Company directors and senior management all over the world are asking themselves this question with increased urgency in recent days. Journalists have been causing countless sleepless nights with exposé after exposé featuring detailed accounts pieced together from leaked communications and outlining allegations of far-reaching and very high level webs of corruption, the movement of assets globally, and all manner of related dealings.

The most recent instalments, of course, are the Fairfax Media and Huffington Post stories regarding Unaoil and the massive data leak (originally to the Suddeutsche Zeitung newspaper in Munich, Germany) from Panama firm Mossack Fonseca -- referred to popularly as the Panama papers. Anyone reading the recent press could be forgiven for thinking they were reading a B movie script, complete with code-words, bad jokes, massive shell games, and breathtaking, egotistical risk taking.

Assuming for the moment that the allegations set out in the recent press are true, all of us should pause for a moment and ask ourselves honestly whether we find them truly surprising. Survey after survey of companies with offshore operations have demonstrated a gap between perception of corruption risk (arising from non-compliance with applicable bribery laws) and percentage of companies that have taken concrete measures to combat that risk, starting, for example, with conducting a bribery and corruption risk assessment, much less implementing a formal compliance program. For example, Deloitte’s 2015 Bribery and Corruption Survey Australia & New Zealand found that 77% of such companies surveyed are concerned about such risk, and yet 40% do not even have a formal compliance program to manage the risk.

Arguably, given the high profile in the past few years of reports and investigations playing out in the news regarding corruption of all sorts— foreign, domestic, private, public—you name it, no rational person could profess surprise. What is surprising is the relatively low percentage of companies which have properly tackled the risk posed by corrupt conduct. This lack of action persists in the face of a very confronting and compelling stack of evidence of the risks of failing to act. Even those companies with very strong policies and programs struggle to implement them -- sometimes due to cultural blocks, sometimes naivety, and sometimes just a lack of real understanding of the laws and how they may apply.

And yet the very best defence available to any company finding itself in the grip of a bribery or corruption crisis is the ability to show rigorous, well implemented policies and a culture of compliance led from the top. If you don’t think your company can do so, then think carefully about whether change is in order. Establishing and embedding such a culture of compliance is essential in a wide array of matters – for a perspective on its relevance in determining whether a wider scope of criminal contraventions of the Corporations Act have occurred, see our earlier article: A fish rots (only) from the head.

If events of the last few days aren’t enough to convince one of the need for tightening up of compliance, perhaps the pending reforms to anti-bribery and corruption (and related) laws are. Here is a brief summary of just a sample of reforms either recently commenced or on the cards:

  • recently enacted legislation makes it a crime to intentionally or recklessly deal with accounting documents to facilitate, conceal or disguise an illegitimate benefit or loss, with penalties of up to $18 million for a company and $1.8 million for an individual for intentional conduct (and half that for reckless conduct) (see the Crimes Legislation Amendment (Proceeds of Crime and Other Measures) Act 2016 (Cth));

  • the Senate Economics References Committee is conducting a broad inquiry into the adequacy of Australia’s laws regarding bribery of foreign public officials and related measures. This inquiry is specifically considering whether to adopt several measures present in the US and UK, which have arguably proven to be more effective at combating and prosecuting corrupt conduct. This inquiry may be brought forward, with renewed urgency added by the recent press attention to the issue of foreign bribery. Mooted reforms include better whistleblower protection and whistleblower rewards, creation of a UK-style failure to prevent bribery offence, simplification of aspects of the corporate offence and enhanced individual responsibility, and US-style Deferred Prosecution Agreements, which allow authorities to negotiate what amounts to plea agreements with companies (and perhaps individuals) to better encourage self-reporting and more rapid and effective resolution of matters (more on this below). In addition, there are proposals to eliminate the facilitations payment exception— a proposal which prompted much public outcry when mooted. A wide array of submissions have been made to the Committee, which discuss the mooted reforms in detail;

  • on 16 March, the Minister for Justice released a public consultation paper mooting introduction of a deferred prosecution agreements (DPA) scheme in Australia to improve enforcement options for serious corporate crime. Such a DPA scheme is also part of the Senate inquiry, as noted above, but it is being explored in parallel to the inquiry. There is much commentary that points to empirical proof of the positive governance changes that DPAs bring. They are widely used in the US, have been recently introduced in the UK, and their arrival in Australia in one form or another is almost certain. Their introduction will be accompanied, no doubt, by other measures, but essential to their proper operation will be provision of guidance to companies to assist their operation and improve benefits to companies and authorities alike.

  • Australian enforcement efforts and dedicated expertise have improved markedly, with establishment of the Fraud and Anti-Corruption Centre (headed by the AFP but drawing on partnership with experts from ASIC, AUSTRAC, the ATO, and DFAT) and, more recently, a Serious Financial Crime Taskforce. With these reforms we have seen a marked increase in active investigations (current public statements put the number at 30), but it still appears that enforcement efforts are under-resourced, and the heightened terrorism threat has worsened this situation. Calls for more resourcing and better coordination are ongoing and increasingly impatient, including from the OECD, OECD countries, and domestic stakeholders.

Companies must not underestimate the strength of public opinion and political sensitivity on corporate corruption; it’s a red hot issue. Companies previously taking a “wait and see” approach, or falling back on (perhaps unstated) “that’s just how we have to do business there” attitudes are placing themselves at ever increasing risk. There are serious moves to expose and stamp out bribery and corruption and, in the current climate, there is a strong push for rapid and very public progress. Company Directors and Executives must urgently examine their company’s risk profile and assess their anti-bribery and corruption measures realistically, implementing needed changes with top-led authority and cultural influence.