The publication stresses that today many countries do not have obligatory due diligence procedures when they allocate funding to not-for-profit organisations and a number of States require their use only in the event that the funding exceeds a certain limit.
However, the authors of the paper rightly point out that the lack of these procedures entails considerable risks, including:
- Reputational risk;
- Legal risk: in case of detection of involvement of the recipient organisation in corrupt practices, not only the organisation itself can be held liable, but also the associated persons, in particular, the body (organisation) that allocated funds to it, and/or its management, especially if the body (organisation) is unable to prove that it has corruption prevention measures in place, including due diligence;
- Informational risk, where important information is retained or withheld;
- Operational risk in the achievement of objectives;
- Budgetary risk;
- Risks to people, society, and the environment.
The investigation into counterparties, known as due diligence (meaning literally “required carefulness”), consists of the following stages:
1. Information collection.
At the outset, the donor should collect information about the recipient not-for-profit organisation. This should cover, in particular, social and cultural characteristics of the country/region where the latter undertakes its activities, political events and associated risks, links to politically exposed persons, previous cases of liability of the counterparty for corruption offences and/or its involvement in corruption scandals, as well as the area of corporate activities, the size of the entity, its organisational structure, mode of financing, reputation of its managers etc.
This information can be retrieved from different sources, including the Internet, the documents provided by the counterparty, specialized databases to check reputation such as World-Check One and LexisNexis.
The content and the volume of information about the counterparty can differ depending on the characteristics of the organisation.
2. Analysis of data.
At the next stage, it is necessary to analyse the previously collected information. The paper highlights that the approach can be either centralised or decentralised, depending on the availability of resources, the operational tasks and the character of interaction.
The centralised approach to due diligence is adopted, for example, by the French Development Agency (Agence Française de Développement, hereinafter, the AFD). It basically consists in due diligence of any potential recipients of funding being handled by the AFD’s compliance division at its head office.
What is more, the analysis is carried out not only prior to the launch of the project, but throughout its implementation and after its completion as well. In particular, regular field monitoring and tracing of information on potential violations in the media are undertaken.
The analysis concludes with appraising the partners’ level of risk – low, medium, high and very high - which will define the frequency of future due diligence procedures.
In spite of the fact that the centralised approach has a number of advantages that include the analysis of information about counterparties and assessment of corruption risks by the individuals who have the necessary knowledge and expertise in the area, it is also associated with a number of challenges, including:
- A well-organised compliance division that would conduct thorough analysis of each project and collect field information on a regular basis will require considerable human and financial resources;
- There will be a risk of refusing to cooperate with a partner in the event that it is unable to provide all the requested data due to their excessively detailed character or difficulties in formalising the data provided by it are encountered etc.
The opposite in meaning decentralised approach is used, for instance, by the Swedish International Development Cooperation Agency (Sida).
Unlike the AFD, where the central office assesses the corruption risks associated with all projects, Sida delegates due diligence functions to the field project managers, i.e. right where these projects will be implemented. Moreover, the latter are entitled to decide autonomously which information is needed for analysis and whether to engage external consultants who understand the context.
In spite of the fact that this approach has certain advantages such as the possibility to carry out more thorough investigation in the recipient without dissipating human and financial resources by assessing all potential projects at once, it is also associated with certain challenges, including:
- The risk of deliberate provision of false or misleading information about integrity of partners to the central office by the field project officers;
- Heterogeneity of the data gathered for different projects due to the lack of uniform formal requirements to the content of these data and dependence of the quality of information on the professionalism of field officers.
3. Detection of corruption risks.
The analysis of information about a potential recipient of funding allows the donor body (organisation) to identify the “red flags”, i.e. the indicators of corruption risks.
These risks can be associated, for instance, with court rulings or reports of the reputable media concerning the involvement of the partner or its officials in corruption offences or ethical scandals, the inclusion of its managers in international sanctions lists, the information on the use of the NGO to get illegal gains, the general level of corruption in the area or the region where the organisation undertakes its activities etc. The indicators can be detected both prior to the launch of the project and throughout its implementation (for example, high staff turnover, whistleblowers’ reports, initiation of investigations etc.).
4. Mitigation of corruption risks.
After the corruption risks associated with the recipient are detected, the measures to mitigate them should be determined. These should take into account the severity of the risks, the specifics of each project, the scope of activities of the counterparty and the amount of funds allocated to it.
The following measures can be adopted with a view to reducing corruption risks:
- Include anti-corruption clauses and foresee sanctions for the failure to comply with the requirements in the contracts, for example, the obligation to return the allocated funds in the event that the recipient is found to have committed a corruption offence;
- Incorporate the requirement to conduct periodic verifications (audits) at any stage of project implementation in the contract;
- Organise anti-corruption training on a regular basis etc.
5. Monitoring of the impact of adopted measures.
Due diligence and the assessment of risks associated with the project do not conclude after the project is implemented: the donor body (organisation) should evaluate the output and track the indicators of violations also after the project is concluded.
In spite of the fact that due diligence makes it possible to mitigate to a certain extent corruption risks, the procedure has a number of limitations, in particular:
- It is directed primarily at large organisations that have sufficient human and financial resources to prove their non-tolerance of corruption and provide the supporting information, whereas small local organisations may be simply unable to produce all the documents required by the donor body (organisation), which may be perceived by the latter as an additional corruption risk;
- It may be perceived by not-for-profit organisations as an attempt to interfere with their activities;
- It does not always allow detecting corruption risks associated with subcontractors, especially if the fact that the subcontractors had been held liable was unknown at the project planning stage;
- It does not allow detecting the risks that fall beyond the formal and institutional aspects of assessment: in particular, trust in due diligence has been breached by the multiple bribery and embezzlement scandals which saw the involvement of large organisations that actually had in place compliance programmes verified by leading consulting firms.
In order to achieve maximum efficiency of due diligence, the U4 experts put forward the following recommendations:
- In all cases, conduct due diligence in advance of a project and allocate sufficient time to gather information;
- Throughout the procedure, take account of the context in which the recipient operates, including political events and the risks associated with them, the area of activities of the partner, its size, organisational structure, mode of financing and other factors;
- Undertake due diligence with respect to all counterparties regardless of the reputation they have already acquired;
- Use individualized approach to each counterparty subject to due diligence, taking into consideration its characteristics and capacity, for example, by asking a partner to provide specific documents, while requesting the other to fill out a questionnaire etc.;
- Use all available resources to conduct thorough assessments on third parties that pose a higher risk;
- Collect information by drawing on the knowledge of experts in the field;
- Maintain consistent oversight on due diligence processes throughout the implementation of the project and after its conclusion, updating the information on counterparties where necessary;
- Record and archive all stages of the due diligence process also with a view to ensuring that the data can be used if an investigation is required;
- Deliver training sessions for due diligence officers to ensure quality standards.