Annex B. OECD 2017 Survey of Anti-Corruption and Integrity in State-Owned Enterprises

Respondent and company information:


*Current position:

Please select the response(s) or responses that best describe your current position, otherwise please select 'other' and state your title. (Note: your responses will remain anonymous to your position and to your company. They will be aggregated with responses of other SOEs in your country).


Chairperson of the Board

Other Board Member

CEO/President/Managing Director

Chief Financial Officer/Treasurer/Comptroller

Chief Audit Executive

Chief Compliance Officer

Chief Risk Officer

Chief Sustainability Officer

Other C-level Executive

Corporate Secretary

Legal Counsel/General Counsel

Other management (Heads of department, administrative manager, quality manager, not specified as C suite)

Other (internal auditor, budget, etc.)


*Are you considered by law as a public official?



I don’t know

Other (please specify)


*What is the name of your company:

(Note: this will not be used to identify specific practices by company. Your company name will remain anonymous outside the OECD. This information will help to ensure that double-counting does not happen between multiple anonymous responses within a single company).


*In which country is your company based?


*What sector does your company principally operate in?

Aerospace and Defence

Agriculture and Fishing


Banking and related financial services



Construction and Engineering


Energy (i.e. electricity generation and supply)

Forestry and Timber Products

Hospitality and Leisure

Information Technology (IT)



Oil and Gas

Pensions and Insurance

Pharmaceuticals and Medical Devices

Professional Services and Consulting

Real Estate


Science and Technology

Transportation and Logistics

Other [please specify]:  


*How would you classify the objectives of your company?

Entirely commercial

Commercial but subject to legislative or regulatory requirements that may significantly impact profitability

Mixed objectives (commercial with public policy)

Other, please specify


*Are the shares of your company traded in public stock markets?



I don’t know



Please specify whether your company is:

Incorporated according to general company law

Incorporated according to legislation guiding state-owned companies in your country

Following legislation specific to your company

I don’t know

Other (please specify)

Standards and frameworks for anti-corruption and integrity

The role of the State as owner

*What is the % of government ownership of your company?

< 10











*Can the state intervene in, or veto, company management decisions?

Yes, please specify through which mechanisms


I don’t know


*How does the state nominate your company’s board members (e.g. direct ministerial decision; external HR support, etc.)?


Has your company’s state ownership unit/department/agency clearly communicated its expectations for integrity and anti-corruption in your company in the last 12 months?

Yes, please specify through which mechanisms (e.g. written in laws or codes, transmitted through letters/notices, raised in meetings).


I don’t know


What, if anything, does your company’s state ownership unit/department/agency do that is useful in supporting integrity and anti-corruption mechanisms in your company (e.g. holding meetings on the subject, providing guidance, sharing good practices of other companies, supporting identification of corruption risks, etc.)?

Nominations and appointment processes

What is the composition of your company’s board or governing body (hereafter referred to only as 'the Board')?

State employees

Number of persons

(open text, number)

Other representatives of state

Employee representatives


Serving politicians


My company does not have a board or governing body


*Does your company have requirements regarding independence of board members (e.g. minimum number of members or minimum ratio of the board; limit on the number of years serving)?

Yes, please specify


I don’t know


*Please provide any character-based board qualification requirements, or incompatibilities, relating explicitly to integrity or ethics? If this question is left blank, it will be assumed there are no character-based board qualifications relating explicitly to integrity or ethics (open text)


Are the roles of board chair and CEO separate?



I don’t know



*Does the board have powers to appoint or remove the CEO?

Yes, please specify whether alone, jointly with the state or subject to state approval?


I don’t know


Your company’s frameworks and standards for integrity

How clearly do relevant national laws, regulations, bylaws or governance codes establish expectations and requirements for your company’s actions and responsibilities in areas of integrity and anti-corruption (including for internal control, risk management, compliance etc.)?

Very clearly


Somewhat clearly

Not at all clearly

I don’t know


Does your company have the following codes or programmes in place that support integrity and anti-corruption? If the question is left blank, it will be assumed that your company does not have any such codes or programmes.

A code of ethics

A code of conduct

A code of compliance

A specific anti-corruption or integrity programme or strategy

Other (please describe)


Please briefly provide further information about such codes or programmes, including whether they were required or established voluntarily, the standards on which they are based (e.g. IIA, COSO, OECD, IFAC, UNCAC, etc.), the goals of the codes/rules, and mechanisms for their implementation and monitoring.


Does your company have particular rules in the following areas?

Conflict of interest


Political party financing or engagement

Charitable contributions and sponsorships

Asset/income disclosure

Public procurement (as bidder)

Public procurement (as procurer of goods and services)

None of the above/not applicable


(Conditional question: IF public procurement as procurer selected) When your company acts as a public procurer (to procure goods and services), is it subject to ordinary government procurement rules?



I don’t know


Other (please specify)


(Conditional question: IF public procurement selected as bidder) When your company participates in public procurement bids (i.e. to act as the supplier of goods and services to other parts of the public sector), is it subject to competitive bidding on an equal footing with other firms?



I don’t know


Other (please specify)

Company arrangements and approaches to manage integrity and anti-corruption

Operational arrangements and approaches

Do you have any of the following, or similar, specialised board committees related to integrity and anti-corruption matters of your company?




Risk management



Other similar, please specify

No specialised committees


If your company has the following units or functions, please indicate which of those have significant responsibility for promoting and overseeing integrity or integrity policies (relating to risk, controls, compliance, ethics or anti-corruption mechanisms)? [If the significant responsibility is evenly shared between more than one unit/function, you may select more than one. This question does not refer to the responsibilities of the board in this respect.]

Independent integrity department within your company (e.g. Compliance Unit, Risk Unit, Sustainability Unit)

In-House Legal Department

Internal Audit Department

Internal Controls Department

Internal Human Resources Department

Separate Legal Entity or Special Purpose Vehicle

External Professional Service Provider or Consultant

Other [please specify]:  


To whom do those units/functions with significant responsibility for integrity report to? (please check all that apply)

Chairperson of the Board

CEO/President/Managing Director

Board Member

Non-Executive Director

Chief Financial Officer/Treasurer/Comptroller

Chief Audit Executive

Chief Compliance Officer

Chief Risk Officer

Chief Sustainability Officer

Other C-level Executive

Corporate Secretary

Legal Counsel/General Counsel



Please select the activities that are undertaken by these units/functions with significant responsibility for integrity in your company? (please check all that apply)

Developing and maintaining internal guidelines or codes

Overseeing implementation of those internal guidelines or codes

Reviewing/evaluating internal controls and risk-management mechanisms

In-person training

Developing online training

Testing and evaluation

Maintaining and responding to a reporting hotline

Random screening

Ad hoc integrity advice

Internal investigations

Internal audits

Due diligence on third parties

Risk assessments

Reviewing Whistleblower or compliant-mechanism reports


Communication with employees/board and senior management/investors/shareholders

Internal remedial/disciplinary action for violation of integrity policies

I don't know

Other [please specify]:


Does your company provide training specifically in integrity or anti-corruption? If such training is not provided to all employees, management and board members, please select “other” and specify who receives it.

Yes, all employees, management and board members receive anti-corruption and integrity training

No, no one receives anti-corruption and integrity training

I don’t know if anyone receives anti-corruption and integrity training


Strategic arrangements and approaches

If your company has developed explicit integrity and/or anti-corruption strategies, objectives or indicators, please provide a link or brief details about what those goals, strategies or indicators entail.

*Please estimate the percentage of operational budget that is currently allocated to preventing, detecting and addressing corruption and irregular practices in your company? (Please do not include calculations of cost estimates relating to compliance with enforcement actions or sanctions that have been paid. Please provide number in % form.)


*How would you characterise the allocation of operational budget to preventing, detecting and addressing integrity and anti-corruption?

As an asset/investment

As a cost/expense

I have no view



What were the main motivations behind the current/existing approaches to integrity and anti-corruption in your company? (please select only the factors that had a significant influence on current approaches) (please check all that apply)

Self-driven, voluntary adoption of integrity and anti-corruption measures

Compliance with requirements imposed or requested / regulatory requirements

Change in corporate management

Following a public/media campaign

Following a union movement

Following a corruption scandal

Risk of personal liability of CEO or senior management

Risk of reputational damage

Risk of legal or enforcement action, or divestment by investors

Risk of legal or enforcement action by shareholders

Risk of debarment or exclusion to processes

Risk of potential corrupt acts or irregular practices

Risk of loss of earnings


Internal control, risk management and compliance

Please select the following integrity-related findings/recommendations/assessments that are brought to the attention of your company’s leadership (board and senior management)? If the item does not exist in your company, please select “does not exist”.

Findings of risk assessments that point to integrity or corruption risks

Internal audit findings/recommendations

External audit findings/recommendations

Recommendations from integrity functions

Reports or claims of irregular practices or corruption made through reporting channels

Evaluations of the board

Evaluations of senior management (c-suite)

Evaluations of internal controls (that may be separate from internal audits)

Other inputs, please specify


*Under which category of risks does your company categorise integrity or anti-corruption risks, if at all?

Strategic risk factors

Operational risk factors

Financial risk factors

Compliance risk factors

Separately (please specify)

Such risks are not explicitly treated

Other, please specify:


How often does your company generally conduct risk assessments aimed specifically at identifying, analysing and prioritising corruption risks?



Every two to three years

Every 4-5 years

More than 5 years

I don’t know


*Which additional risk management mechanisms or tools/instruments does your company use, if any, for protecting your company’s integrity when operating with third parties, or in high-risk sectors (i.e. mining or extractive, construction) or activities (i.e. public procurement)? (e.g. ex ante risk assessment of proposals/third parties, collective action agreements, anti-corruption agreements or integrity pacts, certifying business coalitions, and collective engagement with governments or others (including civil society)).


Liability regime

What is the liability regime of your company for corruption or irregular practices?

Your company as an entity is not liable at all

Your company as an entity is liable only when senior management (in the "directing mind" and will of the company) committed the crime (sometimes known as the identification doctrine or theory)

Your company as an entity is liable for wrongdoing by all officers, directors/board members, employees or agents acting within their employment and for the benefit of the company (sometimes known as vicarious or strict liability)

Your company as an entity is liable for failure to prevent wrongdoing, but allows for a defence of the company to demonstrate that it had adequate compliance or related procedures in place to prevent misconduct (sometimes known as partial or adjusted strict liability)

Other [please specify]:  


Please list any company positions (e.g. board members, CFO, CEO) that are exempt from the application of your company’s liability regime?

Internal and external audit

*Please best describe your company’s internal audit unit/function:

Required, in line with government departments/agencies

Required, in line with listed companies

Required, in line with other privately incorporated companies

Voluntarily established

Not applicable/do not have internal audit



(Ask only if NOT said “yes” to IA as IF) To whom does the internal audit function/unit report? (please select all that apply)


Audit committee (if existing)

Senior management

Other [please specify]:


Which types of internal audits are undertaken in your company? Select all that apply.

Performance audits (efficiency, effectiveness and economy of operations)

Compliance audits (compliance with legal norms and standards)

Financial audits (audit of financial reports and reporting processes)

Other audits (please specify)



Does your company publicly disclose/report the following material financial and non-financial information on the enterprise? (if none of the above, please specify what other material financial or non-financial information is disclosed). (please select all that apply)


A clear statement to the public of enterprise objectives and their fulfilment

Enterprise financial and operating results

The governance, ownership and voting structure of the enterprise

The remuneration of board members and key executives;

Board member qualifications and selection process

Any board evaluations

Any material foreseeable risk factors and measures taken to manage such risks;

Any financial assistance, including guarantees, received from the state and commitments made on behalf of your company

Any material transactions with the state and other related entities;

Other, please specify


Through which sources/documentation does your company report on its integrity policies or anti-corruption efforts? (please select all that apply)

Annual Report

Compliance Report

CSR/Sustainability Report

Information published on organisation website

Internal documents only

Information is not reported

I don't know

Other [please specify]:  

Self-reporting and whistleblowing mechanisms

Which mechanisms are made available to internal and/or external persons to report suspected instances of corruption or irregular practices involving your company? (please select all that apply)

Online (internal site)

Online (external site)

Telephone (internal hotline)

Telephone (external hotline)

Formalised whistleblowing mechanism

In person, ombudsman

In person, other

Other [please specify]:  


*Please estimate how many reports/claims have been made through these channels in the last year, and how many pertain to corruption and irregular practices? (please respond in numeric characters)


How are internal and external reports/claims about corruption or irregular practices categorised/classified when coming through your company’s reporting mechanism?



Attributed to the individuals who made them when discussed within the organisation

I don't know

Other [please specify]:  


To whom are reports and claims channelled to / who receives them? (please select all that apply)

External service provider


Board committee


Chief Audit Executive

Chief Compliance Officer

Chief Financial Officer

Chief Sustainability Officer

General Counsel

External counsel (i.e. private legal practitioner)

Human Resources Department

Union Representative

Other [please specify]:  


Does your company have legal protection from discriminatory or disciplinary action for those who disclose wrongdoing in good faith, to competent authorities, on reasonable grounds?

Yes, required by law

Yes, voluntary


I don’t know


(If yes) Please describe how this written policy is effectively guaranteed (e.g. retaliation as grounds for discipline up to and including dismissal?)

Specific company integrity and anti-corruption risks

In your opinion, to what degree does each factor pose as an obstacle to effectively promoting integrity and preventing corruption in, or involving, your company? (please respond in view of your specific company’s existing/true risks and its operations, not hypothetical. If the below factors are not present or do not exist in your company, please select “not applicable/does not exist". If they exist, but do not pose an obstacle, please select "not at all an obstacle".)

Matrix question:

A lack of a culture of integrity in the political and public sector

Is it an obstacle?

Very much an obstacle

An obstacle

Somewhat of an obstacle

Not at all an obstacle

NA/Does not exist

A lack of a culture of integrity in your company

A lack of awareness among employees of the need for, or priority placed on, integrity

A lack of awareness of legal requirements

Conflicting corporate objectives

Inadequate financial or human resources to invest in integrity and prevent corruption

Inadequate remuneration/compensation

Ineffective channels for whistleblowing / reporting misconduct

Ineffective internal audit

Ineffective external audit

Ineffective internal control or risk management

Loyalty to company

Loyalty to customers or third parties

Perceived cost of corruption is low and/or return is high

Perceived likelihood of getting caught is low

Pressure to perform or meet targets

Pressure to rule-break

Overly complex or burdensome legal requirements

Opportunistic behaviour of individuals

Relations between your company, or the board, and political officials

Unclear or ineffective reporting lines between integrity units and Board and others

Unclear rules or guidance from the government ownership entity

Unsupportive leadership from the Board or management

Fear of “doing the right thing”

Other [please specify]: 


In your personal assessment, please rate the below integrity risks for their likelihood of materialising/occurring and the impact they would have on your company? The responses will be aggregated with other participating companies, not linked to any one company. (Likelihood is the possibility/probability that a risk event may occur in, or involving, your company. Impact is the affect that the risk event would have on achievement of your company’s desired results or objectives. For instance, high impact would have a severe impact on achieving desired results, such that one or more of its critical outcome objectives will not be achieved. Low impact would have little or no impact on achieving outcome objectives.)

Matrix question:

Anti-competitive, anti-trust activities or collusive activities









Abusive or intimidating behaviour towards employees

(Receiving) bribes 

(Offering) bribes

Favouritism (nepotism, cronyism and patronage)


Illegal information brokering

Falsification and/or misrepresentation of company documents, or false accounting

Influence peddling

Interference in appointments of board members or CEO

Interference in decision-making

(Receiving) kickbacks and/or inappropriate gifts

(Offering) kickbacks and/or inappropriate gifts

Lying to employees, customers, vendors or the public

Non-declaration of conflict of interest

Money laundering

Procurement/contract violations (delivering sub-par goods/services, violating contract terms with suppliers)

Making political party donations

Retaliation against someone who has reported misconduct

Stealing or theft of goods from your company

Trading in influence

Violations of data protection and privacy

Violations of Intellectual Property Rights

Violations of regulations (health and safety, environmental)

Other, please specify


*In your assessment, did any of the above risks materialise into activities/actions in the last three years in (or involving) your company?



I don’t know


(Conditional Question: IF “yes” selected to above question) Which actors(s) was(were) involved in the above activities/actions that materialised? Please check all that apply, recalling that the survey results will not be linked to your specific company.

Public official

Business partner

Civil society representative



Senior management (c-suite)

Mid-level management



(Conditional * Question: IF “yes” selected to above question) **When the above risks materialised into activities/actions, did you report them?



I don’t know

Other (please specify)


(Conditional Question: IF “no” selected to above question) why not?


(Conditional Question: IF “yes” selected to above question) Did you face retaliation for reporting that the above risks materialised into activities/actions?

Yes, please elaborate


I don’t know


What, if any, are the particular risks for your company in engaging in public procurement? If not applicable, please leave blank.


*Please estimate the share of annual corporate profits that is lost due to irregular practices and corruption (This figure may include cost estimates relating to compliance with enforcement actions or sanctions that have been paid) (please provide number as a % of total profits)


*Has your company’s leadership (board or senior management) taken the following actions in the last three years?

Matrix question:

Severed a relationship with at least one business partner (e.g. supplier, service provider) because of the risk of exposure to or engaging in corruption?



I don’t know

Other (please specify)

Ceased business operations in a particular jurisdiction because of the integrity or corruption risks involved?

Substantially revised at least one business project because of the corruption and integrity risk(s) involved?

Taken internal remedial/disciplinary action following violation of your organisation’s integrity or anti-corruption policies?