In a 2018 survey 23% of UK businesses reported having experienced bribery and corruption. This was a sharp increase from 6% in 2016.
The marked rise emphasises the importance of businesses ensuring that they comply with their obligations under the Bribery Act 2010.
It is not enough to have a generic anti-bribery policy. The policy must be specific to the business. The first step is conducting a thorough risk assessment. A policy should then be tailored to the specific risks identified. Once a policy is in place, steps must be taken to comply with it. A record of those steps should be kept.
The importance of taking action above and beyond producing a generic policy was brought home by the recent decision of R v Skansen Interiors Limited.
In that case, bribery was discovered within the business by a newly appointed Chief Executive and he ensured that it was reported.
The decision was taken to prosecute the business for failing to prevent bribery and corruption (commonly known as the section 7 offence) in order to “send a message” to other organisations about compliance. Skansen argued that they had “adequate procedures” in place to prevent bribery and should therefore be acquitted. The jury did not agree that their controls were adequate and convicted the company.
Skansen makes clear that businesses must take practical steps if they are to successfully argue compliance with the Bribery Act, including:
- Identify someone at a senior level within the business who is responsible for compliance and, if necessary, arrange for training and support on the role.
- Ensure that all staff are aware of the terms of the anti-bribery policy and receive training on it.
- Establish reporting lines that ensure staff feel able to report concerns.
- Stay up to date with legal developments.
- Maintain a record of action taken to comply with the anti-bribery policy. In the event of a challenge, proof of what was done will be essential to establish that the steps taken were appropriate.
Demonstrating compliance can be harder for smaller organisations. Skansen had approximately 30 employees. The robust line taken against them by the authorities makes it clear that it is essential for businesses of all sizes to ensure they have adequate procedures in place.
What is “adequate” will vary on a case by case basis and businesses should apply their minds to compliance within their organisation, starting with the risk assessment we refer to above. The Skansen decision confirms that a generic policy with inadequate practical follow up will not suffice.
Skansen relates to an offence under the Bribery Act 2010 but the same message applies to the new failure to prevent facilitation of tax evasion offence introduced by the Criminal Finances Act 2017.
An organisation’s commitment to compliance must be real, it must be alive, and it must be capable of demonstration to authorities in the event of a breach.