Any views expressed in this article are those of the author and not of Thomson Reuters Foundation.
A “red letter date” in any UK legal and management diary is July 1 2010 – when the UK Bribery Act 2010 comes into force. Given recent media attention, the Act and its implications for UK businesses will be news to few. However, to mention the headline implications for UK companies – the Act applies to all businesses registered and doing business in the UK; there is no upper limit on fines for companies found convicted of the corporate offence of failure to prevent corruption and the only defence for companies is to demonstrate to the court that they have in place “adequate procedures” to prevent corruption.
The “adequate procedures” have been generally described as including a statement of zero tolerance of corruption by management; an anti-corruption policy, anti-corruption training, helpline availability and auditing and monitoring procedures. Implementing such procedures may present no difficulty for well-resourced companies but what do “adequate procedures” look like for small to medium-sized enterprises (SMEs) working in high corruption-risk countries, such as junior mining companies?
The most recent guidance on the Act published on March 30 2011, repeatedly emphasises that the measures implemented by SMEs should be “proportionate” and that, in the words of Secretary of State for Justice, Kenneth Clarke, “combating the risks of bribery is largely about common sense, not burdensome procedures”. The guidance fully acknowledges that application of the six anti-bribery principles set out in the guidance is likely to be different for SMEs than multinationals. Common ground across companies however is that they should adopt a risk-based approach to managing bribery risks, specific to their circumstances.
The guidance does not have statutory authority but must be regarded by the two bodies which have the power to bring prosecutions under the Act – the Serious Fraud Office (SFO) and the Department of Public Prosecutions (DPP).
In responding to the Act’s introduction, juniors must realise that Bribery Act 2010 compliance is primarily a practical matter of implementing policies and processes. A number of the “adequate procedures” measures are straight-forward and are easy to implement. The world’s leading anti-corruption NGO, Transparency International, and The United Nations Global Compact (UNGC) have developed tools specifically to assist SMEs with anti-bribery compliance. It is important that SMEs take a timely, responsible, proactive attitude to the Act and its introduction and are able to demonstrate that they have done so to the court.
A responsible response and board statement
The company’s board should receive a presentation on the Act from its legal or policy advisers and discuss the Act’s implications for the company and the steps it will take. These may include delegating authority for the implementation of procedures to staff, legal counsel or engaging short term consultancy. However, the guidance says that it does not intend Bribery Act 2010 compliance to be burdensome for SMEs. Transparency International (www.transparency.org) has published step-based practical tools to assist SMEs to implement anti-bribery measures.
The board should make a statement on zero tolerance of corruption. The statement should be published internally to offices and operations and externally and reproduced in the company’s Code of Conduct and anti-corruption policy.
The company should assess the policies and procedures it already has in place to forestall anti-corruption, as a basis for the further measures it needs to systematically implement.
Risk analysis should be periodic, informed and documented. Risks, especially in the mining industry, change over time given such considerations as government stability and cultural attitudes to corruption in countries where mining companies operate. An SME should assess the nature and extent of its exposure to potential internal and external risks of bribery. The guidance sets out examples of the risks that should be considered:
- Country risk – perceived levels of corruption reflected by indicators such as Transparency International’s annual Corruption Perceptions Index (CPI).
- Sectoral risk – what are the risks specific to the mining industry?
- Transaction risk – certain types of transactions such as charitable and political contributions, licences and permits give rise to higher levels of risk.
- Business opportunity risk – higher value projects or those involving many contractors or intermediaries indicate higher potential risk.
- Business partnership risk – relationships involving intermediaries, consortia, joint venture partners, politically exposed persons and foreign public officials entail high potential exposure to risk.
- Procedural risk – to what extent may internal structures or procedures forestall risk? There may be deficiencies in employee anti-corruption or general training, skills and knowledge; lack of policy or clarity in policy on key areas and lack of a strong, public top level commitment to anti-corruption.
Code of Conduct
The company may already have a Corporate Code of Conduct. This should be revised to include the statement of zero tolerance of corruption.
An anti-corruption policy need not be extensive. What is just as important as its content is that the policy is practical, accessible to employees – across office and mine site operations, implemented and widely published and distributed. The policy should be augmented by communications materials underpinning key aspects of the policy. The Policy should contain statements on the following key areas:
- Gifts and hospitality
- Facilitation payments
- Conflicts of interest
- Use of company assets
- Use of intermediaries
- Relations with foreign public officials.
Due diligence undertaken on renewing current and undertaking new projects and contractual relationships should also be proportional and risk-based. Due diligence should already be part of good corporate governance, though may need to be augmented by enquiries related to corruption-risk. The due diligence research may be internet based, augmented by specific enquiries appropriate to the sector and country and require the prospective intermediary or project partner to provide information and documentation in response to a questionnaire. For example, they might provide examples of their own Code and anti-corruption statements/policy.
Under the Act, a company’s employees are presumed persons ‘associated’ with the organisation. Therefore, companies may wish to incorporate ethics-based questions and due diligence into their recruitment and human resources procedures and ensure that all new employees receive training on the company’s anti-corruption policy on joining the company.
Anti-corruption training and communications
Internal communications should convey zero tolerance of corruption by management and provide a system for employees to ask questions or report concerns. Training of employees should be proportionate to risk. It might entail a general presentation on the anti-corruption policy to the majority of employees and specifically focussed training for middle and senior management on aspects of wider corruption-exposure – such as intermediaries and dealing with foreign public officials. There may be particular cultural aspects and attitudes regarding corruption of which employees should be aware, depending where the company operates. It will be important for a company to demonstrate that training was received by employees and refresher training provided at appropriate intervals by keeping careful records of training.
Monitoring and review
Anti-corruption is a dynamic field and companies must remain vigilant and responsive to new risks which may arise where and with whom they work. A company should institute a protocol for periodic review of its anti-corruption policy, training, recording and reporting. It might seek some form or external verification of its anti-bribery procedures or apply for certified compliance with an independently verified industry anti-bribery standard.
Foremost will be for SMEs to be informed of the Bribery Act 2010 and take responsible, proportionate measures to implement risk-based anti-bribery compliance.
Michelle Witton is an Ethics & Compliance Consultant and lawyer, who has implemented anti-corruption compliance for Anglo American plc and AstraZeneca. Michelle can be contacted at www.mwethics.com (under construction) or 07950 932070.