Mitigating Corruption and IP Theft May Be Easier Than You Think
More and more companies are reaping the benefits of working with far-flung suppliers, contractors and other business partners. But in this global economy, the risks of corruption and intellectual property theft are on the rise, especially in emerging markets where laws and enforcement are in flux. What are companies doing to grapple with these twin problems—and really, what can they do?
In a pilot project, the Center for Responsible Enterprise and Trade (CREATe.org) helped 60 companies assess their anti-corruption and IP protection programs, and worked with them to address their vulnerabilities through practical and measurable steps.
The project revealed a growing awareness among company executives that proper management of these two issues will be critical to their companies’ future growth and sustainability. However, the pilot also showed that most companies are not doing enough to move from written policy to action. And while some aspects of anti-corruption and IP prevention were relatively sophisticated in internal operations, companies recognized that they did not know how their key suppliers and business partners were addressing the issues and primarily dealt with problems after they arose.
Beyond the legal department
Robust programs for addressing IP protection and corruption risk must complement a legal approach by weaving proactive measures into a management system across seven areas: Policies, Procedures and Records; Compliance Team, Risk Assessment, Management of Supply Chain; Training and Capacity Building; Monitoring and Measurement; Corrective Action and Improvement. IP protection includes an eighth facet: Security and Confidentiality.
The pilot participants first went through an assessment of their existing IP protection or anti-corruption systems in two stages: an online self-assessment and an evaluation conducted by CREATe experts. The companies came from an array of industries, ranged in size from mid-sized domestic firms to multi-national companies, and were located in China, Taiwan, India, Japan, Singapore, Brazil, Mexico, Germany, Netherlands, Poland, Australia and the United States.
Focus on IP too narrow
For the 37 companies that participated in the pilot IP protection program, the assessments showed that most are strongest in the area of Security and Confidentiality. Companies have historically had good physical security measures in place, and this proactive behavior has evolved into strong IT security as well.
But the evaluations also made clear to many companies that they were thinking about IP protection too narrowly, even within the area of security. IP protection was also getting extremely short shrift in supply chain relationships. For instance, while companies tended to rely on contractual terms as the primary means of protecting their IP, most had no means of post-contract monitoring to ensure that the partner was actually complying with those terms.
According to the CREATe evaluators, 55 percent of the companies were not conducting any due diligence related to IP protection before entering into a new contract with a third party, and 85 percent either did not communicate their IP protection expectations to supply chain companies or only included a reference in the contract.
Through the assessment, a mid-sized Chinese electronics manufacturer identified vulnerabilities for its own intellectual assets and for those of its clients. Based on recommendations in the summary report, the firm decided to start providing IP training to its employees and key subcontractors. It also began evaluating the IP protection systems when reviewing potential business partners.
A US-based company that makes precision components for medical and aeronautical industries began rebuilding its IP protection program from the ground up after completing the pilot program. They started by addressing policies and procedures—in part to prepare for the opening of a new facility in Mexico. The company recognized that many of the IP protection efforts could piggyback on a sophisticated quality management system that was already in place. Indeed, the management systems approach is new to IP protection, but it draws on the lessons learned from supply chain management in other areas, including quality control.
A recent report by the Stanford Initiative for the Study of Supply Chain Responsibility notes the importance of a collaborative approach to strengthening IP protection among suppliers and other business partners—an approach that has proved effective for addressing social, environmental and ethical (SER) issues.
“[Multinational companies] may help their suppliers to develop their IP protection capabilities by providing training, working with suppliers to identify risk factors, sharing best practices, and more,” the report says. “Our research identified capability building as being linked with reduced SER violations. We believe it is likely that it can also strengthen suppliers’ IP protection capabilities.”
Old problem, new laws
Likewise, companies need to work closely with their supply chain partners to prevent corruption, especially with today’s shifting legal landscape. Until recently, the US Foreign Corrupt Practices Act (FCPA) was the primary law enforced against companies that engaged in bribery in overseas operations. But in the past few years, countries around the world—Brazil, China, Canada and the United Kingdom, to name just a few—have enacted new anti-corruption laws in response to treaty obligations. Many of the new laws hold companies liable for corruption by third parties who work on their behalf.
Against this backdrop, CREATe evaluators found that 60 percent of companies in the pilot did not address anti-corruption efforts at all in their relationships with supply chain and business partners, even through contractual requirements. Sixty-seven percent said they do not take any corrective action to help supply chain members fix problems or improve their anti-corruption programs.
These numbers suggest room for improvement and point to practical and relatively simple steps companies can take to reduce the risks from corruption. And that is the good news: When the problems of corruption and IP theft are broken down into individual components, they are like other business risks—manageable. Moreover, as companies begin to put in place management systems to contend with these issues, and work with supply chain partners, it will have a multiplier effect. While governments and international organizations work on creating a better regulatory system, the private sector can provide tremendous momentum towards a healthier marketplace.