On 14 September 2010 the UK Ministry of Justice issued its consultation paper on the proposed guidance concerning the development of "adequate procedures" for preventing bribery in commercial organisations. The UK Secretary of State is required under Section 9 of the UK Bribery Act 2010 – which was enacted this past April and due to come into force in April 2011 – to develop and publish this guidance. As discussed in our alert on the Bribery Act, Section 7 the Act contains a new offence, directly applicable to commercial organisations, of failing to prevent persons associated with the organisation from committing bribery on its behalf. It is a defence for an organisation to prove that despite a particular case of bribery it nevertheless had "adequate procedures" in place to prevent persons associated with it from engaging in bribery. The Ministry of Justice guidance on "adequate procedures" is intended to assist companies in evaluating how best to implement anti-bribery compliance programs, consistent with the affirmative defence in the Act.

The proposed guidance is formulated around six general principles which are set out below. These are designed to be of general application across all sectors and for all types and size of business. They are not intended to be prescriptive or standard setting, or impose any direct obligation on an organisation. The six principles generally reflect pre-existing UK and international best practices standards, and are intended to be used as a flexible guide to deciding what procedures are right for an organisation. The guidance acknowledges that what is appropriate for a small- or medium-sized enterprise may well be different from a large multi-national organisation, and what is appropriate for a given company will depend largely upon that company's industry, customers, and various other corruption-related risk factors.

The six key principles identified in the guidance are as follows:

  1. Risk Assessment: the commercial organisation should regularly and comprehensively assess the nature and extent of the risks relating to bribery to which it is exposed.
  2. Top Level Commitment: the top level management of a commercial organisation (be it a board of directors, the owners or any other equivalent body or person) should be involved in the compliance program and ensure that the organisation's policy to operate without bribery is clearly communicated to all levels of management, the workforce and any relevant external factors.
  3. Due Diligence: organisations should develop procedures for conducting corruption-related due diligence on third parties who they do business with, including the organisation's supply chain, agents and intermediates, all forms of joint venture and similar relationships.
  4. Policies and Procedures: written anti-corruption procedures should be developed for employees that are clear, practical, accessible and enforceable.
  5. Effective Implementation: procedures should be in place to ensure that the compliance programme is communicated effectively to employees and third parties who act on the organisation's behalf, and that the programme is implemented on an ongoing basis.
  6. Monitoring and Review: procedures should ensure that the implementation of the compliance programme is monitored regularly and updated whenever necessary, and that compliance-related issues are reported upward as appropriate.

The full consultation paper can be found here and provides further detail about the six principles and also five detailed illustrative scenarios.

The draft guidelines are due to be finalised and published in early 2011, in advance of the entry into force of the Bribery Act in April 2011. The next several months provides organisations, therefore, with a window of time to take appropriate measures to ensure that their internal controls and compliance safeguards are adequate to meet any corruption-related risks that the organisation may face. As we noted in our earlier comments on the Bribery Act, the process of implementing an anti-corruption compliance programme cannot be viewed as a box-ticking exercise, but must involve a careful assessment of risks throughout the organisation's operations. This will include assessments of, among other things:

  1. where the organisation does business and the corruption risks inherent in those jurisdictions;
  2. what third parties (such agents and consultants) the organisation uses to support its business operations, and what measures are taken to oversee the activities of those third parties;
  3. whether the organisation's internal financial and accounting controls are adequate to ensure that receipts and expenditures are made and recorded in a transparent manner;
  4. how the organisation manages its regulatory obligations in the foreign jurisdictions where it operates (including, for example, tax issues, customs requirements, health and safety regulations, government permits, and other requirements);
  5. how the organisation markets itself to existing or potential customers (including both government and private-sector customers); and
  6. how employees and other parties acting on the organisation's behalf are trained and made aware of corruption-related risks, and the consequences (to those parties and the organisation as a whole) of breaching the company's policies and applicable anti-corruption laws.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.