This disclosure asks an organisation to explain how much of its business has been checked for corruption risk. In practice, it is about the scope of the assessment: which parts of the organisation, which locations, and which activities were reviewed, and whether that review covers the whole business or only selected areas.
The practical focus is on coverage and completeness rather than on describing anti-corruption policies in general. A useful response makes clear the proportion of operations assessed, any parts left out, and why those exclusions existed, so readers can judge how representative the risk review is across the organisation.
This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official GRI source.
A quick mental checklist before you prepare this disclosure — tick each as you settle it.
Key datapoints to prepare
How to prepare it
Request the corruption risk assessment results
Translate the disclosure into an internal business question — then adapt it to your organisation's own language.
Use your organisation’s own terms first, then map them to the reporting line. For example, if you talk about sites, branches, entities, business units, markets or contracts internally, use those labels in the request and in the returned table before translating them into the reporting view. This is a possible LRA training template; adapt this to your organisation and check the official source before sign-off.
Please provide the GRI 205-1 data for operations assessed for risks related to corruption, including the total number, percentage, and significant risks.
Why it fails: It uses framework language that may not match how the business tracks the work, and it does not tell the owner which internal population, source, or naming convention to use. That makes it harder to return a clean, auditable dataset.
Please send the latest corruption risk review summary for [period] using your own labels for sites, branches, entities or other units. Include the total in-scope population, the number reviewed, the percentage covered, any material corruption risks found, and the source reference for each line.
Notes that turn data into a disclosure
LRA training templates — adapt them to your organisation, and check the official source before sign-off.
Explain which parts of the business were included in the corruption-risk review, how you counted each operation, and what you mean by a significant risk in your own assessment process.
Set out what the figures show about the reach of the review and the main corruption-related exposures found, so readers can see how broad the assessment was and where the key concerns sit.
If the numbers moved materially from the prior period, note whether that was driven by changes in the number of operations reviewed, a wider or narrower review scope, or a different set of risks being identified.
Preparation tools & forms
Professional preparation tools for GRI 205-1 — free with an LRA Community membership. Register once (it's free) and every download unlocks, together with the Disclosure Library, templates and the LRA AI-assistant.
For each claim, check the evidence
Evidence pack to prepare
Common reporting gaps
Mistakes to avoid when collecting the data
Where judgement is often needed
Illustrative examples
Synthetic, written by LRA — not from a company report, not text from any standard.
We reviewed all 24 sites in scope for corruption exposure, which is 100% of our operations. That review found two locations with significant corruption risk, both in higher-risk procurement and customs activities.
Synthetic illustration only. Shows how to report the number of sites reviewed, the share covered, and whether any material corruption risks were found.
We assessed 15 of our 20 operating units for corruption exposure, equal to 75% coverage. One unit was flagged with a significant corruption risk, linked to third-party contracting and border-clearance activity.
Synthetic illustration only. Shows partial coverage, the proportion reviewed, and the count of significant issues identified.
How companies report GRI 205-1
Real reports where this topic is disclosed. These are report practice, not exact disclosure templates to copy.

Scenarios to work through
A group has 12 operating sites. The risk team has completed corruption-risk reviews for 9 sites, and the remaining 3 are scheduled for next quarter.
A business unit was screened for bribery exposure using a desktop review only, while another unit had a full workshop and interview process. Both were included in the risk register, but the evidence file does not show how each review was carried out.
A preparer has the total number of assessed operations and the percentage, but the risk team also identified two major exposure areas: customs-facing activities in one region and third-party agent use in another. The draft leaves these out because they are qualitative.
A company has 20 operations in total. It assessed 14 during the year, but 4 of those 14 were reassessed after a control failure, and the team is unsure whether to count the reassessments again.
Related framework references
How this disclosure maps across the major reporting frameworks.
Questions this page answers
The page says to prepare three datapoints: operations reviewed, operations coverage rate, and corruption risk findings. Use those as the core inputs before you draft the narrative.
The page tells you to prepare an operations coverage rate, but it does not set out a calculation method. Use the page’s step-by-step preparation section and workbook to document your own scope and method clearly.
The page asks you to prepare corruption risk findings, but it does not define the term. Record the finding in a way that is consistent with your review process and keep the supporting evidence in the assurance pack.
The page does not assign roles, so ownership needs to be set internally. A practical approach is to name the business owner for the review data, the person preparing the draft, and the reviewer who will check the evidence pack.
The page includes an evidence pack with five items for assurance readiness. Use those items to show how the data was prepared, what was reviewed, and what supports the reported figures and findings.
The page says there are five assurance claims to verify, covering claim, risk and evidence. It does not list them in the source text here, so use the page’s assurance section and workbook to check each claim against supporting evidence.
The page includes a list of common reporting gaps and mistakes. Use that list to check for missing scope, weak evidence, unclear methodology, or a draft that does not match the underlying data.
The Download Centre includes a Prep & Assurance workbook in .xlsx format. Use it to organise the preparation steps, capture the datapoints, and build an assurance-ready evidence trail before turning the data into a draft.
The Download Centre also provides a printable Library Card in PDF format. It is there as a quick reference while you prepare the disclosure, check the evidence pack, and draft the output.
The page has a draft-output section with visualisation ideas, narrative starters and a GRI content-index line. Use those to convert your prepared data into a short draft and then check it back to the evidence pack.
The page says the closest ESRS correspondence is ESRS G1 (Business Conduct). That means the data may be reusable across both, but you still need to check the reporting needs for each framework separately.
Get your GRI 205-1 tools — free
Your preparation tools are free for LRA Community members and students. Register once (it's free) and your download starts right away — plus the Disclosure Library, templates and the LRA AI-assistant.
You're in — your download is starting
Your file is downloading now. Your Community Cabinet — with the Disclosure Library, templates and the LRA AI-assistant — is ready too.
Open your Cabinet →