not.
In my view, questions regarding compliance budget are ill-posed because questions on the role of compliance vis-à-vis business operations are ill-posed themselves. There are two reasons for this. The first is because too often compliance is perceived as a supplemental process tacked onto existing structures, instead of as the support function to commercial operations it is intended to be. The second stems from the fact that the cost of compliance is often considered after the initial analysis of a new project. Thus, when its cost is examined later, it can appear to threaten the project’s financial viability.
Include the costs of “operational compliance” in the overall compliance budget
As I frequently repeat, a compliance officer must remain independent of operations. It is essential that major compliance decisions be taken absent of any potential conflict of interest with business operations. Decisions pertaining to risk assessments, the organization of due diligence on business partners, joint venture partners or acquisition targets, must be free from any conflict with commercial output.
Having said this, there are a certain number of actions that can - and in some cases, should – be undertaken by people other than compliance officers, or, at least jointly with them. Anti-corruption training with human resources, verification of anti-corruption clauses with the legal department, risk assessment with operations, the collection of compliance data with the IT department, verification of contracts’ execution in conjunction with financial controllers or internal audit, awareness-raising throughout the company with the support and active involvement of managing directors, etc.
These actions involve real expenditure which must be calculated and integrated into the compliance budget. The objective is not to inflate the compliance budget artificially but to evaluate the real cost of compliance. It is therefore important to identify the costs borne by each entity and to integrate these decentralized costs into the overall budget. This will give a more realistic view of compliance costs, and ultimately will increase buy-in for the compliance objectives of every entity’s manager.
Integrate the costs of compliance immediately into any project’s cost benefit analysis
All new projects are subjected to a detailed analysis of the risks and possible costs vis-à-vis expected profit. Go/no go or bid/no bid processes exist precisely to provide as much assurance as possible on the financial viability of any project relative to identified risks.
I am struck by just how many companies do not incorporate the costs of compliance into their initial project analysis, even though the importance of compliance has been established for years and continues to grow.
If the cost of compliance is not considered at the initial stages of an acquisition, a joint-venture or any new project, compliance will be treated like an additional cost that will impact the return on investment when it becomes obvious that some kind of compliance mechanism is needed. It is tempting, therefore, to limit compliance costs to a minimum even if it affects its efficiency.
Not including the cost of compliance at an early stage of project management precludes the possibility of appreciating the project’s real worth and profitability. Each project presented to either the management or risk board should include a line item for the compliance budget. This line item should include:
- the cost of compliance resources necessary to the project i.e. participation in the corporate e-learning
- the cost of compliance resources required specifically for the project i.e. the appointment of either a full-time or part-time Compliance Officer.
Similarities between budgets for safety on a new worksite and compliance budgets on a new project
It is imperative that companies treat the risk of corruption in the same manner that they treat the risk of accidents. I have often referred to the similarities between corruption prevention and workplace accidents. The budget issue illustrates these similarities once again.
When creating a budget for a new work site, it is standard to detail very explicitly how much will be allocated to issues of job safety. The same consideration should be given to compliance when drafting budgets for new projects.