Worldwide action against business corruption has come a long way since the adoption of the U.S. Foreign Corrupt Practices Act 1977 (the “FCPA”) and the enactment of the Organization for Economic Co-operation and De - velop ment Convention on Combating Bribery in 1997 (the “OECD Con - vention”). Adopted fourteen years ago, the OECD Convention has almost 40 signatories.
The United Kingdom has long since had laws against corruption. However, its existing anti-bribery law is fragmented, inconsistent, and leaves a gap in the law where bribery is committed outside the U.K. by foreign nationals, even if those nationals are domiciled or habitually resident in the U.K. In order to update the existing law and bring it into line with the international practice as well as the OECD Convention, the new U.K. Bribery Act 2010 (the “Act”) received the Royal Assent in April 2010 and was due to come into force in April 2011. It is said that the Act is more robust than counterparts in other countries and contains some of the toughest anticorruption measures anywhere in the world. The FCPA has always been the international high watermark of anti-bribery legislation. However, the Act seems to raise the bar even higher for companies with U.K. connections operating in international business.
Comparing the FCPA to the Act, there are some key differences as follows:
- The FCPA only deals with bribery within the public sector (i.e., bribery to “foreign officials”), while the Act covers bribery and corruption in both public sector and private sector (i.e., bribery of private individuals).
- The FCPA allows for “facilitation payments,” but this is not permitted under the Act. (This will be elaborated in further detail below.)
- Compared with five years under the FCPA, imprisonment of individuals will be up to ten years under the Act.
- The Act provides for strict criminal liability for organizations that fail to prevent their employees or others acting on their behalf from engaging in bribery, even if the management has no knowledge of the bribes. The only defense under the Act is that the organization implemented “adequate procedures” to prevent bribery. (This will be elaborated in further detail below.)
The Act is broad in its territorial scope. It applies to any person or organization. Even if the relevant activities took place in a third country and are unrelated to U.K. operations, the person or organization may still be liable if there is a “close connection” with the U.K., which includes being a U.K. citizen (this may extend to any individual ordinarily resident in the U.K. as well) or a company incorporated in the U.K. For example, consider a company incorporated in the U.S. that conducts business in the U.K. If it fails to follow “adequate procedures” to prevent one of the company’s Korean thirdparty agents from paying a bribe in China, even if the com - pany’s operations outside of the U.K. are unconnected to its U.K. business activities, the company can still be found criminally liable under the Act and can be prosecuted in the U.K. This broad extraterritorial reach will be of particular concern to multinational companies that have some activity in the U.K. and/or some other connections to the country.
The Act defines four kinds of criminal offences:
- a general offence covering the offer, promise, or giving of a bribe (active bribery);
- a general offence covering the requesting, agreeing to receive, or accepting of a bribe (passive bribery);
- a discrete offence of bribing foreign public officials to obtain or retain business; and
- an offence based on the failure by a commercial organization to prevent bribery by persons acting on its behalf.
The fourth offence is a new commercial organization offence with strict liability introduced by the Act. The organization offence is restricted to instances of active bribery on the part of a person associated with the business with the intention to secure or retain business. It applies to the organization and all persons “associated” with the commercial organization.
The question is what does “associated” mean? “Associated” is not defined, as under the FCPA, by reference to the nature of the relationship with, or control exercised over, the associated person. In the Act, an “associated” person means one who performs services on behalf of the principal. However, how far the definition stretches is unclear.
Some believe this is a very wide definition that will cover almost all commercial relationships, including, but not limited to, senior officers (which include directors, managers, and company secretaries), employees, agents (including overseas sales agents), consultants, contractors, subsidiaries, and joint venture partners—in other words, anyone who performs services for and/or on behalf of the company.
Others hold the view that it is unclear whether or not the definition of “associated” goes so far as group subsidiaries or other companies in structures that are closely associated with the principal.
The definition of “performing services” is also vague. The Act requires the courts to have regard to “all the relevant circumstances” and not just the nature of the relationship between the parties. There will continue to be much debate on this. It is important to
note that this is a strict liability offence. Therefore, even if no one within the organization had knowledge of the fact that someone associated with it was offering bribes, the organization potentially could be found guilty of the offence. This differs from the previous position under U.K. law where in practice the organization would not be found guilty of a bribery offence unless its senior management was involved. In this regard, some legal experts say that the Act could punish commercial organizations purely because of weak compliance processes, even if there is no evidence of corporate intent to bribe.
The breadth of the term “associated” person is likely the area of most concern for foreign company counsel when considering how their companies will be affected by the Act.
The Act introduces “adequate procedures” as the only defense to the aforementioned strict liability offence. This defense requires that the commercial organization show, on the balance of probabilities, that it has “adequate procedures” in place to prevent bribery.
There is always debate regarding adequate procedures. Under the Act, the U.K. government is required to provide illustrative guidance on what amounts to “adequate procedures.”
The government started a consultation exercise in September 2010, which concluded in November 2010, on what guidance should be given to commercial organizations about procedures that can be put in place to avoid committing an offence. Guidelines were to have been published in January 2011; however, they have been delayed and the government has not committed to a precise date for their eventual publication.
It is far from clear what level of super - vision by the principal would be necessary to help satisfy the adequate procedures defense. However, two things are already clear. First, the relevant procedures will need to reflect the particular circumstances of the business in question, taking into account those aspects of the business that are most vulnerable to bribery taking place.
Second, the procedures cannot simply be based on procedures already in place to comply with legislation and sentencing guidelines in other jurisdictions, such as the FCPA. As explained above, the scope of the new U.K. legislation is very broad and the procedures will need to reflect that breadth.
Government guidance is unlikely to be very detailed or prescriptive in nature. Early indications are that the guidelines will be a set of high level principles rather than specific instructions. The government is instead asking courts to consider what a proportionate response should be for a particular organization, taking into account its size, the type of industry it operates in, resources, and the risk of corruption in its markets, etc. The standards that are expected of a small private company will not be the same as those expected of a large multi-national.
The consultation lists “Six Principles for Bribery Prevention” that the government believes are good international practices for such adequate procedures, and is designed to assist businesses in determining what bribery prevention procedures they can put in place. The “Six Principles for Bribery Prevention” are as follows:
Principle 1–Risk Assessment: This includes knowing and keeping up-to-date with the bribery risks the organization faces in its operations. This means that the organization must have adequately trained personnel performing ongoing assess ments. Such a program cannot be static, but must be dynamic, as bribery risks will evolve over time.
Principle 2–Top Level Commitment: This is well-known as the classic “Tone at the Top” requirement, which means providing cultural statements and anti-corruption guidance throughout the organization stating that bribery is unacceptable. It is important to pass this clear and unambiguous message to all staff and business partners. Top level management (i.e., the board of directors, owners, or any other equivalent body or person) must commit to preventing bribery and corruption. Interestingly, this commitment must also extend to avoiding doing business with companies that do not make this commitment.
Principle 3–Due Diligence: This is about knowing who the organization does business with and knowing why, when and to whom money is going, and being in a position to assure that business relationships are transparent and ethical, with reciprocal anti-bribery agreements and the ability to monitor and audit compliance. Businesses must know who they are doing business with if they are to accurately assess and manage their risks. Appro priate due diligence must be performed to allow a business to not only assess its compliance risks, but to properly manage them.
Principle 4–Clear, Practical, and Accessible Policies and Procedures: This covers all relevant risks such as political and charitable contributions, gifts and hospitality, promotional expenses, and responding to demands for facilitation demands or when an allegation of bribery comes to light. This applies to every employee and business partner under the effective control of the organization. Businesses should create clear written instructions to document what will not be tolerated, and to provide guidance on relevant laws and how to do business ethically.
Principle 5–Effective Implementation: This is going beyond ‘paper compliance’ to embedding anti-bribery in the organization’s internal controls, recruitment and remuneration policies, operations, communications, and training on practical business issues. While noting that policy implementation will “vary enormously” from organization to organization and will depend on the nature of a particular business, companies will need to bring their compliance and ethics programs “to life.” This would include areas such as training, internal and external communications, and using all the tools available to a business, including internet, intranet, email, posters, employee and company-wide meetings, and other forms of communication.
Principle 6–Monitoring and Review: This includes internal and external auditing and financial controls that are transparent and sensitive to bribery; determining how regularly to review the policies and procedures; and whether external verification would help. This principle requires that an anticorruption program be dynamic and ever-adapting to incorporate changing circumstances—it must not simply be a paper program. It should also include the internal checks and balances a company needs to have in place to adequately review and monitor compliance and ethics policies. Furthermore, this requires board of director oversight, full transparency, and external verification.
The consultation states that although the Act does not provide “particular procedures,” these “Six Principles of Bribery Prevention” are to be a flexible guide to deciding the specific procedures that any business might use to prevent corruption and bribery. Whether procedures are adequate can only be determined by the particular circumstances of a case.
Nevertheless, the consultation is a very useful tool for any company that desires to measure its current compliance and ethics program. Where a company has operations carried out by another individual or entity on its behalf, even in small part, particularly in difficult jurisdictions, it is important to ensure that the third party is aware of, and commits itself to, the antibribery policies of the principal, that it is made aware of a zero tolerance culture within the organization, and that it is subject to appropriate due diligence and monitoring.
Facilitation payments are generally referred to as small payments that are routinely made, typically to public officials or others, as a way of ensuring that they perform their duties. They also smooth relevant processes of official actions, such as the issuance of permits, visas or other services, including unloading of cargo, releasing goods from customs, or speeding up applications for documentation, etc., but which are not required by any statutory or legal requirement.
As mentioned above, the FCPA makes an exception for small facilitation payments or “grease,” which are also not illegal and are permitted under Canadian law. However, the Act does not allow such “facilitation payments.” All payments, no matter how small or routine, or expected by local customs, would be illegal under the Act. This also comports with the Organization for Economic Co-operation and Development’s (“OECD”) recent guidance recommending that member countries (including the U.S. and U.K.) ban such payments. This may be impractical because in some jurisdictions it is impossible to get business done without these types of payment. However, other organizations have commented that this state of affairs makes it easier to present a zero tolerance culture within their organizations. This provides for clearer policies and greater understanding amongst employees as to what constitutes compliance.
Offences under the Act are punishable by an unlimited fine for organizations. Individuals guilty of one of the principal offences are liable on conviction to imprisonment for up to ten years, or to an unlimited fine, or to both. These will be enforced by the U.K. Serious Fraud Office (“SFO”).
In addition to the above penalties and the obvious reputational damage, there can also be damaging collateral consequences, such as director disqualifications and asset confiscation proceedings, etc. A director convicted of a bribery offence can be subject to a director disqualification order under the U.K. Company Directors Disqualification Act 1986. This could result in his disqualification from holding a director position for up to 15 years.
It is currently a point for debate whether an organization convicted of a bribery offence, particularly the failure to implement adequate procedures and prevent bribery offence, will be debarred from participating in future public contracts in light of the European Union Public Procurement Directive. Unlike in the U.S., debarment is not discretionary and is permanent. This is a serious potential risk that should not be discounted or underestimated, and is yet another reason to ensure compliance with the Act.
The Latest Development
On January 31, 2011, the Ministry of Justice (the “Ministry”) announced a further delay to the implementation of the Act. This is the third delay in the implementation of the Act, which was originally planned to come into effect in October 2010. The Act will now be implemented “three months” after guidance on its requirements have been distributed to businesses. Government officials were supposed to have published guidance on the Act by the end of January 2011. But that did not happen. It is said that the ministry will be publishing guidance within the next few weeks. The Ministry indicated that they were working to make “practical and comprehensive” guidance available to business.
The delay has raised concerns that the implementation of the Act could be significantly delayed, or that the law itself faces additional scrutiny from the U.K. government. Nonetheless, those closely involved with the development of the law expect the Act to come into force in the first half of 2011, and they doubt that any material changes will be made to the substance of the law. It is much more likely that the government will use this opportunity to produce more detailed guidance on some of the most complex issues arising under the Act, such as potential liability for the actions of joint venture partners, agents, consultants, and other third-party associates.
In conclusion, the Act sets up a standard of commercial integrity that is significantly higher than that of overseas competitors. The Act leaves some key areas to prosecutorial discretion, making the business of compliance disconcertingly uncertain. Many companies have argued that the Act could prove a handicap to U.K. business and affect commonplace gestures of goodwill between companies and their clients. No one really knows how the Act will work in practice, and much will depend on its interpretation.
Though much will also depend on the guidance to be published by the U.K. government, all companies doing business in the U.K. must ensure that they have appropriate anti-corruption procedures in place before the Act’s implementation. They should start thinking immediately about whether their current policies, systems, controls, and training programs will be compliant with the Act.