The government has published the final version of its guidance about the procedures which commercial organisations can put in place to prevent their associates from contravening the Bribery Act 2010 (the Bribery Act). The guidance emphasises the importance of adequate procedures and in a number of areas makes reference to HR policies and procedures: in recruitment, training of workers, disciplinary processes, whistle blowing procedures and the design and operation of remuneration arrangements.


The Bribery Act comes into force on 1 July 2011. One of its most significant changes is the creation of a new corporate offence of failing to prevent bribery by a person associated with a commercial organisation. An ‘associated person’ is defined as any person who performs services for or on behalf of the organisation. Clearly this will cover not just employees but agents, intermediaries and introducers and possibly others.

Importantly, the commercial organisation will have a defence if it can show that it put in place adequate procedures designed to prevent such conduct. As the jurisdictional scope of the corporate offence is wide reaching – it covers any entity incorporated in the UK and any overseas entity that carries out a business or part of a business in the UK – the guidance is therefore relevant to an organisation’s procedures within businesses outside, as well as within, the UK.

The Six Principles

The guidance is non-prescriptive and sets out six key principles:

Principle 1 – Proportionality. Procedures should be proportionate to the bribery risks that the organisation faces and to the nature, scale and complexity of the organisations activities. Procedures should be clear, practical, accessible, effectively implemented and enforced.

Organisations will need to conduct a risk assessment to determine what gaps in procedure exist and what amendments and new procedures are required. The guidance suggests that, dependent on the outcome of a risk assessment, the areas targeted by the organisation’s bribery prevention procedures may include direct and indirect employment, including recruitment, terms and conditions, disciplinary action (including sanctions for breach of anti-bribery policies) and remuneration and whistle blowing procedures.

Principle 2 - Top-level commitment. The management of the organisation should be committed to preventing bribery by connected associates and should foster an anti-bribery culture within the organisation.

Principle 3 – Risk Assessment. The organisation should conduct a periodic, informed and documented assessment of the nature and extent of its exposure to external and internal bribery risks by its associated persons.

The guidance gives examples of internal bribery risks that may be identified. These include deficiencies in employee training, skills and knowledge and a bonus culture that rewards excessive risk taking.

Principle 4 – Due diligence. The organisation should apply due diligence procedures in respect of persons who perform or will perform services for or on behalf of an organisation to mitigate identified bribery risks.

The level of due diligence required is dependent on the outcome of a risk assessment but examples given by the guidance for high risk situations include conducting direct interrogative enquiries, indirect investigations or general research on proposed ‘associated persons’ and appraisals and continued monitoring of recruited ‘associated persons’.

There is a risk that imposing additional levels of scrutiny for the recruitment of, or an organisation’s continued relationship with, ‘associated persons’ of a particular nationality or national origin could give rise to race discrimination claims. It is therefore important that such procedures are imposed consistently and in response to identified risks resulting from an appropriate risk assessment.

Principle 5 – Communication (including training). Bribery prevention policies and procedures should be embedded and understood throughout the organisation through internal and external communication, including training, that is proportionate to the risks that the organisation faces.

The guidance emphasises the importance of ‘speak up’ or ‘whistle blowing’ procedures. While most organisations already have established whistle blowing procedures, many will not extend to the broad definition of ‘associated persons’ under the Bribery Act. There is also a recommendation that tailored training be considered for those involved in any whistle blowing procedures.

Principle 6 – Monitoring and Review. Procedures designed to prevent bribery by ‘associated persons’ should be monitored and reviewed and improved where necessary.


Commercial organisations which fall within the scope of the Bribery Act, should be carrying out a co-ordinated risk assessment exercise across their businesses to be ready for July 2011.

The questions that HR will need to address as part of this exercise are contained in our checklist.