A large number of corporations will most certainly be severely impacted by the effects of the Covid-19 pandemic. The new challenges will impact companies’ compliance risks, which are likely to be different and, to a certain extent, increased. It is crucial that - also in disrupting times - internal compliance procedures are maintained and that new risks are identified and mitigated.
The Covid-19 pandemic brings with it new challenges and uncharted waters that are going to impact companies’ compliance risks. It is vital that corporations stand well-prepared to face the compliance risks that are likely to be different, and to a certain extent increased, as a result of the crisis. In our experience, the risk of misconduct increases when individuals face financial or other types of difficulties. This includes the risk of fraud, embezzlement and bribery. For example, employees who are under pressure, or scared of losing their jobs, may cut corners trying to hit performance targets. At the same time, social distancing and travel restrictions may make the compliance with laws and internal rules harder to monitor.
As countries and economies re-open, there will most likely be increased pressure on companies and employees to jump-start business and the moving of goods and services. Such pressure may in turn create incentives to circumvent processes and procedures as temporary ‘emergency measures’ for the revitalization of the business and economy. However, Covid-19 is highly unlikely to be accepted as justification for a company to violate anti-corruption or other laws, or for an employee to engage in misconduct of any kind. Therefore, it is crucial that, also in disrupting times, internal compliance procedures are maintained and that new risks are identified and effectively prevented.
Effective risk-mitigating measures can only be put in place when the nature of the risks is known. To best protect the company, as well as its employees, an assessment should be made of what additional compliance risks have arisen as a result of the pandemic. In addition, the compliance measures in place prior to the outbreak of the pandemic may need to be updated to meet the new risk exposure. In order to ensure that employees and business partners are well prepared to deal with any potential new or different compliance issues, it may be necessary to provide updated compliance training specifically adapted to the new or re-evaluated risks. It should be noted that, in periods of disruption, existing risks may transform into real issues, as control functions fail to operate optimally.
In addition, companies should remind its employees and business representatives that, regardless of the challenging times, compliance measures may not be circumvented. A clear tone from the top will exemplify integrity and compliant behaviour and resonate throughout the organisation. Employees and business partners should be encouraged to ask questions when faced with challenging decisions or uncertainty pertaining to compliance. By implementing a reporting mechanism through which employees and business partners can anonymously report alleged misconduct, companies will be able to receive knowledge of, and respond to, potential misconduct before such conduct does more harm to the company.
Covid-19 has changed many things, however one thing that remains the same is the responsibility for compliant business activities. The liability of a company involved in criminal misconduct may include large fines, forfeiture of profits, debarment from public procurement and significant negative publicity. The criminal liability for individuals, such as employees, members of management and board members, may include fines or imprisonment.