The push and pull between the terms of the Bribery Act and the demands on British business abroad

Posted on March 19, 2013 by Adam Greaves

In a recent survey by accountants Ernst & Young, it is reported in HR Magazine they found that around half of British employers are failing to vet their suppliers for compliance with the Bribery Act.  This is surprising to anticorruption practitioners, taking into account that the Bribery Act provides strict liability for the acts or omissions of associated parties, including suppliers, in the situation where adequate procedures were not in place. One of those adequate procedures would be to vet your suppliers adequately.

Other revealing statistics from the E&Y report:

  • 60% of firms with a turnover between £5 and £50m vet their suppliers to assess whether their businesses comply with the Bribery Act (hence 40% do not)
  • 16% of these midmarket firms would do nothing if their suppliers failed to comply (so one asks oneself: why bother asking them whether they do comply? )
  • Among the 40% of firms which do NOT vet their suppliers, 60 % reported that they were not planning to implement any anti-bribery provisions in the future;
  • Of the larger firms (turnover in excess of £50m) only 40% would terminate their suppliers if they failed to comply with the Act.

So one can conclude from these statistics that many British firms have either missed the point of this legislation altogether or are making a positive decision to run a the risk of not being caught, perhaps based on their belief that the Serious Fraud Office and other prosecutors have insufficient resources to discover the fraudulent conduct.  We at the BriberyLibrary wonder whether business managers would be quite so cavalier about not insuring their offices and factories against the risk of fire and flood? The potential disaster which can befall a company which is the subject of an investigation and then a prosecution is not so well known on this side of the Atlantic.  But just look at the examples of Siemens and Innospec, to name but two companies which suffered very significant financial and reputational damage from their prosecutions in the US and other countries. 

The head-in-the-sand approach, which this survey seems to suggest is taking place in many British companies, risks, amongst other things:-

  • an unlimited fine for the company,
  • a serious prison term for the directors or senior managers who permitted illegal acts to carry on or turned a blind eye to them,
  • possible debarment from public procurement tendering in many parts of the world,
  • very large legal costs
  • consequential civil claims from competitors or others who claim to have lost business as a consequence of illegal acts committed by the company’s associated persons
  • a fall in share price for publicly quoted companies

In stark contrast with the Ernst & Young report which suggests not enough is being done, in fact many British businesses are complaining that they feel “hampered” by the Bribery Act and that the Act is unduly restrictive of British trade abroad. This other point of view is summarised, by way of example in a letter in the Financial Times online on 17 March 2013:


“As a businessman I can testify to the shameful cost in executive time that it has caused British companies. In addition it has had an entrepreneurial cost as non-executive directors are understandably anxious about its implications”. 

We at the BriberyLibrary can certainly understand that the Bribery Act will add a certain layer of cost, particularly initially, in order to make sure that you have a robust anticorruption compliance programme, but once it is on its feet, depending on the size of your business and how much you rely on overseas sales, it should not be especially expensive to maintain.  The costs of ensuring that you do not become involved in arrangements which might involve bribing and corrupting others will pale into insignificance when compared with the costs of being prosecuted (see the list of bullet points above).

The Daily Telegraph reported recently that

“…Crispin Simon, a senior executive in UK Trade and Investment, the Government’s export agency, disclosed the move when he gave evidence to the House of Lords committee on small and medium-sized enterprises. He said there was a “desire” that the Bribery Act should be tested by the Crown Prosecution Service to provide a “better sense of where it stands”, and acknowledged it was “possible” that the legislation had resulted in the loss of some business….”

The House of Lords committee, however, believes that there should be some urgent scrutiny of the Act, which in its view has put British business at a disadvantage in the BRIC countries where trade involved  “challenging questions”,  which one assumes means repeated requests for bribes, although it is not entirely clear.

The Daily Telegraph report continues

“Tony Shepherd, of Alderley Group, told the committee: “The existing Act is virtually impossible to operate as far as a UK company is concerned. You cannot really take someone out to dinner without committing a crime. I am extremely in favour of trying to eliminate bribery, but to have a situation where we are subject to a law that is much more severe than anywhere else in the world is not good.”

It should be said that the Serious Fraud Office, which will be the principal prosecuting body for offences under the Bribery Act , has made it clear on many occasions since the Act was passed in April 2010 (and also in the Government’s Guidance on the Bribery Act in March 2011) that it will not be prosecuting defendants for dinners and other reasonable entertainment. So there seems to be a certain amount of misunderstanding amongst business managers.

The United States has been enforcing its anticorruption laws (under the Foreign Corrupt Practices Act) against American corporations and individuals as well as foreign corporations and individuals (who are subject to its very low jurisdictional hurdles) for many years now.  So in fact the UK is merely playing catch up with one of its allies and competitors in terms of both its laws and its attitude to proper enforcement.

No one case being prosecuted will be able to test all parts of the  Bribery Act.  It may take several such cases to go through the courts (if they do not reach a civil settlement before any trial) to test all parts of the Act.  If the UK’s experience turns out like the United States’ experience, it could take many years, even decades, for enough cases to go through the courts for the law to be clarifies by the judiciary. We all await the first corporate prosecution under the Act with great interest, but we might have to wait some time longer yet as the Act has only been in force for some 21 months, and it takes time for acts and omissions to be reported to or discovered by the investigators, and then more time for a decision to prosecute, and then to go through the justice system.  In the meantime in our opinion, there really is no alternative for British business other than putting in place a robust compliance programme so that the company is best protected against rogue employees or others associated with the company.

 

Alstom fined by Swiss prosecutor for corruption offences

Posted on November 22, 2011 by Adam Greaves

The Swiss Federal Prosecutor has fined Alstom Network Schweiz AG SFr 2.5 million and ordered it to pay SFr 36.4 million in compensation in relation to three cases where it had failed to prevent the bribery of foreign officials in Latvia, Tunisia and Malaysia.

It is reported today that this punishment follows investigations into Alstom’s actions in 15 countries, which were reopened in 2008.  The investigation concluded that Alstom had failed to enforce a compliance policy with the “necessary persistence”.

It is further reported in the media that third parties engaged by Alstom had sent some of their success fees to foreign decision makers which had influenced decisions in favour of Alstom.

The Swiss prosecutor states that it had detected some breaches of internal compliance methods in the other twelve countries, but no additional acts of bribery.

Alstom itself has made a statement that the Swiss prosecutors office had not found any evidence of systemic corruption within the company and that in two of the three cases where it was found to be at fault Alstom was itself a victim of the actions of some of its employees while in the third case Alstom was “simply a subcontractor of a consortium”.

Of course, were Alstom to have been tried under the new UK Bribery Act 2010, the employees and the consortium partners would all very likely be found to be associated persons within the meaning of the Act and therefore the section 7 corporate offence of failing to prevent bribery would be established against Alstom if the court found that its compliance program was inadequate, a finding which seems to have been made in Switzerland.

Deloitte Anti-Corruption Practices Survey 2011:"Cloudy with a chance of prosecution?"

Posted on November 22, 2011 by Adam Greaves

The global accounting firm Deloitte LLP has published its 2011 anti-corruption practices survey.

Deloitte reports that companies have increased their focus on preventing and detecting corrupt activities and their global operations in response to the increase in prosecutions under the US Foreign Corrupt Practices Act (FCPA) and the increased size of penalties.  However, only 29% of the 276 executives surveyed by the Deloitte Forensic Centre were very confident that their company’s anti-corruption program would prevent or detect corrupt activities.  Deloitte concludes that this low level of confidence indicates that many companies may need to evaluate and upgrade their anti-corruption efforts.

A combination of the increased enforcement of the FCPA, and the increase in the size of penalties over the last few years, together with the coming into force of the new UK Bribery Act 2010 means that organisations all around the world are re-examining their anti-corruption compliance programs.  Indeed several we at the Bribery Library have spoken to over the past year have no anti-corruption controls in place at all, which is perhaps surprising when you realise that they are entities with turnovers of $billions.

Some other interesting statistics from the Deloitte report:

  • 90% of executives said their company had an anti-corruption policy (one wonders precisely who Deloitte were surveying, because this is not necessarily our experience).
  • Only 45% of the companies surveyed had a stand alone anti-corruption policy, while the remaining companies have a policy that was part of a broader code of conduct.  Deloitte offer the commentary that in their experience anti-corruption issues may not receive adequate attention unless they are addressed by the policies specifically focussed on corruption, is a view with which we agree.
  • Although roughly 80% of executives said their company conducted internal audits of its foreign operations to identify corrupt activity, only 32% said these audits were conducted annually or more often.

Third party risks

  • 52% of executives see the activities of third parties as the greatest source of corruption risk.
  • 43% of executives considered that identifying and managing third party relationships was a significant challenge, more than for any other issue.
  • Despite these concerns, only 41% of executives said their company regularly conducted due diligence on third parties in foreign countries that interact with foreign government officials.
  • 9% of executives said that they conducted very detailed monitoring of third parties to ensure that they are complying with the company’s anti-corruption requirements.  This statistic certainly is in line with our experience of talking to clients and contacts.
  • When conducting anti-corruption internal audits, only 50% of executives said that their company’s audits covered foreign sales agents.

Increased corruption risk in emerging markets

  • 55% of executives said their company was extremely concerned about the potential impact on their business of corruption in China.
  • 43% had the same view about Russia.
  • 39% had the same view about India.
  • 26% had the same view about Brazil.

“Tone from the top”

  • 80% of executives said that their board of directors received updates on the status of their anti-corruption compliance program, and roughly two thirds said that they received updates annually or more often.
  • However 32% of executives from smaller companies (with less than $1 billion in annual revenues) said that their board of directors did not receive any updates on their compliance programs.

Assessing risky activities

  • Approximately one third of executives considered that customs clearance and importation of goods, and entertainment or business development expenses related to government business or to government relations, presented a significant corruption risk for their companies.
  • 20% or more of executives felt that a number of other activities pose a significant risk including bribes, gifts to foreign government officials, expenses incurred in connection with sponsored travel and lodging for foreign government officials and facilitating payments.
  • 63% of executives at larger companies believe that the use of third parties posed a significant risk, compared to 33% of those at smaller companies.
  • 35% of executives from larger companies received a significant risk from entertainment or business development expenses related to government business or to government relations, while only 19% of those at smaller companies shared that concern.
  • 58% of executives said that their companies relied extensively on internal risk assessments and past experience with corruption issues.
  • One third of executives said that their companies relied extensively on industry information or on the ratings of the Transparency International Corruption Perceptions Index.
  • In spite of the very significant financial incentives arising out of the Dodd-Frank SEC whistleblower provisions, 37% of smaller companies and 20% of larger companies said that they were not likely to re-evaluate their anti-corruption programs in light of these new rules.

Training and communication

  • 73% of executives said that their companies provided anti-corruption training, of whom 64% said that they trained select employees such as those in higher risk positions.  However, many executives said that their company cast a much wider net for anti-corruption training.
  • Half of the executives said that their company trained all international employees, while 44% said that they trained all domestic employees.
  • Roughly one third of executives said that their company also trained members of its board of directors on the company’s anti-corruption policy.
  • Only 26% of executives said that their company trainer third parties on anti-corruption requirements which, Deloitte comment, is surprising given the general concern over corrupt activities involving third parties.

Personally, we are surprised at the low level of training revealed by this survey and feel certain that this must increase rapidly and extend to all staff if companies are to meet the UK Bribery Act Guidance published on 30 March 2011.

Deloitte conclude that while training is important in helping all employees understand the legal requirements and company policy on what constitutes corrupt activity and its consequences, it is unlikely to be enough.  Anti-corruption training programs should be supplemented by a robust monitoring programme throughout the year, and by an effective approval process for transactions and for the use of third parties.

In conclusion, this survey is a stark reminder that there is a great deal more work to be done by companies all around the world, including those in countries where there is already medium or high levels of enforcement, to deal with the risk of corruption and to meet the expectations of regulators, especially in the US and the UK.

Charities and the Bribery Act - The distribution of aid using facilitation payments - will they be prosecuted?

Posted on July 07, 2011 by Adam Greaves

A few days ago I was speaking at a conference on the Bribery Act and someone asked me how the Act applies to the small payments that his charity had to make in order to get the aid which the charity is distributing across a war torn country actually delivered to the people in need.  He asked me whether they were caught by the new Act for making modest “facilitation payments”. My strong belief is that a charity could, in theory, very well be caught by the Act, however worthy its aims and purpose. But would it ever in fact be prosecuted? And how can charities afford to take advice on the Act and undertake a compliance programme? 

Section 7(5) of the Act provides: 

“Relevant commercial organisation” means—

and, for the purposes of this section, a trade or profession is a business.”

(a) a body which is incorporated under the law of any part of the United Kingdom and which carries on a business (whether there or elsewhere),

(b) any other body corporate (wherever incorporated) which carries on a business, or part of a business, in any part of the United Kingdom,

(c) a partnership which is formed under the law of any part of the United Kingdom and which carries on a business (whether there or elsewhere), or

(d) any other partnership (wherever formed) which carries on a business, or part of a business, in any part of the United Kingdom.

It is likely that a charity would be a body corporate of one type or another. So it needs to put in place adequate procedures. Even if it felt that it wasn’t a likely target for prosecutors, in my view it needs to put in place a compliance programme because:-

  • it may well be at risk of prosecution for its other activities back in its home country
  • its associated persons (as defined by the Act, but broadly meaning, to recap, other parties it has dealings with) may ask it for sight of its compliance programme as a condition of continuing to deal with them
  • its benefactors and contributors (which may include governments) may ask for details of all its compliance and ethics policies, expecting a charity to lead the way in these areas by example
  • the risks to the charity of not complying with the law could be very damaging both to their assets, to their reputation and therefore to their ability to raise additional funds in the future.

As to whether or not they would be prosecuted for giving small facilitation payments to distribute aid across very poor, war torn countries: I think it is incredibly unlikely that the Director  of the Serious Fraud Office or the Director of Public Prosecutions would be prepared to consent to a prosecution i.e. that they would think that it would be in the public interest to do so. In fact it seems to me that it would be against the public interest to allow a prosecution, because it would not only mean that vital aid might not get through to the people who need it, but it would probably also deter charity workers, especially those in the relevant country from continuing to work in these circumstances, and it may also deter donors from making further donations, embarrassed that they might be associated, however remotely, with a criminal act. 

On 21st June 2011 my colleague Rose Parlane posted a blog on the recent guidance by the Serious Fraud Office on how to deal with organisations that continue to make "small" facilitation payments after 1 July. 

To recap, the SFO will be looking to see:

1. whether the company has a clear issued policy regarding such payments;

2. whether written guidance is available to relevant employees as to the procedure they should follow when asked to make such payments;

3. whether such procedures are being followed by employees;

4. evidence that all such payments are being recorded by the company;

5. evidence that proper action (collective or otherwise) is being taken to inform the appropriate authorities in the countries concerned that such payments are being demanded;

6. that the company is taking what practical steps it can to curtail the making of such payments.

For more detail, please take a look at Rose’s post.

So, all in all, whilst in theory such payments made abroad may be strictly against the Bribery Act, in the view of the BriberyLibrary there is unlikely to be any appetite politically to pursue charities for low value criminal acts which are often made out of desperation to try to save lives.

Interestingly, aid workers in dangerous countries are sometimes accompanied by soldiers, perhaps NATO soldiers, when distributing aid. The Act does give in Section 13 an exemption for British soldiers who bribe whilst on active service:

“It is a defence for a person charged with a relevant bribery offence to prove that the person's conduct was necessary for—

(a) the proper exercise of any function of an intelligence service, or

(b) the proper exercise of any function of the armed forces when engaged on active service...

6) In this section—

  • “active service” means service in—

(a) an action or operation against an enemy,

(b) an operation outside the British Islands for the protection of life or property, or

(c) the military occupation of a foreign country or territory......”

There may be cases where the soldier has been asked to make a facilitation payment in order to secure the safe transit of the aid worker or the safe delivery of the aid. This might be money provided by the charity of perhaps, I suppose, by the Ministry of Defence.  In his or her case, provided it is in furtherance of one or more of the duties in (a) to (c) above, the soldier is afforded a defence by Section 13 of the Bribery Act. I would be highly surprised, however, if the soldier were to be prosecuted in the first place if it were clear that he was carrying out duties in active service for his country. Prosecutions under the Bribery Act in the armed forces are far more likely I would have thought in the area of procurement than active service in the field.  Again, the likely backlash in the media and from the public from prosecuting a soldier who was helping aid workers to save lives is really unthinkable.

Understandably, all sorts of organisations are worried about the effects of the Act on them, including charities. As an aside: some of them may not be sufficiently well funded to take specialised legal advice. There are at least two ways to deal with this – advice for free is at hand either directly from the Serious Fraud Office itself, which welcomes approaches in writing or in person. Alternatively a commercial organisation or a charity (or anyone) can ask for help from LawWorks, the solicitors pro bono organisation which is housed within the National Pro Bono Centre in Chancery Lane, London. They do have financial criteria for qualifying for pro bono work, but if you do qualify, then they will refer you to one of the many thousands of lawyers across the UK who offer their legal services for free to those who cannot afford legal advice. 

"Is my FCPA compliance good enough for the Bribery Act?"

Posted on July 06, 2011 by Adam Greaves

We are often told, particularly by American clients, that their organisation is already FCPA compliant, “so isn’t that enough for the Bribery Act?....what more do we need to do, if anything?”. To understand what more needs to be done necessarily requires understanding the key differences between these two world-leading anticorruption statutes.  Once you have understood those differences, it follows that it is likely that your compliance programme may require some consequential adjustments to reflect some of these differences in order to bring your existing FCPA programme up to speed with the new UK Act. Some of it will require changes to your anticorruption policy and your gifts and hospitality policies. Much of it will  also need to be reflected in your training and education materials and computer based training modules, but also in other parts of your compliance programme, discussed below. And don’t forget that the people you should be getting involved with your compliance programme are not just your own staff but also any person “associated with” your organisation i.e. performing services for it. This could include contractors, advisers, joint venture partners and a whole list of other categories of persons with whom your organisation may have a relationship. See earlier blog posts in the BriberyLibrary for more detail, in particular my own post of 14th February 2011. 

The principal differences between the FCPA and the Bribery Act include: 

  • The Bribery Act is wider in scope than the FCPA as it covers all corruption, including by and of the private sector, and not just corruption of foreign public officials. You may well need to amend and broaden the policy definitions of corruption and of “public officials” so that it covers all sorts of government and other public officials. There is also case law  in developing the US as to how the DOJ and the SEC are pressing the courts to interpret “foreign public official” more widely.
  • The Bribery Act prohibits both payment and receipt of bribes i.e. active and passive offences. You will need to ensure that both sides of the corruption coin are captured by your programme and also to update your training documents. 
  • A business nexus is not required for Bribery Act general offences under sections 1 and 2 of the Act although it is under the FCPA. Required action includes amending the wording of policies and training documents.
  • The wider scope of the Section 6 strict liability corporate offence under the Bribery Act. You’ll probably need to amend the wording of your policies and training documents to ensure that the corporate liability is properly understood.  This is the offence that causes most risk to the organisation itself.
  • There is no “adequate procedures” defence under the FCPA. The differences should be addressed in the training sessions. In both jurisdictions, having no adequate procedures will give you an enhanced risk of liability.
  • The Bribery Act does not allow facilitation or grease payments. In fact the SFO are constantly at pains to point out that the old law never did, either, but one might be forgiven for thinking otherwise for I am not aware of any prosecutions of facilitation payments. Please email me if you know of any in the UK. Some US corporates’ policies ban facilitation payments altogether, to make life simpler and to avoid this exception being misconstrued in any way which might then “cross the line”.  Other companies stick to the FCPA allowance of them (because this suits their business and presumably because they believe that they have to pay them from time to time). This is clearly not in tune with the Bribery Act, so this aspect should be looked at very carefully and discussed with the business people in the organisation. Training should be given urgently to employees or others associated with your organisation who habitually pay facilitation payments. Also I would draw your attention to a recent blog post by my colleague, Rose Parlane, on the new guidance by the Serious Fraud Office specifically on how to try to stop paying facilitation payments, and how British prosecutors will regard such payments if you have continued to pay them. One point is that you should keep a log of such payments and a note of why they were paid and why you think that they were unavoidable. So the payment should be transparent. To do otherwise makes the payment look awkward and wrong.
  • There is no express bona fida business expenditures defence under the Bribery Act. In practice, the Serious Fraud Office will look at the facts of every case.  Put simply: either they are bona fida or they are not. You do need to keep a log of your expenses and their justification.
  • Penalties are more severe under the Bribery Act both in terms of financial penalties and in terms of length of prison sentence. This should be covered in the policy and training, so that staff are fully aware.
  • Debarment from public contract tendering differs between the US and the EU. If you sell into the public sector, these provisions alone ought to give you real concern. My colleague Mathieu Doublet has blogged on it previously on 27th April 2011. I also touched on  The Bribery Act 2010 (Consequential Amendments) Order 2011 in my blog of 17 June 2011.  Section 1 and Section 6 offences lead to automatic debarment. It appears that Section 7 will not lead to automatic debarment, according to the Lord Chancellor, but it remains to be seen how the courts actually treat such offences. In any event, these provisions tend not be very well known but since they may be catastrophic for your business, it would be as well to spend some time educating your staff and other associated persons about them. The severity of the debarment provisions tends to lead to plea bargaining – for example, agreeing to a books and records offence in the US and paying a hefty fine.
  • Which brings me on to the fact that there is no books and records offence under the Bribery Act as there is under the FCPA but there is an equivalent provision in the UK in a different statute: Section 386 to 389 of the Companies Act 2006.
  • Although the six principles for “adequate procedures” are surely familiar throughout the compliance world generally, in the US a prosecutor would see a proper risk assessment report merely as a mitigating factor to sentencing (rather than as one element of a potential complete defence to the Section 7 offence under the Bribery Act). If you can’t show the prosecutors how you have been through each of the six principles and how you have addressed them properly, then your procedures are unlikely to be seen as adequate and you will then open yourself up to a hefty fine, and the other associated consequences (public procurement debarment, civil suits etc)
  • As in the UK, there is no positive obligation on an organisation in the US to undertake a risk assessment.  Speaking with many clients over the past year or so since the Bribery Act was passed has alerted us to the fact that many large global companies have never done a proper corruption risk assessment, believing (wrongly) that they don’t really need to do one as “we know the risks of our businesses perfectly well”. Apart from any other reasons, and there are several, it misses the point that you are potentially liable for your “associated persons” under the Act i.e. persons performing services for your organisation who may be external to it. You need also to be able to show how you undertook your risk assessment of them, of the countries they operate in, of the people with whom they interact, of the things they are doing or selling on your behalf,  and of the industries they operate in: and, after you have assessed and ranked all these factors, and audited their systems and training programmes, you need to be able to demonstrate that you calculated all these factors and made a proper decision as to whether you deemed them sufficiently high risk to justify additional due diligence, or whether you need to self-report any suspicious behaviour.
  • I would say that the biggest problem so far of companies which are trying to get to grips with the compliance regime under the Act is that many if not most are either not doing risk assessment at all or they are not doing it properly.  Potentially, if you are a large multi-national, it is a very large undertaking which could take many months or even a year or more to complete.  We have noticed from our many conversations with clients and contacts around the world  (and also from shared experiences with anticorruption practitioners in other law and accountancy firms) that there seems to be a real issue of a lack of will at board level to spend the resources, combined with a lack of comprehension about how a risk assessment report will actually help you properly appreciate your internal risks and  to spend your limited compliance budget appropriately and in a tailored way. This reluctance is even more pronounced in the organisations which are medium sized (and so less well resourced generally) and which sell overseas. Banks, for example, are about to have a whole new layer of regulation and compliance loaded onto them. Hence one often reads of “compliance fatigue”.  

Global organisations must of course ensure compliance with all anti-bribery laws that are applicable to the jurisdictions in which the organisation or its associated persons operate. As the Bribery Act has set a very high bar in terms of the law itself, compliance with it will more or less mean that it will act as compliance for other anticorruption laws around the world: it should reduce your exposure to prosecutions in most other countries. But we mustn’t forget that each country may have a myriad of other laws which  may also be relevant – e.g. the books and records provisions under the UK Companies Act, as noted above. Companies may find themselves being prosecuted under more than one statute, and indeed in more than one country, simultaneously. We will blog separately in the future on the subject of “double jeopardy” as between different countries. In short, however, it appears that the Serious Fraud Office’s view is be that where the defendant has been convicted by another country for the same set of facts, it will not pursue the same or a similar case against the same defendants: so, whatever the legal position, it is not interested in pursuing the defendant again in the UK if it has been convicted in another jurisdiction. 

So, whilst on the face of it the changes which need to be made to ensure that your FCPA compliance programme is also Bribery Act compliant may appear to be minimal at the policy level, in reality the task may be a whole lot larger, depending on how well you undertook your FCPA compliance in the first place. Our partners in the US often say that they never cease to be amazed that decades after the FCPA became law, not all American companies have a compliance programme. The principles in the Government’s Guidance dated 30th March are a good starting point for understanding what needs to be done, although the Guidance doesn’t actually tell you how to go about establishing your programme. We will all learn what the Serious Fraud Office are really expecting to see in a compliance programme as cases start to be brought before the court, and jurisprudence begins to develop. My best guess is that this will be some time from 2012 onwards.   

 

Bribery Act and other fraud risks - the Ernst & Young 2011 survey

Posted on May 20, 2011 by Adam Greaves

A few days ago Ernst & Young published their latest report “European Fraud Survey 2011” . If you haven’t read it, it is salutary reading, and probably in fact essential reading for business leaders and compliance managers who are trying to decide whether they should invest their organisation’s time and money in developing a new, up-to-date, robust anti-bribery compliance programme. If justification for investing in your organisation’s defences and safeguards against a damaging and costly prosecution were ever needed, here it is in this report.

The Survey used researchers who spoke to a total of 2,365 people in 25 European countries in both developed and developing economies.

I will cite a few of the report’s findings:

  • Almost 1 in 5 of company employees, regardless of grade, consider it to be acceptable to pay bribes to win or retain business. (That could amount to an awful lot of prosecutions, if they actually behave like this).
  • 59% of those interviewed expect management to cut corners in order to achieve targets and half of management agrees.
  • Two thirds said that bribery and corruption are widespread in their country and according to 40% of them has become worse during the economic downturn.
  • Only 56% are aware that their company has an anti-corruption policy.
  • 53% think that bribery and corruption are too widespread to be tackled.
  • More than one third of all respondents are willing to offer cash payments, gifts or entertainment to win business.
  • Less than one third of respondents believe that their company had increased its efforts to combat fraud.
  • Only half say that employees in their company comply with its code on anti-bribery and anti-corruption.
  • Less than half of German correspondents believe that there is a commercial advantage to ethical behaviour.
  • 43% could not identify who they should contact within their company if they had concerns about impropriety.
  • 75% believe that there is a commercial advantage to ethical behaviour.

 Ernst & Young’s conclusions are nothing short of damning:

1. “Management is failing to set a strong tone at the top of many organisations and, in many cases, is prepared to do whatever it takes to succeed

 You may recall that this is the 2nd principle which was set out in the British Government’s recent  “Guidance about procedures which relevant commercial organisations can put into place to prevent persons associated with them from bribing (section 9 of the Bribery Act 2010)” .  You may also recall an earlier post by one of my colleagues, Rose Parlane, on the Guidance, on 30th March 2011.

It should also be recalled that if the company or an associated person commits an offence under the Bribery Act, the individuals and the company itself and any directors or officers of the company who knew of or connived in the offence may be liable to prosecution.

 2.    “A persistently high level of employees are willing to behave unethically”.

The message seems to be that this is because employees are desperate to land new business in the current difficult economic environment, and are willing to take risks. Well that’s human nature I suppose, but I wonder if they aren’t really aware of the stringency and tough penalties of international anti-corruption laws such as the Bribery Act and the FCPA. This may be a direct result of the failures reported by E&Y in their third conclusion, below.

 3.    “Companies are not doing enough to implement and communicate anti-fraud and anti-corruption measures”.

Communication is the 5th principle in the Guidance. This takes the form of developing policies and procedures and then incorporating them into all your contractual relationships and then training all those people who are “associated persons” under the Act i.e. those performing services on behalf of the organisation. This would be not just employees, although they are a major and obvious category, but also consultants, contractors, joint venture partners, distributors and so on (see older posts on this blog site with “associated persons” as a tag line).

I fully concur with E&Y’s several key recommendations on how organisations can respond to these problems but the one  I would most highlight, and which organisations seem, in my experience, to be most reluctant to get to grips with is the need to conduct at the outset a fraud, bribery and corruption risk assessment and to then to take a risk-focused approach to who should be trained, on what, in which manner and how often. My experience to date has been that in order to comply with the new Bribery Act companies want to start training their staff as soon as possible, and to begin with their UK based staff. This focus on the UK first appears to be due to the belief that UK prosecutors would focus on the UK operations, but this is in my view a mistaken belief. I believe UK prosecutors who decided to commence an investigation would probably start with the view that in all likelihood the UK operations and business would be low risk, so, on the contrary, they would ask the company for details of their foreign operations, evidence of their internal risk assessment report, details of the training in any high risk countries, and a copy of due diligence reports in those countries on associated persons. 

To put in place policies and procedures and to undertake training without carrying out a detailed risk assessment would be to miss the point of the risk-based approach to implementing a compliance programme, and without that risk assessment, the prosecutors may well decide that the company hadn’t taken seriously its obligations to prevent bribery and corruption. They could take the view that the compliance programme was merely a paper tiger and that it has no teeth, and that therefore it would not constitute a defence to the section 7 corporate liability offence.

Some organisations appear to think that the cost of internal risk assessments is unnecessary as they think they know their own risks, and what’s more they don’t want to spend the money in these economically lean times, but of course, as noted above, it seems to be the leanness of the current times which is leading people to being unethical, cutting corners, committing offences and trying to boost their organisation’s incomes. So protecting your organisation now is more important and imperative than ever.

The game changer will be when the UK Serious Fraud Office starts to prosecute British and foreign companies under the new Act. This won’t start for a while yet as it will only be for offences committed on or after 1st July 2011 (offences committed up to 30th June will be under the existing hotch-potch of law), so there will be a time lag of a few months at least before prosecutions commence. Once a few companies and directors have been dragged into the dock, other companies will start to realise the need and benefits of undertaking compliance programmes properly.  

In the concluding words of E&Y’s report, with which I completely agree:

It may not be easy to embed the necessary changes to internal corporate culture required to mitigate the challenges posed by unethical conduct. Our survey has indicated that companies struggle to ensure that what they have in place on paper is actually reflected in the underlying behaviour of their staff.

It is only through a concerted, risk-focused effort that targets areas of potential exposure that firms will be able to meet the expectations of regulators and, ultimately, their shareholders

BRIEFING NOTE - UK Bribery Act, Section 9 Guidance

Posted on March 30, 2011 by Rose Parlane

The Government has released Guidance on the Act, which is intended to help organisations understand how the Act will operate and how to deal with the risks of bribery.  The Guidance gives insights into how the Act might be interpreted, but does not give assurances.  It suggests procedures that might be adequate, but does not set down rules. 

In the Guidance and its associated Quick Start Guide you will find:

  • Answers to some FAQs on the Act and its application.
  • Overview of ss. 1, 2, 6 and 7 offences and what the prosecutor must establish to secure a conviction.
  • The six principles of bribery prevention: (1) proportionate procedures, (2) top-level commitment, (3) risk assessment, (4) due diligence, (5) communication and (6) monitoring and review.  The Guidance includes commentary on each and suggested procedures.
  • Case studies demonstrating how the six principles of bribery prevention might be applied in practice.

KEY POINTS TO TAKE FROM THE GUIDANCE

Gifts and hospitality

  • Reasonable and proportionate expenditure is not prohibited by the Act.
  • Intention is the key to prosecution i.e. intention to induce improper performance (general (s.1)) or intention to influence and secure business or a business advantage (public official (s.6)).

Is my organisation "carrying on a business in the UK"?

  • If an organisation engages in commercial activities, it does not matter if it pursues purely charitable or educational aims or purely public functions; the purpose for which profits are made is irrelevant.
  • Whether an organisation carries on a business in the UK remains a question for the courts, which the Government anticipates will take a common sense approach. Organisations that do not have a demonstrable business presence in the UK are unlikely to be caught.  For example, simply being listed on the London Stock Exchange would not be sufficient, likewise, having a UK subsidiary will not automatically deem the parent company to be carrying on a business in the UK as the subsidiary may act independently of the parent or group.

Associated persons

Any person who performs services for or on behalf of an organisation is potentially an “associated person”, but:

  • The Courts will take into account all of the relevant circumstances, not just the nature of the relationship.
  • The key is the performance of services in business, therefore, an organisation is unlikely to be liable for the actions of a person who simply supplies goods to the organisation.
  • Without intention, receiving an indirect benefit from a bribe paid by an associated person is unlikely to result in prosecution. 
  • The degree of control over the bribe payer will be taken into consideration.

Over the coming days and weeks we, at the Bribery Library, will be commenting on these and other aspects of the Guidance.

Adequate procedures: a paper compliance programme is not worth the paper it's written on

Posted on March 25, 2011 by Rose Parlane

As we await the release of the Ministry of Justice’s final guidance on the Bribery Act many organisations remain completely unclear about the extent of their potential liability under Section 7 and many are still considering what procedures will be “adequate” to prevent bribery by associated persons and therefore provide a defence to future prosecution. 

The recent prosecution of IBM highlights a number of important lessons, one of which is that anti-corruption policies and procedures are meaningless if they are not implemented.  According to the SEC Complaint, IBM had corporate policies prohibiting bribery and procedures relating to compliance with the FCPA.  However, IBM lacked sufficient internal controls to ensure employees of IBM subsidiaries and joint venture partners refrained and/or were prevented from using intermediaries to pay bribes or make other improper payments to government officials.  Over a long period of time the absence of appropriate checks and balances had allowed a culture of corruption to develop in respect of the company’s operations in South Korea and China.

It is not an uncommon tale.  Siemens likewise had anti-corruption policies and procedures, which were ultimately found to be an ineffective “paper program”. 

So, when considering the question "what are adequate procedures?" you should consider whether your organisation's policies and procedures have been properly implemented.    As a starting point, you might like to ponder the following:

  • Is your Board charged with overall responsibility for your anti-corruption compliance programme and is it kept updated on the implementation and development of the programme?
  • Have you communicated your policies and procedures to personnel and other associated persons and in a way that ensures comprehension e.g. have you had your policies and procedures translated?
  • Have you communicated your policies and procedures to the world at large by making them available on your external website or by referring to them in promotional or other public materials?
  • Have you offered practical training on your policies and procedures to personnel and other associated persons such as your subsidiaries, joint venture partners and agents?
  • Do your personnel and other associated persons know who to contact if they have questions about your policies and procedures or if they wish to report suspicious conduct?
  • What internal control systems are in place to ensure your policies and procedures are being adhered to in practice?
  • Are your internal controls audited and reviewed?

There is no getting around it, for your compliance programme to be adequate you have to turn your words into actions when it comes to policies and procedures; they have to be a living and breathing part of your organisation’s day to day business operations....and not just at home, but worldwide.  Policies and procedures that are tucked away in the HR office filing cabinet and never assume a life beyond the paper they are written on have no value to your organisation.

IBM pleads guilty to offences under the FCPA - would these facts constitute offences under the new UK Bribery Act 2010?

Posted on March 23, 2011 by Adam Greaves

I want to quote more or less verbatim a “litigation release” dated 18th March 2010 from the U.S. Securities and Exchange Commission (SEC) website. On that date it charged International Business Machines Corporation (“IBM”) with

"violating the books and records and internal control provisions of the Foreign Corrupt Practices Act of 1977 (“FCPA”) as a result of the provision of improper cash payments, gifts, and travel and entertainment to government officials in South Korea and China. [Note: there is no comparable provision under the Bribery Act]

As alleged in the SEC’s Complaint, from 1998 to 2003, employees of IBM Korea, Inc., an IBM subsidiary, and LG IBM PC Co., Ltd., a joint venture in which IBM held a majority interest, paid cash bribes and provided improper gifts and payments of travel and entertainment expenses to various government officials in South Korea in order to secure the sale of IBM products.

It was further alleged that, from at least 2004 to early 2009, employees of IBM (China) Investment Company Limited and IBM Global Services (China) Co., Ltd., both wholly-owned IBM subsidiaries, engaged in a widespread practice of providing overseas trips, entertainment, and improper gifts to Chinese government officials.

Without admitting or denying the SEC’s allegations, IBM consented to the entry of a final judgment that permanently enjoins the company from violating the books and records and internal control provisions of the FCPA, codified as Sections 13(b)(2)(A) and 13(b)(2)(B) of the Securities Exchange Act of 1934. IBM also agreed to pay disgorgement of $5,300,000, $2,700,000 in prejudgment interest, and a $2,000,000 civil penalty”.

Previously, in 2004 the former head of IBM Korea and two other high-ranking IBM officials were jailed by a court in Seoul after a corruption scandal there.

Jang Gyeong-Ho was IBM Korea's executive director until January 2004 when he was dismissed after accusations of bribing government officials. The court found that Jang had helped IBM partner firms LG IBM and Winsol to secure up to 66 billion South Korean won (€44m) of hardware supply contracts to five public agencies, including the tax service.

What would be IBM’s predicament in the UK on these same facts if the Bribery Act had been in force at the time that the offences (or alleged offences) had taken place.

IBM is a huge global company operating in over 170 countries with, according to its website, around 400,000 employees globally and its revenues are approaching $100billion. It has around 20,000 employees in the UK alone. It is therefore doing business in the UK for purposes of Section 7 of the Bribery Act. It is likely that IBM would be found to be doing business both through the parent company and through its UK subsidiary, so both companies are liable to prosecution, in theory anyway. The offences as reported seem to have been perpetrated by employees of IBM’s South Korean subsidiary i.e. through “associated persons”.

It follows, therefore, that unless the company had in place “adequate procedures” under the Bribery Act (that is, a robust anti-bribery compliance programme), it would be strictly liable for the corrupt activities in which it engaged in South Korea, even though they took place outside the UK, due to Section 12 (5) :

“(5) An offence is committed under section 7 irrespective of whether the acts or omissions which form part of the offence take place in the United Kingdom or elsewhere”.

This could mean unlimited fines for the company.

The IBM employees who committed the offence(s) in South Korea would only be liable under the Bribery Act if they were either British or had a close connection to the UK (broadly speaking were usually resident in the UK).

So if these offences had taken place in 2012, for example, (by which time we consider it is safe to assume that the UK’s Ministry of Justice would have brought the Act into force), IBM could well have been facing a third prosecution in the UK on the same set of facts, in addition to the two prosecutions that took place in South Korea and the US respectively, as cited above.

But would the Serious Fraud Office have pursued IBM when it had already been prosecuted/pursued in South Korea and the US already? It is not clear whether the SFO would want to use its resources in this way. Their attitude towards such circumstances may (I say may, not will) become clearer when the government’s guidance is published soon, or in any event when they start to prosecute foreign companies under the Bribery Act. If it doesn’t become clear, we shall invite the SFO to comment, either directly by blogging here if they agree to do so, or we will blog further here on any comments they have made to us or publicly.

The Bribery Act and the public sector

Posted on March 09, 2011 by Patrick Gilfillan

A Bribery Act policy will be necessary when tendering for public sector contracts.

Article 45 of the EU Public Procurement Directive 2004, enacted in the UK through regulation 23 of the Public Contracts Regulations 2006, provides the basis for debarring, or mandatorily excluding, companies convicted of corruption, fraud, money laundering and participation in criminal organisations from public contracts.  As regards those companies involved in the pharmaceutical or defence industries, to name but two, such debarment or exclusion could mean the death of the company.

In light of this Directive, it is likely that a company convicted under section 7 of the UK Bribery Act 2010 (failure to prevent bribery), will be debarred from tendering for future public contracts.  The reason for this is straightforward: if section 7 does not lead to automatic debarment under article 45 then, in practice, companies convicted in the UK will be beyond the Directive's reach and the major deterrent value of it will be lost.   

To those who suggest that this is going too far, they should keep in mind that there is a defence available to companies where they are able to show that they had in place adequate procedures designed to prevent persons associated with them from undertaking conduct prohibited by the Bribery Act.  This introduces a form of proportionality in that only companies that have clearly failed to introduce adequate procedures, where there is major wrongdoing and systemic failure, are likely to be prosecuted.

The next logical step is for public bodies to require companies to already have in place adequate procedures (in other words, a Bribery Act policy) before they are even allowed to tender for public sector contracts.  If no such procedures are in place, it will become the norm to ask: why not, what has that company got to hide?  Also, given the issues previously raised by my colleague, Adam Greaves, regarding the liability of "associated parties", such public bodies, and those working for them, will want to protect themselves from any potential exposure to those involved with bribery and corruption.

Bribery Act - Associated parties will force you to comply

Posted on February 14, 2011 by Adam Greaves

Section 8 of the new Act provides liability to an organisation for all parties associated with it i.e. providing services on its behalf. Now this is very interesting, for two reasons; first because no-one yet knows which parties your organisation deals with might be considered to be associated with it.

We at the BriberyLibrary believe it could be interpreted to include employees and agents, subsidiaries and parents (obviously) but also distributors, consultants, joint venture partners, and maybe even (shock, horror) professionals advising the corporation. What of your business partners' business partners? If they are doing something on your behalf, you might well be liable for the actions of people you do not even know.

Now this associated liability probably works both ways: associated parties who cross the line could infect your organisation with liability, and you could infect theirs. So both organisations should ask the other to agree to comply with the Act and to demonstrate their own policies and compliance efforts.

So if you were as a business a risk taker and not interested in compliance, this head-in-the-sand view might not last long as the compliance will be forced on you by other more ethical business partners who may just refuse to do business with you otherwise.

Think how many contracting and associated parties you might have as a large organisation, and then think how long this compliance exercise could take!

The trickle down/waterfall effect of the Act is already beginning. As reported recently by The Lawyer, Shell's chief ethics and compliance officer Richard Wiseman and global legal services coordinator Leanne Geale are asking non-panel firms with which Shell does business for details of their anti-corruption compliance procedures (but why limit it to non-panel firms?). I would wager that there are plenty of big reputable law firms out there which don't have any anti-bribery compliance systems, unless of course they have some US footprint and are already FCPA compliant. And those that are FCPA compliant will need to upgrade their compliance, as the Bribery Act is wider and deeper than the FCPA.

My 'waterfall effect' view was further reinforced when I received an email from my own firm's US general counsel late one night recently asking me to tell him more about the Bribery Act. Apparently our New York based underwriters are (quite rightly) asking us what we are doing to comply with the new British Act. So its a British Act, but the commercial pressure to comply on our firm (which has offices in three countries) is coming from American underwriters.

So then we will, in turn, ask all our contracting parties to do the same, and so on and so forth.

The Act does truly have extraterritorial reach. Fast forward five years and the waterfall effect will in our view have forced most well run large and medium sized companies to do what is required to comply, whether they like it or not.