Approximately one-third of respondents from emerging markets say that bribery and corrupt practices present the greatest risk to the long-term success of their businesses, and just over one-quarter point to fraud.
1. Putting corporate integrity high on the management agenda
According to the EY report (pdf), more than half (55%) of respondents in emerging markets say that management frequently communicates the importance of operating with integrity, compared with only 39% in developed markets. This proportion varies significantly across emerging markets, with 76% of managers frequently communicating the importance of integrity in China compared with just 25% in the UAE.
Talking about corporate integrity helps to build a culture of trust and integrity across the whole business. However, actions are far more important than words. Management should back up proclamations about integrity by setting visible examples and having clear key performance indicators (KPIs) in place to measure the impact of their initiatives.
Organizations must lead from the top on corporate integrity. Employees should understand that acting with integrity is the right thing to do and that such behavior can help differentiate the business from others and not just because local or global regulations require the business to act in this way. The second step is for formal programs, training, procedures and policies to be put in place by senior leadership and communicated clearly to the wider company. It is also essential for senior leaders to be seen to be following these rules themselves. It is their duty to clear the path for others to follow.
Importance of operating with integrity
55%of respondents in emerging markets say their management frequently communicates the importance of operating with integrity.
2. Encouraging employees to blow the whistle on misconduct
Employees’ voices must be heard in any organization. This can be achieved by creating a “speak-up” and “active-listening” culture. However, raising the alarm about misconduct or unethical behavior can be considered risky for individuals, who might fear retaliation – both professionally and personally. More than a third of respondents in emerging markets say they haven’t reported concerns about integrity due to worries about their career progression. A worrying statistic is that nearly 3 in 10 employees kept their concerns private, out of fear for their own personal safety.
The research shows however that companies in emerging markets are making efforts to facilitate whistleblowing. Almost half (44%) of respondents say it has become easier for employees to report their concerns over the past three years compared with only 34% in developed markets.
Businesses must make employees feel that they can safely report misconduct, that it is practically possible to do so and that it is in the best interests of the firm. Multiple channels for reporting concerns must be available so that employees have the option to choose what they are comfortable with. It is also extremely important that companies protect whistleblowers from retaliation.
These goals can be achieved with the right governance setup that instills and ensures independence and confidentiality. Training and awareness programs need to be established to facilitate an open and transparent culture. Whistleblowing programs form a key pillar of the organization’s corporate governance framework, and management and board oversight will be crucial for its success.
Whistleblowing programs form a key pillar of the organization’s corporate governance framework, and management and board oversight will be crucial for its success.
3. Increasing the focus on cyber and data protection
COVID-19 has heightened the risk of cyber breaches, given the increasing reliance on the internet and remote working by businesses. This increased dependency may lead to cyber criminals exploiting the vulnerabilities in weak networks and targeting unsuspecting employees. Data protection has thus emerged as a priority and most international companies are implementing a number of data-protection practices and policies in line with applicable regulations.
Encouragingly, the EY report highlights that more than half (55%) of companies in emerging markets offer training to employees on how they can prevent data security breaches – compared with just 45% of companies in developed markets.
Governments are taking steps to introduce legislation that outlines and clarifies companies’ data protection responsibilities and the penalties for noncompliance.2 This year, for instance, Brazil’s General Data Protection Law has come into effect. It aims to unify 40 different statutes that previously governed personal data online and offline.3 In India, meanwhile, proposals are in place for the Personal Data Protection Bill, a major new law to control the processing of citizen data.4
Businesses in emerging markets need to be leading the way in dealing with data privacy issues and not just through strengthening controls and processes in line with developed markets. Organizations should consider building a data privacy and protection framework, with strong guidance and support from the management and board. Regular communication and awareness should be conducted among employees as well as third parties.
They should also leverage the right technologies as part of their information governance frameworks, covering identification data, categorization, retention or disposal and consolidation of data. Attacks can be triggered externally or via internal breaches, and organizations need to adopt the latest technologies and tools to help identify issues and improve vigilance.
More than half of companies in emerging markets offer training to employees on how they can prevent data security breaches – compared with just 45% of companies in developed markets.
4. Addressing third-party integrity issues
Businesses’ efforts to improve integrity will be undermined if their third parties engage in poor conduct. The data in the report reveal that businesses operating in emerging markets are aware of this threat. Only 35% of businesses in emerging markets are very confident that their third-party partners operate with integrity; in Malaysia, that figure reduces to 25%. With remote working, restricted operations and limited mobility, COVID-19 has made it harder to assess third-party risk.
Conducting adequate due diligence before onboarding a third-party vendor is critical to mitigate long-term risks and comply with enforcement standards. These checks should typically cover information gathered from publicly available sources to ascertain negative reports, involvement in litigation, loan defaults, bankruptcy, regulatory noncompliance and criminal activities. They may flag up potential areas of concern, such as omission of key directors or shareholders, limited information or history available, and irregularities in processes.
Third-party partners operating with integrity
35%of businesses in emerging markets are very confident that their third-party partners operate with integrity.
Organizations should make third-party due diligence a periodic exercise and not just a one-off activity, as the nature, type of risks and regulatory ambit will continuously evolve with time.
Third-party onboarding processes should also be looked at from a risk perspective through a proper contract, with appropriate contractual audit rights. It’s also vital for businesses to provide ongoing training to third parties about which laws and policies they must adhere to, including compliance certifications in their jurisdictions.
Rezumat
Widespread issues of misconduct in emerging markets are making business leaders anxious about investing and operating across these geographies. According to the latest EY Global Integrity Report – emerging markets perspective (pdf), organizations operating in emerging markets are making a concerted effort to reduce misconduct and tackle integrity challenges. However, there is an ethical, strategic and financial need to do more to establish a culture of integrity.