Marsh & McLennan Advantage Insights logo
Conversations and insights from the edge of global business
Menu Search

BRINK News is transitioning to This Moment platform on as of March 31, 2023. Read the update here.


Ramping Up Anti-Corruption Compliance Performance

The latest anti-corruption tool in the compliance officer’s arsenal will be familiar to most sales, supply chain and manufacturing executives: the key performance indicator (KPI). From both a practical perspective and a legal one, KPIs are essential for measuring whether anti-corruption compliance programs are effective.

Well-defined and appropriate KPIs are strategic-level measurements. Metrics are objective measures that are a subset of a KPI. Both provide benchmarks across an organization to enable stakeholders to determine what is working and what is not, allowing them to wisely allocate resources going forward.

On the legal front, well-documented KPIs provide useful evidence to enforcement authorities that compliance efforts are robust. The United States Department of Justice’s (DOJ) most recent iteration of how it will evaluate a corporate compliance program, Evaluation of Corporate Compliance Programs, makes clear that the Department will look closely at a company’s “collection and analysis of compliance data” to determine whether the evidence supports assertions that a compliance program is working effectively. The guidelines suggest that DOJ investigations may look at whether metrics have been used to detect misconduct or inform compliance programs, for example.

Ensuring KPIs are Useful and Effective

Developing KPIs and metrics sounds relatively straightforward, but in practice, it can be quite complex. To be effective, KPIs should include specific quantitative targets (e.g., train 100 percent of the company) and feature the supporting business processes and resources required to meet the objective.

Companies should focus on KPIs that impact performance, said Robin Corwin, a program manager at Rockwell Collins, an aviation and high-integrity solutions provider for commercial and military customers around the world.

“You don’t want to measure just to measure, but to change something,” Corwin said.

Corwin advised companies to “first measure things that are important to the success of your business and that are relatively easy to measure, then step back and look at how you can get better. Second, measure how you get better at what you are doing well.” Companies that draw on the expertise of personnel from different functions within the organization generally have greater success in developing relevant indicators.

Evolving KPIs with Program Maturity

Compliance managers designing a new compliance program will have different goals from those who are responsible for a mature one.

Organizations can use key performance indicators to showcase their commitment to anti-corruption measures.

The process used by Grupo Bimbo, the world’s largest bakery manufacturer headquartered in Mexico, is illustrative. Using KPIs and metrics, the company progressed from a young compliance program to a mature one over a relatively short period. The compliance team knew it would be a challenge to implement an anti-corruption compliance program across an organization featuring 22 subsidiaries with complex operations across the globe, according to its director, Ismael Vega Garduño. With key support from the CEO, the team trained more than 83,000 of its 113,000 associates within four months. One hundred percent of associates completed the initial training within the first year.

Vega said that to achieve this KPI, the team “had metrics behind the KPI that they had to complete. To roll out the KPI, there were also compliance tools the team had to develop and implement and department training that needed to be completed.” Grupo Bimbo’s compliance team now regularly develops a number of strategic KPIs for the department and then chooses the best actions to achieve the strategic objectives.

Elements of an Effective Program

There is no shortage of guidance as to what makes a robust anti-corruption program. At the Center for Responsible Enterprise and Trade (CREATe), we have distilled the leading guidance in the field into seven categories necessary for ensuring that the business processes are in place for an effective program. These categories include:

  • Risk assessment
  • Policies and procedures
  • Anti-corruption compliance team
  • Third-party management
  • Training
  • Monitoring and measurement
  • Corrective actions

When considering KPIs for the “corrective actions and improvements” category, organizations at higher levels of maturity will have a KPI that uses findings from investigations to inform the corrective action process. A more mature KPI for corrective actions might be “the percent of corrective actions required by senior management that are achieved by compliance team/business unit in a defined timeframe.” The potential metrics for this KPI might be:

  • Corrective actions are completed by business units in 60 days or less, 60-90 days, 90-120 days or more than 120 
  • Identified corrective actions are assessed by formal audit within six months.

Corwin advised that the calculations to measure an action can and should be adjusted over time. In her experience, the company found that “measuring things we could take action around, such as dollar savings, were important to improving the process.”

Developing KPIs for anti-corruption programs enables organizations to better understand and showcase the efficiency, effectiveness, quality and commitment the company has in its anti-corruption management system. Doing so not only makes practical sense, but also can prove helpful in illustrating that the program is truly embedded across an organization.

Leslie Benton

Vice President of the Center for Responsible Enterprise and Trade

Leslie Benton is the vice president the Center for Responsible Enterprise and Trade (, a non-governmental organization with a mission to promote leading practices in anti-corruption, cybersecurity, intellectual property and trade secret protection. She is also one of the drafters of the ISO 37001 Anti-Bribery Management Systems Standard.

Get ahead in a rapidly changing world. Sign up for our daily newsletter. Subscribe