Forgot your password?
Please enter your email & we will send your password to you:
My Account:
Copyright © International Chamber of Commerce (ICC). All rights reserved. ( Source of the document: ICC Digital Library )
by François Vincke
RELEVANT PROVISIONS OF ICC RULES OF CONDUCT AND OF THE OECD CONVENTION
Article 7 of ICC Rules of Conduct sets out the corporate policies companies should adopt:
“In order to prevent bribery and extortion, enterprises should imple- ment comprehensive policies or codes reflecting these Rules of Conduct as well as their particular circumstances and specific business environment”.
These policies and codes should:
[Page62:]
Article 9 of ICC Rules of Conduct sets out the responsibilities of enterprises:
“ The board of directors or other body with ultimate responsibility for the enterprise should:
The audit committee of the board or other body with similar responsibility should conduct regular independent reviews of compliance with these Rules of Conduct and recommend corrective measures and policies as necessary. This can be done as part of a broader system of corporate compliance reviews.”
ICC Rules of Conduct and Recommendations stress the recognition of the need for complementary and mutually supportive action by the business community and by governments and international organizations. They further make it clear that the success of ICC Rules of Conduct in combating corruption through self- regulation will be enhanced by actions by international organizations and by national governments to strengthen the legal and administrative framework for combating corruption. That call to self-regulation, embedded in international conventions and national legislation, is the thrust of the present chapter.
Why boards need to act
The end of laissez faire
The coming into effect of anti-corruption conventions, the advent of new norms of corporate governance and the introduction of corporate legal liability have brought home the notion that ethical concerns have to be part and parcel of a board of directors’ concerns.
New corporate governance theories, while redefining the roles and powers within corporations, have imposed high standards of accountability on board members and on corporate executives in the discharge of their duties. Directors and executives have to attend to the corporation’s business by adequately and efficiently performing their fiduciary duties with due diligence and care and in the best interests of their corporation and its shareholders (and/or stakeholders). They have to provide - in a spirit of transparency - timely, accurate and relevant information on material matters concerning the corporation.
[Page63:]
In doing so, the board should apply the highest ethical standards. This will require the board pro-actively to put in place a system for preventing illegal and unethical conduct, prohibiting misbehaviour and imposing sanctions in case of infringement of those standards. Specialized committees of the board, and in particular an ethics or audit committee, will help the board regularly to oversee –in the context of general compliance reviews – the ethical policies of the company and to test them against ICC Rules of Conduct. This specialized committee should examine possible incidents and propose amendments to corporate policies. The chief compliance officer (CCO) should have unhampered contact with the chairman of the audit/ethics committee and should report on a regular basis, and at least once a year, to this committee. The compliance function can, in smaller organizations, be part time and be assumed by the general counsel or the CFO.
Lack of adequate supervision of corporate practices by the board may lead to far- reaching consequences, and courts may declare a company liable for non- compliance if this is the case. In certain jurisdictions, courts may even impose independent monitors to oversee a company’s compliance and its implementation of an integrity programme.
Ethical laissez faire on the part of the company’s top management cannot be condoned, and blaming ethical incidents on underlings can no longer be tolerated.
The OECD Principles of Corporate Governance of 2004 contain the following recommendation:
“The Board should apply the highest ethical standards. It should take into account the interests of the stakeholders.”
The Annotations to the Principles state:
“The Board has a key role in setting the ethical tone of a company, not only by its own actions, but also in appointing and overseeing key executives and consequently the management in general. High ethical standards are in the long-term interests of the company as a means to make it credible and trustworthy, not only in day-to-day operations but also with respect to longer term commitments.”
Not long ago, corporate misbehaviour resulted only in the liability of those employees, officers or executives who actively committed or participated in a prohibited act. It was commonly accepted that corporate bodies could not incur criminal (or, in certain jurisdictions, administrative) liability for prohibited acts. This has changed, and a number of international conventions and national legislations increasingly provide for the legal liability of corporations (either criminal, administrative or civil), along with the criminal liability of physical persons.
[Page64:]
Even if legal liability is not yet regularly imposed on corporations by the courts, the mere existence of the concept underlines that corporations have to be compliant with legal and ethical norms. Not exercising sufficient oversight, not providing the necessary means to combat fraud and corruption and not designating personnel capable of monitoring effective compliance exposes corporations to severe consequences, not only financial ones but also outcomes that can affect the continuity of the corporation. It is the task of the top echelon of the corporation to make the necessary decisions to avoid these consequences.
PricewaterhouseCoopers (PwC), in its Global Economic Survey, states the continuing problem as follows:
“Our 2007 survey reveals that fraud remains one of the most problem- atic issues for businesses worldwide, with no abatement no matter what a company’s country or operation, industry or size. Of the 5,428 companies in 40 countries [surveyed] over 43% reported suffering one or more significant economic crimes during the two previous years [...].”
Losses incurred as a result of economic crime reach staggering figures. The PwC Survey found that for 80 per cent of the companies reporting fraud, damage during the two preceding years amounted to in excess of USD 4.2 billion, of which USD 882 million was ascribed to bribery and corruption.
Tone at the top
If companies are confronted with the problem of economic fraud, the duty of their boards and CEOs will be to demonstrate, in words and deeds, an example of preferred ethical behaviour and to indicate what should be done at all levels of the company to address ethical lapses.
In corporate messages from top management to co-workers, it is important to set forth the values of the company, the prohibitions on unethical behaviour and recommended best practices. The board and/or the CEO should fully endorse the company’s code of conduct and its integrity programme and demonstrate their determination to act themselves in compliance with the code’s provisions and to emphasize their commitment to allocate the necessary resources to create a genuine compliance culture.
The corporate compliance policies must indicate that all those who are working for the company – executives, officers and employees alike – will have to act in compliance with the code’s norms and that all could be disciplined in case of infringement. It should be made clear that there is no place for exceptions or privileges.
[Page65:]
In March 2007, Ernst & Young (E&Y) surveyed a large number of multinationals in 13 European countries and found that
“Employees are not hostile to corporate anti-fraud measures and would welcome clarity and encouragement to act positively in the best interests of the company”.
E&Y further noted that
“Most people would prefer to work in an environment which has a code of conduct. Most respondents [to the survey] believe that people in their companies need a unified and agreed set of guidelines on what is right and wrong in the company [...]. Without a code of conduct, employees are left to work it out for themselves, and there is no clear set of standards other than their own personal ethics against which behavior can be measured.
Words will not suffice
Integrity cannot be decreed, it must be organized. The ICC Rules of Conduct recommend that the board make resources available to carry out a genuine integrity policy. This will require extensive information for, and training of personnel, the appointment of compliance officers, the putting into place of communication channels to raise ethical concerns and the sanctioning of misconduct. Admittedly, this approach involves considerable cost, but it is necessary to weigh this cost against the potentially huge reputational and other damage resulting from a corporate ethics scandal.
Group-wide compliance
The Board of Directors should not devote attention only to what happens within the parent corporation. On the contrary, the ethical policies put in place by the parent company’s board should be applied in the economic group in its entirety, at home as well as abroad, in all of the group’s divisions, branches, controlled subsidiaries and majority-held joint ventures, as well as in the affiliates in which the group exercises de facto control. Moreover, as far as feasible, they should be applied in all non-controlled entities working closely with the corporation. A special effort will be required to make subcontractors, outsourcing partners and intermediaries aware of, and compliant with, company standards. In particular, slush funds in offshore jurisdictions or tax havens in far-away affiliates, protected by bank secrecy rules, should be eliminated.
[Page66:]
No more “business as usual”
Enterprises now have – and in the future will have – a pivotal role in determining, within the existing legal context, the integrity of their business conduct. Admittedly, the provisions contained in the OECD Convention and UNCAC have to be incorporated in the signatory countries’ legislation and do not, in themselves, create rights and obligations for individuals or enterprises. Failing to comply with the provisions of both Conventions, however, would be unwise.
First, the signatory states have, within a short period of time after the signing of the OECD Convention, adopted effective legislation implementing it and have introduced in their national laws prohibitions and criminal sanctions against international corruption. The states having ratified UNCAC have, to a large extent, done the same or are in the process of doing so.
Second, notwithstanding an isolated case in one major European exporting country – which can only be deplored and cannot serve as a precedent – it is illusory to expect exceptions based on national interest considerations by a sympathetic local administration to prevent prosecution of offences, since such discriminatory treatment is specifically forbidden by the OECD Convention.
Third, the OECD Convention is not going to fade away, disappear or become obsolete. The monitoring system, which is built into the Convention, has introduced an element of mutual review of the states’ anti-corruption performance by their peers. In this process, national implementing laws are being examined for their effectiveness, and the resources are being made available for their application, as well as for the prosecution of offences within an individual state. This monitoring system is the best guarantee of the Convention’s continued effectiveness. It is expected that UNCAC will, over time, be monitored in the same way.
With both the OECD Convention and UNCAC in effect, it would be a mistake to believe it is possible to do “business as usual”. Hoping that these instruments will become obsolete is wishful thinking.
Responsibilities of the Board
Self-regulation
The prohibition of international corruption is here to stay, and the best way to respond is to comply with it. Self-regulation within an enterprise or between enterprises of a sector (under the aegis for instance of a business or sector organization) is the surest way for a board to act responsibly and to attain maximum compliance.[Page67:]Enterprises from the same sector will benefit from assessing the risks they are facing, from benchmarking their practices and from defining common standards. These standards should go beyond general recommendations and reduce or eliminate suspicions raised as the result of illicit competition.
Examples of sector-wide ethical self-regulation:
ICC has always been convinced that self-discipline, based on the values the enterprise has defined, is the most effective means of encouraging ethical conduct in business. Self-regulation also helps integrate the values into a sector and into an individual enterprise. In addition, rules developed within or between enterprises and based on the values a company has defined, have a more educational and convincing impact, because they are adapted to a company’s particular circumstances.
The aforementioned E&Y Survey records that 88 per cent of the responding employees consider that companies need to have a code of conduct but found that only just over half of respondents in Central & Eastern Europe, and two thirds of those in Western Europe work for companies that have a code of conduct or where they are aware of the code of conduct.
Benefits of a code
Self-regulation, based on a careful assessment of the risks a company is facing, can address, with sufficient detail and precision, the particular issues confronting an individual business activity
[Page68:]
Take the case of “facilitation payments”. The OECD Convention, in Commentary 9, excludes small facilitation payments from the scope of the Convention. By contrast, a carefully drafted self-regulatory code can (i) either prohibit all facilitation payments or (ii) provide, if it is determined that such payments cannot be avoided altogether, appropriate guidance and establish the strict conditions under which such payments could be permitted – by confining them, for example, to those qualifying fully as a facilitation payment.
ICC Rules of Conduct of 2005 make it clear that, as a general rule, “Enterprises should not make facilitation payments”. The Rules of Conduct go on to say that: “In the event that an enterprise determines, after managerial review, that facilitation payments cannot be eliminated entirely, it should establish controls and procedures to ensure that their use is limited to small payments to low-level officials for routine actions to which the enterprise is entitled.”
It is in this spirit that ICC Rules of Conduct provide that “enterprises should implement comprehensive policies or codes reflecting the Rules of Conduct as well as their particular circumstances as well as their specific business environment.”
ICC does not believe that all codes have to be the same or even that they have to look alike. On the contrary, a code should reflect the specific culture and spirit of an individual enterprise or a sector of activity. Clearly, the basic principles will always have to be the same, but the approach may be different.
Drafting a code
In view of the foregoing, responsibility for drafting a code of corporate practice should not be delegated to outside consultants or specialists unaware of a company’s culture. On the contrary, every effort should be made to bring together around the drafting table all those segments of an enterprise which can bring a distinctive contribution to the development of this important document. While the final responsibility for adopting the text will lie at the board of directors’ level, all divisions of a company should be involved and/or consulted during the drafting process. Those in charge of human resources and legal matters should have a decisive role, but this should not inhibit contributions from managers of local affiliates, marketing operatives, internal auditors, accountants, treasury staff and all parts of the organization which deal, on a day-to-day basis, with matters concerning integrity.
If, at the outset, people of various professional, cultural and educational horizons are brought together to identify the risks a company is facing, the final code will have an enhanced legitimacy and gain greater acceptance. The drafting process will take time and may involve difficult discussions. Some drafters may opt for a hard line and may want to impose stringent rules, while others may prefer a more lenient course. There could be a confrontation between those who want to cover as many details as possible (to avoid future problems of interpretation) and others who prefer broader, more open principles.
[Page69:]
Finally, there can be opposition between those who want to concentrate on the drafting of the rules, leaving compliance more or less open, and those who want to install an elaborate compliance system. Depending on the diverse regulatory provisions, local customs or practices, it may be required, convenient or simply desirable to associate trade union representatives with the common effort, for instance in matters concerning sanctions in case of non-compliance, or on the introduction of a whistleblowers’ hot line. A discussion with he unions and their acceptance of the agreed rules will increase the credibility of the texts, around which everyone will be able to unite.
Cultural differences, corporate sensitivities and distinct legal approaches will result in unavoidable but acceptable differences between companies. It is typical of self-regulation that each entity (enterprise, corporation, internationally operating group or business organization) brings to the process its own predilections. One can, for instance, imagine that an organization based in a “Latin” environment may give preference to broad principles, while “Anglo-Saxon” entities may favour detailed and technical provisions that could cover every specific circumstance. It will be important, though, to have a single policy for the company and not several policies for each of the company’s operations in different cultures.
The importance of a corporate practice manual is not whether it follows a prescribed form. A code of conduct is a document that should have a genuine credibility in order that all parts of the organization can accept it as a guide to their daily business behaviour. Compliance with it should be natural in every circumstance. In short, all members of an organization should become owners of “their” code.
Incorporating an ethics clause
The credibility of a code will be further enhanced by the inclusion of an ethical or anti-corruption clause – containing an explicit reference to a code’s provisions – in the agreements a company concludes with its business partners. Such a clause can be drafted in several ways and can either cover all ethical issues for which the company wants to see strict observance of its values (e.g., human rights, labour conditions, environment, sustainable use of resources and ethics), or the drafting of the clause can be focused only on the fight against corruption. In the latter case, a straightforward reference to ICC Rules of Conduct provides an easy solution.
[Page70:]
What about SMEs?
If a company is a small or medium-sized enterprise (SME), it may question whether the drafting of a code is an insurmountable obstacle. Indeed, where will the company find the resources and time necessary to organize the drafting? Can it rely on internal expertise to set up a credible and complete code of good practices, applicable in most circumstances?
The answer to these difficult questions will probably be “no”. Very small-scale companies generally do not have this expertise available. That should not, however, lead to the conclusion that the company in question should not have its own standards and its own compliance system to regulate and oversee its practices in often complicated markets. On the contrary, small-size enterprises, even more thanlarge corporations, need direction – in particular because of their lack of experience in international markets and the exposure they will be subject to in moving into these markets. In addition, all enterprises, whatever their size, should have a compliance function, but this function may very well be discharged in an SME as a half or part-time function or as part of the responsibilities of the general counselr the CFO.
An SME’s lack of internal expertise can be overcome by participating in various forms of “collective action” against bribery or by receiving help and support from larger business organizations (either organized by sector or on a national or regional basis), of which the company is a member, or from larger companies it has a close association with, for instance as subcontractor, supplier or customer. The drafting of a code with the aid of a business organization, or by a friendly larger corporation, can help meet most of the needs of a smaller-scale company and give it the necessary “weapons” to face challenging new international markets.
[Page71:]
Codes and useful examples
A company code of conduct may usefully include examples of situations that present difficult ethical dilemmas to managers or employees. In a number of company codes one can find concrete cases indicating how employees should act under certain conditions. Consider the following excerpts from one company’s code, which “put flesh on the bones” to back up the code’s provisions:
Question: A representative of a customer, supplier or vendor has invited my spouse and me to dinner or to attend a sporting event. May we attend?
Answer: You should obtain the approval of the manager who is authorized to approve your business expense reports before accepting. Company policy does not strictly prohibit accepting these types of business courtesies, but be sure it doesn’t appear that business discussions are secondary to the personal benefit.
Question: It is the holiday season and I have just received at home a 10- pound box of prime steaks from a supplier with a card that says “Merry Christmas”. May I keep the steaks?
Answer: No, return the steaks to the donor or send them to the corporate vice president of industrial relations for donation to a food bank. A polite thank-you letter and explanation of company policy on accepting business courtesies of appreciable value would be appropriate.
Question: A vendor offers to provide free air transportation between his company’s separate plant locations. May I accept?
Answer: Your company will pay the cost of business travel that it deems necessary. Approval of the vice president responsible for the organization would be necessary to grant exceptions to this rule.Budget constraints or convenience are not acceptable reasons for accepting this business courtesy.
ICC’s four recommendations
In practical terms, ICC Rules of Conduct, although not imposing uniformity, make four recommendations as guidelines in drafting a code and establishing corporate policies:
These recommendations are discussed below.
Guidance by top management
Drafting a code of conduct, while it may be the work of a number of different company divisions, will ultimately be the responsibility of the top executives. In concrete terms, this means that the board of directors will have to give effective guidance to officers and employees and be accountable, as the last resort, for a company’s behaviour.
Control and reporting procedures
However, the mere promulgation of a document full of good intentions will not suffice. A company’s board of directors should also select and endorse the proper control and compliance methods to make the rules a living part of the company’s daily life. The enterprise’s governing body cannot establish a number of rules, then appear uninterested in their effective application. If it were to do so, it could be criticized for using a corporate code as a mere public relations or marketing tool, or worse, as a device primarily designed to shield senior management from responsibility for the actions of subordinates.
In implementing the corporate code, the board should designate the departments or individuals who can best ensure effective day-to-day control. This should be done taking into consideration the nature of the organization. No two companies are alike; some may have stronger controlling bodies than others, i.e., external and internal auditors, corporate or outside lawyers and extensive human resources departments.
In general, control over proper accounting and financial recording will be entrusted to financial managers and auditors, while behaviour as it relates to compliance with ethical standards is more likely to be the province of management or corporate lawyers.
Having designated the specific departments and individuals, the board will have to determine, and its audit/ethics committee will have to oversee, the systems or procedures for control and decide how and with what frequency the controls will be exercised. Such procedures should be devised with the aim of preventing violations of the code. The greater the risk of violation, the more stringent the procedures will have to be. As always in business, the means to be used should be adjusted to specific situations.
Control systems or procedures are a prerequisite, but no enterprise can expect that a control function alone will promote full adherence to a corporate code. Such adherence can only be[Page73:]
Putting in place a compliance programme
Setting up a compliance programme will help an enterprise make its code a reality, and it will also be in its self-interest. For example, in a number of countries, a fully fledged compliance plan can help the enterprise show that it has used all reasonable means to avoid prohibited behavior. Under the US Federal Sentencing Guidelines, as well as the Thompson Memorandum and the Italian Legislative Decree no. 231 of 8 June 2001, it is possible to obtain reductions in fines if a corporation can prove that it has put in place an effective corporate compliance programme with sufficient resources to uphold it.
The G8 Summit in Evian, France said the following about compliance programmes:
“We encourage the private sector to develop, implement and enforce compliance programs relating to our domestic laws criminalizing foreign bribery”.
What does a compliance programme require in order to be effective It is impossible to recommend universally applicable formulae; the enterprise will have to formulate for itself the measures that - according to its history, culture and practical circumstances - are most conducive to bring about a compliance culture?.
A compliance programme should consist of a number of different measures aimed at (i) making the provisions of the code and the values of the enterprise known (education and training function); (ii) seeing to it that the company’s code is effectively implemented (compliance function); and (iii) imposing sanctions in the event the rules are contravened (disciplinary function).
These functions can be broken down into seven steps:
1. Setting up compliance standards that are capable of preventing illicit acts
The code will often only put forward general prohibitions of forbidden behavior. These are unlikely to answer all potential questions. Take the example of gifts. A code may prohibit receiving any gifts having a substantial value. But the setting of a more precise and specific standard will greatly assist the personnel in their understanding of the code; consequently, it will be useful to delineate, for exam- ple, in which circumstances a gift may be received, what maximum monetary value it may have, when it should be declined and whether it should be returned or given to a charity. Setting a compliance standard amplifies and makes a code provision more specific. It also eliminates questions and reduces the instances of acts contravening the rules.
[Page74:]
2. Assigning high-level personnel to oversee compliance
The personnel overseeing compliance may or may not be the controllers referred to previously. They may or may not have compliance as their full-time job. When they do, they will often be referred to as “compliance officers”.
An enterprise may not have the means and the organizational strength necessary to have one or more compliance officers. It is not simply a question of having a large enough work force to designate someone to carry out compliance overview; for any enterprise, it is important to find dedicated, high-level, competent and experienced persons who can give appropriate counseling about what and what not to do.
Compliance officers have an educational, as well as a supportive function. Their role is not that of a prosecutor or a police officer, but an advisor. They should be able to interpret a company’s code and the rules without complacency or exaggerated zeal. For example, the company’s compliance officer should be ready to answer questions about the designation of an agent or other intermediary in a new market. What kind of person or organization would be acceptable for fulfilling this job? What kind of clauses should be contained in the contract hiring the agent? What kind and level of consideration may be paid by the company, so that the contract cannot be considered a conduit for bribe payments? For all such questions, the compliance officer should have appropriate answers.
3. Avoid hiring and promoting individuals unlikely to be compliant: ensure that human resources policies and practices are compatible with the company’s code of conduct
It is clear that no effective self-regulation will be possible if a company hires and/or gives important authority to individuals who are not trustworthy. Such personnel will never, even with extensive education and training, comply with self-regulatory codes.
More generally, a company’s human resources policies should integrate an ethical dimension. The job evaluations and performance interviews performed should take into account compliance and, as suggested in the Annotations to the OECD Principles on Corporate Governance, “the incentive structure of [your] business needs to be aligned with its ethical and professional standards so that adherence to the values [of your company] is rewarded and breaches of law are met with dissuasive consequences or penalties.”
4. Communicating standards and procedures to employees
Communication is a key element in all self-discipline exercises. Members of an enterprise will not adhere to a code if management has not made a strong effort to communicate with all concerned. “All concerned” does not only mean staff working for the enterprise; it can also mean the personnel working for subcontractors, suppliers and customers. Policies and standards on gifts and [Page75:] entertainment, for example, may have to be made known beyond the limits of acompany’s payroll.
The most formal and well-established means of communication is the written one, and it will continue to play an important role. But electronic, visual, video and other forms of communication are often a more direct, lively and appropriate means for conveying a company’s ethical message. Cultural and corporate preferences must be taken into consideration in creating the best communication tools. Organizing specialized seminars or introducing an ethical component into all professional training sessions are also options.
Finally, a company’s code of conduct should be introduced into the overall corporate training program. This carries symbolic value in demonstrating that ethical training applies to everyone in the enterprise.
5. Implementing monitoring, auditing and reporting systems
Compliance should also include positive measures aimed at avoiding infringement of the rules. These provisions can comprise, for instance, monitoring mechanisms that allow management to closely supervise more sensitive areas, such as the selection and compensation of foreign sales representatives.
Reporting mechanisms can also enhance proper compliance. The receipt of reports may be the function of either the compliance officer(s) or the persons entrusted with control or monitoring. Responsibility for making reports should be the task of anyone aware that a contravention of the rules is about to take place or has taken place.
Such reporting, often referred to as “whistleblowing”, can be madethrough a hot line or a mail drop; it can be made anonymously or by name but, to the extent feasible, confidentiality should be granted to the person reporting (see Chapter 7 on Whistleblowing).
A complementary approach can involve the submission of “compliance letters” by managers of the enterprise, which attest, on a regular basis, that the provisions of the code of conduct have been respected and that no action or failure to act has been observed.
There are other valuable tools for monitoring compliance; for example, periodic audits for compliance with the code and regular policy compliance reviews by business managers.
6. Using disciplinary mechanisms to enforce standards and procedures
When a provision of a company’s code is broken, management should step in to apply appropriate sanctions and to correct the situation. Various means can be used to achieve consistency in the use of disciplinary measures and to avoid leaving a wide area open to subjective interpretation. Whenever a pattern of non- compliance is discovered, measures should be taken to prevent the pattern from recurring.
[Page76:]
Take the example of a company discovering the existence of a network of private- to-private corruption involving personnel responsible for procurement. In such a case, it is necessary, not only to sanction the people responsible for non- compliance, but also to reform the practices which enabled the misbehaviour to occur in the first place. If these measures are taken, repetition of the act or similar behaviour will be unlikely.
Non-compliance should not remain unsanctioned. Compliance will not be sufficient if non-compliance is not punished. Sanctions should be applied consistently, without favouritism or bias. The ICC Rules of Conduct speak of the responsibilities of directors, officers and employees and makes no distinction between organizational levels. Serious and persistent breaches of the code that could seriously damage the reputation of the company should be punished by the dismissal of the people directly involved as well as those with supervisory responsibility.
7. Taking steps to respond after an offence has been detected, including amending the compliance programme
Self-regulation will have credibility and respect inside and outside an enterprise only if the proper conclusions are drawn from serious breaches of the rules and appropriate steps are taken to remedy them.Amending or modifying a company’s code should not be undertaken lightly, and the provisions should not be altered on a too-frequent basis. But a company must accept that, in some circumstances, it may be necessary to change its code, either because practices have changed or because an ethical failure has been discovered that was not sufficiently covered by the code’s provisions.
Disclosure of enforcement measures
Financial analysts, investors and the public in general want to receive precise and significant information about the way enterprises conduct their ethics policy. They will require data about the enforcement by a company of its code of conduct. More and more companies meet this demand by including in their annual or sustainability report a chapter devoted to policies they have adopted or enforcement measures they have taken. The model disclosure form prepared by the Global Reporting Initiative (GRI) can serve here as a useful guideline.
[Page78:]
Summary of ICC Recommendations on Responsibilities of Enterprises
The OECD Convention and UNCAC are a point of no return in the fight against corruption and are stepping stones in the process of eliminating them. However, legal texts alone will not suffice and the practical day-to-day work in fighting this evil must be done by enterprises. Top management, working in tandem with several divisions in the company, is responsible for stamping out corrupt practices before they become subject to sanctions imposed by the state.
Therefore companies should:
François Vincke is member of the Brussels Bar and Chair of the ICC Commission on Anti-Corruption. He is also the author of Chapter 5 and 11 in this handbook.