Commodities Corruption. Combating the exploding supply chain risk

“Your silver has become dross, your wine mixed with water.”
—Book of Isaiah, 1:22

As the Old Testament prophet Isaiah knew perfectly well when he wrote the above verse some 3,000 years ago, diluting the quality of commodity goods is a time-honored way of reaping an illicit profit—and the situation has only grown worse ever since.

In the business world of today—with its global supply chains, complex products with hundreds of components, impenetrable thickets of regulation, and activists ready to lay siege via lawsuit or social media at the slightest infraction—commodity risks in the supply chain have exploded, in ways Isaiah could never have imagined.

As a concept, the problem is easy to grasp. Suppliers mix two piles of commodity goods together. One group might have some restriction such as high import taxes, or economic sanctions, or quality defects; the other does not. Then the supplier passes along the whole bundle as the pile that’s more valuable.

Define that practice as part of “trade misinvoicing” (which includes tax evasion, money laundering, and dodging capital controls among its motives), then the volume of corruption is huge: from $465.3 billion in emerging markets in 2004, to $1.1 trillion in 2013, according to Global Financial Integrity. Define it more narrowly, and the numbers are still enormous. Interpol estimates the annual revenue from counterfeit or misdirected pharmaceuticals alone at $75 billion. In 2007 the Organization for Economic Cooperation and Developmentcalculated worldwide trade in counterfeit goods at $250 billion, and the number certainly has gone up since then.

Specific examples abound. In East Africa, rice farmers are under pressure from commodity dealers who mix imported rice from Pakistan (which carries a low import duty) with rice from Kenya (which carries a higher duty), and then sell the blended package as low-cost Pakistani product to evade tariffs. A report published by the African Union in 2015 estimates that Kenya’s tax loss due to trade misinvoicing is 8.3 percent of government revenue. In the United States, manufacturers must now determine whether any of their products contain four “conflict minerals” sourced from mines in Central Africa that might help fund warlords there. Off the coast of Thailand, slave labor is used to pull shrimp out of the water that eventually finds its way into food products sold in North America and Europe.

This is the next generation of commodity risk. Historically, large purchasers of raw materials worried foremost about price volatility and diversity of suppliers, either to meet financial projections or to avoid business interruptions. Today corporations must also worry much more about compliance risk (if they are unwitting participants in violating economic sanctions or tax fraud, for example) as well as reputation risk (if their goods are identified as coming from undesirable suppliers).

“Clearly companies have a handle on financial risks, but if they’re operating in emerging markets they’re dealing with multiple issues,” says Talib Dhanji, a partner at EY and leader of the firm’s commodities practice. “The key is to be on top of the different ways that people can commit fraud.”

Trading firms have a somewhat different set of risks from their industrial customers, because many firms don’t take physical possession of the goods in question; they only trade futures and hedging instruments with other firms or customers. The frauds they might encounter, then, are more about unreliable promises than contaminated goods.

For example, U.S. authorities began a crackdown in 2012 of “RIN fraud,” where people were selling bogus Renewable Identification Numbers that purported to let corporate customers buy clean-burning biofuels; in fact, the RIN certificates were worthless and not tied to any particular shipment of fuel. In 2014, trading firms were shaken by news that a metals broker in the Chinese port of Qingdao was selling rights to the same pile of metals to multiple buyers, who were using those receipts as collateral for bank loans.

“Just because you get a nicely published document, that doesn’t mean it’s appropriate,” Dhanji says. “You’ve got to have the right quality controls in place.”

Trading firms are better positioned to put those controls in place, both because they face heavy oversight from U.S. and European regulators, and because the thin profit margins in commodities can mean severe financial pain if they fall victim to unscrupulous dealers. A delivery that turns out not to meet specifications on quality, place of origin, or volume, for example, might mean a hedging instrument based on that shipment is invalid or insurers won’t cover the loss. That threat tends to focus the trader’s mind.

“Commodities traders have been at it for a while,” Dhanji says. “If I’m a coffee buyer, I’m used to walking through the streets of Africa or Latin America.”

More challenges higher up the chain

Corporations that consume raw materials are in a more difficult spot. They are facing more public scrutiny and regulatory oversight than ever before, and many still don’t have the right processes or structures to manage these new commodity risks effectively.

For example, price risk is something a business understands: a company can employ sophisticated hedging strategies to offset surprises in the price of raw materials, and typically the financial or treasury functions would take the lead on that. Likewise, procurement departments can take the lead on reducing business interruption risk by seeking reliable suppliers.

Compliance and reputation risks in the supply chain are different. Instead of a company looking horizontally to find more suppliers of materials, the company must look verticallydown to its suppliers, and then their suppliers, and their suppliers, and so forth—all to be sure that no unwanted goods have infiltrated the supply chain at any point. That requires new mechanisms to confirm the source of commodity goods; and new collaboration among treasury, risk, procurement, and compliance departments to do the task well.

The consequences can be significant. Take the example of slave labor used in the fisheries business in Thailand. Nestle, Costco, and Whole Foods have all been sued in the state of California, by activists who accused the companies of not doing enough to eradicate those shrimp supplies from their products sold in Western supermarkets. The plaintiffs have exploited the California Transparency in Supply Chains Act, which requires businesses to disclose what efforts they take to remove human trafficking from their supply chains. Essentially, legal observers say, activists are using the companies’ own disclosures against them.

The cases were all filed towards the end of last year and are still pending. Nestle, meanwhile, took the extraordinary step in November of admitting forced labor is part of its supply chain. It also announced numerous steps to address the problem, from anonymous reporting hotlines, to more training, to external audits of its anti-trafficking efforts.

The underlying dynamic there—a sharp increase in compliance and reputation risks for goods that previously only carried financial risk—upends the usual company oversight. Once upon a time, the corporate treasurer or risk officer would be in charge of finding the right hedging strategy to ensure enough materials at acceptable prices. Today a company cannot manage physical purchasing and financial risks in isolation; it must address compliance and reputational risks as well.

That is something treasury and risk officers have rarely done. Likewise, the company functions most likely to oversee compliance and reputational risks (the compliance and legal departments) have less experience with the supply chain.

Seeing down the chain

Most large companies already appreciate the risks posed by their immediate suppliers, distributors, and other third parties; some have even launched vigorous programs to herd those third parties toward some desired standard of conduct. But that only brings visibility to the next link on your supply chain. The real risks are further down—the third parties ofyour third parties, and that group’s third parties, and so on.

That means businesses must somehow push their own due diligence efforts further down the supply chain if they wish to combat that risk of unscrupulous commodities trading. The certificate of origin is one useful first step, but it is only that: a first step, and a rudimentary one at that. An end-to-end program to fight commodities corruption involves much more, and needs the following characteristics:

The efforts can be documented.

Commodities dealers already use certificates of origin throughout the import-export world to show where their goods purport to come from. Large companies often use due diligence services to investigate and confirm the details of third parties they want to use; they also often require third parties to certify that they have read (and will follow) the company’s code of conduct. All such efforts should documented, and the documentation placed in some central repository so it can be found whenever necessary, by anyone who needs to peer down the supply chain.

The efforts follow standards.

All companies ultimately are responsible for vetting their own supply chain, but in the real world where most corporations have thousands (if not more) of third parties—other links in your supply chain can make themselves more appealing by adhering to standards set by trustworthy trade groups.

The efforts can be audited.

A right-to-audit clause should be standard in any supplier agreement, even if your business has limited ability to conduct an actual audit. Trusting your suppliers to obey some code of conduct is no longer enough, in the eyes of regulators, investors, and the public.

The efforts should be incentive-based.

Even if you have a superb code of supplier conduct, and thorough documentation requirements, and right-to-audit clauses you exercise regularly—all that means you will face considerable labor yourself to ensure you have an ethically rigorous supply chain. The ideal is to construct a system where every part of the supply chain has commercial incentive to be ethical. It reduces your effort, builds trust, and even further ostracizes the few unscrupulous commodity traders who remain.

The second battle front: within

Another challenge is to ensure that everyone within your company who somehow plays a role in the supply chain (which can be a lot of people) shares all the risks they see with everyone else, so senior management can run a coordinated effort that reduces everything from wasted money to bad headlines.

Those communication channels are crucial. In one survey of more than 600 supply chain professionals Thomson Reuters conducted at the end of 2015, nearly two-thirds of respondents said procurement and compliance departments both oversee two critical tasks: assessing your supply chain risks, and assessing your third parties’ compliance with company policies.

“The ideal arrangement is for the procurement and compliance departments to be in agreement about who does what, communicating regularly to discuss what they know,” says Shaun Sibley, Thomson Reuters managing director for Commodities.

What can happen if that communication falters? Compliance officers might impose policies for new suppliers that procurement doesn’t want, or worse, doesn’t understand. Internal audit might review business continuity plans (a perfectly normal job for internal auditors to do), and recommend changing the number or mix of key suppliers you have—which might thwart the compliance department’s priorities, as well as the procurement department’s plans or the treasurer’s hedging strategies.

“The wise way to approach the problem is to have corporate functions that know the riskswork to support the corporate functions that know the supply chain,” Sibley says “Experts at assessing risk who are usually compliance, legal, audit must help the experts at finding suppliers who are usually procurement, sales, operations, and in our increasingly data-driven world, IT.”

Compliance or risk committees have existed in many large organizations for years, to ensure everyone is aware of various risks the business faces and the practical challenges of getting business done. Supply chain risks are no longer any different—especially as regulators, investors, and the public push more of their concerns about global business standards onto corporations everywhere. Like all good jolts, those pressures roll right down the chain.