For the first time, corporates operating in the UK will be exposed to criminal liability, punishable by an unlimited fine, for failing to prevent bribery (the Corporate Offence). It is this new offence which presents significant challenges to businesses, particularly in today’s tougher enforcement climate. This article considers the Corporate Offence and what corporates can do to prepare.
The Bribery Act 2010 (the Act), which received Royal Assent on 8 April 2010 and will come into force in April 2011, represents the culmination of efforts to consolidate, update and extend UK anti-corruption laws.
A Tougher Enforcement Climate
Recent cases in the UK illustrate the increasingly robust attitude to enforcement of the existing law taken by the Serious Fraud Office (the SFO) and the Financial Services Authority (the FSA), whose hands the provisions of the Act will significantly strengthen.
In the first successful UK prosecution of a company for overseas corruption (or violation of the Iraq sanctions), the SFO secured a guilty plea by Mabey & Johnson Limited in September 2009. Mabey was required to pay fines and penalties totalling over £6 million (including amounts to the UN Development Fund for Iraq and authorities in Jamaica and Ghana), before paying its own costs and those of the SFO, which should be considered against Mabey’s reported turnover of around £50 million. This has been followed by the high profile settlements agreed by BAE Systems and Innospec with the SFO and the US Department of Justice (the DoJ) in relation to bribery charges.
Separately, in January 2009, the FSA imposed a regulatory penalty of over £5 million on Aon Limited for inadequate anti-corruption procedures. The Aon fine, the largest related to financial crime which the FSA has imposed to date, underscores the importance attached to adequate controls to prevent bribery.
The increasingly assertive stance adopted by the UK agencies is in keeping with the climate of international enforcement. In December 2008, Siemens AG reached settlements with the DoJ and the Securities and Exchange Commission (the SEC) of approximately $450 million and $350 million respectively, and agreed to pay a fine to the German authorities of around €395 million (on top of a €201 million fine the previous year relating to similar charges). The charges related to bribery, attempted falsification of corporate records and inadequate supervision by the board. Then, in July of this year, General Electric (GE) announced that it had reached a $23.5 million settlement (not including their own costs) with the SEC. The settlement related to charges of violations of the books and records and internal controls provisions of the United States’ Foreign Corrupt Practices Act 1977 (the FCPA), including violations by companies only later acquired by GE, concerning illicit payments to win Oil for Food contracts. Still more recently, in August 2010, Hewlett Packard reached an agreement with the DoJ to pay $55 million to settle allegations that payments were made to help secure government business.
The Act: Background and Basic Structure
The UK has been relatively slow in conforming its anti-corruption laws to prevailing international norms. In its 16 October 2008 report, the OECD Working Group on Bribery stated that it was “disappointed and seriously concerned” by the UK’s unsatisfactory implementation of the OECD Anti-Bribery Convention (ratified by the UK in 1998) and urged the introduction of new legislation concerning bribery of foreign public officials and the establishment of an effective corporate liability regime for bribery.
The UK’s existing bribery and corruption offences are currently contained in a number of statutes dating from the 19th and early 20th Centuries, as well as the common law. The Anti-Terrorism, Crime and Security Act 2001 then extended the jurisdiction of the UK courts to bribery offences committed abroad by UK nationals or bodies incorporated under UK law (although such extension did not apply to foreign nationals, even when domiciled or resident in the UK, committing acts of bribery outside the UK). Not only is there a general lack of clarity with the current law, but there is also no consistent definition of “bribe” between the common law and the statutes.
The Act will essentially replace the existing law with two general offences (bribing another and being bribed), the offence of bribing a foreign public official and the Corporate Offence. The Act is therefore broader in scope than the FCPA and extends to bribery of both governmental (public) officials and commercial (private) officials; nor is there a carve-out along the lines of that in the FCPA for so-called “facilitation payments”.
As regards companies, it is the new Corporate Offence, which exposes commercial organisations to criminal liability for failing to prevent bribery, that is likely to present the greatest challenges. Although commercial organisations can be liable for the other three offences, it is therefore on the Corporate Offence which this article focuses.
The Corporate Offence
The Corporate Offence is committed by a “relevant commercial organisation (C)” if a “person (A) associated with C” bribes another with the intention of obtaining or retaining business or an advantage in the conduct of business for C (Section 7 of the Act).
The Act provides a wide definition of “relevant commercial organisation”: it includes a body incorporated or a partnership formed under the law of any part of the UK and which carries on a business (whether in the UK or elsewhere); or any other body corporate or partnership (wherever incorporated or formed) which carries on a business, or part of a business, in any part of the UK. This may include charities and not-for-profit organisations which are incorporated or have activities in the UK. The jurisdictional reach of the Act, extending to organisations of any nationality carrying on any part of their business in the UK, is therefore significant and is addressed below.
A “person (A) associated with C” means a person who performs services (disregarding the bribe in question) for or on behalf of C. The Act expressly provides that the capacity in which A performs services for C does not matter: A may be C’s agent, employee or subsidiary, for example. Whether A performs services for C is to be determined by reference to “all the relevant circumstances”, although if A is an employee of C this is presumed.
The associated person will be guilty of bribing another if, with the intention of retaining or obtaining business for C, he either: offers, promises or gives (directly or indirectly) a financial or other advantage to another, intending it to induce a person to improperly perform a relevant function or activity, or to be a reward for such improper performance; or, if the bribe is paid to a foreign public official, intends to influence the recipient in his capacity as a foreign public official and the written law applicable to such an official does not permit the official to be so influenced.
For the Corporate Offence, therefore, there is no requirement that the relevant commercial organisation authorise, encourage or even be aware of, or otherwise involved in, the payment of the bribe. For the organisation itself to be guilty of the offence, it is sufficient that a person associated with the organisation paid the bribe.
As mentioned above, one of the most significant characteristics of the Corporate Offence is its international reach. There is no requirement that there be any connection between the bribe in question and the UK. It is enough merely for the person paying the bribe to be associated with a commercial organisation which is connected to the UK by carrying on a “part of [its] business” there. The Act does not define ‘part of a business’ and companies should exercise great caution until this is clarified, since merely a UK agent or representative office may be sufficient for the Act to apply.
It is also worth noting that the jurisdictional reach of the Corporate Offence is greater than that of the other offences, where it is a requirement that the act took place in the UK or was committed by a person having a “close connection” with the UK (broadly, British nationals, British residents, or bodies incorporated under the law of any part of the UK).
A commercial organisation convicted of the Corporate Offence will be liable for an unlimited fine. A conviction could also seriously impede a company’s ability to do business. For example, under the Public Contracts Regulations 2006, public authorities are required not to select contractors convicted of bribery and corruption offences. Were the regulations amended to include the offence of failing to prevent bribery, the sanction would have severe ramifications for commercial organisations seeking public contracts.
The 'Adequate Procedures' Defence
The only defence available under the Act is for the commercial organisation to prove that it “had in place adequate procedures designed to prevent persons associated with [it] from undertaking such conduct”. The burden of proof here rests with the organisation. To discharge this burden, the organisation will need to show not only that it has adopted appropriate policies, but also that it has taken appropriate steps to apply and enforce them.
The Act requires the Secretary of State to publish official guidance about such procedures. The Government is currently undertaking a consultation exercise on this point (due to end on 8 November 2010), the results of which are to be published in early 2011. When the Government does publish its guidance, one would expect it to take account (as does the consultation paper published in September 2010) of two important points raised in the First Report of the Joint Committee on the Draft Bribery Bill. Firstly, “adequate procedures” should be interpreted in a flexible and proportionate way, depending on the size and resources of the company, together with the ethical risks associated with the industry, the geographical area and the types of transaction concerned. Secondly, the interpretation should depend on what a commercial organisation is doing in practice rather than in theory.
What Corporates Can Do to Prepare
The absence of settled official guidance should not hinder businesses from preparing for the Act. Precedent guidance can be found in a number of sources. The OECD’s Good Practice Guidance on Internal Controls, Ethics, and Compliance, adopted in February 2010, aims to assist companies with establishing effective policies and procedures to prevent and detect bribery of foreign public officials. The NGO Transparency International has also recently published The 2010 Bribery Act UK: Adequate Procedures, which contains guidance on good practice and procedures for corporate anti-bribery programmes.
In addition, the SFO, which is currently responsible for prosecuting overseas bribery, published the Approach of the Serious Fraud Office to Dealing with Overseas Corruption, albeit that this 2009 publication pre-dates the final text of the Act. While the SFO emphasises encouraging businesses to self-report overseas corruption, it also lists examples of factors it would take into consideration as evidence of adequate procedures. These include: “a policy on outside advisers/third parties including vetting and due diligence and appropriate risk assessments”; “training to ensure dissemination of the anti-corruption culture to all staff at all levels within the corporate”; and “regular checks and auditing in a proportionate manner.”
It is unlikely that any single programme will be appropriate for all companies, as is suggested by the report of the Joint Committee described above. What will be judged adequate for a smaller domestic business operating in a low risk sector will not be adequate for a multinational company or a company operating in higher risk sectors or markets. However, for any business of significant size, a simple statement in an ethics policy that the company does not pay bribes is unlikely to meet the standard required for the “adequate procedures” defence.
Whether businesses have established anti-corruption procedures or are putting them in place for the first time, they should evaluate and focus on the specific risks which they face in their particular sector and operating territories and which arise from their business model. The anti-corruption programme, moreover, should have teeth: a business that has ignored warning signs or forgiven questionable conduct might well be regarded has having inadequate procedures in practice.
The Act will not come into force until April 2011. However, the nature and international reach of the new Corporate Offence, combined with the prevailing heightened enforcement climate, mean that it will be important for corporates to prepare carefully for its implementation. Specifically, companies should review their existing anti-corruption policies and procedures and, where necessary, augment them. As noted above, the Act requires ‘procedures’, not mere policies. An effective anti-bribery programme is therefore likely to require the active promotion of the policy, appropriate training on it, regular review of its adequacy and ongoing monitoring of the programme in practice. Accordingly, businesses would be well-advised to make good use of the time before the Act comes into force.