The auto industry is undergoing rapid changes, operating in an increasingly complex and dynamic global landscape. There is a heightened focus on sustainability and innovation, resulting in auto companies forging strategic partnerships with stakeholders (employees, investors, vendors, sub-contractors and peer groups) based on mutual goals.
Some of the key trends observed in the auto industry include bribery and corruption risks, occupational frauds, leakage in capex spends, data breaches and data privacy violations.
The Indian Government has been pushing an ambitious plan for driving the adoption of electric vehicles (EV), policy measures for a robust manufacturing ecosystem and sustainable market for sale of EVs. The shift to EVs is expected to have a ripple effect on the organizational strategies of auto companies. The need and acceptance of EVs have been steadily rising, with iconic auto brands unveiling their latest products at the 2018 Auto Expo, including 25 EVs. According to a recent EY and ASSOCHAM report, the EV market has the potential to grow significantly in the coming years as sales are expected to witness high double-digit growth rates annually in India till 2020.
The industry is expected to make significant investments in R&D, intellectual property rights, production infrastructure and capacity optimization by identifying key alliances to reach the target. However, the investment outlook including mobility transformation, BS VI implementation and other capital investments should be embraced with adequate steps to counter possible fraud and compliance risks, such as:
- Patent infringements, espionage and theft of intellectual property
- Leakage in capex spends such as capacity augmentation and warehouse infrastructure
- Inadequate background checks on alliance partners
- Non-compliance with regulatory procedures such as type approvals and conformity of production
Bribery and corruptions risks
The Indian auto industry continues to grapple with bribery and corruption when complying with emission norms, establishment-related licensing, government sales and temporary registration of vehicles resulting in violation of statutory guidelines laid down under Foreign Corrupt Practices Act (FCPA), UK Bribery Act (UKBA) and Indian anti-corruption regulations like Prevention of Corruption Act (POCA). For instance, bribery-related expenses may be camouflaged under varied expense heads to avoid detection. This raises the risks of being held accountable for deliberate non-compliance. Some such claims include:
- Reimbursement of bribes in the form of collection incentive to intermediaries or dealers
- Debit notes as one-time settlement of unreconciled claims of dealers
- Providing non-monetary benefits (such as accessories, extended warranty and free service)
- Reimbursements through employee travel and expense claims
How can auto companies fasten their compliance seatbelt?
Continuing on its anti-corruption drive, the Indian Government has cracked the whip on shell companies. With a complex supply chain system, auto companies generally fail to assess the full background of companies they transact with. Failure to identify shell companies in the supply chain impedes law enforcement and abates their governance initiatives.
Many global companies are committed to implementing and certifying their anti-bribery compliance programs under ISO 37001. For instance, an auto company or its supplier implementing ISO 37001 will indicate its intent to drive anti-bribery compliance down the supply chain. The certification could also help companies:
- Get habituated to periodic anti-bribery audits through in-house compliance teams or external agencies, thereby reducing the risk of non-compliance
- Reduce disruptions (in cases of an investigation or a customer due diligence) as it raises awareness of what typically regulators or other stakeholders might look for in terms of anti-bribery policy compliances
Occupational frauds on the rise
With the volatile market situation, there is an increasing sense of insecurity among the workforce on the possibility of layoffs. This is resulting in more instances of occupational or internal frauds within the company, especially in business functions such as payroll, administration, logistics, procurement, R&D, sub-contract management and scrap disposal. Financial losses incurred on account of such occupational frauds are rising and often committed in collusion with ex-employees, vendors, customers and sub-contractors. It is important that companies continue to monitor high-risk operations through due diligence and diagnostic fraud risk assessments.
Trends in dealer management and vehicle financing
Dealer management systems have been maturing in the Indian auto industry with dealer-friendly process initiatives and financing schemes. But despite continued efforts, frauds in warranty reimbursements, corporate and institutional sale initiatives, and corruption risks continue to thrive. Vehicle financing by the NBFC arms of auto majors and other vehicle financing institutions has also been under scrutiny due to general credit distress. Auto finance frauds have also been rising especially in tier II and III Indian cities as a result of customer misrepresentation in furnishing credit reports and avoiding vehicle repossession on payment defaults.
Bracing the big-bang tax reform
The Goods and Services Tax (GST) has been a key tax reform, changing the operational landscape of auto companies. It is expected to increase the efficiency of interstate sales, remove cascading tax implications and help manufacturers in acquiring spare components at a relatively lower cost due to an improved supply chain. With taxes such as VAT and CST no longer effective, it is anticipated that companies will have to revise incentives, as state governments will have to now manage these commitments from their share of GST revenue.
The initial days of GST implementation could bring with them the risk of vendor profiteering, non-compliance with regulatory procedures within the stipulated timelines and possible dispute with administrators during the renegotiation of state incentives.
Robotic process automation and data privacy
Robotic process automation (RPA) is widely recognized as the next major disruptive trend in the auto industry. With the future moving toward diverse mobility and autonomous driving, data analytics is considered to be pivotal for robotics and automation in the auto industry. Futuristically, cars are expected to be embedded with sensors and mini processors to collect and transmit data for automation, car usage analysis and maintenance. As such, the industry will be tasked with storing, managing and analyzing the data in a secured manner. However, the introduction of such automated processes would increase the risk of data breaches, ill-defined user access privileges, modification and review of process automation scripts and misuse of data for personal gains or other vested interests.
Last year’s crypto ransomware WannaCry 2.0 and EU’s General Data Protection Regulation (GDPR) rollout have renewed the focus on data privacy and protection. Today, auto companies are collating extensive data to profile their customers, vendors and employees, for developing autonomous driving, monitoring emigrant employees and enhancing global supply chain ecosystem. GDPR is expected to affect companies if they are unable to protect the data of EU citizens, with potential fines of up to 4% of the organization’s annual turnover, capped at EUR 20 million.
The roadmap ahead
The auto industry is poised to benefit from various reforms and improving trends in local and global market demands. Technology will be an enabler in the journey to compliance with increased usage of RPA, Internet of Things and blockchain and the advent of EVs and autonomous driving. Compliance programs in the auto industry face real challenges. With two major investigations in the recent past, civil societies and bureaucrats have called for stricter actions on auto companies violating emission norms in the country. The regulators are tightening the test procedures on vehicle emissions, requiring companies to strengthen their internal processes to be fully compliant with the requirements of the regulators. The supply chain ecosystem should stretch beyond the minimum requirements of regulatory compliance and add value to stakeholders through:
- Proactive FCPA and UKBA reviews around dealer claims, employee reimbursements, administrative expenses and implementation of ISO 37001
- Review of vendor and dealer information to assess the risk of manipulated sales and possible money laundering through shell companies
- Continuous monitoring of cybersecurity frameworks and data privacy
- Proactive fraud risk assessments of high-risk manufacturing operations, capex exposure, dealership schemes and vehicle financing procedures
- Compliance review of the process of obtaining conformity of production and type approvals