UK: The Bribery Act 2010 - Are You Ready?

After months of delays the Bribery Act 2010 (the "Act") finally comes into force on 1 July 2011. The Act, which will completely replace the UK's existing anti-bribery laws, is intentionally robust, being wide in both scope and jurisdictional effect and imposing significant penalties.

The key offence for companies is the new offence of failing to prevent bribery. This is a strict liability offence, although companies will have a defence if they can show that they had adequate procedures in place to prevent bribery. Under the Act the Government is required to publish guidance on the procedures companies can put in place to prevent bribery, and this guidance was finally published by the Ministry of Justice on 30 March 2011 (the "Guidance").

This article revisits the Act in the light of the Guidance, focussing in particular on the offence of failing to prevent bribery and the steps companies should take to help ensure they have adequate procedures in place.

Offence of Failing to Prevent Bribery

The Act provides that a "relevant commercial organisation" will be guilty of an offence if a "person associated" with it bribes another person intending to obtain or retain a business advantage for that organisation, unless the organisation can show that it had "adequate procedures" in place to prevent bribery.

The key aspects of this offence are considered in more detail below, including in the light of the Government's suggested interpretation as set out in the Guidance. However, it must be remembered that the Guidance is not binding in this respect and the full scope of the Act will only become clear once it has been tested in the Courts.

Relevant Commercial Organisation

The offence only applies to "relevant commercial organisations" and it is this definition that provides the wide jurisdictional scope of the offence. A "relevant commercial organisation" is defined to cover both companies incorporated in the UK, irrespective of where they carry on business, and overseas companies that carry on business, or part of their business, in the UK.

What constitutes carrying on business in the UK is not clear, and has been the subject of much discussion. The Government anticipates that an organisation will need to have a "demonstrable business presence in the UK" to fall within the definition, and that being listed on the UK stock exchange or having a UK subsidiary would not in itself be sufficient. However, it will be for the Courts to determine whether or not a company is carrying on business in the UK, so the position remains uncertain for overseas companies. What is clear is that the Act has a wide territorial scope, and so overseas companies must ensure they understand and are prepared for the Act.

Associated Person

The Act defines an "associated person" as a person who performs services for and on behalf of the organisation. The Act gives the examples of the organisation's employees, agents or subsidiaries. However, the definition is broad enough to also cover, for example, contractors, sub-contractors, suppliers, joint venture companies and joint venture partners. The broad scope of this definition means that organisations can commit an offence under the Act as a result of the actions of a person over whom they have very limited control.

Adequate Procedures

Given the wide scope of the offence, it is essential that companies have adequate procedures in place to prevent bribery to ensure they can rely on the defence, and the Guidance is clearly an important element of determining what constitutes "adequate procedures". The Guidance sets out six principles, which are not prescriptive but are instead intended to provide for a flexible, proportionate and risk based approach. These principles are considered in more detail below.

Principle 1 - Proportionate Procedures

This principle sets out the overarching theme of the Guidance – procedures must be proportionate to the risks that an organisation faces and to the nature, scale and complexity of its activities. Adequate procedures for a large multi-national company will be very different to adequate procedures for a small UK based company.

Principle 2 - Top-level Commitment

Top-level management must be committed to preventing bribery and foster a company culture where bribery is never acceptable. A company's board of directors should be involved in developing anti-bribery procedures and communicating the company's anti-bribery policy statement.

Principle 3 - Risk Assessment

A company must assess the nature and extent of its bribery risk to ensure that it adopts proportionate procedures designed to prevent bribery. This will include a review of external risk factors (such as the countries and sectors in which it operates, the types of its transactions and its use of business partners) and internal risk factors (such as deficiencies in training, a bonus culture that rewards excessive risk taking and lack of clarity on the company's anti-bribery policies). This risk assessment must be conducted on a periodic basis as the company's business evolves.

Principle 4 - Due Diligence

A company must conduct appropriate due diligence on its associated persons, as it may be liable under the Act for their actions. Again, the level of due diligence required will depend on the particular circumstances. In higher risk situations (such as engaging an agent in a high risk jurisdiction), appropriate due diligence may involve questioning the party involved, investigations undertaken by external consultants and third party references. Due diligence is also critical in a mergers and acquisitions context.

Principle 5 - Communication (including training)

It is not sufficient for a company to adopt anti-bribery policies which then gather dust on a shelf. The policies must be embedded and understood throughout the organisation. This will involve communication of, and training on, the organisation's policies and procedures, both to employees and (where appropriate) to other associated persons, such as agents and suppliers.

Principle 6 - Monitoring and Review

Companies must monitor and review their procedures on an on-going basis to ensure they are adequate and proportionate to prevent bribery. Companies should regularly consider whether their policies and procedures are working, how they can be improved and whether they need to be updated in the light of any change to the company's activities.

Corporate hospitality

There is a real concern that the broad scope of the Act may in fact criminalise legitimate corporate hospitality. This is particularly the case for the offence of bribing a foreign public official, which only requires an intention to influence that official to obtain or retain a business advantage. In response to this concern the Government has emphasised in the Guidance that the Act is not intended to prohibit reasonable and proportionate hospitality. The Guidance also sets out a number of factors which may be considered in deciding whether corporate hospitality amounts to an offence. These include the type and level of the hospitality (including in relation to sector norms), the manner and form in which it is provided and the level of influence of the recipient. The timing of the hospitality and the connection to relevant business will also be important factors to consider. Ultimately, however, companies will need to rely on the SFO exercising its discretion not to prosecute in circumstances where legitimate corporate hospitality triggers an offence under the Act. This clearly puts companies in a very uncertain position.

Practical Steps

To the extent they have not done so already, companies need to urgently review and update their anti-bribery policies and procedures, adopting (in line with the Guidance) a proportionate, risk based approach designed to address the specific risks faced by the organisation. Companies should also review and update their standard form documents, including due diligence checklists, employment contracts and contracts with business partners (such as agents, distributors and suppliers) to ensure they include appropriate anti-corruption provisions in light of the Act.

Many larger companies may already have policies and procedures in place to comply with the US Foreign Corrupt Practices Act 1977 ("FCPA"). While these are likely to go some way towards ensuring adequate procedures under the Act, there are some significant differences between the FCPA and the Act. For example, the Act applies to both the public and the private sectors and to receiving bribes, whereas the FCPA only applies to bribing a foreign public official. In addition, unlike the FCPA, the Act does not provide an exemption for facilitation payments or a defence for reasonable corporate hospitality. Such companies must still therefore review their existing policies and procedures, and update them as necessary to ensure they cover the Act. Given the wide territorial scope of the Act, this process should be undertaken on a global, rather than UK only, basis.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.