Financial institutions, including broker-dealers, have been living with the legal and regulatory requirements of the U.S. Foreign Corrupt Practices Act (FCPA) for more than three decades. The United States was the first nation to outlaw the payment of bribes to foreign public officials that were intended to “obtain or retain business” for the company offering the inducement. With the Department of Justice’s global reach and an increasingly robust enforcement program, the FCPA has prompted many if not most multinational commercial organizations, including many global financial institutions, to adopt FCPA compliance programs that include anti-bribery policies and procedures, staff training, vendor due diligence and program audits. Companies that have been investigated for or charged with violating the FCPA have paid very significant sums as a result of settlement agreements or following conviction. In recent years, the Department of Justice has placed a new focus on the prosecution of corporate officers seeking imprisonment for violations of the Act.
It took twenty years for the international community to address this issue. The OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions was signed in December 1997 and entered into force fourteen months later.
Although an original signatory of the OECD Anti-bribery Convention, the Government of the United Kingdom resisted domestic and international pressure to adopt legislation meeting the standards of the Anti-Bribery Convention for more than a decade, insisting that existing legislation, significant elements of which dated to Victorian times
The new law, scheduled to take effect from July 1, 2011, contains a number of unprecedented provisions that have caused a wave of concern in the global business community as companies scramble to understand the meaning and scope of these provisions, assess the adequacy of their existing anti-bribery programs and develop measures that will address perceived gaps in those programs.
On the eve of the U.K. Bribery’s entry into force, what does this mean for financial institutions?
While the U.K. Bribery Act 2010 includes a number of provisions that initially appear to “raise the risk bar” for corporate compliance, only one really qualifies as we shall see.
In short, while there is no need for panic (even in the face of evidence that some are doing just that), the world’s newest significant anti-bribery law is a useful reminder to assess your firm’s anti-bribery program. And if your firm does not have one, it is probably wise to take deliberate steps to develop one – the good news here is that the primary elements of such a program are well established and there are numerous sources to assist you in developing the right program for your firm.
How Does the U.K. Bribery Act Compare to the FCPA?
While it may have taken the U.K. Parliament more than a decade to reach a consensus on new anti-bribery legislation, the new law contains a surprising number of new measures beyond the customary and established terms of the FCPA and the requirements of the OECD Convention.
The FCPA addresses the bribery of foreign officials by criminalizing not only the payment of bribes to foreign officials, but also the failure to maintain corporate books and records that honestly document the use of corporate funds and resources. The FCPA also empowers the Securities and Exchange Commission (SEC) to enforce the books and records provisions as well as “internal controls” provisions through civil actions. However, the SEC’s investigations can result in referrals to the U.S. Department of Justice for criminal prosecution and the “books and records” provisions have become a very effective tool of corporate prosecution in which too many companies produce their own evidence of guilt through attempts to cover up improper payments. The FCPA distinguishes between payments intended to obtain or retain business and minor sums paid to a public official to perform a ministerial act; these so-called “facilitation” payments have become a bit of a red herring in international assessments of the FCPA. Critics contend that it creates a dangerous loophole when in fact U.S. Department of Justice guidelines and actions make it plain that only very minor payments made to obtain the performance of routine government functions in essentially extortionate circumstances qualify for protection under this measure.
Finally, the U.S. anti-money laundering laws were amended to include an FCPA criminal violation as a predicate offense for a money laundering prosecution. Therefore, a single act of corporate bribery can result in two serious criminal charges for bribery and money laundering.
The U.K. Bribery Act 2010 Is a Model of Brevity (the Text of the Legislation Is a Mere 13 Pages)
First, the Act establishes three new criminal offenses:
- Bribing another person;
- Being bribed; and
- Bribing a foreign public official.
It is the last offense that is most clearly connected to the provisions of the FCPA, which is exclusively concerned with the bribery of foreign public officials (there being a host of other criminal offenses that cover the bribery of U.S. public officials at all levels of government).
Under the Bribery Act, a “foreign public official” includes officials, whether elected or appointed, who hold a legislative, administrative or judicial position of any kind of a country or territory outside the U.K. It also includes any person who performs public functions in any branch of the national, local or municipal government of such a country or territory or who exercises a public function for any public agency or public enterprise of such a country or territory, such as professionals working for public health agencies and officers exercising public functions in state-owned enterprises. Foreign public officials can also be an official or agent of a public international organization, such as the UN or the World Bank.
The FCPA defines a “foreign official” as any officer or employee of a foreign government, a public international organization, or any department or agency thereof, or any person acting in an official capacity on behalf of a foreign government.
The Bribery Act goes further by including the bribery of private persons employed by or serving as an agent of a private company. This feature is akin to U.S. commercial bribery laws which are a common feature of most state penal codes. So while the FCPA does not criminalize commercial bribery, this is because it is an offense already recognized at the State level.
Bribery is defined by the Bribery Act as being the offer, promise or giving of an advantage to another intending that it should induce the improper performance of a relevant function or activity or to reward such improper performance. In other words, for both the bribery of a public official as well as an employee of a private company, the intention to influence must concern the improper performance of some function or activity affecting the official’s or private person’s government or company. This definition is not significantly different than that contained in the FCPA, which prohibits “any offer, payment, promise to pay, or authorization of the payment of money or anything of value to any person, while knowing that all or a portion of such money or thing of value will be offered, given or promised, directly or indirectly, to a foreign official to influence the foreign official in his or her official capacity, induce the foreign official to do or omit to do an act in violation of his or her lawful duty, or to secure any improper advantage in order to assist in obtaining or retaining business for or with, or directing business to, any person.”
The Bribery Act definition of bribery limits the “intent” component, i.e., the requirement that the offer, advantage or payment be for the purpose of obtaining or retaining business for the company or person responsible for the bribe, to the bribery of public officials. This is consistent with the FCPA’s definition of intent (where the entire scope of the law is limited to the bribery of public officials).
The Act does not include “books and records” or “internal controls” provisions, nor does it make the violation of the Act a predicate offense for a money laundering prosecution. This could serve to limit the “collateral” reach of the Bribery Act both as an enforcement tool and a deterrence measure.
Clearly the most controversial provision of the Bribery Act is defined in Section 7, which establishes a new corporate offense of Failing to Prevent Bribery. Simply put, if “a person associated with” a covered “commercial organization” bribes another person “intending to obtain or retain business or an advantage in the conduct of business for” the commercial organization, then that company is guilty of an offense and subject to unlimited fines and other sanctions.
This provision is extraordinary for several reasons. It creates a form of criminal liability for corporations doing business in or through the U.K. with an extraterritorial reach that did not exist before. Under the Act, any company, no matter where it is incorporated or located is subject to prosecution under Section 7 if it “carries on a business or part of a business, in any part of the United Kingdom”.
Section 7 establishes a low burden of proof for the Crown while shifting a considerable burden to the corporate defendant, except that it includes an unusual defense, to wit: if a company can prove that it had “in place adequate procedures designed to prevent persons associated with” the company from engaging in the bribery of foreign public officials.
How does a company go about proving that it has adequate prevention procedures?
The answer to this question can be found in the Guidance about procedures which relevant commercial organisations can put into place to prevent persons associated with them from bribing issued by the U.K.’s Ministry of Justice in April 2011 pursuant to Section 9 of the Bribery Act. According to the Guidance:
A commercial organization will be liable to prosecution if a person associated with it bribes another person intending to obtain or retain business or an advantage in the conduct of business for that organization. As set out above, the commercial organization will have a full defense if it can show that despite a particular case of bribery it nevertheless had adequate procedures in place to prevent persons associated with it from bribing. In accordance with established case law, the standard of proof which the commercial organization would need to discharge in order to prove the defense, in the event it was prosecuted, is the balance of probabilities.
The devil is, as always, in the details. The details in this case surround the “Six Principles” set out in the Justice Guidance. Although the Ministry of Justice’s Final Guidance provides no prescriptive approach to adequate procedures, it does identify six high-level “principles” to be used as a guide by organizations when implementing their own anti-bribery programs. The anti-money laundering (AML) compliance officer of any financial institution will immediately recognize these principles as representing the “risk based approach” to managing significant compliance risks. Any AML compliance officer also knows this is both good news and bad: it allows every firm the opportunity to build its compliance program to match the true nature and scale of its products and services in the context of geographic, industry and client risks; it also means that the reasonableness of its risk assessments are most likely to be critically assessed by law enforcement or regulatory officials in the wake of a perceived serious failure of that assessment.
The Six Principles are:
1. Proportionate Procedures: Proportionality is said to be central to the Guidance. Businesses need to assess their exposure to potential bribery and implement appropriate procedures in light of this risk. This theme of risk-based proportionality appears throughout the Final Guidance, and it replaces two of the principles that appeared in the draft guidance—namely “clear, practical and accessible policies and procedures” and “effective implementation.”
2. Top-Level Commitment: The advice provided here remains consistent with that included in the draft Guidance, instructing that high level management must lead by example to eradicate bribery throughout an organization. In practice this is often addressed by having the Board of Directors or Senior Management adopt an anti-bribery statement, often one expressing a zero tolerance policy. If this represents the sole action taken by management, any failures are likely to be laid at the management’s door, citing the “sham” nature of the company’s top-level commitment.
3. Risk Assessment: Businesses must periodically assess their exposure to bribery and corruption both internally and externally and document these assessments. This is where the quicksand lies: many firms find it is difficult to perform effective risk assessments without expert insight and direction. On the other hand, bringing in the big outside consultants too often results in assessments that may not be understood by the firm’s managers and may be improperly implemented as a result. And after the outside consultants’ bill is paid, too often there is no appetite to conduct ongoing risk assessments with the predictable results that new risks are not adequately addressed.
4. Due Diligence: This principle ensures businesses have a risk-based approach in determining who will perform services on behalf of the business. This is also a deceptively difficult process to develop and maintain. Any shortcomings will loom large in the post-scandal assessment of a company’s anti-bribery program. It is essential to identify and properly assess the risk represented by every agent, local advisor, business development firm, vendor and supplier. High risk relationships must receive real attention both during the onboarding process as well as throughout the relationship.
5. Communication (including training): Training has been expressly included in this principle, recognizing its importance in preventing bribery, a principle that did not appear in the draft guidance. It states that a company’s anti-bribery policies and procedures should be communicated internally and externally, including the training of staff. Internal communications should convey the “tone from the top,” and should include policies and training concerning issues such as decision making, financial controls, hospitality and promotional expenditures, facilitation payments, training, charitable and political donations, and penalties for breach of the rules and the articulation of management roles at different levels. Training should focus on the “red flags” associated with corruption risk as well as real world examples that resonant with sales, business development and regional and field staff in particular.
6. Monitoring and Review: This will assist in conducting ongoing benchmarking of a company’s risk based assessment process (and demonstrating that fact), provide early notice of emerging challenges and difficulties and provide a basis for ongoing reports to senior management. Large institutions may be able to rely on their internal audit department to conduct anti-bribery program audits; smaller firms should seriously consider employing an outside audit firm to demonstrate the independence of its compliance assessments.
Addressing an area that had generated considerable negative publicity and concern, the final Ministry of Justice guidance emphasized that while hospitality and promotional business expenditure can amount to bribery, “reasonable and proportionate hospitality” will not breach the Act. Contrasting examples are given, such as an organization providing “ordinary travel and lodgings” to an official to enable a visit to the organization’s premises (not bribery) and a five-star holiday provided to the official unrelated to a demonstration of the organization’s services. The latter example would likely be considered a bribe.
The final guidance also provides useful direction on the Act’s geographical scope, particularly relating to the offense of failing to prevent bribery, which applies only to businesses either incorporated or formed in the U.K., or which operate a business or a part of a business in the U.K. The guidance states that whether a company is carrying on a business or part of a business in the U.K. will require “a demonstrable business presence.” As a result, the mere fact that a public company’s shares are listed on the London Stock Exchange, or that it has a U.K. subsidiary, will not in itself mean that the company is carrying on a business in the U.K.
Risks of Not Complying With the Act
- Penalties
Companies that fail to comply with the terms of the Act face much higher penalties for violations at the company, board and individual manager level than former U.K. laws have imposed. The Bribery Act provides that an offense committed by a company is punishable by a fine, which is unlimited if the company is convicted on an indictment. An individual guilty of an offence would be liable on conviction on indictment to imprisonment for a term not exceeding ten years or to a fine, or to both.
- Debarment Risk
If a company is reliant on selling to European Union (EU) governments it should not ignore the risk of debarment arising from a conviction under the Bribery Act. Under the Public Contracts Regulations 2006 (which gives effect to EU law in the U.K.), a company is automatically and perpetually debarred from competing for public contracts where it is convicted of a corruption offence. If the 2006 Regulations are amended to include the crime of failure to prevent bribery then this could result in severe sanctions for companies found guilty of this offense. The risk of such a severe penalty could cause companies that are reliant on public contracts to be reluctant to report any incidents they discover for fear of conviction and subsequent debarment, though this approach is not advised. In the case of detecting an issue or offence, the company should consult its lawyers about self-reporting. It can be expected that the authorities will not take a light view of any incident if they discover a company was aware of an incident but avoided reporting it. Self-reporting on the other hand does ensure leniency, especially if the underlying offense(s) are significant or longstanding or senior management condoned or failed to act promptly to address the problem.
- Worst Case Scenario
After the final Guidance was released, many commentators speculated that the broad scope of the Act might lead to far-ranging liabilities for corporations with a U.K. nexus, even a relatively minor one. The new Section 7 offense of “failure to prevent bribery” may be committed by a company which “carries on a business or part of a business” (a term which is not defined in the Act) in the U.K. The Act also applies to any person or company that commits a bribery offense outside the U.K. as long as they are a British citizen or resident, or a body incorporated under the law of any part of the U.K. The offense may apply to bribery conducted anywhere in the world by a person with no connection to the U.K. as long as they are “associated with the company”. A person is “associated with a company” if they perform services on behalf of or for the company. As a result, this could create liabilities if a bribe is paid by a company’s agents, employees, subsidiaries, intermediaries, joint venture partners and suppliers.
The U.K. Guidance issued by the Ministry of Justice suggests that the Government will employ a “common sense approach” to the issue of the jurisdictional reach of the Section 7 offense. For example, the Guidance states that merely being a member of the London Stock Exchange would not, absent other factors, mean that a company is carrying on a business or part of a business in the U.K.; nor will a parent company be deemed to be carrying on a business in the U.K. merely because it has a U.K. subsidiary. The Guidance suggests instead that a company must have a “demonstrable business presence” in the U.K. to meet the jurisdiction test for enforcement under Section 7 of the Bribery Act.
Of course guidance is one thing but it remains to be seen whether or not the Court’s will agree with the MOJ’s interpretation of the proper standards for the Bribery Act. It is because of these concerns that Transparency International U.K. recommended that a company communicate its anti-bribery policy to its third party agents and vendors and that a company’s code of conduct or business principles should carry a statement that the company is committed to integrity and will operate transparently and fairly in its business dealings. TI U.K. suggests that companies consider adding an anti-bribery clause to its contracts with third party agents, vendors and suppliers.
U.K. History of Prosecuting Bribery Accusations
The agency that will be responsible for prosecuting violations of the Act is the U. K.’s Serious Fraud Office (SFO), which was established in 1988 pursuant to the Criminal Justice Act. The SFO “is responsible for investigating and prosecuting the most serious and complex cases of fraud and corruption in England, Wales and Northern Ireland,” including investment fraud, corporate fraud, public sector fraud, and bribery and corruption. The organization is also responsible for enforcing the provisions of the Bribery Act. Following the BAE Systems bribery controversy, then-Attorney General Lord Goldsmith hired former Manhattan Assistant District Attorney Jessica de Grazia to conduct a review of how the SFO handles its investigations and prosecutions. De Grazia’s report, issued in June 2008, stated that “the SFO uses significantly more resources per case than either the Office of the United States Attorney for the Southern District of New York U.S. (the primary federal prosecutor for Manhattan and other parts of New York) and the Manhattan District Attorney’s Office. The SFO also achieves significantly less for its efforts, as measured by both its productivity (the number of defendants prosecuted) and its conviction rate. The study found that the SFO’s conviction rate had fallen from 82% in 2002/3 to just 61% in 2008. In comparison, the Manhattan District Attorney’s office the rate was 92% in 2008.
The report also found the SFO was suffering from a “pass the buck” culture, while senior managers lacked skills, knowledge and perseverance. The report, which also provided 34 recommendations to make the SFO more effective, led to change. Former SFO Director Robert Wardle resigned in April 2008 and was replaced by Richard Alderman, a former senior investigator at HM Revenue and Customs. Additionally, the British press reported that dozens of lawyers and investigators were asked to leave the SFO following de Grazia’s review. On November 18, 2008, the new SFO Director Richard Alderman announced that the SFO would increase the number of its anti-corruption investigators from 65 to 100. However, earlier this year, former Minister of Justice Lord McNally said that the SFO can expect to receive just an additional £2 million ($3.24 million) per year to investigate and prosecute the new offense of failure by a commercial organization to prevent bribery. The British press reported that this could translate to less than two investigations or prosecutions a year. The SFO is also facing extensive budget cuts, from £34 million ($55 million) in 2011 to £29 million ($47 million) in 2014. Indeed, there are even recent reports that the U.K. Government may close the SFO altogether.
Conclusion
As discussed, the U.K. Bribery Act brings U.K. law into compliance with the provisions of the OECD Convention Against Bribery and creates a significant new offense for companies doing business in the U.K. Other provisions of the Act, such as the prohibition against facilitation payments or improper payments to non-public corporate employees, may also raise the bar for corporate anti-bribery compliance programs (or they may not in practice). Multinational companies and financial institutions with a U.K. nexus should assess the adequacy of their anti-bribery compliance program against the “Six Principles” laid out by the Justice Ministry’s April Guidance. Particular attention should be paid to the risks associated with third party agents, vendors and suppliers as most corporate criminal prosecutions will feature corrupt acts undertaken by such third parties on behalf of a company (even without the knowledge or complicity of the company). Any firm that does not have an identified anti-bribery compliance program should devote immediate attention to the development of one.
In the short term, businesses may want to take a number of steps to improve their compliance programs. Those steps may include the following:
1. Review your existing FCPA-based policies and procedures and ensure they address the new standards imposed by the U.K. Bribery Act. Conduct new anti-bribery training that specifically references the Act.
2. All corporate Gift & Hospitality policies should be carefully examined and amended as necessary to comply with the Bribery Act.
3. Employees must be trained on the new legislation and the steps that any changes in company policies and procedures designed to prevent and detect the payment of bribes or facilitation payments.
4. Third party due diligence procedures must be assessed and improved as necessary – the bar is being raised; a failure to take any action is not enough to protect your business.
This is the wrong time to panic or seek simple, cheap solutions. As discussed above, the pace of enforcement of the U.K. Bribery Act 2010 is likely to be very gradual. Indeed it is important to remember that even with the implementation of the U.K. Bribery Act, multinational companies will continue to face a greater risk of an FCPA investigation or prosecution than indictment under the U.K. Bribery Act for the foreseeable future.
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.