How Can You Detect Anti-Bribery/Corruption Cases?

Tomás Kong

Organizations frequently wonder about the most efficient ways to detect cases that may trigger anti-bribery/corruption (ABC) investigations. Unfortunately, there’s no single answer or test for these types of violations. Very likely you won’t find a single big red flag to indicate a potential violation, but you will probably need to look at multiple smaller yellow flags, and the sum of them might be the big red flag.

How can your organization go about identifying all these yellow flags that would prompt your compliance team to take the necessary corrective action? I’ll share some ideas by describing how you can use screening software to analyze business transactions and data across your enterprise to identify situations that might be part of an ABC incident that would require immediate attention.

Detection rules and strategies

Since there’s not a single detection rule that could identify ABC cases, the key is to be able to create multiple rules that can look for different suspicious situations. For example, payments going to third parties in high-risk countries, bank accounts located in different countries from the payees, suspicious terms found in the invoice descriptions, and so on.

Once these individual rules have been defined, you can group them to address different scenarios your organization is looking into. One example would be a strategy addressing Foreign Corrupt Practices Act (FCPA) incidents, and any relevant detection rules could be assigned to this strategy. During the detection phase, positive matches will be scored and evaluated against predefined organization-specific thresholds. If the total score of these matches exceeds the predefined thresholds in the detection strategies, alerts will be generated automatically and trigger an investigation process.

Screening

In addition to rules to analyze business transactions, ABC cases can be detected by screening the names and addresses of the individuals and entities that your organization conducts business with against specialized lists, such as sanctions, politically exposed persons (PEP), and others generated by content providers, government agencies, and international organizations.

Although conducting business with an individual/entity appearing on these lists doesn’t necessarily represent an ABC case, screening will remind organizations to be cautious before engaging with them. A business-integrity screening solution will combine name and address screening rules with other detection rules for a thorough analysis of suspicious transactions.

Network analysis

Analyzing a single transaction might not provide a clear picture about how suspicious it could be, but viewing it in a historical context with past transactions would provide a better picture. A network analyzer can show all relationships among the different parties and transactions associated with a suspicious case. For example, a single payment transaction to a partner in a high-risk country might not seem very suspicious. But if the analysis shows that this partner has ties to an entity listed on a sanctions list, and that this party was involved in a fraud case many years ago, then the investigator working on the case could see that the risk exposure is significantly higher.

Integration with predictive analytics

Another approach to detecting suspicious transactions involves integration with predictive analytics. Predictive algorithms can be employed to analyze historical data and automatically create predictive rules to complement those that have been manually created.

Traditionally, detection rules are created based on expert knowledge within each organization; however, these rules might eventually become less efficient, given that fraud or suspicious patterns evolve over time. By leveraging predictive analytics, your organization is better able to keep up with changing patterns that the traditional detection rules might not catch.

Additional information

Ultimately, the success of a detection solution will be determined by its ability to address an organization’s specific requirements. The best screening solutions give you a flexible platform that can be expanded with rules specific to your organization and provide multiple detection approaches that complement each other to ensure that business transactions across the enterprise are monitored effectively.

Learn more about SAP Business Integrity Screening and how it could help your organization address anti-bribery/corruption scenarios by leveraging the power of SAP HANA.

The article originally appeared on SAP Analytics.


Tomás Kong

About Tomás Kong

Tomas is part of the GRC Solution Management team, and the Solution Owner for SAP Fraud Management . He's been with SAP for 10 years, and previously spent many years in product management and consulting roles at enterprise software vendors and system integrators such as Oracle, KPMG, and other Silicon Valley companies, focusing on financial, billing, and compliance solutions.