HAVE YOU DONE ENOUGH TO COMPLY?
The Bribery Act 2010 (the “Act”) came into force on 1 July 2011. Many people believed that the Act created a large amount of unnecessary hype. However, as 1 July 2012 marks the first year anniversary of the Act, was this hype really un-necessary?
What is the Act?
Put simply, the Act introduces two general offences:
- Being bribed
There are also specific offences of:
- Bribing a foreign public official
- Failing to prevent bribery by an associated person (the corporate offence)
In addition, directors and senior managers can also be guilty of an offence if their organisation committed an offence (offences 1, 2 or 3) with their consent or connivance.
The Act has a broad reach and will affect all UK organisations (wherever they are operating) and non-UK organisations that carry on business in the UK. Unlike legislation in some other jurisdictions, the Act prohibits business to business bribery, as well as bribery of foreign public officials. Penalties for breach of the Act include unlimited fines, imprisonment and director disqualification.
Who is at risk?
All organisations are at some risk of bribery and corruption; they may be “low risk” but will not be “no risk”. Those at most risk are organisations that operate in locations that are considered high risk for bribery and corruption (which are listed in Transparency Internationals’ Corruption Perceptions Index, available at http://cpi.transparency.org/cpi2011/results/); operate in high risk sectors (such as aerospace, chemicals, utilities, and construction); work with foreign public officials; use third parties to facilitate business and over whom they have less control (such as agents); and those without proper compliance programmes.
Has the Act been used?
When the Act was introduced, it was expected that there would be approximately five large prosecutions in the first three years. No company has however yet been prosecuted under the Act.
The lack of enforcement may lull organisations into a false sense of security and leave them feeling that they do not need to take any action to comply with the Act. This is supported by a recent survey by Ernst & Young which showed that of 1,700 heads of legal, chief financial officers and compliance executives surveyed, 47% said they would still complete unethical actions and 14% would still provide personal gifts to secure business. The survey also revealed a lack of understanding, with a third of respondents not realising that they can be liable for the actions of third parties.
David Green, the new Director of the Serious Fraud Office (SFO), the body responsible for enforcing the Act, has confirmed however that the SFO’s new powers to prosecute bribery offences would remain an important tool in overseas actions, that he is looking for “significant strategic” cases which threaten confidence in British business, and that he is eager to bring the first “big” Bribery Act case. It is also apparent in the press that the SFO are busy investigating a number of allegations of bribery and so the first major prosecutions may already be on their way.
The actions and comments from the SFO do not mean that only large companies who operate abroad are at risk. The Act has a broad scope and the first and only prosecution under the Act has been against an individual working in the UK. It would therefore be dangerous for small and medium sized organisations or organisations that only work in the UK, to think they are not at risk and organisations that thought the Act was “much ado about nothing” may want to re-consider their position.
What are organisations doing to ensure compliance?
As stated above, organisations can be liable for bribing, being bribed and bribing foreign public officials. Organisations can also be liable for the corporate offence of failing to prevent bribery, unless they can show that they have “adequate procedures” in place to prevent such bribery.
The UK Government’s guidance on “adequate procedures” (http://www.justice.gov.uk/guidance/docs/bribery-act-2010-guidance.pdf) (the “Guidance”) focuses on 6 principles:
- Top-level commitment
- Risk assessment
- Proportionate procedures
- Due diligence
- Communication (including training)
- Monitoring and review
Squire Sanders have advised many organisations on the specific steps they need to take to comply with the Act and in light of the Guidance. This varies in each case, depending on the level of risk to the organisation. Some of the common steps that organisations have been taking are however listed below:
- Board and employee training
- Implementation of a Code of Conduct
- Appointment of a Compliance Officer
- Review of employment procedures, including Whistle-blowing, Disciplinary and Gift / Hospitality procedures
- Due diligence into third parties with whom they do business.
- Implementing controls – financial, expenses, procurement
- Obtaining contractual protection from third party agents.
It is also worth noting that The British Standards Institution has launched a standard (BS 10500) to help organisations demonstrate to internal and external stakeholders that they have robust anti-bribery policies, practices and systems in place. This development may identify a future trend of accreditation for compliance schemes, a trend which is already being followed in other countries, including Germany.
Have you done enough?
Our experience tells us that some organisation have addressed the Act in detail and now consider that they have “adequate procedures” in place. Others haven’t even considered the Act or the impacts it could have on their business. Some organisations are relying upon existing compliance programmes; some believe the organisation is too low risk to justify investing in new procedures. To determine whether you have done enough to comply, you should ask yourself:
- Are you aware of the Act?
- Has your organisation considered whether it is at risk from bribery and corruption? What is the degree of risk?
- What, if any, systems are in place to combat the risks of bribery and corruption?
- Have you considered other actions you may need to take in light of the Act and Guidance to ensure you have “adequate procedures” to prevent bribery?
If you are left in any doubt, that may be because you do not have “adequate procedures” in place. We suggest you take action now. Failing to act exposes you to a real commercial risk.