Whenever talking about cybersecurity or intellectual property protection, our thoughts usually go to movie-like situations; the hacker sitting somewhere getting into our state of art system.
The reality is not just as entertaining and, oftentimes, it implies an insider. Besides the aforementioned, there might be other examples of commercial bribery, let’s think about subcontracts; executives of bigger organizations may be tempted of taking such decisions not business-wise but personally-wise.
The implications of such behaviour go well beyond their business implications (i.e. not choosing the best business partner), since anti-bribery laws – which specifically forbid private corruption – might be triggered.
It is, therefore, clear, that this kind of misconduct should be properly addressed within your organization compliance program, proactively, if possible. Should a misconduct being spotted, the entire chain leading to the events should be duly investigated, in order to find out any inappropriate occurrence.
In particular, I suggest the following:
- Subcontracting/Outsourcing should not be left up to a single executive, such decisions should be taken by more than just one person (the same should apply to recruitment procedures),
- Implementing a strong no-gift policy where it should be clearly spelled out when the gift has to be returned and when it can be retained by the organization or the employee. On this regard you may find useful this article What is a bribe?
- Having a whistleblower hotline (you may wish to read this article on the matter) open also to third parties working for your company,
Due Diligence is crucial
Especially when choosing a business partner; previous records of corporate misconducts should be properly addressed. Such research should be extended to the CEO, Board members, relevant shareholders (more than 25% of shares) and beneficial owners.
Doing your homework will help you preventing corruption risks also with commercial counterparts.