This newsletter considers the interim findings of a compliance review carried out by the UK Financial Services Authority (the “FSA”) of anti-corruption measures implemented by commercial insurance brokers.1 The review was, in part, a response to an investigation of Aon Ltd (Aon), which made suspicious payments to third parties in a number of Asian countries. We believe that the findings have international ramifications and wide applicability given the extra-territorial nature of anti-corruption measures. Principles that can be gleaned from the findings also offer valuable insight to other businesses in the financial services industry.

Aon Ltd

In January 2009, Aon was subjected to a record fine of £5.25 million (US$7.6 million) by the FSA.

The fine was imposed for Aon’s failure to have effective systems and controls in place to counter the risks of bribery and corruption associated with making payments to overseas firms and individuals. The FSA found that certain Aon business units paid overseas third parties to secure or retain reinsurance business from entities that were state-owned or had government connections.

Aon admitted that it made payments to overseas intermediaries in connection with securing or retaining insurance business between January 2005 and September 2007. Payments amounting to approximately US$7 million were made to firms and individuals in Asian countries including Bangladesh, Burma, Indonesia and Vietnam.

In 2007, Aon brought the payments to the attention of the authorities after an overseas law enforcement agency made inquiries about payments in Indonesia. Internal investigations identified a number of other suspect payments, including one to the Swiss bank account of a British Virgin Islands company in connection with securing some business from a Bulgarian insurance company, and another to an intermediary in advance of securing work from a Burmese state-owned insurance company. In all cases, the genuine business case for making the payments was unclear.

Aon avoided prosecution by cooperating with the FSA throughout the investigation, admitting its errors and agreeing to a fine. The fine was reduced by 30 per cent to reflect such cooperation. Aon has since implemented a very robust anti-corruption system regarded by the FSA as a model of best practice, and disciplined those responsible for the failings identified.

FSA’s interim findings on anti-bribery and corruption

On 11 September 2009, the FSA published its interim findings regarding insurance broker firms. It found that:

  • there was particular weaknesses in due diligence and monitoring of third party relationships and payments. In particular, it found that too much reliance was placed on informal market views of third parties without carrying out effective compliance and audit checking and that there was often an absence of regular or any checks into the connections of third parties;
  • there was often an absence of inquiries or information relating to the nature of and entitlement to commission payments and that many firms failed to understand the importance of anti-money laundering reporting obligations;
  • many firms failed to adopt a risk-based approach to their business by reference either to “Red Flag” countries or politically exposed persons;
  • the informal provision of bank details exposed many firms to a significant risk of fraud; and
  • the vetting of staff was often ineffective and informal and that there was no training on anti-corruption, bribery or other financial crime.

Ending on a positive note, the FSA found that following the Aon case, most commercial insurance brokers were reviewing the adequacy of their anti-bribery and corruption systems.

Key issues for international Asian insurers and financial institutions

The Aon case and the FSA’s review highlight the challenges facing international insurance companies, and financial institutions in general, of complying with anti-corruption legislation but at the same time remaining competitive with less scrupulous competitors. The risk of criminal and civil liability and the loss of mainstream commercial contracts and global reputations make compliance absolutely essential. Having effective compliance will not only deter corruption but will be an important mitigating factor should corruption be discovered.

In our view, key compliance considerations should include:

  • assessing the risk of operations in “Red Flag” countries;
  • assessing the risk of third party transactions which can mean that effective control over transactions is lost but with potential corruption liabilities retained;
  • carrying out effective investigative due diligence when appointing employees, agents, brokers, particularly so, in “Red Flag” countries;
  • considering whether the structures setting compensation and commission levels for employees and agents produces the correct culture to discourage corrupt practices. An embedded corporate culture of selling or securing contracts at all costs has been identified as a major driver of corruption;
  • the use of independent corporate compliance monitors and an autonomous board committee with responsibility for ensuring ethical compliance;
  • effective internal and transparent ethical audit testing with unrestricted access to sensitive financial information with external testing of that auditing;
  • considering the existence or otherwise of effective and proactive employee training on corruption policies, not merely, box ticking or multiple choice exercises; and
  • putting in place IT systems capable of analysing effectively all aspects of an organization’s financial, accounting and business activities but not being overly reliant given that much of the information will be internally sourced.

The operation of effective compliance systems may deter, but cannot be guaranteed to eradicate, corruption. For that reason, organizations are increasingly expected to look critically at their practices and procedures, particularly where there is suspicion of wrongdoing. All businesses must now be prepared to manage their own internal investigations effectively and with particular regard to the possibility of external scrutiny and incident fallout. Procuring an effective and rigorous investigation may also be a particularly important mitigating factor in the event that any wrongdoing is uncovered by the relevant authorities.

At the outset of a corruption investigation, it is vital to deal with the corrupt activities and limit their damage without jeopardising the company’s commercial and legal position. Accordingly, it is vital to engage external legal resources as soon as possible to advise on how to tackle the problem and in particular, how best to maintain confidentiality and legal professional privilege.

Part of any initial damage limitation exercise will involve the cancellation of relevant payments and contracts, obtaining freezing injunctions to preserve assets for future enforcement and preserving evidence by confiscating files, computers and PDAs. Again, these are matters on which external legal advice must be taken.

Most corruption events will require an initial internal investigation. The form of that investigation will depend on the type and location of the corrupt activity, the company’s operations and the number of individuals involved. However, it is essential that such an investigation is both impartial and fair and perceived to be so. When assembling an investigating team, it is important to ensure the independence and impartiality of both internal members and external resources. For instance, it may not be appropriate to retain forensic accountancy services from existing auditors or accountants.

The investigating team must consider whether its terms of reference and remit are sufficient, identify issues and establish a plan to collect and consider the documentary evidence on which to conduct interviews with relevant personnel.

It will be important to put in place efficient reporting and communication lines both between investigative team members, management and the Board. As part of that exercise, the creation of documentation and e-mail traffic should be strictly controlled.

It is vital that the investigating team should carefully plan and conduct interviews. Consideration must be given to whether or not advance disclosure should be given to interviewees; the provision of legal representation for interviewees; venues and recording the interviews. These are matters on which external legal advice should be sought.

On completion of interviews, the investigating team should compile a written report based on the evidence and interviews and make the necessary written recommendations to the Board. Going forward this will be an important and confidential document. Documentation generated as a result of the investigation process, including the written report, should be protected by legal professional privilege. External legal advice should be taken on how best to do so.

The Board must then take external legal advice to consider, amongst other matters, self-reporting regimes, money laundering obligations and how best to take effective remedial compliance action.