Skip to main content

Anti-Corruption Toolkits for Business

Prevent corruption through our research-based findings and grow your business.

It’s proven that corruption and bribery is bad for business. In certain contexts, corruption is even the single most important determinant of investment growth. We support companies worldwide to develop anti-corruption systems, which can help prevent corruption and boost business. Here are resources to use to make anti-corruption a key part of your business strategy.

  1. Commit to an anti-corruption programme 'From the top'
  2. Assess the current status and risk environment
  3. Plan the anti-corruption programme
  4. Act on the plan
  5. Monitor controls and progress
  6. Report internally and externally on the programme

Step 1: Commit to an Anti-Corruption Programme 'From the Top'

Companies should adopt an anti-corruption programme as an expression of core values of integrity and responsibility as well as to effectively counter corruption.

An effective programme requires oversight, leadership and support from the Board of Directors (or equivalent) and senior management.

The commitment should be expressed formally through a written statement published internally and externally.

  • The owners/shareholders, chairman or Chief Executive Officer publishes a statement of the organisation’s commitment to anti-corruption business principles, e.g.:
    • “The enterprise shall prohibit corruption in any form whether direct or indirect.”
    • “The enterprise shall commit to implementing a programme to counter corruption.”
    • The commitment is communicated and adopted throughout the organisation in operational (e.g. procurement) and key support (e.g. Finance & Controlling) departments, as well as to external stakeholders worldwide.
  • Sufficient resources are allocated to ensure implementation or review of the anti-corruption programme, which may include the setup of an independent, cross-functional project team.
  • Commitment from the business’s senior management should be renewed on a periodic and regular basis (e.g. yearly).
  • A “culture of integrity” is fostered from the top down.

The Business Principles are not only relevant in the Commit phase, but apply throughout all other phases of the Business Integrity Toolkit.

Step 2: Assess the Current Status and Risk Environment

Before a business develops and implements its anti-corruption programme, it conducts a risk assessment.

The aim of the risk assessment is to identify areas of greatest inherent risk (for example along geographic or functional lines) and evaluate the effectiveness of existing risk-mitigating measures.

As a result, the business can prioritise and allocate resources appropriately to the areas of greatest risk.

  • The risk assessment identifies inherent risks of corruption by:
    • industry,
    • the countries in which the business operates, and
    • business-specific corruption risks, such as the procurement processes, interaction with public officials, utilisation of intermediaries, political contributions, facilitation payments etc.
  • Also, the risk assessment evaluates the effectiveness of existing risk-mitigating measures to determine the residual risks of corruption in the business.
  • Finally, the risk assessment takes into consideration:
    • changes in the legal environment,
    • new or increased risk exposure,
    • technological developments (e.g. continuous auditing), or
    • past experience (e.g. internal audit reports, incidents).
  • The Anti-Bribery Checklist helps businesses to carry out a high-level assessment of their anti-corruption approach.
  • The Corruption Perceptions Index supports businesses to understand the perceived level of corruption in a particular country among public officials and politicians.
  • The Global Corruption Barometer assesses general public attitudes towards, and experience of, corruption in dozens of countries around the world.

Step 3: Plan the Anti-Corruption Programme

After completing its risk assessment, a business lays the foundation by developing a plan of action.

Policies and procedures are developed defining the scope and activities of the anti-corruption programme.

The policies and procedures should be available throughout the organisation and be issued in the main languages of all employees.

The programme should address the most prevalent forms of corruption relevant to the business, but at a minimum should cover the following areas:

  • Corruption within the business (Examples: Fraud, Conflicts of Interest, Insider Trading)
  • Corruption in the supply chain (Examples: Bribery, Extortion)
  • Corruption in the market environment (Example: Collusion)
  • Corruption in society (Example: Undue influence)
  • Laundering the proceeds of corruption (Example: Money Laundering)
  • Detailed policies, processes, training materials and guidance that form the basis for the detailed implementation in step 4 (ACT) are drafted (or reviewed):
    • Who is responsible for ensuring compliance with and monitoring the programme (e.g. compliance officer, internal audit)?
    • Do existing policies need to be adapted (e.g. employee incentive structures)?
    • What monitoring controls are needed?
    • How will suggestions and complaints be handled?
    • How will the programme be communicated to internal and external stakeholders?
    • To what extent will external assurance and reporting be used?
    • What recordkeeping systems need to be put in place?
  • The policies and procedures should be reviewed and approved by management, employee representatives and (if appropriate) external stakeholders.
  • The detailed implementation plan (including objectives, resources and timetable) must be drafted and approved by all relevant parties before proceeding to step 4.

Step 4: Act on the Plan

After planning an anti-corruption programme, the written words need to be translated into visible actions.

This is a key step in the overall framework, as it is Transparency International’s experience that while many businesses have well planned programmes they fall short on effective implementation.

Controls must be tempered in consideration of the trustworthiness and competence of stakeholders.

  • The policies and procedures need to be integrated into the organisational structures:
    • Implement policies and procedures (e.g. internal checks and balances)
    • Develop supporting systems (IT, etc.)
    • Communicate the programme (e.g. CEO announcement, workshops, newsletter)
    • Identify ‘local champions’ to support the implementation
    • Deliver training (face-to-face, self-study etc.)
    • Provide supporting tools and guidance (e.g. self-assessment survey for high-risk departments)
    • Address concerns and issues (e.g. hotline, FAQ)
  • Furthermore, the capacity of internal functions needs to be reviewed and (if necessary) strengthened (e.g. building an international law repository):
    • Support functions (legal, finance, internal audit, human resources etc.)
    • Operational functions (procurement and supply chain management, marketing, sales etc.)

Step 5: Monitor Controls and Progress

Implementing an anti-corruption programme is not a one-time event; it needs to be followed up through regular periodic evaluation (monitoring).

Monitoring ensures that strengths and weaknesses are identified and that the programme is continuously improved to remain effective and up-to-date (change management activities).

Internal and external monitoring must be undertaken.

  • Responsibility for the monitoring of the overall anti-corruption programme needs to be assigned clearly and resources made available.
  • The progress of the overall programme needs to be continuously monitored (e.g. internal employee self-evaluations, automated controls monitoring).
  • The management of the company (e.g. Board of Directors, Audit Committee) must review the results of internal and external reviews and ensure that required changes are implemented in an appropriate and prompt manner.
  • In addition to internal monitoring and traditional external auditing processes, external independent assurance should be considered to provide further security to management and stakeholders regarding the effectiveness of the anti-corruption programme.
  • The Assurance Framework for Corporate Anti-bribery Programmes seeks to strengthen and lend greater credibility to their anti-corruption programmes through the use of voluntary independent assurance.
  • The Self-Evaluation Tool helps businesses to determine where they stand with their anti-corruption programme and identify improvements, based on an easy-to-use checklist that comprises an in-depth and extensive range of more than 240 indicators. Download PDF , Download Word Document

Step 6: Report Internally and Externally on the Programme

Reporting on the anti-corruption programme demonstrates the sincerity of the company’s commitment and demonstrates how values and polices are being translated into action.

  • Reporting on anti-corruption raises awareness among employees and provides a means of control and discipline for the management.
  • Reporting on anti-corruption positively influences a business’s reputation in the marketplace and society.
  • Reporting on anti-corruption establishes a common language to measure, compare, discuss and improve anti-corruption activities and practices.

Reporting not only reassures internal and external stakeholders that the business is operating properly but can also act as a deterrent to those intending to bribe or solicit bribes.

  • Information about the programme needs to be regularly communicated to relevant internal and external stakeholders, e.g.:
    • how the programme is being implemented,
    • employee perceptions and attitudes to the company’s anti-corruption stance and performance,
    • numbers of inquires or issues raised through help and whistle-blowing channels,
    • numbers and types of violations detected as well as corrective action undertaken,
    • sanctions applied and transactions abandoned because of corruption incidents etc.
  • Implementation experiences should be discussed with external stakeholders and peer groups to share good (and bad) practices and learn from each other (e.g. through participation in voluntary anti-corruption initiatives).

Transparency International may work with individual companies or a group of private sector participants to establish a plan of action.


State-Owned Enterprise Healthcheck

Publication •

The State-Owned Enterprise Healthcheck is a self-assessment tool to assist SOEs to appraise and improve their anti-corruption policies and procedures using the SOE principles.


of 1