Questions for the audit committee to consider
- Does the company have operations in the UK? Will the Act apply to the company?
- What does the company’s current anti-corruption program look like? Is the company prepared to meet the compliance requirements of the Act?
- Does the company conduct regular risk assessments? Are these assessments well documented?
- Has the company performed the necessary third-party due diligence to assess corruption risk?
- Is the company prepared to respond to whistleblower allegations?
As the 2010 UK Bribery Act becomes enforceable in July 2011, companies with global operations in the UK need to be prepared.
The UK has long battled corporate corruption with fragmented, complex and antiquated laws, but the 2010 UK Bribery Act (the Act) represents a much more unified and far-reaching law that carries heavy penalties for wrongdoers. The Act affects not only UK incorporated businesses, but potentially the global operations of foreign businesses with a UK presence. Similarly, the Act covers all bribery and corruption risk, regardless of whether it involves a public official.
The legislation allows for unlimited fines if a corporation is found guilty. Offenses by individuals carry a maximum penalty of 10 years in prison. The Act signals a fundamental change in the UK’s approach to prosecuting corruption, and authorities have already made a significant investment in enforcement capabilities.
The Act becomes enforceable in July 2011, so there is an urgent need for businesses to re-examine their approach to managing bribery risk and to ask whether their current procedures are adequate.
The provisions of the Act
The Act covers the activities of any person or third party acting on behalf of a business (for example, employees, agents or subsidiaries), and it creates four offenses. Two of these are general offenses covering the offering and receiving of a bribe. There is a separate offense of bribing a foreign public official and another for failing to prevent bribery.
This last offense is of particular note. For this offense, the only defense available to corporations is to demonstrate the existence of “adequate procedures” to prevent bribery. What constitutes adequate procedures requires interpretation.
In March 2011, the UK Ministry of Justice and Serious Fraud Office published guidance on “adequate procedures” to combat bribery and corruption. The guidance is high level and principles-based, rather than prescriptive of particular procedures.
The six principles covered by the Ministry of Justice guidance include:
- Bribery prevention procedures should be proportionate to the risks faced and the size and complexity of the business. Procedures should also be clear, practical, accessible, properly implemented and enforced.
- Management should take responsibility at the board level for bribery prevention and foster a zero-tolerance culture toward bribery.
- A periodic risk assessment should consider both internal and external risks and be well documented.
- Proportionate and risk-based third-party due diligence should be conducted.
- Communication and training should provide that bribery prevention policies and procedures are embedded and understood throughout the business.
- Regular monitoring and review should evaluate the effectiveness of current bribery prevention procedures and identify necessary improvements.
The Act and the FCPA
US companies and their boards may be surprised to learn that the offenses set forth in the Act extend significantly further than the US Foreign Corrupt Practices Act (FCPA). Most notably, the Act extends to all bribery, whether it involves a public or commercial official.
To be clear, the offenses set forth in the Act are not the same as those in the FCPA. Therefore, compliance with the FCPA does not necessarily constitute compliance with the Act.
For example, the Act:
- Draws no distinction between public sector and private sector bribery
- Has no exemption for facilitation payments or for promotional expenditures
- Introduces an explicit offense of failing to prevent bribery by associated parties
The Act is effective 1 July 2011, leaving little time to assess the current state of anti-bribery and corruption frameworks and to implement remedial improvements. Of particular concern should be exposure related to third-party relationships. Agents, consultants, distributors, joint ventures and new acquisitions create risks that can be difficult to assess.
Organizations need to look carefully at the due diligence they conduct on third parties that act on their behalf. Additionally, they should carefully examine existing anti-corruption programs to evaluate compliance with the FCPA, the Act or other anti-bribery conventions that exist in countries where the company operates.
Finally, companies need to assess the extent of their business dealings with government agencies and officials, state-owned-enterprises, sovereign wealth funds and other entities exposed to government affiliation or ownership.
« Previous | Next »