Rethinking corruption risk management for global health programmes

Rethinking corruption risk management for global health programmes

Rethinking corruption risk management for global health programmes: from compliance-based approaches to informed programme design

Sebastian Bauhoff, Roxanne Oroxom, Sarah Steingrüber, and Aneta Wierzynska

Donor approaches to anti-corruption should pay more attention to context and risk

Corruption is often systematic in low- and middle-income countries and can undermine the development objectives of donors. While donors and their implementing partners cannot be expected to eradicate corruption, it is reasonable to expect them to mitigate against corruption in their own programmes. Many common mitigation efforts have significant limitations, including:

  • They mostly add compliance-based measures on top of programmes rather than reducing corruption risk through better programme design;
  • They focus on preventing corruption that is highly visible rather than corruption that is chronic and could pose substantial harm to beneficiaries.

Many of the typical practices employed by donors to prevent corruption – anti-corruption policies (ACPs), codes of conduct, and training initiatives – are implemented separately from the design of development programmes. As such, typical practices do not respond to the context-specific incentives different actors have to engage in corruption, nor the institutional features that enable bad actors to conceal corrupt schemes over time. ACPs, for instance, usually aim to establish a ‘tone from the top’ and set out definitions and obligations that an organisation should adhere to. Similarly, codes of conduct generally just require staff and third parties to act with integrity. Neither practice tends to come with detection mechanisms.

Compliance-based approaches rely on individuals to ‘walk the talk’ and thus serve more as ‘reputational armour’ instead of mitigating what really matters: corruption that is large-scale and has a high potential to harm programme beneficiaries. Risk assessments are one way to identify context-specific threats from corruption. Risk assessments may ask questions like ‘Do medical students often bribe doctors/professors to get qualified?’ or ‘Do patients have limited rights to choose their healthcare provider?’ If, for example, medical students in the area do often bribe officials, programmes could be specifically designed to protect patients from credentialed, but low-quality providers. Embedding corruption risk management directly into programme design or paying for verified outcomes may yield better results than merely asking for compliance with ACPs and codes of conduct. Efforts to design programmes that are more resilient to corruption risk are also likely to be more efficient than adding reporting and other requirements that are not core to operations.

Unfortunately, when donors do use risk assessments, they often lack structure and can have major inconsistencies. A 2015 review of donors’ integrity systems found that ‘over half the agencies that require corruption risk assessments do not have detailed guidance on how they should be done or what should be included’. The review also found ‘the much more problematic level was determining how risk assessment should affect the actual design of projects, and controls within the projects’.

How to build in risk assessments that work

One option for donors serious about value-for-money is to adopt methodologies used in other fields, such as forensic economics and enterprise risk management, to structure their assessments. Both approaches suggest that anti-corruption measures need to be developed based on a fraud risk assessment, which consists of three parts: an evaluation of the potential locus and nature of the fraud and corruption scheme(s); prioritization of risks according to their expected harm to program objectives; and the adjustment of institutional incentives and controls to prevent, deter, detect, and respond to such schemes. Using methodologies from both fields circumvents two long-standing issues:

  • Anti-corruption experts generally believe efforts should focus on tackling all forms of corruption. This perspective has troubled highly successful health programs, such as USAID’s program in Afghanistan.
  • Anti-corruption experts and programme designers believe their work (investigative cases and M&E, respectively) does not overlap significantly. Consequently, they do not collaborate effectively about how to improve programme design to target corruption that is systemic and prevents beneficiaries from accessing services.

Forensic economics considers the objectives and incentives of different actors from a theory-based perspective. For example, what issues might arise when donors cannot directly observe all actions associated with their programmes? How might an actor weigh the trade-off between the gains from an undesirable behaviour and the probability of being caught and punished? Forensic economics can catalogue forms of potentially harmful behaviour by considering actors and issues that may not be of interest to auditors (who mostly focus on financial fraud) and regulators. Economists also have a toolkit that allows them to utilize natural experiments, field experiments, or models to identify potentially harmful ‘hidden behaviour’.

Enterprise risk management involves identifying potentially corrupt events that are relevant to the programme’s overall objectives, assessing the likelihood and magnitude of their impact, determining a response for the most likely and harmful events, and monitoring progress. Donors can employ enterprise risk management to adopt the following line of questioning when designing programs:

  • What potential fraud and corruption schemes pose the highest risk (i.e. severity and likelihood) to achieving their objectives?
  • Who is best positioned and most incentivized to abuse the systems on a holistic scale?
  • What opportunities exist to conceal schemes and try to perpetuate them over time?
  • How can the organisation’s processes be designed to best deter or detect the schemes with the highest likelihood/scale and potential for the largest harm (i.e., those in the top right-hand corner of Figure 1)?

Figure 1: Focusing on what matters for development outcomes

Source: Adapted from, Johnsøn, J. (2015). The basics of corruption risk management: A framework for decision making and integration into the project cycles. U4 Issue.

Combining methodologies from forensic economics and enterprise risk management can generate simple, yet powerful insights. As an example, some data verification frameworks recommend scheduling site visits in advance to ensure the availability of key staff. However, underperforming providers have an incentive to “game” the visit. They may do so by manipulating patient records or falsifying invoices, among other schemes. One response could be to use random and unannounced site visits more. Such a change does not require additional resources, but could improve deterrence substantially, as well as detect additional instances of corruption. Verification teams could also focus on capturing the true quantity and quality of services rendered by using the site visit to facilitate client tracer surveys or measure effective treatment.

There is a need to move beyond the traditional approaches to anti-corruption and the reputational life-belts that are deployed following a one-off, low-severity scandal – or in expectation of such an event. Designing programmes from the ground up based on approaches such as forensic economics and enterprise risk management would allow the global health and development community to make its programmes more resilient to corruption from the outset and, more broadly, to learn from experiences and current best-practices utilized in other sectors.

Sebastian Bauhoff a Health Economist and Senior Fellow at the Centre for Global Development.

Roxanne Oroxom a Policy Analyst on the Global Health Policy team at the Center for Global Development.

Sarah Steingrüber an expert in global health and the Programme Manager of Transparency International’s global Pharmaceuticals & Healthcare Programme

Aneta Wierzynska is the Senior Specialist for Anti-Corruption and Impact at the Global Fund.  The views expressed in this publication are the authors’ and do not necessarily represent those of the Global Fund.