The Bribery Act 2010 (the Act) comes into force in April 2011, and many UK businesses are considering the steps that they need to take to prepare for it. In particular, there is concern about the new offence of "failing to prevent bribery" by a commercial organisation. The offence is one of strict liability, but a commercial organisation may have a defence if it can show that it had "adequate procedures" in place to prevent bribery.
The business community has been waiting for guidance from the government on what is meant by "adequate procedures". The guidance was published in mid-September in draft form, and although following such guidance is not an absolute safe harbour from prosecution, it provides the obvious starting point for businesses in either reviewing, or putting into place for the first time, anti-bribery policies and procedures.
The guidance is based on the following six general principles:
1. Risk Assessment
The commercial organisation should regularly and comprehensively assess the nature and extent of the risks relating to bribery to which it is exposed. Relevant risk factors will depend on the business, but might include dealings with jurisdictions with perceived high levels of corruption as well as transactions involving political contributions, licences, permits or public procurement.
2. Top-Level Commitment
The top-level management of a commercial organisation should be committed to preventing bribery and steps should be taken to establish a culture within the organisation in which bribery is never acceptable. Such steps should include (amongst other things) a statement of commitment to counter bribery in all parts of the organisation's operation and the appointment of a senior manager who takes ultimate responsibility for the anti-bribery programme and its communication within the organisation.
3. Due Diligence
Organisations will need to know with whom they are doing business if risk assessment and mitigation are to be effective. Liability for the offence extends beyond employees of an organisation to all persons "associated" with it, including, for example, not just employees, but also agents, intermediaries, joint venture partners and contractors; therefore, it is crucial to have due diligence procedures which cover all new and existing business relationships.
4. Clear, Practical and Accessible Policies and Procedures
After carrying out a risk assessment and due diligence, organisations will be in a position to have in place a risk assessment policy appropriate for the risks identified. The guidance sets out minimum elements to include within such a policy.
5. Effective Implementation
If an organisation finds itself in the position of having to rely on the "adequate procedures" defence, it will need to be able to show not only that it had an effective policy in place, but also that it implemented it with workable and consistently followed procedures. In practice, this will involve records of training, monitoring, and dealing with incidents of bribery or suspected bribery.
6. Monitoring and Review
Effective monitoring and review, and reacting or responding to changes in anti-bribery legislation, or changes and developments in the business, are part of the effective implementation of an anti-bribery policy.
In anticipation of the Act coming into force, we are recommending that all our corporate clients look at the implications of the Act on their business.
The first step is likely to be educational, ensuring that the company's board and senior management are fully informed about the Act and its implications, followed by a comprehensive risk assessment and due diligence review. The board should then work to create and implement appropriate anti-bribery policies and procedures (or, where such policies are already in place, conduct a review to ensure they are fully in line with the Act), and identify who will have responsibility for compliance and communication of the policies.