This article was written for and first featured in Infrastructure Journal
The Bribery Act 2010 is one of the most significant pieces of legislation to affect all businesses for a decade and reforms the law on bribery and corruption in the UK. The Act was passed in April 2010 and is due to come into force on 1 July 2011.
The Act introduces a new corporate offence which imposes criminal liability on any business should it fail to prevent bribes being paid on its behalf. It criminalises the activity of both giving and receiving a bribe, as well as bribing a foreign public official. The offence is widely drawn and catches a bribe paid by another person who performs services on behalf of a UK business, whether the wrongdoing was committed in a foreign jurisdiction or in the UK.
The Energy sector should pay particular attention to the Act and its extra-territorial application it is widely identified as being at a high risk of exposure to domestic and international corrupt practices.
The ‘adequate procedures’ defence
The only defence to a criminal offence under the Act is for a UK corporate to show that it has in place “adequate procedures”, systems and controls to prevent bribery and corruption. Who is ultimately responsible for this? Senior management. The sanctions in place? Ten years imprisonment and/or an unlimited fine for individuals, and unlimited fines for a corporate.
The six guiding principles
The Ministry of Justice has now published the final form of guidance governing the procedures which businesses can implement to help prevent bribery by persons associated with them.
The guidance is formulated around six key principles which are designed to “guide” and help businesses understand the breadth and nature of procedures they might put in place to prevent bribery. The guidance is not intended to be prescriptive – what may be deemed as “adequate” for one business may not be “adequate” for another. Each company will need to tailor its policies and procedures so that they are proportionate to the nature, scale and complexity of its activities, taking into account its size, industry sector and market focus. This seems to be a sensible approach given that small and medium sized domestic businesses will generally face different challenges to large, multi-national corporations.
The six key principles set out in the guidance are:
Commercial organisations must undertake regular and comprehensive assessments of the internal and external risks they face, the nature and frequency of which will and can vary. Any action taken should be proportionate to the risks faced and the nature of those risks, and to the size of the business and the scale and complexity of the activities involved. Such actions should be clear, practical, accessible, effectively implemented and enforced. It may be necessary to do more to prevent bribery if your organisation is large, or if you are operating in an overseas market where bribery is known to be commonplace, compared to what you might do if your organisation is small, or is operating in markets where bribery is not prevalent.
2. Top-level commitment
There must be a clear commitment to counter bribery in the management structure of an organisation and this must be embedded to establish a culture in which bribery is never accepted. This commitment against bribery should be clearly communicated from the top to all levels of an organisation and to any relevant external parties. Businesses should also consider publishing a statement of their commitment to counter bribery. The guidance emphasises that those at the top of an organisation are in the best position to ensure their organisation conducts business without bribery. It is necessary to demonstrate that a business has been active in making sure that staff (including any middle management) and the key people who do business with that business understand that bribery is not tolerated.
3. Risk assessment
Organisations will need to regularly and comprehensively assess the nature and extent of bribery risks to which they are exposed. As an initial assessment, organisations should consider whether those undertaking the assessment are adequately skilled and equipped to do so or whether using external professionals may be more appropriate.
As bribery and corruption risks may evolve over time, it is also imperative that risk assessment procedures take account of any new risks which may be posed by a particular country, transaction or business partner of the organisation. Transactions involving charitable or political contributions, licences and permits, public procurement or involving agents or intermediaries are likely to pose a greater risk. Due attention must be paid to existing and potential markets operated in and third parties dealt with, especially if a corporation is entering into new business arrangements in new overseas markets.
4. Due diligence
Knowing exactly the parties an organisation deals with can help to protect an organisation from taking on people who might be less than trustworthy. Organisations need to ascertain exactly who they are doing business with if their risk assessment and mitigation processes are to be effective. As such, businesses are required to have in place suitable due diligence policies and procedures to help identify bribery risks and to enable organisations to take appropriate preventative measures.
Due diligence enquiries should cover all parties to a business relationship, including the organisation’s supply chain, agents, intermediaries, joint venture partners and all markets in which the organisation does business. Enquiries should also be made about the risk of bribery in a particular country, the types of bribery most commonly encountered and the preventative measures which are most effective.
Organisations are required to have in place clear, practical and accessible policies and procedures to counter bribery, and must communicate these to staff and to others who perform services. This will enhance awareness and help to deter bribery by making clear the basis on which your organisation does business. You should consider incorporating such policies into employment and service contracts.
The guidance makes clear that appropriate anti-bribery policies will vary enormously depending on the nature of the business, the assessment of risk and the nature of support functions. Nevertheless, issues to be covered can include a clear prohibition on bribery; guidance on making political and charitable contributions; gifts and hospitality; guidance on what action should be taken when faced with blackmail or extortion; and a commitment to protection for whistle-blowers.
6. Monitoring and review
Anti-bribery and anti-corruption policies must be viewed as dynamic and not static, to account for the evolution of risks currently faced by an organisation and the effectiveness of procedures over time. To ensure compliance with the relevant policies and procedures and to identify any issues as they arise, organisations need to institute mechanisms for reviewing those policies and procedures at regular intervals.
To establish successfully an “adequate procedures” defence, a business must demonstrate it has taken account of the six principles in developing, implementing, monitoring and reviewing its anti-bribery policies and procedures. These principles are intended to guide a company through the implementation process, as well as the decision process over whether those policies and procedures are likely to be deemed as adequate or not.