Section 7 of the UK Bribery Act that came into force on 1 July establishes a strict liability corporate offense for failure to prevent bribery. The only defence recognized in the Act is where an affected commercial organization can show it has in place "adequate procedures" to prevent bribery by its own employees as well as potential illegal activities of those associated with it. There is also a specific offence for any director who consents to or participates in such an offence. Will your Directors and Officers ("D&O") Liability Insurance provide adequate cover?
The very serious nature of the problem presented by corruption endemic in the global economy is starkly illustrated in Transparency International's 2010 Corruption Perceptions Index, which ranks countries on a scale from 1 to 10, ranging from consistently corrupt at level 1 to highly honest or "very clean" at level 10. Unfortunately, almost three quarters of the 178 countries ranked in the Index score below 5. For example, and perhaps not surprisingly, Somalia is bottom ranked at 178th with a score of 1.1. However, Indonesia is ranked 110th with a corruption score of 2.8, and even EU member Italy comes in at only 67th with a score of 3.9, with Greece trailing even farther behind in 78th place with a 3.5 score. The US and the UK are scored at 7.1 and 7.6 respectively for 22nd and 20th position on the table.
Our previous articles have discussed in detail the UK's response to this problem in adopting the Bribery Act 2010 (the "Act"). The Act potentially renders any company that does any business in the UK criminally liable for failing to prevent bribery.1 This article will discuss insurance coverage issues that companies affected by the Act should consider.
One of the UK Bribery Act's more controversial provisions is its sweeping extraterritorial reach: it applies to corrupt conduct committed anywhere in the world as long as the corporate entity carries on any business in the UK. Therefore, even if a company is incorporated and headquartered outside the UK, it is subject to the UK Bribery Act if it conducts any of its business in the UK. Moreover, unlike the U.S. Foreign Corrupt Practices Act ("FCPA"), the UK Bribery Act imposes strict liability (there is no scienter requirement), and applies not only to governmental bribery but also to corruption between commercial entities. Therefore, even companies that comply with the FCPA may not have adequate procedures in place to comply with the different requirements and broader scope of the UK Act.
An individual found guilty of an offence under the Act could be subject to a maximum imprisonment of 10 years and/or an unlimited fine. A company convicted of failing to prevent bribery can also be liable for an unlimited fine. The Act, therefore, places the obligation squarely on companies to ensure that their own anti-bribery procedures are suitably robust and effective. Should a company not have adequate procedures in place, its directors may well face claims in connection with that corporate failure.
The resulting increased exposure to companies with business operations in the UK which also do business in higher risk regions of the world such as Africa, Russia, Indonesia, India, or China will necessarily impact the insurers who cover these risks. It is reasonably anticipated that insurers will now begin to conduct greater due diligence with regard to the operations of insured companies to assess whether the risks of the insured have increased as a result of the Act, and this scrutiny may have an impact on premium levels.
The implications are particularly important for Directors and Officers (D&O) insurance, which protects companies from securities claims and their directors and officers from a wide range of claims of wrongdoing. Some insurers have already started adding blanket exclusions to their D&O policies for all claims arising under the UK Bribery Act and FCPA, while offering to provide limited optional coverage for an additional premium. For companies with UK operations that do business internationally, it is important to scrutinize these new exclusions carefully and either purchase adequate limits to protect against such claims, or consider switching to an insurer that does not rely on one of these exclusions.
Insurers may also decide to exclude certain established business activities that are permitted under the FCPA but potentially illegal under the Act, such as claims arising out of facilitation payments or hospitality, either generally or in certain identified jurisdictions, or provide for premium surcharges for such coverage. Some D&O policies already exclude claims arising out of the payment of commissions or gratuities to foreign government officials, but until now companies have often been able to negotiate to have such exclusions removed—in part, no doubt, because such conduct does not necessarily give rise to liability under the FCPA. Given the UK Bribery Act's more stringent prohibition on such payments, it may become more difficult for international companies to persuade insurers to drop these exclusions.
Similarly, FCPA fines and penalties are already often excluded from a D&O policy's definition of covered "loss," but companies have often been able to negotiate policy enhancements that allow coverage for FCPA civil fines and penalties awarded against individual directors and officers, or for non-willful FCPA penalties awarded against them. Companies doing business internationally should now try to ensure that fines and penalties awarded against individual directors and officers under the UK Bribery Act are also included within the definition of covered "loss." Because the UK Bribery Act imposes strict liability regardless of intent, however, it may become more difficult for some companies to obtain coverage for innocent violations, though more important than ever for them to try to negotiate it.
Most D&O policies also exclude coverage for claims arising out of fraudulent, dishonest or criminal acts. Companies facing potential FCPA claims have commonly negotiated "final adjudication" language into these exclusions, so that they and their directors and officers will not be deprived of defence coverage merely because someone alleges that they have committed an FCPA violation. The same strategy is now recommended for companies facing potential liability under the UK Bribery Act. However, the UK courts have held that insurance cannot be used to lessen the punishment for criminal activity, so where there is a finding of fault by the court, it is unlikely there will be coverage available for any fines either because they are expressly excluded or because public policy prevents coverage in relation to criminal acts. Similarly, where a fraud and dishonesty exclusion is later triggered, the insurer may argue that it is entitled to recover any defence costs already paid.
Experience shows that many FCPA actions are resolved during the investigation phase, and that the costs of responding to such investigations can be staggeringly high. Many D&O policies, however, do not include investigations within their definition of covered "claims," or if they do include "investigation" coverage, limit it to circumstances in which an individual director or officer is the target of the investigation. As with companies facing potential FCPA exposure, it is now important for companies affected by the UK Bribery Act to ensure that their policy's definition of "claim" includes such investigations. In light of the increased focus on anti-corruption enforcement, it is also crucial for companies to ensure that they are purchasing adequate D&O indemnity limits: otherwise, the costs of responding to an investigation can exhaust the policy limits, leaving nothing to indemnify the individual directors and officers for settlements, fines or penalties, or to respond to follow-on securities lawsuits brought by unhappy investors.
Insurers also will be wary of the increased risk of claims relating to individuals charged with a principal offence under the Act or senior officers working overseas in high risk areas but with a "close connection with the UK", given the potential for an increased volume of claims for defence costs incurred in relation to civil claims and investigation costs in relation to actions by regulatory authorities. Insurers who write D&O and professional indemnity coverage will surely be particularly interested in these issues.
Applicants for and holders of this coverage should, therefore, reasonably anticipate that part of their insurer's process of risk reassessment may well involve a more thorough inquiry into whether a prospective or renewing insured has "adequate procedures" in place, what "associated persons" are typically used to perform services for the insured, and whether those persons are covered by the insured's anti-bribery policies and procedures.
The fact that insurers will become actively engaged in reviewing whether business practices, protective measures and compliance procedures are adequate and appropriate in light of the increased exposure and the nature of the potential risks and penalties under the Act should provide additional incentive to take the new Act seriously. .