The consequences of the coronavirus on compliance

As time goes on, the consequences of the COVID-19 pandemic on global markets, companies and consumers grow clearer and clearer. Many companies are being subjected to unknown and unusual risks, which in turn lay the groundwork for entirely new challenges.

The COVID-19 pandemic has produced a rapid change in behaviour that affects all of us personally, professionally and economically. We must prepare ourselves for risks more than ever before. Chief among the issues confronting employers are cyber-attacks, concerns about the reliability of business partners and an increase in instances of fraud and corruption.

It is important to us to help compliance departments implement the right measures. To this end, we have prepared some useful tips and information based on our experience so far.

Malfeasance that will continue to increase due to the COVID-19 pandemic

While a virus forced most of the world to a standstill for weeks, the beginning of the corona crisis saw criminal impulses flourish, and the situation still fosters criminal behaviour, especially on the internet. We offer you an overview of the problems that compliance officers must now deal with more intensely:


In many countries, state subsidies in the billions were funded from tax revenues as fast and unbureaucratic assistance for the economy and the populace. However, the corona aid packages, which were intended above all to help small companies and freelancers get through the crisis, quickly came to the attention of criminals. In Germany, as well, there were numerous cases of subsidy fraud and unjustified benefits. The number of investigations of fraud involving coronavirus aid had already reached over 3,000 at the end of May and still continues to rise. At the Finance Intelligence Unit (FIU) of the German Customs Investigations Bureau, roughly 5,000 reports relating to the coronavirus have been received. A full 4,100 reports referred to fraud involving immediate aid. According to the office of the Federal Public Prosecutor General, funds amounting to roughly four million euros have already been frozen.

But how can fraud involving corona aid packages be effectively identified or even prevented?

Whistleblowing system such as BKMS® Incident Reporting can help here. Categories specially tailored to the coronavirus allow for the submission of highly specific reports so suspected cases can be investigated quickly. BKMS® Quick Response also offers the ability to quickly create a specific, temporary reporting channel for a given issue, such as fraud involving coronavirus aid.

Learn more


In times of crisis such as the COVID-19 pandemic, compliance officers must expect more focus on topics that otherwise do not fall directly within the main duties of the compliance department, such as labour law-related HR topics, compliance with data protection and the associated risk that employees working remotely could funnel malware and extortion software into company servers. No less important is the question of meeting the company’s obligation to take care of its employees.


The corona crisis has already become a virtual heyday of cybercrime. The restrictions on public life have shifted invisible crime more and more onto the internet. Spam and phishing emails, fake immediate aid internet pages for collecting data entered by users, online extortion using malware and extortion software, hacking attacks and the like have created major problems for companies that paid too little attention to IT security in the past – often with damages in the millions.

“As early as May 2020, 68% of all respondents already observed a significant rise in fraud rates, and 93% of respondents expect an increase in fraud in the coming year.”

– ACFE: Fraud in the wake of Covid-19 - Benchmarking Report June 2020

What new challenges do compliance officers currently face?

The working world changed abruptly in March: Companies and organisations had to respond very quickly to dynamic and rapidly evolving challenges. The impact of the far-reaching changes to daily life was felt in the area of compliance as well:


Restricted freedom of travel and minimal personal contact

Compliance with state-specific regulations based on the Infection Protection Act

Postponed investigations and restricted access to evidence

Shortened work hours and remote work

Maintaining data protection and data security

Challenges involved in conducting remote interviews

Compliance 2.0 – Because technology-supported solutions must replace personal contact

Before the COVID-19 pandemic, companies already had to deal with a complex regulatory environment and invested large amounts in compliance with regulations. However, violations have occurred – and will likely increase in the future – that must be internally investigated, processed and documented in a timely manner. This makes it especially urgent to find technology-supported solutions for early risk detection that do not require personal contact, can be adapted to various states and departments and can be used securely.

The questions to consider here include the following:

  • Are your processes digitalised, and if yes, are they GDPR compliant?
  • Do you provide online compliance training on various compliance topics, such as data protection and IT security? It is important to ensure that employees do not run malware or extortion software and that customer data and business secrets cannot be accessed by unauthorised parties.
  • Do your employees use secure encryption for WiFi access?
  • How can your employees contact you securely and anonymously to inform you of any worries, issues or violations of laws or internal rules? Tools such as BKMS ® Incident Reporting are perfectly suited for this since the anonymity of employees is 100% protected in compliance with GDPR.
  • Is tamper-proof documentation guaranteed?

Changing conditions require careful, regular and risk-oriented evaluation of your business partners

Companies that work with business partners should evaluate them again with regard to possible risks since they may have to deal with new corona-related developments. These include the ability to make payments or even continue production for products/services in various countries. It is especially important that all requirements of the Foreign Corrupt Practices Act (FCPA), UK Bribery Act and Sapin II be complied with in regard to the evaluation of business partners.

The questions to consider here include the following:

  • How do you or your employees structure, evaluate, approve and document the process of business partner due diligence?
  • Have new levels of compliance with financial, operational and internal controls been adapted or defined for your business partners?
  • Do your existing processes and tools permit prompt, risk-oriented and structured evaluation and assessment of all business partners? BKMS® Third Party supports you with fast and practical onboarding in full compliance with all applicable regulations and beyond.

How to live up to your duty of care with respect to your employees

Employees are now returning to the office in large numbers after working remotely, but special requirements apply here as well with regard to creating and adhering to hygiene rules.

Circumstances to be considered:

  • Has the workplace been structured so that sufficient distance can be maintained between the workstations?
  • Are there schedules for working times and office capacity, and if so, how are these monitored?
  • Are sufficient disinfectants and protective masks provided?

Always check your rules against the most recent orders and adapt them if necessary, using guidance such as the Infection Protection Act and the information from the Robert Koch Institute.

Protect your reputation and your image with valuable measures

The corona crisis can lead to many situations that could do long-term damage to the reputation of your company: Annulled contracts, non-payment, cancelled projects and poor communication are just a few examples. A loss of trust can do lasting damage to relationships with employees and customers. It is important to have a tailored strategy and a clear plan for protecting your brand integrity.

The following measures should be considered here:

  • Do you have a trust-building communication strategy and clear measures that can foster trust among employees, suppliers and other stakeholders across all channels?
  • Are new rules and regulations clearly and uniformly communicated and exemplified?
  • In the case of important decisions that pose a risk or give rise to uncertainty, do employees have access to approval processes that do not require personal contact? With tools like BKMS® Business Approvals, compliance departments can quickly and easily decide on and document approvals digitally to relieve the burden on employees when making decisions.


Do you have any questions about compliance in times of the coronavirus?

We hope we have been able to give you some useful tips to help your company through this challenging time. If you have any questions or requests concerning other topics of interest to you, we would love to hear them. 

Also, if you need help analysing your processes and would like to profit from best practice examples, feel free to contact us for a no-commitment conversation. We look forward to hearing from you.

Contact us!