The evolution of anti-corruption efforts and practices in defence industry contracting and procurement

In 2018, I authored a piece in Vanguard Magazine April/May edition on the importance of anti-corruption compliance in defence procurement. Much has changed since then. This updated article revisits the topic in the context of a rapidly evolving regulatory and geopolitical environment – and with new insights gathered from CANSEC 2025. Representatives from across the industry, including SMEs and major contractors, shared how they are adapting their ethics and compliance programs in response to rising regulatory and procurement expectations for transparency, third-party accountability, and technology-enabled oversight. This article explores how compliance is no longer just about following rules—it’s about enabling better decisions, stronger partnerships, and sustainable growth by building a strong Ethics and Compliance (E&C) culture anchored on a risk management mindset. 

Framing the Evolution of Ethics, Compliance and Anti-Corruption 

In the ever-evolving landscape of the global defense industry, one constant remains: the need for strong ethics, compliance, and anti-corruption measures within an integrated Ethics and Compliance (E&C) program. Over the last decade, the defense sector has seen an increasing shift in how businesses approach governance, transparency, and accountability, particularly in their interactions with government procurement and third-party supply chains. The growing demand for corporate responsibility, driven by heightened regulatory scrutiny, global anti-corruption campaigns, and shifting public expectations, has necessitated a more robust and sophisticated approach to ethics, compliance and anti-corruption efforts.  

These developments have elevated the role of E&C from a narrow compliance task to a central business function. Additionally, anti-corruption efforts must be seen within a more strategic E&C and risk management lens.  At the same time, emerging technologies and shifting social values have placed a spotlight on how companies integrate integrity into every layer of their operations. This article explores how defense industry companies have adapted to these changes, the role of emerging technologies like AI in shaping E&C functions, and the growing importance of building a culture of integrity throughout the supply chain. 

The Growing Importance of E&C in the Defence Industry 

The defence sector has traditionally operated in a highly regulated and scrutinized environment due to the nature of its operations and contracts. However, recent years have seen increased scrutiny from regulators, civil society, and media. The past five to 10 years have brought about substantial regulatory changes that have increased the demand for greater transparency and accountability. As companies continue to do business in a continuously evolving competitive business environment, they face a complex regime of regulatory requirements and a myriad of pressures and risks.  

This new regulatory and business environment is placing even greater pressure on companies to strengthen their E&C and anti-corruption measures. Companies in the defence sector, both large multinational corporations and smaller enterprises, are now grappling with increasingly stringent procurement requirements, especially considering high-profile scandals and headlines outlining ethical and governance failures. These scandals have significantly raised awareness of the risks associated with corrupt and unethical practices, including the erosion of public trust and the heavy financial penalties that can follow. To navigate this complex environment, companies need an effective E&C program and culture anchored on a risk management mindset.  

In this new landscape, companies are expected to go beyond compliance and demonstrate a commitment to values-driven business conduct. According to the 2025 Ethisphere Ethics Premium, ethical companies significantly outperform their peers—showing a 7.8 per cent increase in long-term performance over five years. This premium highlights how strong E&C frameworks not only reduce risk but also enhance brand value, employee retention, and investor confidence. The Ethisphere Ethics premium highlights how E&C can not only help prevent, detect and mitigate risks but also can increase profitability, protect the brand and provide a competitive business advantage.  

Representatives of companies at CANSEC 2025 that I talked with agreed ethics and compliance are no longer simply a regulatory checkbox. For most large players, E&C is reported to be fully embedded into their systems through robust training, targeted policies for high-risk markets, internal monitoring, and dedicated teams. These large firms recognize agility and resilience come from a culture that encourages ethical decision-making. Although real and tangible progress has been made in the past 10 years, recent headlines report ethical and compliance failures in the industry highlight the need for continuous monitoring and improvements. 

For smaller companies, the picture remains more fragmented. While many SMEs understand the importance of ethics, some still view E&C as a barrier to profit or an administrative burden rather than a strategic advantage. This mindset can delay program implementation, especially when resources are limited. Nonetheless, several SME representatives acknowledged strong E&C is now a condition for accessing supply chains of larger firms or meeting bid eligibility criteria in public procurement processes. Bridging this perception gap is critical for industry. 

Third-Party Risks and Supply Chain Challenges 

The modern defence sector is highly interconnected, with multiple tiers of suppliers, subcontractors, and agents operating across jurisdictions. This complexity increases exposure to third-party risks, which are now considered among the most significant threats to organizational integrity. Ensuring third parties comply anti-corruption measures and E&C requirements is more critical than ever. 

Regulatory bodies and investors expect companies to demonstrate proactive third-party risk management. The 2024 ACFE Report to the Nations revealed more than 50% of occupational fraud cases involved third-party relationships—highlighting the vulnerability that can exist outside the organization’s immediate control. 

Many defence firms, particularly multinationals, are responding by strengthening supplier onboarding processes, enhancing contractual clauses, and deploying automated monitoring systems. AI and data analytics play an expanding role, offering scalable solutions to detect anomalies, signal reputational red flags, and provide real-time risk scores. These tools are not just improving oversight—they’re enabling continuous monitoring and proactive risk detection and mitigation. In a growing number of jurisdictions, companies that fail to implement such data driven risk management measures may find themselves exposed to financial penalties, reputational damage, or exclusion from critical government contracts. While the commitment to supply chain due diligence is not yet universal across the industry, the growing regulatory environment is forcing more companies to adapt stronger and more effective detection and monitoring processes. 

Artificial Intelligence and Its Role in E&C 

The integration of AI into compliance workflows is accelerating. In the defence industry, AI is being used to identify risk trends, perform real-time transaction screening, and streamline audits. Companies at CANSEC noted AI can reduce the burden on compliance teams by automating repetitive tasks and uncovering insights from vast data sets. 

AI is especially valuable in procurement and financial controls, where it can detect irregularities early and reduce the likelihood of fraudulent activity. It is also being used in ESG monitoring and geopolitical risk assessments — essential in defence contracting environments. 

However, CANSEC participants emphasized the importance of maintaining human oversight. Ethics requires judgment, empathy, and the ability to weigh competing considerations. The most effective systems combine AI’s efficiency with human discernment, enabling better decision-making and governance. 

To realize AI’s full potential in E&C, companies must prioritize governance. This includes establishing policies for responsible AI use, training staff on AI literacy, and embedding transparency and accountability into every stage of the technology lifecycle. Companies that neglect these elements may find that poorly governed AI introduces new risks rather than solving old ones. 

Responsible use of AI in E&C requires transparency, explainability, and documented oversight. This aligns with the emerging guidance of the EU AI Act and ISO 42001, which call for clarity in how AI systems make decisions and how they are monitored. 

Embedding E&C in Company Culture 

Technology and policy can only go so far without a supportive culture. E&C must be lived across the organization—not just documented in a code of conduct. A strong E&C culture fosters trust, resilience, and accountability. 

CANSEC participants from companies with mature programs cited board and executive leadership as the single most important driver of cultural integrity. When leadership models ethical behaviour, invests in compliance infrastructure, and communicates consistently, it sends a message that E&C is integral to the company’s mission. 

This shift is also being shaped by younger generations in the workforce. Gen Z and millennials are more likely to demand accountability, report unethical behavior, and choose employers based on shared values. Companies are responding by developing speak-up programs, offering training that connects ethics to daily decisions, and measuring culture as part of their risk assessments. 

SMEs face distinct challenges. Many lack internal expertise or fear that a formal E&C program may be too costly or complex. However, practical, scalable solutions are available. A few large defence firms at CANSEC shared how they are mentoring or partnering with smaller suppliers to promote shared standards and values. 

Ethics and compliance should be positioned not as barriers, but as strategic assets that attract talent, protect reputation, and improve competitiveness. The E&C function must be integrated into operations and treated as a partner to the business and its strategic success, not a detached control mechanism or cost centre. 

Incentivizing Stronger E&C Programs: A Call to Action 

To drive improvement across the industry, participants at CANSEC agreed stronger incentives for companies are needed to demonstrate E&C leadership. Including E&C maturity scoring as a weighted criterion in government procurement decisions was one idea. Such a model would reward proactive organizations and encourage lagging firms to prioritize improvements. This would go beyond an integrity declaration or check-the-box exercise where a company would need to provide data on the scope and effectiveness of their E&C program – ostensively similar data provided to boards monitoring E&C efforts. 

This could be especially beneficial for SMEs, providing motivation and structure to build or expand their programs adapted to their size and risk profile. SMEs do not have the resources to implement the same level of E&C sophistication as larger companies but can learn from them and their best practices if they wish to be onboarded as a trusted partner. This approach would help reduce disparities between large and small players while strengthening the entire supply chain. 

However, incentives alone are not enough. The industry must adopt a collective action approach, where companies share best practices, co-create resources, and participate in cross-sector integrity networks. This cooperative model has proven effective in other high-risk industries and can build resilience across the defence ecosystem. 

A Collective action integrity initiative—such as an industry focussed integrity network – would facilitate exchange, pooled risk data, and shared due diligence frameworks—can enable companies to raise standards while reducing costs. They also demonstrate to regulators and the public that the industry is taking proactive, united steps to promote responsible conduct. A great example of this is the Maritime Anti-Corruption Network (MACN). 

Conclusion 

The evolution of ethics, compliance, and anti-corruption in the defence industry is unmistakable. Once considered a cost of doing business, E&C is now a strategic function that enables growth, enhances resilience, and builds trust with stakeholders. This means reinforcing culture, enabling cross-functional collaboration, and ensuring both SMEs and multinationals are aligned in their ethical commitments. 

As risks evolve and technologies like AI expand the toolkits available to E&C professionals and companies, the challenge will be to ensure that programs are embedded, trusted, and forward-looking. Success rests on being agile and adaptable to manage risk and uncertainty in a challenging world. The foundation for this success requires an E&C culture anchored on a risk management mindset. By adopting E&C as a strategic imperative, the defence industry can not only improve its capacity and effectiveness in managing risks but can also enhance its image with stakeholders and the public.