Last week the United Kingdom’s Ministry of Justice released its “Consultation on guidance about commercial organisations preventing bribery (section 9 of the Bribery Act 2010)”. The stated purpose of this document is to provide guidance, as required under section 9 of the Act, to “support businesses in determining the sorts of bribery prevention measures they can put in place.” Businesses covered by the UK Bribery Act can be convicted of a criminal offence if they fail to prevent bribery on their behalf. However, the Act provides that if the organization can show that it has adequate bribery prevention procedures in place, such “adequate procedures” are a defense to a prosecution.
The Consultation lists “Six Principles for Bribery Prevention” which the Ministry of Justice believes are good international practices for such adequate procedures and is designed to assist businesses in determining what bribery prevention procedures they can put in place. In this posting, we will provide a general review of the Six Principles and in subsequent postings we will drill down to provide more detail as to what is required, or at least suggested, as an adequate procedure for each specific principle.
The Six Principles for Bribery Prevention are as follows:
1. Risk Assessment – this is about knowing and keeping up to date with the bribery risks you face in your sector and market. This means that a company must have adequately trained personnel performing ongoing assessments. Such a program cannot be static but must be dynamic as bribery risks will evolve over time.
2. Top level commitment – this concerns establishing a culture across the organisation in which bribery is unacceptable. If your business is small or medium sized this may not require much sophistication but the theme is making the message clear, unambiguous and regularly made to all staff and business partners. This is the classic “Tone at the Top” requirement. Top leadership must commit, in word and deed, to a zero tolerance towards bribery and corruption. Interestingly, this commitment must also extend to avoid doing business with companies which do not make this commitment.
3. Due diligence – this is about knowing who you do business with; knowing why, when and to whom you are releasing funds and seeking reciprocal anti-bribery agreements ; and being in a position to feel confident that business relationships are transparent and ethical. Businesses must know who they are doing business with if they are to accurately assess and manage their risks; appropriate due diligence must be performed to allow a business to not only assess its compliance risks but to properly manage them.
4. Clear, Practical and Accessible Policies and Procedures – this concerns applying them to everyone you employ and business partners under your effective control and covering all relevant risks such as political and charitable contributions, gifts and hospitality, promotional expenses, and responding to demands for facilitation demands or when an allegation of bribery comes to light. Businesses should create clear written instructions to document not only what will not be tolerated, but also provide guidance on relevant laws and how to do business ethically. This should include direction on actions employees are to take when faced with blackmail or extortion. Interestingly, this requirement extends to “other people and entities over which a business has control.”
5. Effective implementation – this is about going beyond ‘paper compliance’ to embedding anti-bribery in your organization’s internal controls, recruitment and remuneration policies, operations, communications and training on practical business issues. While noting that policy implementation will “vary enormously” from organization to organization and will depend on the nature of a particular business, companies will need to bring their compliance and ethics programs “to life”. This would include areas such as training, internal and external communications and using all the tools available to a business; including internet, intranet, email, posters, employee and company-wide meetings and other forms of communication.
6. Monitoring and review – this relates to auditing and financial controls that are sensitive to bribery and are transparent, considering how regularly you need to review your policies and procedures, and whether external verification would help. This principle requires that an anti-corruption program be dynamic and ever adapting to incorporate changing circumstances, it must not simply be a paper program. It should also include the internal checks and balances a company needs to have in place to adequately review and monitor compliance and ethics policies. Furthermore this requires Board of Director oversight, full transparency and external verification.
The Consultation states that it does not provide “particular procedures” but that these Six Principles of Bribery Prevention are to be a flexible guide to deciding the specific procedures that any business might use to prevent corruption and bribery. The paper notes that “Whether procedures are adequate can only be determined by the particular circumstances of a case”. Nevertheless, the Consultation is a very useful tool for any company which desires to measure its current compliance and ethics program. While this Consultation only deals with the UK Bribery Act’s requirements, it could also be a valuable and welcome tool for companies subject to the US Foreign Corrupt Practices Act (FCPA) in measuring their FCPA compliance policy.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2010