Compliance risks are being routinely ignored by the oil & gas procurement industry. This is due to a reliance on “best practices” which can be loosely defined as:
- Review of the vendor or intermediary/ broker’s vetting procedure
- Go through the buyers’ internal due diligence procedure
- Agreeing to comply with the buyers operating procedure and ability to audit them (varying depending on risk category applied)
Once this is done, it is off to the races. The buyer can contract with the vendor or in the case of intermediaries that intermediary can start acting on behalf of the buyer in tendering out to other vendors further down the supply chain.
The manual tendering process is done through thousands, if not tens of thousands, of email exchanges together with file transfers, sometimes fax transfers, phone calls and messaging chatter. This is done between a multitude of different people communicating through their own channels. Yes, there is a requirement to “keep” all relevant documentation and communication stored safely for a number of years in case it needs to be pulled up for audit (often after an issue has come up, with a big lag). Not only is it extremely costly to pull all of this data and communication flow to audit, it is often not available at all. There is often a conflict of interest between the reason for obtaining the data and the controller of the data.
This has been the “best practice” in the last ~10 years, but it is only best practice due to the lack of available software to trace intermediary activity. Now that digital software that tracks intermediary tendering process is now available, continuing to rely on this opens up buyers to significant compliance risks they could avoid.
Plausible deniability with regards to how third parties tender on behalf of buyers will no longer a valid defence given the availability of software to mitigate these risks.Plausible deniability with regards to how third parties tender on behalf of buyers will no longer a valid defence given the availability of software to mitigate these risks. Click To Tweet
Still common practice: even amongst oil majors
Speaking to a senior manager at one of the larger oil & gas majors my jaw dropped when hearing the response to my suggestion that, similar to what happened in the finance industry, this digital and traceable evolution of how commercial transactions were tendered was required (and available) to stay on the right side of the law:
“All of our vendors, brokers, and intermediaries sign our on-boarding form saying that they will act according to our policies and not engage in bribery and corruption etc.”
In other words, if their vendors act improperly in dealing with suppliers during the tendering process in procuring services for them then that’s not their issue. Incredibly this rationale applied when external third-party intermediaries conducted tenders on behalf of the buyer. i.e. as an agent in the tendering process.
What exactly are the main compliance risks around a manual tendering process?
Separate to regulations governing who businesses contract with, there are regulations governing how businesses engage with other businesses in arriving to contracting. No favours/ corruption/ bribes can be deemed to have occurred leading to awarding a contract to a vendor via the tender process.
- UK Bribery Act 2010 (“UKBA”)
- The primarily relevant offence to be aware of is Section 7(1) of the UKBA (Failure of commercial organisations to prevent Bribery). Any tendering actions which could be constituted as a bribe, by buyer firms or their intermediaries, give rise to a liability for the buyer firm under this Section 7.
- In the US, the threshold for finding companies liable for the acts of their employees is much lower than in the UK. This, therefore, increases the risk of liability for bribery committed far lower down the supply chain. A company could also be found to have been “wilfully blind” of corrupt practices by ignoring red flags.
- Fines can be damaging, and reputational damage even more so
For tendering public contracts, there is also the EU Regulation Public Contracts Directive 2014/24/EU, which whilst not applicable to private contracts, sets a framework focussing on transparency that many private firms are seeking to follow. The 2014 Directive provides procedures to be followed during public procurement and requires tenders and those awarding contracts to explain their decisions and prices. Courts have interpreted these provisions as essential to ensuring transparent procurement and eliminating bribery and corruption. Digital tendering is one of the 2014 Directives outcomes to ensure legality in tendering:
How risks arise in complex commercial tendering
For very good reasons, buyers in the oil & gas supply chain try and digitally trace/ log all information exchanged back and forth around the tendering process when going out to suppliers in arriving to the awarding decision.
The objective is to have traceability and real-time auditability of the process, ensuring not only that best practices are actually followed by any person (or a third party) tendering on behalf of the buyer, but that it there is a robust defence that every single system has been put in place to ensure compliance. Aforementioned risks increase the further the buyer is from having these objectives achieved.
Theory vs Reality
The larger buyers (oil majors, large EPCs) have in general moved to as system enforced process as possible, with heaps of internal compliance regulations and also large ERP systems in place, as well as contract management systems to store all documents they exchange with buyers. They have 2 issues they are dealing with:
1. Current Systems are not fit for Complex Tendering data exchanges and traceability
- ERP systems are great for payments, accounting, logging when tenders have been sent out and then awarded
- Contract management systems work for managing and exchanging contracts
- Neither was built for the iterative back and forth between buyers and suppliers in the complex tendering process and as a consequence complex tendering gets done is through Manual Tendering and data suddenly stops being auditable and traceable in real-time
2. No Systems in place for Intermediaries (or JV partners running tenders)
- When third-party intermediaries (whether brokers, contractors or JV partners) are engaged to tender on behalf of buyers, there are no digital systems in place for the buyer to monitor this complex tendering activity
- Tendering reverts to being done by the Manual Tendering process, and not only that, but it is done by another firm which increases the cost and decreases access to information
As for the mid-sized buyers, they are mostly all running their complex tendering processes via a manual tendering process (emails etc.) and are at the highest risk of compliance in their tendering processes.
A digital, collaborative, complex tendering platform
DeepStream has developed a highly secure and user-friendly cloud-based software where all communication, business data exchange, document exchange process is captured and logged with collaborative visibility and real-time auditability at the click of a button.
Not only does this capture all information in direct tendering activities, but given the specific dynamics in the oil & gas and industrial tendering sectors our technology also allows multiple buyers to collaborate on a tender, or buyers to unlock tendering visibility when intermediaries or brokers are used for tendering out to suppliers.
Using the latest lean and agile technology, we have created a more transparent and secure supply chain, helping the industry become more compliant and efficient.