Chapter 3. The state as an active and informed owner: What can and should it do?

Bolstering state ownership entities’ capacities in the area of anti-corruption and integrity

The ownership entity should develop consistent reporting on SOEs and publish an aggregate report on SOEs annually. The ownership entity is reliant on the quality and accuracy of inputs from SOE boards, or management reporting via the boards, on the efficiency and effectiveness of internal audit, competencies, objective reasoning, an understanding of what is material by the board and the quality of external auditors.

In view of the above findings of corruption in SOEs, as well as the variance in risk perceptions, ownership entities may wish to develop capacities to assess the reliability of reporting and understand any red flags brought to its attention. Related, ownership entities may also wish to develop adequate accounting and audit competencies to ensure sufficient communication with relevant counterparts, both with SOEs’ financial services, its internal audit function and specific state controllers.

Some ownership entities have the capacities and skill-sets to identify risks, including corruption risks, directly. Developing capacity for integrity, anti-corruption, compliance, corporate social responsibility, or responsible business conduct requires time and resources.

In some countries related skills are developed within the ownership entity itself, as has been done in Norway for instance, where the ownership entity has developed skills to assess anti-corruption and integrity, built up through other initiatives and through learning opportunities in engaging third parties, such as PwC, on the subject. In the Philippines’ Governance Commission for Government-Owned or Government Controlled Corporations (GCG), lawyers are trained on whistleblowing and investigations. One of the first trainings that staff of the Treasury of the Polish Chancellery receives is in anti-corruption.

Ownership entities could also establish a legal unit to consult on related matters as is done by the French authority, l’Agence des participations de l'État (APE), to consult on matters related to conflict of interest. Other countries may rely on independent groups to advise. In Iceland, the Ministry of Finance (the state ownership entity) appoints members to the independent Complaints Board for Public Procurement, which also applies to complaints against SOEs. While the Ministry of Finance does not hire for specific skills sets, it sees its representatives as having the necessary combined skills.

In yet other countries, ownership entities do not hire for specific skills sets, instead relying on the monitoring function of other state authorities, such as the Supreme Audit Institution, as is the case of Switzerland.

Co-ordinating with other relevant state authorities for improved anti-corruption and integrity in state-owned enterprises

The SOE Guidelines posit that, when appropriate and permitted by the legal system and the state’s level of ownership, a primary responsibility of the ownership entity is to maintain continuous dialogue with external auditors and specific state control organs (OECD, 2015a: II.F.6.).

The relationship of the ownership entity with other government bodies should be clearly defined (II.E). A number of state bodies, ministries or administrations may have different roles vis-à-vis the same SOEs. In order to increase public confidence in the way the state manages ownership of SOEs, it is important that these different roles be clearly identified and explained to the general public. For instance, the ownership entity should maintain co-operation and continuous dialogue with the SAIs responsible for auditing the SOEs.

The role of the state ownership entity should be given sufficient autonomy from other roles of the state – notably regulatory policy. As such, some countries co-ordinate only in the context of specific investigations if at all.

The majority of 28 state ownership entities that contributed directly to this report have some level of co-ordination and interaction with relevant authorities. Most often this is ad-hoc or “as needed”. Country experiences reported by state ownership entities outline the myriad of benefits that can come from professional co-ordination between relevant authorities. A company in New Zealand reported that one way in which the ownership entity supports them in anti-corruption and integrity is in networking across other Government Agencies. In the Czech Republic, the Minister of Finance coordinates through the Minister for Human Rights, Equal Opportunities and Legislation and Chair of the Government Anti-Corruption Coordination Council under the Prime Minister’s office.

Based on the national responses to the questionnaire, benefits of professional, cross-governmental co-ordination include the following:

• Staying well informed: State ownership entities may supply relevant information to authorities that may be required for investigations, annual reports or commentary on a specific risk, activity or sector. They may also demand such information in order to stay abreast of commentaries of SOE performance and conduct, such as audit reports for follow-up with companies. In view of the above findings, ownership entities can co-ordinate to be better informed about corruption vulnerabilities – such as ineffective internal controls - and their impact on performance.

• Co-operating with relevant authorities for investigations and enforcement, as needed and as discussed in section 3.6. The Polish authority co-ordinates with regulatory agencies on regular basis tailored to needs, answers questions and submits materials to administrative courts.

• Providing anti-corruption and integrity requirements and guidance, such as jointly developing a compliance programme with capacity building component; issuing guidelines for implementation of related legislation by SOEs or establishing recommendations for how the board and management of SOEs can put into place related mechanisms

  • Italy’s Ministry of Finance, exercising state ownership, has a long history in co-ordinating with the Italian National Anti-Corruption Agency (ANAC). Such co-operation has led to issuance of formal rules and binding mechanisms to prevent corruption. According to ANAC, each SOE is asked to identify the “Responsible for preventing corruption” in its company and the person is appointed by the board of directors, with main area of responsibility consisting of drafting the action plan to tackle both illegal and hidden behaviour that could be put into practice by managers and employees. Finally, this plan must be adopted by the board of directors.

  • In Brazil, the 2016 normative instruction issued by the Ministry of Transparency (CGU) and the Ministry of Planning sought to strengthen internal controls and risk management of predominantly public entities. Further, Secretariat of Coordination and Governance (SEST) has informal discussions about corporate governance issues with relevant authorities in Brazil as needed.

Legal and regulatory frameworks for anti-corruption and integrity

An SOE is any corporate entity recognised by national law as an enterprise and in which the state has majority ownership, or otherwise is able to exercise control (OECD, 2015). This includes joint-stock companies, limited liability companies, partnerships limited by shares, as well as statutory corporations if their purpose and activities are largely of an economic nature. The legal functions of SOEs – ranging from primarily governmental to primarily commercial – impacts the level of corporatisation1 of an SOE and thus the legal and regulatory framework which underpins the execution of said functions. Useful information about the form of SOEs is found in The Size and Sectoral Distribution of State-Owned Enterprises (OECD, 2017b).

Another OECD study of 33 OECD member and partner countries showed the majority of SOEs as having the same legal form as private companies, generally subjecting them to commercial laws (Figure 3.1). However, countries may additionally, or instead, establish SOE-specific laws for certain or for all SOEs or apply various public laws with thematic relevance to its SOEs (e.g. public procurement, public employment or public financial management). SOEs may also be subject to requirements found in state ownership policies, guidelines or codes.

Figure 3.1 shows that 24% of surveyed2 countries have SOEs with predominantly distinct legal forms, such as statutory corporations, or SOE-specific legislation. Distinct legal personalities should be reserved for corporations largely operating with a public policy function: such forms are not desirable for public enterprises that have purely commercial objectives and that operate in competitive and open markets (OECD, 2005; 2015). SOEs that are given public policy objectives may benefit from the protection of a distinct public service role in order to deliver on those policy objectives in an efficient and effective manner. This protection could include protection from insolvency, and protection with regard to regulated remuneration and pensions.

SOEs excluded from the application of certain legislation, or are given a distinct legal personality, should not preclude clear and transparent demarcation of an SOEs’ activities and ability to expand the scope of operations overseas or to new sectors. Further, it should be accompanied by high standards for accountability and disclosure such that SOEs with policy objectives do not negate responsibilities to shareholders and to the public (OECD, 2015a). As shown above, SOEs established by statutory legislation can be subject to company law or SOE-specific rules.

Figure 3.1. Legal forms of state-owned enterprises and applicability of commercial law

Note: Based on responses to the July 2016 Risk Management Questionnaire of the Working Party on State Ownership and Privatisation Practices, as well as the reponses from the 29 countries represented in the OECD 2017 Survey of anti-corruption and integrity in SOEs. It also includes Austria, Belgium, Germany, Ireland, Israel, Japan, Kazakhstan, Lithuania, New Zealand, Portugal, Slovenia, Spain and the United Kingdom. It does not include Canada or Colombia.

Source: OECD (2016a), Risk Management by State-Owned Enterprises and their Ownership, OECD Publishing, Paris. https://doi.org/10.1787/9789264262249-en.

Table 3.1 provides an overview of select legal provisions for anti-corruption and integrity in the legal and regulatory frameworks of the 28 countries participating in this ownership questionnaire. The provisions are based on self-reporting without an independent or comprehensive analysis of country laws, and they do not include criminal laws.

All countries, except the Philippines, apply a commercial law. All countries have established additional provisions applying to SOEs, whether SOE-specific policies, codes or guidelines or thematically-relevant public laws. Provisions related to anti-corruption and integrity are stratified across these documents.

Mechanisms for their implementation and enforcement differ widely, with some being merely advisory, others being implemented (by stock markets or securities regulators) on a comply-or-explain basis, and yet others being mandatory. For instance, regulations on whistleblowing or lobbying are recommended by the ownership entity for SOEs but are not binding.

Clarifying state expectations around anti-corruption and integrity

When SOE respondents were asked how clearly, in their assessment, “relevant national laws, regulations, bylaws or governance codes establish expectations and requirements for their company’s actions and responsibilities in the areas of integrity and anti-corruption (including for internal control, risk management, compliance etc.)”, 89% said clearly or very clearly. Yet over half of SOE respondents reported that integrity in their SOE is somewhat hampered by “a lack of awareness among employees of the need for, or priority placed on, integrity” (53%). A further almost a half (47%) of SOE respondents also reported “a lack of awareness of legal requirements” as being an obstacle to integrity in the company. Indeed, SOE respondents within the same companies differed in their response as to whether their own integrity-related programmes were established voluntarily or because they were required by the legal framework.

All countries have a certain degree of stratification of related laws, regulations, policies and guidelines that comprise the legal framework. Some state-ownership entities see their expectations as adequately communicated through reading of such laws. Other countries have aimed to provide a degree of centralisation by extracting and highlighting relevant guidelines in one spot, or by taking a stance on the approach SOEs should take.

The ownership entities’ expectations and related policies should be consistent with existing requirements, making requirements easily understood by management and boards. Good examples of state-ownership entities centralising and making explicit their expectations with regards to integrity and anti-corruption in SOEs are as follows:

• New Zealand clearly articulates that “Shareholding Ministries expect Crown Company boards to adhere to the ‘no surprise policy’ and be informed well in advance of everything considered potentially contentious in the public arena, whether the issue is inside or outside the relevant legislation and/or ownership policy.” Examples of information that fall within the “no surprise” policy include changes in CEOs, potential or actual conflicts of interest, potential or actual litigation by or against the company or its directors or employees, fraudulent acts, breaches of corporate social responsibility obligations, the release of significant information under the official information act and imminent media coverage of activities that could raise criticism and beg for a response from shareholding ministries (CCMAU, 2007; OECD, 2010).

• Sweden’s Ownership Policy: State-owned enterprises should act as role models within the area of sustainable business and should otherwise behave in a manner that promotes public confidence. Exemplary conduct includes working strategically and transparently with a focus on cooperation. These efforts are guided by international guidelines that include provisions on anti-corruption, such as the ten principles of the UN Global Compact and the OECD guidelines for Multinational Enterprises. The ownership policy lays down that it is particularly important that SOEs among other things work towards high standards of business ethics and active prevention of corruption. The ownership policy clarifies that one way of acting as a role model within the areas of anti-corruption and business ethics is to comply with the Code regarding gifts, rewards and other benefits in business established by the Swedish Anti-Corruption Institute.

• Norway’s White Paper: Companies are expected to establish guidelines, systems and measures in place to prevent corruption and to address possible or borderline violations that might be detected in this area; and Companies are expected to perform diligent assessments of corruption-related issues in relation to their undertakings. If such assessments point to reasonable doubt as to whether behaviours may be construed as corrupt, the companies are expected to refrain from such behaviours. Norwegian companies that partook in the SOE survey confirm a clear understanding of a zero-tolerance approach to corruption.

• National anti-corruption reforms in Mexico (LGRA) established mechanisms to prevent administrative faults and corruption in the public sector, as well as in SOEs, requiring: an internal control body and supervisory/monitoring body, audit committees, internal audit, external auditor, responsibility units, code of ethics, and a National system of public servants and individuals sanctioned of the National Digital Platform.

• Other countries are engaged in relevant ongoing reforms. For instance, France’s APE is working on the development of a shareholder state policy on corporate social and environmental responsibility. This should include a section on integrity and the fight against corruption. Law 2016-1691 requires SOEs to have seven anti-corruption and integrity-related items including a code of conduct, a warning system and risk mapping process. Iceland is reviewing ownership policy to include provisions on conflict of interest.

Where ownership entities have explicitly included integrity-related mechanisms in their ownership policies or guidelines, there is scope to highlight the linkages between such mechanisms (internal control, risk and audit) with integrity, and their importance for mitigating, as is done in the examples above. Examples where related mechanisms are treated in centralised documents are as follows (OECD, 2016a):

• regarding the related topic of risk management in SOEs, “Iceland,3 the Philippines,4 and Poland,5 have guidance and/or risk management expectations included in the state ownership policy (Iceland) and/or state ownership guidelines or principles (Philippines and Poland)”

• in Switzerland, SOEs’ state-decreed strategic objectives include as a standard objective an adequate risk management system in accordance with international risk-management standards, such as ISO 31000 or similar.

In recent years, countries have sought to harmonise laws and regulations, or centralising requirements in one place in attempts to keep pace with the internationalisation of SOEs and demands on their performance (OECD, 2015a; World Bank, 2014). Modernising SOE-related legislation has and continues to provide opportunities for governments to simplify, bring coherence and improve legal requirements of SOEs with respect to integrity, ethics and corporate social responsibility. Recent reforms in Mexico, Colombia and Brazil both in areas of SOE ownership as well as in anti-corruption regulations tackle the issue of corruption more concretely. At the international level, the OECD’s 2015 revision of the SOE Guidelines integrated the issue explicitly.

If governments do not communicate and highlight the importance of such laws and regulations, either in writing or in person, there is a risk that the understanding of their importance, and more critically of the requirements and guidance, suffers. This is particularly the case where certain provisions are voluntary.

Thus, governments may wish to consider whether, if at all, the legal and regulatory framework for SOEs can be improved – harmonised or clarified – to promote anti-corruption and integrity in light of the aforementioned challenges to integrity and corruption risks present across OECD member countries and non-member economies. In particular, the state may wish to consider:

• Whether existing requirements promote a level playing field: The legal and regulatory framework for SOEs, regardless of the form it takes, should ensure a level playing field and fair competition in the marketplace – that is, without discriminating between SOEs and market competitors. SOEs undertaking economic activities should not be exempt from the application of general laws, tax codes and regulations (OECD, 2015a: III). In considering the promotion of anti-corruption and integrity, governments should also consider how requirements in anti-corruption and integrity advantage or disadvantage SOEs, seeking to remedy any legal provision that proves it so.

• Whether there is scope to develop an ownership policy or corporate governance code that gives due consideration to anti-corruption and integrity, or to update existing cedes and policies to better emphasise its importance where it does exist.

Communicating clear state expectations on anti-corruption and integrity

The communication of state expectations with respect to, or in addition to, anti-corruption and integrity laws, regulations, and policies impacts the understanding that is fostered and their implementation. Eighty-three percent of SOE respondents said that the state ownership unit/department/agency clearly communicated its expectations for integrity and anti-corruption for their company in the last 12 months, while 17% said it had not.

Those that did not see state expectations as being clearly communicated were more likely to have seen corruption risks in their companies materialise in the last three years (45%, compared to the average of 42%). Recalling that the severity of such corruption risks under assessment varies, all risks included in the assessment represent a vulnerability to the company and its internal controls, risk management and audit processes.

Table 3.2 provides an overview of the participating state ownership entities’ approaches to communicating expectations and anti-corruption and integrity provisions. Generally, this is done in reliance on familiarity with existing laws, through supporting documentation (e.g. guidance or memorandums) or through in-person interactions (e.g. annual general meetings, investor, quarterly or ad-hoc meetings, seminars).

Five countries rely alone on the existence of relevant laws to communicate the state’s expectations, as shown (Table 3.2). The state ownership entity may place responsibility on the board to ensure their implementation and to communicate appropriately within the SOE about integrity. Many ownership entities do not see further activity as within their role. While the laws may be clear, ownership entities should give due consideration to the understanding of those laws at the board level and within the SOEs, and as to whether or not a more active role for the owner is appropriate and necessary to streamline and harmonise integrity efforts across the country.

Ownership entities should keep in mind that board members are involved in 19% of corruption risks materialising in surveyed companies in the last three years, and that board members have different risk perceptions than others, namely those in integrity-related functions like audit and legal.

Ownership entities may choose to engage further on the topic, considering additional opportunities to communicate expectations if reliance on the board is proving insufficient, drawing inspiration from the following examples:

• Inclusion of anti-corruption and integrity in ownership expectations:

  • New Zealand captures requirements in the Owner’s Expectations Manual.

• Inclusion in SOE or board performance objectives:

  • In Colombia, specific objectives are to be set for strategic and majority owned companies by the Ministry of Finance throughout 2018 according to the new strategy for managing the SOE’s portfolio that will be released by the end 2017: financial goals; public policy impact; disclosure of information regarding international standards; anticorruption prevention plan.

• Specific ownership initiatives on the subject:

  • A Russian SOE reported that the state ownership entity proposes that companies join the anticorruption charter of Russian business and that it sets requirements to create a road map on implementation of anticorruption policies and procedures.

• Awareness raising through exposure to government-wide anti-corruption initiatives, such as the development of government-wide AC programmes, audits by the state audit institution, reforms and revision to existing laws or codes:

  • co-ordination in Italy: the Ministry of Economy and Finance and the Italian National Anti-Corruption Authority set up a dedicated working group to define shared guidelines for SOEs partly or totally owned, both at the central and local level.

• Reviewing statements of intent of SOEs with board members, as happens in New Zealand.

• Providing guidance, including sharing good practices and lessons learned:

  • Integrity Consulting in Korea.

  • Sharing good practices as is done in Czech Republic, Denmark, Finland and Latvia.

  • In the United Kingdom the ownership entity established a working group to share best practice both within the departmental group and further afield via guest speakers and presentations by experts in the field of countering fraud, bribery and corruption. Such seminars and external knowledge sharing is also happening in Argentina, having passed their “3rd integrity roundtable” at the time or writing.

  • Brazil’s Ministry of Transparency, Supervision and Control has created a Guide for the implementation of the Integrity Program in SOE´s.

• Written in letters, circulars, memorandums, and guidelines in support of relevant laws, policies and codes:

  • Colombia’s Guide for Directors was designed in order to promote good practices, explain roles and responsibilities, and provide guidance related to the topics that should be covered in a board of directors’ session. This guide was delivered to each member of the Board of Directors at the Ministry of Finance. In October 2017, a massive training programme was held for members of the Board of Directors of the Ministry of Finance where topics such as disclosure, transparency and anticorruption were part of the agenda.

• Requiring written confirmation of implementation:

  • In 2017, Colombia required corporate ethics programmes to be put in place. In April 2017 the Superintendence of companies issued a communication to 531 companies, requesting the legal representative to issue a certification stating that such programme was being established.

• Training programmes on ethics, anti-corruption and other:

  • Canada: Via the Canadian school of public service, central agencies have developed training for directors and CEOs which includes responsibilities in ethics and integrity; encourages take-up of non-binding standards (not auto applicable to Crown Corporations); advises Crown Corporations that their corporate plans reassure ministers of implementation of ethical practices (e.g. description of risk includes reference to corrupt or unethical behaviour).

  • Chile: the SEP “organises seminars and training programmes for board members and executives of SOEs on a regular basis covering some of the topics tackled in the SEP Guidelines or related corporate governance issues. The efforts are coordinated with the assistance of professional training bodies, such as universities or other public institutions related to the SOEs corporate governance, for example, the General Audit Bureau (Contraloría General de la República), or the financial analysis unit (UAF). Examples of these are the diploma in Corporate Governance for Board members, the workshop on compliance and training for internal audit units undertaken during 2017. The seminars and training programmes that SEP coordinates and provides for board members and executives of its companies frequently includes the participation, as speakers, of members of other public institutions related to the subjects such as internal audit, compliance, risk management, fraud prevention, control and pursuit of corruption, among others.”

  • Greece: the ownership entity engages with a more limited scope by providing support and training to all independent internal auditors appointed in non-listed SOEs, about the legal framework and areas of control (i.e. legal compliance, specific areas of control etc.). As mentioned above in Chapter 2, SOEs also have their own training at the SOE level for all staff.

  • Korea: online and off-line education is compulsory in SOEs.

  • Brazil: SEST hosts seminars for all public sector employees including those in state companies. One such seminar was entitled "Good Governance and Strategic Realignment Practices".

Considering the status of state-owned enterprises and their employees vis-à-vis legislation

The majority of companies participating in this study are, given applicable national laws, liable for criminal acts committed by their employees. Almost one-third operate under a strict liability regime, making the company liable as an entity for wrongdoing by all officers, directors/board members, employees or agents acting within their employment and for the benefit of the company. Thirty-eight percent of companies are liable for failure to prevent wrongdoing, but are entitled to a defence of the company to demonstrate that it had adequate compliance or related procedures in place to prevent misconduct. More information about the liability of legal persons is found in the OECD’s “Liability of Legal Persons for Foreign Bribery: a stock-taking report” (2016d).

When compared to companies with primarily commercial functions, companies in the sample that have a mix of public policy and commercial objectives:

• Are more commonly operating under strict liability regimes, and are less likely to operate under an adjusted liability regime.

• They are more likely than SOEs with entirely commercial objectives to operate under a regime where they are not liable for corruption or other irregular practices;

• Are more likely to have, or have a higher percentage of, representatives considered to be public officials.

The status of an SOE representative as a public official can be a factor when determining which type of legal provisions could apply to a corrupt transaction – and thus for which crime a company may be liable. For instance, bribery of an SOE official in an entirely commercial SOE may be considered “private bribery” (OECD, 2016d). The status of an SOE official may also be a determinant in the applicable liability regime, for instance where the board is a mix of public officials and independents (OECD, 2016d). As a general rule, the status of “public official” within SOEs would be used for:

• Those directly appointed by the state, as a representative of the state, to carry out a public policy objective. This usually refers to the appointment of non-independent board members. Good practice follows that the managerial level should not be appointed to act on behalf of the state. CEOs, for instance, should not be directly appointed by the state.

• Those carrying out a public policy function or objectives daily, whether or not they have been appointed by the state. This is more likely to be seen in SOEs that have a mix of commercial and public policy objectives.

Some SOEs may have “public officials” both at the board and management level. The status may be applied to all (for instance, if an SOE is weakly incorporated), or to individuals based on position. Indeed, multiple respondents within the same company reported having a different status regardless of whether they were a member of the board or executive management.

The presence of public officials - or their differing legal requirements – should not challenge integrity or accountability, yet SOE respondents self-identifying as public officials saw more corruption and other irregular practices in their company in the last three years. They also reported a higher risk of interference in decision-making in their company (43% versus 27%).

The following practices, based on the SOE Guidelines, would help to ensure that the presence of public officials in SOEs is appropriately aligned with the need for execution of policy objectives, and that the associated legal framework does not challenge or confuse accountability or enforcement (2015a):

• Any state representatives nominated to serve on SOE boards should have the equivalent legal responsibilities as other board members.

• Respective personal and state liability should be clarified when state officials are on SOE boards. State officials should have no exemptions from individual responsibility. State officials concerned may have to disclose any personal ownership they have in the SOE and follow the relevant insider trading regulation.

• Guidelines or codes of ethics for members of the ownership entity and other state officials serving as SOE board members could be developed by the ownership entity. They should indicate how information passed on to the state from these board members should be handled.

• Direction in terms of broader policy objectives should be channelled through the ownership entity and expressed as enterprise objectives rather than imposed directly through board participation.

• Persons directly linked with national executive powers should not sit on SOE boards. Other State representatives should be nominated based on qualifications, subject to specific vetting mechanisms;

• Independent board members should be independent from management, government and business relationships. Specific safeguards should be established to verify that nominees comply with requirements.

• SOE boards should be protected from political interference that could prevent them from focusing on achieving the objectives agreed on with the government and the ownership entity. Independence of boards is discussed further in section 3.4.

Contributing to informed, objective and autonomous boards

The board plays a pivotal and central role in SOE governance, acting as an intermediary between the ownership entity and its executive management. A threat to the integrity and professionalism of the board not only threatens the effectiveness of integrity mechanisms in the company, but is a threat to the integrity of the company itself and the boards’ decisions meant to be made in the interest of the company.

Aside from the annual shareholders meeting, boards are the top decision-making body of the SOE, yet SOE respondents report a risk of undue influence in decision-making that may include, but not be limited to, undue influence by government officials. They similarly saw a risk of influence in appointments to the board or to the CEO, non-declaration of conflict of interest, and of favouritism, nepotism and cronyism.

The board has a fundamental and ongoing responsibility for the integrity and accountability of the SOE. So too does the state-ownership entity, notably through its role in “establishing well-structured, merit-based and transparent board nomination processes in fully -- or majority-owned SOEs -- actively participating in the nomination of all SOEs’ boards and contributing to board diversity” (OECD, 2015a: II.F.2).

The state also has a role in supporting SOE board composition that allows for the exercise of objective and independent judgement. All board members, including any public officials, should be nominated based on qualifications and have equivalent legal responsibilities. For example, in Norway, “ensuring sound composition of boards of companies in which the state is a shareholder is of crucial importance and is one of the Norwegian state's prime responsibilities.” Their involvement in so doing involves nominations based on conflict of interest checks, emphasis on competence, capacity and diversity and consideration for corruption risks unique to each company.

This also means establishing a board that is insulated from undue influence. In cases where risk of interference in decision-making is higher, SOE respondents were more likely to have seen corruption risks recently transpire in their company. In cases where interference in appointments is higher, respondents were not more or less likely to have seen corruption. This suggests a need not only to focus efforts only on transparent appointment procedures but on continued application of the merit-based criteria on which they are hired – including high ethical standards – to mitigate undue influence in decision-making of SOEs. Further, the state must also ensure that its interactions with the board, and appointed public officials or representatives on the board, enhance and do not hamper integrity in SOEs. Ensuring integrity in the public sector more broadly is covered further below. Suggested good practices for state ownership entities’ contributions to more informed, objective and independent boards are provided below.

Encouraging robust internal controls, risk management, internal and external audit, and ethics and compliance programmes or measures

Effective internal controls are instrumental in the achievement of an SOE’s broad mandates and objectives (OECD, 2015a: II.F.3). Boards of SOEs should be responsible for overseeing the development and implementation of internal control activities, including those that contribute to preventing fraud and corruption. These activities should conform to national and international standards and commitments and apply to the SOE and its subsidiaries (OECD, 2015, VC). SOEs should be subject to the same accounting, disclosure, compliance and auditing standards as listed companies.

Thirty-nine percent of SOE survey respondents reported that ineffective internal control or risk management poses an obstacle to integrity in their company. Companies with commercial objectives and companies with public policy objectives equally ranked this as a challenge.

In seeking to adhere to the SOE Guidelines, state ownership entities should continue to promote the strengthening of internal control activities, risk management and audit functions. To the extent that the requirements for internal control are not up to date with the risks and controls explained above in Chapter 2, the ownership entity should review and revisit internal control requirements.

State ownership entities should have adequate measures in place to ensure that SOE boards will oversee the creation and maintenance of an effective internal control system.

Suggested practice for the state: Promoting appropriate internal controls and staying informed about their effectiveness

Practices vary across OECD countries depending on the SOEs’ degree of corporatisation and their legal or functional independence from the government. Internal control practices can be divided into three broad categories depending on the degree of an SOEs’ functional independence, shown in Figure 3.2 (OECD, 2016).

Regardless of the functional independence of the SOE from the ownership entity, internal control principles can be streamlined across SOEs to ensure consistency in approach within one country. The same can be said for risk management principles. A 2016 OECD study found that risk management systems are only required in about half of 32 surveyed countries in 2016. Less than half were required to establish specialised board committees to oversee risk management (OECD, 2016a).

As part of its monitoring, the state ownership entity could stay abreast of external commentary on the adequacy of internal controls across the portfolio, allowing it to identify gaps or weaknesses in particular SOEs. It is one way in which it can stay more informed.

One third of SOE respondents see ineffective internal control and risk management as a problem for their companies’ integrity. As described in Chapter 2, risk management approaches vary by company.

Figure 3.2. Spectrum of internal control models depending on state-owned enterprises’ functional independence

Source: OECD (2016d), Combatting corruption and promoting business integrity in state-owned enterprises: Issues and trends in national practices, Global Knowledge Sharing Network on Corporate Governance of State-Owned Enterprises, 7-8 June, 2016, www.oecd.org/daf/ca/2016-SOEs-issues-paper-anti%20corruption-and-business-integrity.pdf.

Boards are not always duly informed of risks and, in addition, have different risk perceptions than those responsible for designing and implementing appropriate controls. State ownership entities should encourage more robust risk management processes that incorporate corruption risks, and focus on particular risk areas as needed – ensuring requirements are coherent and clear (e.g. procurement). The state could encourage more frequent and regular reporting of risks to the board, or encourage the board to be more active in staying informed.

• Companies in Korea, Poland, Latvia, and Mexico reported that their state ownership entities directly support them in identifying corruption risks;

• Russian companies reported that the state recommends they run a specific anti-corruption risk assessment.

Developing a disclosure policy and encouraging reporting and transparency

In order to ensure adequate accountability by SOEs to shareholders, reporting bodies and the broader public, the state as an owner should develop “a disclosure policy for SOEs that identifies what information should be publicly disclosed, the appropriate channels for disclosure, and mechanisms for ensuring quality of information” (SOE Guideline II.F.5). They should face disclosure requirements for listed companies, giving regard to the capacity and size of the SOE (OECD, 2015a).

For SOEs that combine economic activities and public policy objectives, high standards of transparency and disclosure regarding their cost and revenue structures must be maintained, allowing for an attribution to main activity areas. For SOEs that are partially owned by the state, such disclosure should also be provided to all other shareholders. Due regard should be made for the size and capacity of the enterprise in requiring certain information – with larger, listed enterprises usually required to disclose more than small and medium-sized SOEs. Development of a disclosure policy should:

• Be based on a review of gaps and involve structured consultations with SOE boards and management, as well as with regulators, members of the legislature and other relevant stakeholders.

• Be based, to the extent possible, on a cost-benefit analysis to determine which SOEs should be submitted to high quality internationally recognised standards. This analysis should consider that demanding disclosure requirements are both an incentive and a means for the board and management to perform their duties professionally.

• Requiring disclosure of remuneration of board members and key executives on an individual basis (such as termination and retirement provisions, specific benefits or in-kind remuneration to board members).

The policy should be communicated widely, which can be done through the development of guidance manuals and training seminars for SOEs; special initiatives such as performance awards that recognise individual SOEs for high quality disclosure practices; and mechanisms to measure, assess and report on implementation of disclosure requirements by SOEs. Good practice calls for the use of web-based communications to facilitate access by the general public. This is also a channel through which state ownership entities can stay and fulfil tasks of monitoring (discussed below) and reporting annually on SOEs.

SOEs should report material financial and non-financial information on the enterprise in line with high quality internationally recognised standards of corporate disclosure, and including areas of significant concern for the state as an owner and the general public. This includes in particular SOE activities that are carried out in the public interest. A Norwegian SOE gave accolades to the state ownership entity for opening up a transparent 'reporting culture’ between company and state when there might be issues at hand.

Examples of the types of information that an ownership entity may include in the disclosure policy, and thus require from SOEs, appear in Table 3.3. SOEs in the sample are consistent in reporting financial and operating results, statements of objectives and their fulfilment, and information on the governance and ownership of the enterprise.

Two in five publicly disclose “any financial assistance, including guarantees, received from the state and commitments made on behalf of the SOE, including contractual commitments and liabilities arising from public-private partnerships”. This is despite the fact that a high-level of disclosure should be required for SOEs, notably with respect to any subsidies or preferential treatment, and particularly for those pursuing public policy objectives. Yet SOEs with entirely commercial objectives report to disclose financial assistance slightly more often that SOEs with policy objectives, suggesting a greater need for transparency in the ownership and financial assistance to SOEs pursuing policy objectives. Only one third report on material risk factors.

Suggested practice for the state: Integrating SOEs’ integrity and anti-corruption efforts into regular performance monitoring.

Not all state ownership entities consider anti-corruption and integrity as part of performance. Being well informed about SOE performance should be synonymous with understanding its performance and the effectiveness, efficiency and economy of internal controls, such as audit, and risk management, instrumental in facilitating the achievement of objectives set by the state. These can also be critical for mitigating corruption that can detract from goal achievement. Ownership entities can integrate anti-corruption and integrity into the main steps of effective, ongoing monitoring (OECD, 2010):

• regular information on performance by SOE boards

• systematic information processes put in place

• develop specific “continuous information”’ and/or “no surprise” policy

• complementary information channels

• use of external information available

• performance check-up by the ownership entity

• regular (quarterly) meetings between boards and ownership entities

• feedback by the ownership entity on current performance

• revision of targets

• ad hoc meetings

• in case of serious underperformance, take action.

In the UK, a quarterly “Traffic Light” review is done for each SOE. This review evaluates the quality of the shareholder relationship, the implementation of the shareholder model, the quality of the board and management team, the strategy and financial performance. For each of these categories, a series of questions are to be answered by “yes” or “no” by the portfolio manager with a possibility to comment also. All, or nearly all, “yes” answers give an overall green light, some specific “no” answers may trigger a red light, otherwise the light is amber. (This type of “traffic light” review is sometimes criticised for lacking nuance.) For each category, in addition to the general appreciation, the portfolio manager must indicate the action taken to improve the situation. An aggregate monitoring table is then built up, indicating for each SOE the colour of the light for each of the categories mentioned above. This is a type of control board for the executive shareholders work (OECD, 2010).

A specific and interesting process is being developed in Greece in the framework of the current broad reforms of SOE governance. A specific management information system has been put in place to collect the relevant data directly from the SOEs’ own information systems to monitor their performance. This will constitute a unique system to monitor closely and frequently an SOEs’ performance. Monthly data will be automatically compared to budget data. The whole system of business plans, budget and performance monitoring will be based on the same data, allowing a closer monitoring and thus greater transparency and accountability (OECD, 2010).

The Slovenian Sovereign Holding, one of three state owners, can request SOEs to submit special reports on integrity or anti-corruption and may discuss them in regular meetings with the management of SOEs. SOEs with over 500 employees during the fiscal year are required to report in annual business reports on environmental, social and human resources matters, as well as respect for human rights and the fight against corruption and bribery.

The state could enlist systematic benchmarking of SOE performance, with private or public sector entities, both domestically and abroad. For SOEs with no comparable entity against which to benchmark overall performance, comparisons can be made concerning certain elements of their operations and performance. Benchmarking should cover productivity and the efficient use of labour, assets and capital. This benchmarking is particularly important for SOEs operating in sectors where they do not face competition. It allows the SOEs, the ownership entity and the general public to better assess SOE performance and reflect on their development (OECD, 2015a).

As mentioned above, state ownership entities share good practices, as well as lessons learned. The ownership entity of Norway now undertakes "best practice" studies, encouraging companies to share experiences and best practices. Other countries may use an integrity “track record” or white list to provide positive recognition for efforts. In fewer cases, states share “bad practices” of other SOEs or public entities. Consideration can be given as to whether or not to make such information public. In New Zealand, the state ownership entity publicly exposes any practices which fall short of these standards.

Some states have sanctioned studies by independent third parties to bolster their understanding of SOEs or of key issues they face (as is done in Sweden and Norway). Others systematically mandate and review board evaluations and external audit reports. In Finland, annual board evaluations are required with the methodology at the discretion of the SOE, ranging from hiring a third party/consultant or the board conducting surveys of the SOE. In Sweden, a sustainability analysis tool is used, with sustainability reporting equipped with teams to review (Box 3.3).

Many ownership entities are in the habit of using external audits – whether state or non-state. Ownership entities may do this to stay informed. Latvia uses reports of the Supreme Audit Institution to consult on SOE matters including any identified deficiencies in governance at national and municipal levels. In the Czech Republic and Greece the ownership entities rely on internal and external audits for monitoring.

Ownership entities may do this to hold SOEs to account, where the owner reviews and follows-up with the SOE as needed. In the Philippines, the SAI sends the ownership entity its audits periodically to support its monitoring and the take-up of audit findings. Iceland too follows up on red flags raised in audit reports.

Suggested practice for the state: Develop transparent procedures for handling suspected and real cases of suspected corruption in accordance with the severity of the potential misconduct and the position of those involved.

Given the loss of trust in government, governments may be incentivised to make the requirement for SOEs to duly inform the ownership entity systematic. Breaches may happen in the daily operations of the companies whose autonomy ownership entities are trying to respect. While the state ownership entity cannot predict, they can require disclosure about corruption risks (as discussed above) and request to be informed when a breach happens. Where the state is not a majority shareholder, other shareholders should be duly informed.

Internal and external investigation immediately with results being shared with the ownership entity and as needed to other major shareholders who decide how to proceed.

• In Finland, investigations are initiated without delay both externally and internally. Also a special auditing is carried out by an external auditor. A professional legal aid can also be used. The findings and conclusions are reported immediately thereafter to the state ownership entity (and, as the case may be, to other major shareholders), who decides how to proceed in the matter. The minister responsible for steering the ownership is also informed. Person(s) who are under investigation are removed from his/hers/their position(s) in the company. If the investigations indicate any corruption or other irregular practices, the case will be moved to the police for investigation and, as the case may be, later to the public prosecutor (district attorney). The prosecutor decides, whether to take the case to the court or not. The company and the state ownership entity (and, as the case may be, the other major shareholder[s]) mutually decide when, if ever, and how to publish the case.

• Canada’s ownership is a hybrid model of decentralised and co-ordinated ownership, with responsible ministers in charge of specific Crown Corporations (at the Federal level), and other central agencies co-ordinating across Crown Corporations. Any infraction involving top management would be generally dealt with at the SOE level, while issues at the board level would be dealt with by the government through the channel with appropriate jurisdiction over the subject matter of the reported behaviour (e.g., financial mismanagement would engage the Auditor General or potentially external auditors; conflicts of interest/ethics would engage the responsible Commissioner; or actions may come out through whistleblower action through the Integrity Commissioner). Where there is sufficient ground to investigate the matter as criminal behaviour, the appropriate law enforcement body would be engaged. The minister responsible would be answerable to Parliament with respect to actions taken.

Consistent plans will importantly help to reduce the concern that SOEs are protected or exempt from enforcement – demonstrating that there are specific steps and actors assigned, that can be tracked.