CodeExcellence's Code Quality Governance Blog

Fighting the Global War on Corruption: SAP and You

Posted by on June 4th, 2013 at 3:16am

Among the greatest challenges we confront as members of the global SAP community are blank stares whenever we attempt to explain what it is we do for a living. Wouldn’t you like to be able to move beyond the 5-minute monologues that leave all but the most polite eyeballs glazed over, and respond with a far more compelling description of yourself as a Global Anti-Corruption Warrior at the next barbecue? As it turns out, you’re probably doing your share already, and with a few tweaks sure to elevate your organizational stature, you can do even more.

Corruption is something everyone agrees should be tackled in a big way, right? But the enormity of the problem causes us to insulate ourselves from it. We compartmentalize corruption, along with the belief that it doesn’t impact our daily lives. Unfortunately, nothing could be further from the truth. The cost of corruption is currently estimated at over US$2.6 trillion annually, or a full 5% of the global GDP. The pernicious, illegitimate siphoning of funds from everyone’s hard work contributes to the rising prices we all end up having to pay for goods and services. Perhaps even more disturbing, it is often corruption which prevents food and clean water from reaching poor children in developing countries whose images haunt us, even when we’re pretending not to pay attention.

SAP has undertaken the eradication of corruption as one of its primary corporate citizenship goals. As part of a far-reaching partnership with Transparency International (TI), a global nonprofit organization dedicated to combating corruption, SAP is making a difference. Already, SAP’s efforts have affected a wide spectrum of organizational types and sizes. Much of the ammunition used in this ongoing battle is derived from work done by SAP community members. Contributions made by those charged with compliance with the US Foreign Corrupt Practices Act (FCPA), the UK Bribery Act, and the OECD Good Practices doctrine have been particularly important. SAP and TI have done much to take this knowledge and disseminate it. Together with a viable framework and action plan, this knowledge means anti-corruption methodologies can be introduced cost-effectively into small and medium-sized organizations worldwide.

So what can you do about corruption? Since you are on the front line, you are in position to stop corruption at its source. In fact, you’ve been helping every time you have shared good practices within the community. Taking it to the next level now calls for instituting continuous code quality governance on an enterprise-wide basis.

We’re all familiar with the term “garbage in, garbage out” (GIGO), but the proliferation of technologically astute criminals has caused us to become even more concerned about “garbage in, money out” (GIMO). Corruption no longer entails cases full of cash being exchanged for preferential treatment or access. The growing sophistication of today’s criminal has led to increasingly systematized forms of corruption. Corrupt practices are artfully constructed to co-reside with legitimate business processes. Mandating continuous code scanning and monitoring with an appropriate escalation procedure is the best way to ensure that nothing untoward is concealed behind a legitimate business process. This front line approach can serve as a powerful deterrent to attempts to co-opt supply chains for illicit purposes. It may not stop every wrongdoer, but it’s a great place to start.

So, at the next social function when the inevitable question about your job comes up, don’t feel as though you have to offer to refill drinks or head off in search of low-sodium snacks. Instead, explain your role as a corruption crime fighter. Really. As an SAP code warrior you are now entitled to claim superhero status. Please note: The cape and tights are completely optional.

Has your team ever identified suspect code delivered from a 3rd party vendor? Do you have established protocols for identification, isolation, and remediation?

Leave a Reply

Your email address will not be published. Required fields are marked *