The Ministry of Justice (MoJ) yesterday published its long-awaited consultation on the procedures which commercial organisations can put in place to prevent bribes being paid on their behalf.
The Bribery Act 2010 (the Act) creates a new, strict liability, offence which will be committed by companies and partnerships (commercial organisations) if persons providing services on their behalf pay bribes, intending to obtain a business advantage for the organisation. The key defence for the organisation will be to prove that it had "adequate procedures" designed to prevent the bribery. A company's policies and procedures will be, in effect, its only line of defence where its employees, agents or others pay bribes on its behalf. There has therefore been a significant industry focus on what "adequate procedures" should comprise. The Act obliges the Government to publish guidance on the point. This consultation sets out the draft guidance for comment.
The consultation period runs until 8 November 2010, following which final form guidance will be published early in the New Year, with the Act being brought into force in April 2011.
The consultation ("Guidance about commercial organisations preventing bribery") is accompanied by a consultation questionnaire, online consultation questionnaire and an Impact assessment.
Summary and Key Points
Nature and status of the draft guidance
- The document is, as expected, high level (comprising some 21 pages of "General Principles" and commentary, a further 8 pages of "illustrative scenarios" which do not form part of the official guidance, and a short section on offsets, hospitality, promotional expenditure, and facilitation payments).
- The MoJ is at pains to stress that the guidance is not prescriptive, not 'one size fits all', and not exhaustive. It discusses the policies an organisation "may" (rather than "should") consider. Nonetheless, since departures from the guidance may ultimately need to be justified (if the question of whether an organisation's procedures are adequate is 'live' in any prosecution), it will be important for consultation responses to deal with any recommendations which are thought to be unrealistically broadly drawn.
Content of 'adequate procedures'
- As anticipated, the guidance envisages a risk-based compliance regime. It is also focussed on practical compliance: the need to go beyond written policies and to ensure an ethical compliance culture is embedded and monitored. The guidance should be used flexibly and tailored to organisations' circumstances. The MoJ is particularly keen to ensure it is helpful for small and medium sized enterprises.
- The six Principles are: Risk assessment; Top level commitment; Due diligence; Clear, practical and accessible policies and procedures; Effective implementation; and Monitoring and review. These are described in more detail below – there are few surprises.
- The guidance provides no assistance on the vexed question of when a person will be "performing services on behalf of the organisation". It does not, therefore, explicitly address the circumstances in which a parent will be liable for the acts of its subsidiaries/joint ventures. However the thrust of the guidance is that procedures should be rolled out to entities over which the organisation has "effective control" (e.g. see Principle 4).
- Similarly, there is no clear answer as to whether and to what extent procedures should be rolled out to third party business partners. However, Principle 3 suggests that due diligence procedures may extend to intermediaries, consortium or joint venture partners, contractors and suppliers, whilst Principles 5 and 6 refer, more obliquely, to the possibility of training business partners, and to monitoring the implementation of their anti-bribery procedures.
- The draft guidance provides some limited assistance in relation to gifts and hospitality issues, reiterating that "reasonable and proportionate hospitality and promotional expenditure which seeks to improve the image of a commercial organisation, better to present products or services, or establish cordial relationships, is recognised as an established and important part of doing business" and that it is unlikely that "routine and incidental business courtesy", of small value, will engage the Act.
- The guidance emphasises that facilitation payments are likely to constitute an offence, subject to the exercise of prosecutorial discretion. There is, however, relatively little guidance on practical compliance steps, despite an Illustrative Scenario on the point.
Interaction with other guidance documents
- The guidance supplements, but does not supersede, other pre-existing guidance, including the FSA's requirements for financial sector firms.
- Further guidance is being prepared jointly by the Director of Public Prosecutions (DPP) and the Serious Fraud Office (SFO). The MoJ will also publish a circular on the Act. We do not expect the DPP/SFO guidance to deal in detail with compliance issues. It may, however, assist in understanding law enforcement's view in some key compliance 'problem areas', where the scope of the Act is uncertain and much has been left to prosecutorial discretion (such as gifts and hospitality for public officials, and the extra-territorial reach of the s.7 corporate offence).
- The guidance will apply to England and Wales and Scotland. Separate guidance will be produced in relation to Northern Ireland, to which the Act also applies.
- A series of consultation discussion events have been scheduled, including on 4 October in London. The consultation closes on 8 November.
The Six Principles
The Six Principles, in full, are:
- The commercial organisation regularly and comprehensively assesses the nature and extent of the risks relating to bribery to which it is exposed.
This includes both external risks (e.g. jurisdictional, transaction and entity-related) and internal risks (e.g. deficiencies in training, skills or policies, or risks arising from remuneration structures).
- The top level management of a commercial organisation… are committed to preventing bribery. They establish a culture within the organisation in which bribery is never acceptable. They take steps to ensure that the organisation's policy to operate without bribery is clearly communicated to all levels of management, the workforce and any relevant external actors.
This commitment may be made public and may be communicated to subsidiaries and business partners. Top level commitment may also be assisted by appointing a senior manager to oversee anti-corruption compliance.
- The commercial organisation has due diligence policies and procedures which cover all parties to a business relationship, including the organisation's supply chain agents and intermediaries, all forms of joint venture and similar relationships and all markets in which the commercial organisation does business.
This may include a review of the risks of bribery in relation to particular jurisdictions (together with information about appropriate preventative actions), the risks relating to specific business opportunities, and due diligence on business partners. Business partners for these purposes may include "intermediaries, consortium or joint venture partners, contractors or suppliers" – i.e. this concept is potentially very broad in scope. Organisations may want to ensure that enquiries are made about partners' anti-corruption measures.
- The commercial organisation's policies and procedures to prevent bribery being committed on its behalf are clear, practical, accessible and enforceable. Policies and procedures take account of the roles of the whole work force from the owners or board of directors to all employees, and all people and entities over which the commercial organisation has control.
As well as a general anti-bribery commitment, this may include guidance on political and charitable contributions, gifts, appropriate levels and manner of hospitality and promotional expenses, advice on law and regulations, guidance on extortion situations, whistle-blowing procedures, information on sector-specific anti-corruption programmes, and procedures to deal with escalation, investigation, and action in relation to corruption incidents. A formal code of conduct may be appropriate, and may form part of employment contracts.
Compliance with Principle 4 may also include establishing appropriate financial and auditing controls and disciplinary procedures, and considering performance appraisals and selection criteria. Sales incentives may be modified to "reward" those who refuse opportunities in light of corruption concerns. Mechanisms may address particularly vulnerable areas such as procurement and supply chain management.
- The commercial organisation effectively implements its anti-bribery policies and procedures and ensures they are embedded throughout the organisation. This process ensures that the development of policies and procedures reflects the practical business issues that an organisation's management and workforce face when seeking to conduct business without bribery.
Policies cannot be left "on a shelf" but should be implemented through the allocation of roles and responsibility and by setting milestones for delivery and review. Internal communication and training is of particular importance. This Principle also covers external communication of policies and procedures, and "larger organisations may also wish to consider offering or even requiring the participation of business partners in anti-bribery training courses".
- The commercial organisation institutes monitoring and review mechanisms to ensure compliance with relevant policies and procedures and identifies any issues as they arise. The organisation implements improvements where appropriate.
This may encompass financial and auditing controls, financial monitoring, bribery reporting and incident management procedures. Large organisations may also wish to consider periodic reporting of such monitoring to the Audit Committee/Board/equivalent, who may in turn wish to independently assess the adequacy of the firm's policies, and disclose their findings in the Annual Report. Transparency is of importance and organisations may wish to monitor the implementation of their policies in overseas offices and with business partners. External verification or assurance may be of assistance for higher risk and larger organisations.
It had not been anticipated that the MoJ guidance would be of significant assistance to companies in finalising the detail of their anti-corruption procedures; the guidance was expected to focus on high level principles, and that expectation has been borne out. Whilst it is unlikely that we will see any radical change of approach in light of the consultation process, nonetheless there is now an important opportunity to influence the shape and content of the recommendations made, and in particular the commentary underlying the Principles. The consultation questions are broad in scope, requesting information on whether other principles, or procedures, should be included, and whether the format of the guidance could be improved. It is believed that the government will be receptive to industry views on these issues.
To the extent that companies have been waiting to see the draft guidance before reviewing their policies and procedures, now may also be the time to reconsider whether such a review should be undertaken, to ensure there is sufficient time to implement any changes required.
Herbert Smith offers clients a "healthcheck" of their anti bribery procedures to ensure that they are fit for purpose under the new Bribery Act. We will also be running a series of breakfast round tables for ethics officers to discuss different aspects of adequate procedures. Numbers will be limited, but please contact one of the individuals listed above if you would like any further information.