Managing Supplier-Related Corruption Risks

By Jeffrey Thinnes

Photo: iStock

Recent regulatory developments have placed companies across all industry sectors on alert that supplier relationships must be proactively managed to avert corruption risks.

Increasingly, regulators in the United States and abroad are holding companies and executives accountable for the corrupt actions of their business partners. In 2015, the United Kingdom showed that its 2010 Bribery Act is not a paper tiger, for the first time levying fines against two firms for failing to prevent bribery. France recently announced sweeping legislative changes that will ramp up pressure on fighting corruption. Civil fines and criminal sentences continue to rise, even in countries that have historically demonstrated weak commitment to enforcement.

Companies in the defense sector operate in a particularly high-risk compliance theater when it comes to fighting corruption. Being in a heavily regulated industry with a myriad of security-related compliance exigencies, coupled with regular interaction with government officials and an increasingly competitive market, leaves defense contractors vulnerable to significant corruption risks. It’s no wonder since the inception of the U.S. Foreign Corrupt Practices Act in 1977, nearly one in eight enforcement actions have involved companies from the aerospace and defense sectors.

Globalization and the use of outsourcing and offsets have increased defense contractors’ dependency on suppliers. While this has led to efficiencies and access to new markets, it has also created additional legal, financial and reputational risks.

Large suppliers with worldwide locations, such as manufacturers of aircraft engines or avionics technology, are likely to have access to government officials and private business executives in countries where they are active. Many of these suppliers may have third parties working on their behalf to identify and compete for new business opportunities, and they often interact with public officials. So, how does a contractor manage the corruption risks associated with the activities of suppliers — and even with their suppliers’ suppliers and third parties?

It is important to conduct appropriate due diligence on every supplier, its owners and key managers. This due diligence should include “hard” and “soft” checks. Hard checks require reviews of key documentation, such as the supplier’s code of conduct and internal policies relevant to preventing, detecting and remedying corrupt behavior. Hard check questions would be:

• Does the supplier operate in countries ranked poorly in corruption indices?

• Does or will the supplier interact with government officials?

• Who are the supplier’s actual owners, and do any of these have government affiliations or other red flags such as criminal records, strange legal structures, etc.?

• Is the supplier requesting unusual commercial terms such as payments into questionable foreign bank accounts?

• Is the supplier on any sanctions lists?

• Does anything suspicious show up on a basic company search such as Dun & Bradstreet?

“Soft” checks occur mostly in the form of discussions with a supplier’s managers, employees, and even reference customers or other stakeholders like banks and other service providers. Personal conversations help detect whether a company’s policy against corruption is actually reflected in its employees’ commitment and behavior. Increasingly, regulators emphasize the importance of companies moving beyond the compliance scaffolding of laws, policies and tick-the-box training and communications, to a solid cultural foundation of integrity.

The results of an initial risk assessment should be used to structure a program of due diligence. Low-risk suppliers may require only basic, Internet-driven research, with some local inquiries into the reputation of the company and its owners or managers. High-risk suppliers — such as those in notoriously corrupt countries or those that have relationships with government officials — may, on the other hand, require more intense due diligence, including personal site visits and meetings.  

Finally, knowing suppliers means knowing them on a continuous basis, not just at the time of contract execution. People and companies change, even over short periods. Continuous monitoring is, therefore, essential.

Relationships between suppliers and the contractor’s managers must also be overseen. The line between what is or is not in the company’s best interest can begin to blur under the influence of personal relationships. A sense of loyalty — or even indebtedness — can arise out of cozy relationships with suppliers.

   Systems must be implemented to constantly monitor for potential conflicts of interest and misguided decision-making driven by personal, rather than company, needs and benefits. Some companies rotate accounts to different personnel in Purchasing every few years so that relationships with particular suppliers do not develop in ways that can skew good judgment.
It is also important to require employees to disclose and record all gifts, meals and entertainment offered and/or provided by suppliers. With a comprehensive overview of what suppliers are doing to develop relationships with people inside the company it is possible to better decipher the intent behind such activities and to take corrective action, if necessary.

Communications to employees and suppliers about when gifts, entertainment and hospitality may be offered and accepted must be clear. For example, a longstanding best practice is that no entertainment or gifts may be received from a supplier who is currently competing in a tender. 

The underpinnings of an effective, best-practice supplier corruption risk mitigation process lie in clear policies and procedures, water-tight contract terms, effective controlling, and ultimately strict enforcement. But these tools are only optimally effective when applied to suppliers that have been thoroughly vetted and subjected to ongoing scrutiny to ensure they continue upholding high standards of ethical and legal conduct.

Jeffrey Thinnes, CEO and co-founder of JTI Inc. (, is an international corruption and ethics expert. Contact him on Twitter @JeffThinnes and LinkedIn at

Topics: Defense Contracting, Defense Contracting