Four ways for companies in emerging markets to prioritize integrity

Discover how organizations operating in emerging markets can reduce misconduct, build trust and create long-term value.

This article is a emerging markets perspective of the EY Global Integrity Report.


In brief

  • Integrity challenges and breaches of trust in emerging markets are making business leaders anxious about investing and operating in them.
  • Businesses are putting integrity higher up the agenda, encouraging whistleblowing, focusing on data protection and addressing third-party integrity issues.
  • But there is still much work to do, and an EY report offers important recommendations for improvement.

Integrity and issues of misconduct are a matter of concern for businesses everywhere, but more so in emerging markets. The latest EY Global Integrity Report – emerging markets perspective (pdf) illustrates the extent of this problem and offers some recommendations for improvement.

The report surveyed board members, managers and employees in 21 emerging market countries. Approximately one-third (32%) of respondents from emerging markets say that bribery and corrupt practices present the greatest risk to the long-term success of their businesses, and just over one-quarter (27%) point to fraud. In addition, nearly one-third (30%) believe that the risk of a cyber and ransomware attack is a significant threat.

Another factor to be considered is the economic disruption and uncertainty caused by the COVID-19 outbreak. The World Bank expects developing economies to shrink for the first time in six decades as they count the cost of the pandemic1. This heightens the issue as there is an expectation that ethical practices come under pressure during times of crisis. This is evidenced from the EY report, which suggests that standards and best practice are likely to slip when times are tough.

However, organizations operating in emerging markets are making dedicated and concerted efforts to reduce misconduct. They are adopting four measures in particular:

  1. Putting corporate integrity high on the management agenda 
  2. Encouraging employees to blow the whistle on misconduct
  3. Increasing the focus on cyber and data protection
  4. Addressing third-party integrity issues

1. Putting corporate integrity high on the management agenda

According to the EY report (pdf), more than half (55%) of respondents in emerging markets say that management frequently communicates the importance of operating with integrity, compared with only 39% in developed markets. This proportion varies significantly across emerging markets, with 76% of managers frequently communicating the importance of integrity in China compared with just 25% in the UAE.

Talking about corporate integrity helps to build a culture of trust and integrity across the whole business. However, actions are far more important than words. Management should back up proclamations about integrity by setting visible examples and having clear key performance indicators (KPIs) in place to measure the impact of their initiatives.

Organizations must lead from the top on corporate integrity. Employees should understand that acting with integrity is the right thing to do and that such behavior can help differentiate the business from others and not just because local or global regulations require the business to act in this way. The second step is for formal programs, training, procedures and policies to be put in place by senior leadership and communicated clearly to the wider company. It is also essential for senior leaders to be seen to be following these rules themselves. It is their duty to clear the path for others to follow. 

2. Encouraging employees to blow the whistle on misconduct

Employees’ voices must be heard in any organization. This can be achieved by creating a “speak-up” and “active-listening” culture. However, raising the alarm about misconduct or unethical behavior can be considered risky for individuals, who might fear retaliation – both professionally and personally. More than a third of respondents in emerging markets say they haven’t reported concerns about integrity due to worries about their career progression. A worrying statistic is that nearly 3 in 10 employees kept their concerns private, out of fear for their own personal safety.

The research shows however that companies in emerging markets are making efforts to facilitate whistleblowing. Almost half (44%) of respondents say it has become easier for employees to report their concerns over the past three years compared with only 34% in developed markets.

Businesses must make employees feel that they can safely report misconduct, that it is practically possible to do so and that it is in the best interests of the firm. Multiple channels for reporting concerns must be available so that employees have the option to choose what they are comfortable with. It is also extremely important that companies protect whistleblowers from retaliation.

These goals can be achieved with the right governance setup that instills and ensures independence and confidentiality. Training and awareness programs need to be established to facilitate an open and transparent culture. Whistleblowing programs form a key pillar of the organization’s corporate governance framework, and management and board oversight will be crucial for its success.

3. Increasing the focus on cyber and data protection

COVID-19 has heightened the risk of cyber breaches, given the increasing reliance on the internet and remote working by businesses. This increased dependency may lead to cyber criminals exploiting the vulnerabilities in weak networks and targeting unsuspecting employees. Data protection has thus emerged as a priority and most international companies are implementing a number of data-protection practices and policies in line with applicable regulations.

Encouragingly, the EY report highlights that more than half (55%) of companies in emerging markets offer training to employees on how they can prevent data security breaches – compared with just 45% of companies in developed markets.

Governments are taking steps to introduce legislation that outlines and clarifies companies’ data protection responsibilities and the penalties for noncompliance.2 This year, for instance, Brazil’s General Data Protection Law has come into effect. It aims to unify 40 different statutes that previously governed personal data online and offline.3 In India, meanwhile, proposals are in place for the Personal Data Protection Bill, a major new law to control the processing of citizen data.4

Businesses in emerging markets need to be leading the way in dealing with data privacy issues and not just through strengthening controls and processes in line with developed markets. Organizations should consider building a data privacy and protection framework, with strong guidance and support from the management and board. Regular communication and awareness should be conducted among employees as well as third parties.

They should also leverage the right technologies as part of their information governance frameworks, covering identification data, categorization, retention or disposal and consolidation of data. Attacks can be triggered externally or via internal breaches, and organizations need to adopt the latest technologies and tools to help identify issues and improve vigilance.  

4. Addressing third-party integrity issues

Businesses’ efforts to improve integrity will be undermined if their third parties engage in poor conduct. The data in the report reveal that businesses operating in emerging markets are aware of this threat. Only 35% of businesses in emerging markets are very confident that their third-party partners operate with integrity; in Malaysia, that figure reduces to 25%. With remote working, restricted operations and limited mobility, COVID-19 has made it harder to assess third-party risk.

Conducting adequate due diligence before onboarding a third-party vendor is critical to mitigate long-term risks and comply with enforcement standards. These checks should typically cover information gathered from publicly available sources to ascertain negative reports, involvement in litigation, loan defaults, bankruptcy, regulatory noncompliance and criminal activities. They may flag up potential areas of concern, such as omission of key directors or shareholders, limited information or history available, and irregularities in processes.

Organizations should make third-party due diligence a periodic exercise and not just a one-off activity, as the nature, type of risks and regulatory ambit will continuously evolve with time.

Third-party onboarding processes should also be looked at from a risk perspective through a proper contract, with appropriate contractual audit rights. It’s also vital for businesses to provide ongoing training to third parties about which laws and policies they must adhere to, including compliance certifications in their jurisdictions.

About the survey

Between January and February 2020, our researchers — the global market research agency Ipsos MORI – conducted 2,948 surveys in the local language with board members, senior managers, managers and employees in a sample of the largest organizations and public bodies in 33 countries and territories worldwide. Of these, 1,730 surveys were conducted in 21 emerging market countries including: Brazil, China, India, Kenya, Mexico, Nigeria, Poland, Russia, Saudi Arabia, Singapore, South Africa, United Arab Emirates, Argentina, Chile, Colombia, Malaysia, Turkey, Lithuania, Latvia, Estonia and Peru. A further 600 surveys in total were conducted in April 2020 using the same respondent profile across China and India, as well as Germany, Italy, the UK and the US during the COVID-19 pandemic.


Summary

Widespread issues of misconduct in emerging markets are making business leaders anxious about investing and operating across these geographies. According to the latest EY Global Integrity Report – emerging markets perspective (pdf), organizations operating in emerging markets are making a concerted effort to reduce misconduct and tackle integrity challenges. However, there is an ethical, strategic and financial need to do more to establish a culture of integrity.

About this article

Related article