Case studies

Conducting thorough due diligence

6 minute read

This is a case study for business owners on the importance of conducting thorough due diligence before and after acquiring another business, to prevent the risk of being implicated in historic or post-merger bribery.


SwiftCo is a medium-sized telecommunications business which has experienced success in the Australian market in recent years. In an exciting new opportunity, SwiftCo is planning to merge with ByteCo, a similar sized telecommunications business based in Europe that already conducts business in several countries. The merger will create a new entity, incorporating parts of the businesses of SwiftCo and ByteCo. Executives from both firms will sit on the board of the new entity.

SwiftCo is currently conducting a due diligence review of ByteCo’s business, with a particular focus on its service contracts, communications with clients and financial documents. ByteCo has given SwiftCo access to documents and assured SwiftCo that these documents are all SwiftCo needs to see. While conducting the review, SwiftCo staff notice the following:

  • International service contracts often refer to ‘administrative operations fees’ in connection with dealings with foreign departments without any specific details of why these fees are incurred; and
  • Some incomplete financial record-keeping.

SwiftCo’s staff are unsure of how to interpret these issues. At the same time, the business learns that an Australian competitor is looking to acquire ByteCo and it is keen to seal the deal. As a result, issues identified by SwiftCo’s staff are not thoroughly examined. SwiftCo decides to take ByteCo’s word that there is nothing to be concerned about.

After the merger, SwiftCo staff notice the following:

  • Invoices issued to ByteCo sometimes do not match the service contracts agreed to by overseas customers; and
  • Correspondence about meetings with customers shows that meetings regularly take place in fancy restaurants with ByteCo executives often treating customers to expensive meals.

SwiftCo’s senior executives do not want to create complications with their new business partners.  They assume this conduct is ‘business as usual’ in the overseas markets in which ByteCo operates, and remind themselves that nothing of concern was identified in the due diligence process. 

Eighteen months after the merger is complete, the newly created entity is charged with foreign bribery offences for conduct that took place before and after the merger. SwiftCo’s executives learn that prior to the merger, ByteCo’s growth strategy relied heavily on third party consultants to facilitate entry into offshore markets. These consultants received large administrative operations fees from ByteCo that do not appear attributable to services provided.

The newly created entity finds itself facing potential criminal proceedings and is at risk of having to pay a large fine.

What should SwiftCo have done to prevent this risk?

SwiftCo should have ensured thorough due diligence and followed up, and investigated the red flags that were identified prior to, during and after the merger. Its ‘desktop’ review of ByteCo was insufficient and contributed to the failure to identify further red flags post-merger.

To be able to pick up on red flags in the first place, it is crucial that businesses understand anti-bribery and corruption risks. Prevention is the strongest tool to reduce bribery and corruption risks. Due diligence is an important step in that process. It can save a business from serious financial and legal problems if red flags are identified and properly addressed at an early stage.

Due diligence is also required for business relationships – it is not only necessary in mergers and acquisitions. Robust due diligence is vital in preventing and detecting bribery and corruption.

The measures below will help a business avoid a situation similar to the one SwiftCo finds itself in.

Step 1: Help staff understand how to identify risks of bribery and corruption in their industry

The business needs to set a tone of zero-tolerance for bribery and corruption. 

Implementing an anti-bribery and corruption policy, keeping it relevant, and ensuring it is understood and followed by the business, is a must.

The business should educate staff and directors on what potential risks look like in practice. This will support people in the business to be alert to risks when carrying out due diligence.

Red flags that should be escalated in due diligence may include:

  • Large hospitality expenses;
  • Vague or unexplained invoices or descriptions for amounts paid to third parties, or suspicious patterns of payments such as payments being made in multiple smaller amounts, in cash or to personal or offshore accounts;
  • The target company winning tenders unexpectedly or frequently;
  • Agents or business partners charging large commissions, demanding upfront fees or ‘success fees’ payable only if a tender is won;
  • Political donations;
  • A target company dealing in industries or countries where bribery and corruption are known to be more prevalent; and
  • Interactions and involvement between a target company and foreign public officials.

Step 2: Evaluate the target business’s approach to anti-bribery and corruption compliance through due diligence

When undertaking due diligence, it is important to ask questions about how the target company manages anti-bribery and corruption risks. A desktop review is a good start, but should be followed up with interviews and requests for further information, such as a request to see an anti-bribery and corruption or risk management policy, or records of relevant staff training sessions.

In this example, SwiftCo should have questioned ByteCo’s suspicious invoices and asked for an explanation of its incomplete record keeping. It could also have discussed with ByteCo staff how the organisation identified non-compliant or suspicious transactions.

Step 3: Promote anti-bribery and corruption within the merged entity through post-acquisition activities

Considering bribery and corruption risks only prior to a merger or acquisition is not enough. Due diligence is an ongoing process.

In the scenario above, post-acquisition, the newly created entity could have:

  • Conducted a risk assessment and review of the operations of ByteCo and its customers to identify relevant risks and standard business practices;
  • Developed and implemented practices across the merged entity:
    • prohibiting facilitation payments;
    • concerning giving and receiving gifts and hospitality;
    • detailing expenditure categories for the business with monetary limits; and
    • enhancing record-keeping practices.
  • Made inquiries about overseas business partners to understand better their role and purpose;
  • Made an anti-bribery and corruption policy available to all staff and implemented it throughout the merged entity through communications and training programs. See the Implementing an anti-bribery and corruption policy case study;
  • Required business partners and agents to comply with the merged entity’s anti-bribery and corruption policy as a term of engagement; and
  • Made a whistleblower policy and hotline accessible and available to all staff and encouraged a ‘speak up’ culture. See the Implementing a whistleblower policy case study.

Step 4: Ensure effective audit processes are in place

An effective audit process is an important tool in the due diligence process. It is often the first time a red flag can be identified internally. Any audit process that detects bribery red flags allows an organisation to:

  • Take steps to adequately address the matter;
  • If necessary, seek further advice; and
  • Potentially mitigate the risk of serious legal and financial implications.

The Bribery Prevention Network acknowledges the pro-bono contribution of Corrs Chambers Westgarth in developing this case study.

Relevant resources

Conduct third party due diligence using this practical guidance developed to support business practitioners manage bribery and corruption risks. The guidance highlights a risk-based due diligence process with four key points. Additional considerations, lessons learned, good practice tips and sample due diligence tools are provided.

Filed under Due Diligence Prevent

As type PDF

View resource

Create cost-effective due diligence procedures that help to minimise corruption risks and adhere to international anti-corruption standards. This guidance is targeted at small and medium enterprises (SMEs) and recognises the unique challenges SMEs face. It gives a detailed overview of how and when to undertake due diligence, including practical advice. Sample due diligence tools and templates are provided.

Filed under Due Diligence Prevent

As type PDF

View resource

Undertake due diligence with these five practical online tools when seeking to prevent and address bribery and corruption in business operations. These include guidance on public procurement due diligence and interactive risk assessment tools. Flowcharts are provided to support businesses in screening partners, agents and contractors. The tools are provided as part of GAN Integrity’s guide to building a compliance program.

Filed under Due Diligence Prevent

As type Web

View resource

This suite of tools and guidance covers topics including facilitation payments, bribery red flags, and training materials to help identify and manage bribery risks. It includes a flow chart of practical steps businesses can take before entering any formal relationship with business partners or associates and what due diligence can be conducted. This resource forms part of Austrade’s suite of anti-bribery materials.

This resource will support businesses to understand and implement risk-based due diligence as recommended by the OECD Guidelines for Multinational Enterprises – a key international standard on responsible business conduct. The guidance describes the due diligence process using six key steps and suggests practical actions business can take. Helpful tips and detailed explanations are also provided, supported by examples.

Ranks 180 countries and territories by their perceived levels of public sector corruption. Helps companies to understand and compare the corruption risks of operating in different countries. Useful for undertaking third party risk analysis and due diligence. Learn about regional trends, and the areas that have the greatest bribery and corruption risks.