The latest Integrity Report by EY found that according to respondents in emerging markets, it is tougher for organisations to maintain integrity standards under difficult market conditions. Some, notably in South Africa, cited bribery and corruption as key risks, while others highlighted cyberattacks and ransomware, says Sharon van Rooyen.
As organisations transition from managing the Covid-19 crisis toward building economic resilience, many are struggling to maintain integrity standards according to the latest EY Global Integrity Report which surveyed more than 1 700 respondents from 21 emerging markets.
The report reveals that 63% of respondents believe businesses operating in emerging markets are more likely to be adversely impacted by the current Covid-19 disruption.
Some 32% of respondents in emerging markets believe that bribery and corrupt practices present the greatest risk to the long-term success of their businesses, compared to 35% for South Africa, 38% for Kenya and 42% for Nigeria, the African respondents.
In addition, 30% of respondents believe that the risk of a cyber and ransomware attack is a significant threat, compared to 37% for South Africa, 40% for Nigeria and 56% for Kenya.
The need for whistleblowing
Interestingly, all three African countries surveyed say that standards of integrity in their organisation have generally improved in the past two years.
In South Africa, 87% of respondents say it has improved in the past two years or stayed the same. Given the level of public and media scrutiny on integrity in SA over the past 3 or more years this is welcome but hardly surprising.
According to the report, Kenya and South Africa raising the alarm about misconduct is still a significant issue in comparison to other emerging markets surveyed.
But worryingly, in South Africa, a third of respondents were uneasy to report such concerns due to fear of the impact of their future careers, compared to 45% in Kenya and 29% in Nigeria.
This suggests that organisations need to revisit their whistleblowing programmes to ensure employees feel that they can safely report misconduct without reprisal.
Whistleblowing programmes form a key pillar of the organisation’s corporate governance framework and management and board oversight will be crucial for its success.
African respondents did not think that the complex regulatory environment posed a very high risk, perhaps because of the perception that the regulatory environment in the three African countries is less complex than some of the more mature markets.
The report highlights four key areas for organisations to consider in order to better manage the risk of corporate misconduct:
- Corporate integrity should be top priority in management’s playbook
Business leaders are always in a crucial position when it comes to taking difficult decisions. The report highlights that 55% of respondents in emerging markets say their management frequently communicates the importance of operating with integrity, compared to only 39% in developed markets.
This proportion varies significantly by country from just 25% in UAE, rising to 53% in Malaysia and 67% in Kenya, 60% in Nigeria and 57% in South Africa.
- Voicing misconduct through whistleblowing channels
Some 37% of respondents in emerging markets say they haven’t reported concerns about integrity owing to apprehensions about their career progression.
Moreover, in South Africa, 49% of respondents say they haven’t reported concerns due to fear for personal safety compared to 50% in Kenya and 29% in Nigeria.
- Embracing disruptive technologies while protecting data
Emerging markets are embracing disruptive technologies and adapting to a digital life. While there has been an overwhelming shift to using new technologies and increased use of the internet with work from home, the risk exposure for organisations has amplified.
The report highlights that emerging markets are leading the way in mitigating growing risks, with 55% offering training to employees on how they can prevent data security breaches, compared to 45% in developed markets.
Organisational preparedness is also robust in emerging markets with 42% of respondents having an incident response plan in the event of a data security breach – regions such as South Africa were at 56% while India at 32%.
- Tackling third-party integrity risks
Remote working, restricted operations and limited mobility in many locations has also made it riskier to manage third-party relationships. Only 35% of businesses in emerging markets are very confident that their third-party partners operate with integrity, compared with 47% of Kenya respondents, 46% of South African respondents and 33% of Nigerian respondents.
Conducting adequate due diligence before on-boarding a third-party vendor is critical to mitigate long-term risks and comply with enforcement standards.
Technology solutions such as automated dashboards and data analytics can be enablers to bring efficiency into the third-party due diligence process.
Sharon van Rooyen is partner and head, EY Africa – Forensic & Integrity Services Leader. Views expressed are her own.