Compliance with anti-bribery and corruption rules has long been a challenge for legal departments, and according to a new survey, the risks are going to continue—or get even worse—in 2018.

The eighth annual Anti-Bribery and Corruption Benchmarking Report, released this week by Kroll and the Ethisphere Institute, surveyed nearly 450 senior-level executives across the globe working in compliance, and found that 93 percent expect anti-bribery and corruption risk to either remain the same or become increasingly difficult this year.

“The stakes are high and so is the risk level, which is likely causing some sleepless nights for the average compliance professional,” said Steven Bock, who is global head of operations for risk solutions company Kroll's compliance practice, in the announcement of the report's release Wednesday. “In today's hypersensitive business environment where a company's hard-earned reputation can be easily lost through a lapse of judgment by a third party, the job of a conscientious compliance professional has never been tougher or more central to the success or failure of a business.”

The top source of angst for the compliance professionals surveyed was indeed third parties and their potential to introduce bribery and corruption. Some 58 percent of respondents said they found legal, ethics or compliance issues with a third party after performing due diligence.

More often than not, according to the survey, the company's due diligence manages to catch a problem, instead of the third party disclosing it. But on the bright side, there was also a growing amount of self-disclosure of issues from third parties, a trend the report called “a clear reflection of changing cultural and regulatory trends, including heightened concern over personal liability.”

The sheer number of third parties that companies engage with may be making matters more complicated—45 percent of those participating in the survey said their businesses worked with 1,001 or more third parties, up from 40 percent in last year's edition of the survey. The survey defined third party as “any person or entity you partner with in order to do business” not including customers.

The second most cited risk to the respondents' anti-bribery and corruption programs was the complex global regulatory landscape—a concern that the report indicated is on the rise amongst compliance professionals. The report pointed to China's corruption crackdown, the implementation of the General Data Protection Regulation and the Foreign Corrupt Practices Act Pilot Program as examples of how rules and frameworks are changing at a fast clip.

Here are some of the other notable findings from the 27-page report:

• Some 30 percent of respondents said they monitored all their third parties, while 45 percent only monitored the high risk ones. The other 25 percent had no third-party monitoring.
• For the second year in a row, the two top reasons that potential third parties failed to meet respondents' ethics and compliance standards were “general reputational or integrity concerns” and “conflicts of interest,” in that order. What has changed is the rise of “opaque or suspect reporting structures” to No. 3 in the rankings, a jump from No. 5 in 2017.
• Respondents often collected less information about M&A targets' third parties than they collected about their own third parties. For instance, 86 percent of respondents collected ownership information about their own third parties, but only 34 percent got this data on their targets' third parties.
• Fear of personal liability for compliance failure is an issue for many respondents. Compared to 2017, 22 percent were more concerned about being held personally responsible in 2018. For about 65 percent of the respondents, the level of concern about this stayed the same year over year.