The right approach to combating fraud and corruption can transform business transparency and improve operational effectiveness.

Shifting regulation, increased enforcement and the adoption of new technologies are changing the landscape of business risk — and, according to 15th EY Global Fraud Survey 2018 , a significant level of unethical conduct remains.

Our survey respondents — 2,550 executives from 55 countries and territories — see fraud and corruption among the greatest risks to their business. Although we found that many businesses have reached a certain level of maturity in their compliance programs, we also see a mismatch between awareness and employee behavior — and we continue to see ethical failures, business losses and consequent reputational damage.

The survey results suggest that the benefits of demonstrating organizational integrity go beyond the avoidance of penalties and can actually improve business performance. This makes sense: doing the wrong thing is a lost opportunity to do the right thing.

Our survey raises challenging questions for boards that should drive better conversations around fraud, corruption and integrity more broadly.

Putting integrity on the management agenda

Amid the explosion of data and increased regulation, an organization’s integrity becomes the most important driver for ethical business.

Ninety-seven percent of respondents recognize it is important that their organization acts with integrity and rank “operating with integrity” at the top of their list of what they would like people to say about their organization. Interestingly, although 43% of respondents recognize the importance of demonstrating integrity to avoid regulatory scrutiny and penalties, they also see integrity as a business advantage. Customer perception, public perception, successful business performance, recruitment and retention of employees were deemed more important benefits than avoiding scrutiny and penalties.

The link between integrity and successful business performance is supported by research performed by Ethisphere Institutes, which found that the World’s Most Ethical Companies outperformed the US large cap sector by over 10% over a five-year period (companies with market value above US $ 10 billion). However, we continue to see a prevalence of fraud and corruption, as well as significant business failures. The results show a mismatch between the 97% of respondents that believe it is important to demonstrate their organization acts with integrity and 13% who would still justify making a cash payment to win a contract.

The importance of integrity in a changing business environment increases as compliance functions, regulators and enforcement agencies may struggle to keep up with the pace of change. Business leaders should focus on instilling the concept of employees taking individual responsibility for the integrity of their own actions.

A potential explanation for this mismatch is that there is little or no clarity as to who in the company is primarily responsible for ensuring that employees behave with integrity. This appears to be common across industry sectors and geographic regions. We found that fewer than one in four respondents believe that individuals should take primary personal responsibility for behaving with integrity. The remainder believe the primary responsibility for ensuring integrity sits with other groups in the organization such as human resources, compliance, legal, senior management and even the board.

We also found that the group who did not believe it was primarily an individual responsibility is significantly more likely to act inappropriately, including making cash payments to win or retain business. These same respondents are also more likely to extend the monthly reporting period or change assumptions that determine valuations or reserves in order to meet financial targets.

A successful organization stays true to its mission, keeps its promises, respect laws and ethical norms, and fosters public trust in the free enterprise system. Such companies close the gap between intentions — codified in values statements, codes of conduct, and other policies — and behavior, with verifiable data about organizational behavior and culture and improved metrics and enhanced accountability.

The future of compliance

Business models are changing, and with that, compliance functions will also need to transform the way they prevent, detect and respond to fraud and corruption.

For some companies, management’s existing efforts to tackle fraud and corruption are lagging behind business change. Our experience suggests compliance policies and procedures, backed up by training and consistently applied enforcement, are necessary but not sufficient to deliver effective compliance.

So what is the future of compliance?

Technological advances in compliance such as enhanced data analytics, combined with an employee-centric approach to providing guidance, will result in compliance acting as a key driver of innovation in the use of forensic data analytics (FDA). Examples include:

  • The proliferation of data analytics as a management tool is likely to challenge the traditional monitoring role of the compliance function. Our 2018 Forensic Data Analytics Survey shows that more and more companies are using advanced analytics technologies for continuous monitoring.
  • Advances in the predictive capabilities of “big data” mean that analytics can be used to make real-time decisions, helping to identify and prevent fraud and providing management with more effective oversight. For many companies, there are substantial gains to be secured by better leveraging FDA, which can significantly improve the effectiveness and efficiency of monitoring and reporting, strengthening the second line of defense.
  • Leading companies are using artificial intelligence technology to replace classroom and web-based training with individualized risk-based communications in real time.
  • The first line of defense has typically been the responsibility of operational management within the business and included management controls and internal control measures. The chief compliance officer role should be seen as a fully-fledged management role in the organization responsible for proactively safeguarding the corporation’s reputation, not just helping it comply with laws and regulations.

Do the right thing because it’s the right thing to do, and not just because the code of conduct says you should.

Compliance should work with the business to reinforce front-line compliance by sharing insight from data analytics and promoting the Integrity Agenda. The Integrity Agenda has four foundational elements — culture, data insights, controls and governance — that align an individual’s actions with an organization’s objectives. The core challenge is influencing behavior over diverse and dispersed employees and third parties amid intense competitive pressures and rapid technological change.