On April 8, 2010, the United Kingdom Parliament enacted the Bribery Act 2010 (the “Bribery Act”), establishing one of the world’s most stringent anti-corruption statutes.1 A ground-breaking provision was the Bribery Act’s extension of strict criminal liability to any commercial organization that failed to prevent its employees, agents or subsidiaries from engaging in bribery. A commercial organization can defend this charge by proving it had in place “adequate procedures” designed to prevent bribery. The Ministry of Justice has recently published proposed guidelines regarding these procedures. Because the Bribery Act is applicable to any non-UK commercial organization that conducts any part of its business in the UK, businesses with any connection to the UK should review their compliance programs in light of this new law and the proposed adequate prevention procedures.
On September 14, 2010, the Ministry of Justice issued its “Consultation on guidance about commercial organizations preventing bribery (section nine of the Bribery Act)” (the “Consultation”), in which the Ministry seeks public comment to the proposed guidance attached as Annex A (the “Guidance”). Furthermore, the Ministry has already announced that the implementation of the Bribery Act is delayed until April 2011, allowing companies time to address and implement the Guidance to avoid strict liability. According to the recently issued Consultation, the Ministry expects to issue final guidance based on comments received to the Consultation by early next year.
The Guidance lists “Six Principles for Bribery Prevention” as a guide to establishing an effective compliance program or “adequate procedures.” Given that the Bribery Act itself requires a case by case determination, the Guidance establishes a framework with its recommendations and provides: “The question of whether an organization had adequate procedures in place to prevent bribery in the context of a particular prosecution is a matter that can only be resolved by the courts taking into account the particular facts and circumstances of the case.” The Guidance also specifically notes that “small and medium sized organisations will, for example, face different challenges compared to large multi-national enterprises.” In Annex B the Consultation does include some hypothetical scenarios, regardless, it falls short of actually making recommendations and, instead, lists questions that an organization should ask in such situations.
1. Risk Assessment
The first principle emphasizes the need for requiring particularized compliance efforts: “A full understanding of the bribery risks an organisation faces is the foundation of any effective efforts to prevent bribery. Bribery risks will evolve over time. An organisation’s risk assessment will also therefore need to evolve over time.” The Guidance references various risk assessment procedures and also suggests that organizations should consider whether external professionals are necessary to adequately assess risk. In terms of actual risk assessment, the Guidance identifies internal risks such as deficiencies in employee knowledge and training. The Guidance also identifies three categories for ongoing external risk assessment: country risk, transaction risk and partnership risk.
2. Top Level Commitment
Similar to the “tone at the top” Department of Justice guidance for an organization’s compliance program, the second principle of the Guidance recognizes that “those at the top … are in the best position to foster a culture of integrity.” The Guidance sets forth certain procedures that could evidence a top-level commitment such as establishing a zero tolerance policy towards bribery and personal involvement of top-level managers in developing a Code of Conduct.
3. Due Diligence
The most far reaching of the Guidance principles pertains to the due diligence requirements. The Guidance identifies three areas for anti-bribery diligence, each tracking the three areas of external risk assessment identified in the first guidance principle: location (country risk), business opportunity (transaction risk), and business partners (partnership risk). The due diligence goal is to enable the organization to accurately identify bribery risk associated with a particular business relationship.
4. Clear, Practical and Accessible Policies and Procedures
The fourth Guidance principle provides that the anticorruption policies must be accessible, and organizations must document the policies. The Guidance also suggests that companies “may wish to consider how existing procedures can be used for bribery prevention purposes” and specifically references modifications of sales incentives to give credit for orders refused where bribery is suspected. As made more explicit in the next Guidance principle, it is clear that merely having a paper compliance program, however well-documented, will not comply with the Guidance.
5. Effective Implementation
This Guidance principal sets forth the common-sense proposition that no compliance program can work properly without effective implementation. The Guidance provides several examples by which a larger organization may effectively implement its compliance programs. These examples encompass continuing implementation strategies such as training and monitoring compliance. “Like all corporate programs, antibribery policies and procedures cannot manage the risk of bribery if left in a file on a shelf but need to be implemented through the allocation of roles and responsibilities and by setting milestones for delivery and review.”
6. Monitoring and Review
This principal recognizes that an effective compliance program requires on-going maintenance and review. The Guidance suggests that large organizations regularly report to the Audit Committee or Board of Directors. The Guidance also suggests that for large organizations, external review of anti-bribery compliance may be necessary, particularly when risk assessment has identified new risks. “An independent review can be helpful in providing organisations undergoing structural change or entering new markets … in identifying areas for improvement.”
Annex B Illustrative Scenarios
Included with the Guidance is an Annex B that sets forth hypotheticals and addresses how each of the six anti-bribery principles might relate to that hypothetical. These scenarios are addressed not by setting forth specific steps a company should take but rather in the form of suggested questions that a business organization might ask itself in dealing with a similar situation. This section is important to review because the questions certainly suggest how the Ministry believes each situation should be addressed. For example, in the first hypothetical addressing the use of agents, a question is posed as to whether the organization’s bribery risk assessment was updated to address the risk of doing business in the new country. Obviously, the question suggests that the Ministry believes that a business organization must conduct locality specific risk assessments.
Ultimately, the Bribery Act is another sign of recent international efforts to combat corrupt business practices, and its impending implementation emphasizes the critical need for companies engaged in international business to create, implement, and monitor internal compliance programs. Compliance programs should be developed with consideration towards the FCPA, the Bribery Act, and other local and international anticorruption laws.