A recent survey, carried out by Ernst & Young, revealed that 48% of businesses are failing to vet their suppliers for compliance with the UK Bribery Act 2010. More shocking is the statistic that only 6% would re-tender if they found out their suppliers were non-compliant.
The study questioned procurement managers and directors from a broad range of businesses across the UK and produced some alarming results. It revealed that although over half of midmarket firms (with a turnover of £5m-£50m) vet their suppliers to ensure they comply with the Bribery Act, many of them admitted that they would still 'do nothing' if the suppliers failed to comply. Of the businesses that do not vet their suppliers, over half of them said that they had no intention of implementing anti-bribery programmes in the future.
It was more reassuring to hear that 40% of larger firms (with a turnover exceeding £50m) would remove suppliers from their supply chain if they failed to comply.
It is evident from the survey that businesses, large and small, do not have adequate control over their supply chains. However, under the Bribery Act, businesses are liable for the actions of their 'associated persons'. Section 7(1) of the Bribery Act states that a business is guilty of an offence if a person associated with that organisation bribes another person, intending to obtain or retain business or a business advantage for the organisation. The offence can be committed in the UK or overseas.
An organisation has a defence if it can show that it had in place adequate procedures designed to prevent any employees, agents or other third parties acting on the organisation’s behalf from committing bribery. The survey also revealed under half of businesses carry out third-party due diligence in their supply chain, by failing to address these issues many organisations are exposed to great risks.
It is clear from this research that there is still a lot of work to be done to get the message across to businesses across the board that the Bribery Act is not optional, it must be complied with and that to simply 'do nothing' will leave companies and individuals exposed to serious risk.