Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

To manage compliance risk, first find it

Corrupt payments are made to achieve important objectives — important enough to risk possible loss of reputation and criminal prosecution. The most common objectives are winning business, maintaining business, and executing transactions faster.

To locate corruption risk within a company, it’s important to first identify transactions that present the opportunity and the motivation for corrupt payments. These touch points of corruption risk will be different for each company based on its product, go-to-market model, customer base, and other key attributes of the business.

The touch points of corruption risk are those practices and activities where there’s motive, means, and opportunity. Common factors indicating heightened risk include whether products necessitate ongoing engagement with or visibility into the actions of customers and other external parties or require government authorizations or permits, complex sales channels, in-country presence and facilities overseas, and use of remote sites (“off-the-control grid” operations).

Once mapped and assessed, appropriate limitations and controls can be applied to the sales channels, modes of payments, parties and activities.

For example, a gift to a recipient with a key role in an identified higher risk sales transaction, or connected to another party in such transaction, can be identified as a higher risk payment than would the same gift have if made to recipients unrelated to a high risk transaction. Such a gift, once identified as posing a heightened risk, can be prohibited or limited and other payments and transmission of value can be monitored for possible provision (directly or indirectly) to the proposed recipient.

The next generation of anti-corruption controls can achieve greater effectiveness, with fewer resources, through this contextual alignment model. It’s the opposite of the categorical application of controls. With contextual alignment, the company can impose controls in proportion to the risk presented and where it’s presented.

Thus, controls aligned within the context of the actual points of exposure to risk result in greater efficiencies, utilizing fewer resources while yielding greater effectiveness.

Further, by identifying and mapping the central touch points of risk, the compliance program can be measured and analyzed by whether, how, and to what degree appropriate controls are applied in relation to such touch points.


Luke Brussel leads GE Capital’s global anti-corruption compliance program, previously he served as Chief Compliance Officer and Corporate Counsel for Cengage Learning (formerly a Thomson Reuters’ business), Chief of Staff and Counsel in the New York Legislature, and as an associate with Kaye Scholer LLP’s Corporate Finance group. He is a graduate of the University of Pennsylvania Law School.

The views presented in this post are Mr. Brussel’s and not necessarily those of any company or institution with which he is presently or was previously affiliated.

Share this post


1 Comment

  1. Dear Luke Brussel,

    Very interesting point of view/approach: "with contextual alignment, the company can impose controls in proportion to the risk presented and where it's presented".

    Thank you for the article.

    Sandro Melo

Comments are closed for this article!