With this week's announced delay in implementing the UK Bribery Act, United States companies now have additional time to evaluate and update (where appropriate) their anti-bribery/anti-corruption programs. [1] According to news reports, the UK Ministry of Justice (MOJ) has announced that the UK Bribery Act will become effective three months following the publication of also-delayed guidance. The UK Bribery Act has generated much discussion and concern because of its expansive scope and jurisdictional reach. In a June 28, 2010 article, we addressed some of the primary differences between the Bribery Act and the U.S. Foreign Corrupt Practices Act (FCPA).[2] We also noted that entities with even minimal contacts in the UK should incorporate risk-based policies and procedures to prevent violations of the UK Bribery Act. While the Serious Fraud Office (SFO) and the MOJ have provided guidance (formal and informal) on how the Act will be enforced, the MOJ was expected to publish additional guidance by January 31, 2011, on how to interpret the Act's "Adequate Procedures" affirmative defense. While the latter guidance has not been released, the UK Bribery Act's prohibitions are clear. In anticipation of the UK Bribery Act's implementation, we provide the following roadmap to updating existing anti-corruption/anti-bribery compliance programs so that an entity can incorporate the Act's prohibition on (1) facilitation (grease) payments; (2) certain promotional expenses; and (3) bribes to private individuals and government officials (foreign and domestic).

Step 1: Conduct a Risk Assessment of Current FCPA Policies and Procedures

Entities incorporated in or doing business in the U.S. already should have in place policies and procedures to ensure compliance with the FCPA. This program can be modified by conducting a review of current policies and procedures to determine whether the entity conducts business in the UK or otherwise maintains a close connection with the UK. If the answer is "yes," then the entity should determine whether existing policies:

  1. prohibit or appropriately limit facilitation payments;
  2. prescribe clear rules for marketing expenses;  
  3. address bribes to private individuals and domestic government officials; and  
  4. extend to relevant business partners or persons otherwise associated with a covered entity. [3]  

Facilitation Payments

While the UK Bribery Act prohibits facilitation payments, the SFO has stated that it will use prosecutorial discretion in determining whether to bring a case. [4] According to the SFO's Vivian Robinson, the three primary factors are the value of the payment, whether it is a one-time event or is part of a pattern of transactions; and whether the company maintains clear policies outlining permissible activity. [5] While many U.S. entities with offices overseas maintain "no grease payment" policies, it appears that this zero-tolerance approach will be the new norm.

Promotional/Hospitality Payments

As addressed in the UK Financial Markets Law Committee Report on the UK Bribery Act, the Act appears to criminalize any form of corporate hospitality where (1) there is an intention to induce a person to perform a function improperly; or (2) there is an intention to influence an official for the purpose of obtaining business or an advantage in the conduct of business. [6] SFO guidance has explained that determinations as to whether a particular marketing expense is prohibited will be case specific. The analysis is contingent on whether the marketing expense is a basic business expense (i.e., improves the entity's public image, is consistent with common business courtesy) - or whether it is intended to pave the way for future bribes. [7] In order to provide additional guidance on this point, the SFO is expected to publish guidance that will include illustrations of prohibited activity. In evaluating a company's current procedures, in addition to reviewing marketing and public relations policies, U.S. entities also may review anti-corruption/anti-bribery training for their marketing and public relations personnel.

Preventing Bribes of Government Officials

Most U.S. entities already maintain policies and procedures for ensuring that inappropriate payments are not made to government officials and private individuals, wherever located. These procedures can be cross-referenced in updated anti-bribery/anti-corruption compliance programs or the latter can be supplemented with a clear statement of policy. Where no such policies are explicitly in place, U.S. entities with a nexus to the UK should consider implementing such policies.

Incorporating Contractual Provisions for Business Associates

Section Seven of the UK Bribery Act allows for the imposition of penalties on an entity where that entity fails to prevent a person associated with that entity from engaging in prohibited activity on behalf of that entity. The meaning of "associated person" is broad and potentially could include joint venture partners, controlling shareholders, suppliers, agents and other business partners.[8] The SFO's Mr. Robinson confirmed this scope and suggested that entities with a nexus to the UK should ensure that their anti-corruption/anti-bribery programs incorporate due diligence procedures for all relevant business associates. [9] Taking a cue from U.S. anti-money laundering compliance programs, an entity could base corporate due diligence on a risk-based approach, taking into account the entity's size, customer base, products, services, and geographic reach.[10] Many U.S. entities also include anti-corruption/anti-bribery language in contracts with higher risk business partners; we anticipate this practice to become standard for a wider range of businesses and business partners.

Step 2: Update Anti-Bribery/Anti-Corruption Policies Procedures

The Bribery Act provides a defense under which a company can avoid liability by establishing that it maintains adequate procedures to prevent bribery (including the existence of a robust compliance plan). In a recent webcast, SFO's Vivian Robinson expanded on the "Adequate Procedures" defense to potential UK Bribery Act violations. [11] He explained that the SFO will determine whether to prosecute a case by reviewing whether (1) the entity maintains a corporate culture of compliance; (2) the bribe is indicative of systemic malfeasance; (3) the entity disclosed the activity to the SFO; (4) the entity has taken remedial measures to ensure future compliance with the Bribery Act; and (5) it is in the public's interest to prosecute the case. These factors should be familiar to U.S. business as they closely mirror those utilized by the U.S. Departments of Justice, Treasury, Commerce and State in the enforcement of anti-bribery, anti-money laundering, economic sanctions and export controls laws and regulations. [12]

Mr. Robinson also clarified that, much like the U.S. Department of Justice, the SFO aggressively will be pursuing anti-corruption/anti-bribery cases. This change partly stems from the fact that the SFO no longer must rely on referrals for prosecutions and expects to receive information on potential cases through expanded cooperation with law enforcement agencies; cross-border information sharing; its own investigative authorities; and, increasingly, whistleblowers. As a result, entities now - even more than ever- have a strong incentive to maintain robust risk-based programs that include self-monitoring and self-reporting procedures. As we have seen in the United States with cases involving FCPA, export controls, anti-money laundering and economic sanctions violations, cooperation with investigators (including self-reporting) can play a significant role in reducing penalties.

Step 3: Ensure Policies and Procedures are Effective

Included within the analysis as to whether an entity maintains adequate procedures is a determination, also familiar to U.S. entities, as to whether the anti-bribery/anti-corruption culture is driven from the top of the organization. Consistent with anti-corruption/anti-bribery provisions, anti-money laundering, and economic sanctions/export controls compliance programs in the U.S., in order to ensure that policies and procedures are working, senior management must be involved in overseeing the program, must enforce and encourage a culture of compliance, and must closely monitor the procedures to address deficiencies.