According to Transparency International’s annual Corruption Perceptions Index 2017, New Zealand is the least afflicted country (with a score of 89 out of 100), the UK comes joint 8th (with a score of 82), Kenya comes joint 143rd with Mauritania with 28. Bottom of the pile is Somalia at 180 with a score of just 9 out of 100.
Kenya and Mauritania have one thing in common; they are both linked to Smith & Ouzman, a specialist printer of security documents, which in 2014 was the first company to be convicted under the UK’s Bribery Act 2010. It received a £2.2m fine and £25,000 costs while its chairman received a suspended prison sentence and was ordered to pay £79,500 in costs and penalties; its sales and marketing director was sentenced to three years and ordered to pay £93,693 in costs and penalties.
The case, according to a Serious Fraud Office (SFO) spokesman, “was the first conviction of foreign officials and the first instance of directly compensating an affected government”. He adds that the trial shaped the principles for compensating overseas bodies in such cases.
Considering the high profile of the case, it’s not very surprising then that the BPIF backs the Act. Nicola Langley, head of legal at the BPIF and a commercial solicitor, says that “the BPIF supports the general aims of the Bribery Act. Bribery and corrupt practices damage competition, causing honest businesses to lose out unfairly, and ultimately damage economic development and hinder international trade.”
According to Jeanette Burgess, a partner from the Regulatory team at Walker Morris, the Bribery Act 2010 simplified fragmented law on bribery and corruption that was previously split between common law and historic statutory provisions.
“The unified Act,” says Burgess, “sent a clear message to organisations that has been mirrored in subsequent legislation, including most recently in the Criminal Finances Act 2017, that they must take steps to ensure their employees act with integrity and in an ethical and lawful way.”
The Act covers public and private sector bribery and applies to individuals, corporates and unincorporated organisations. The principal offences under the Act include paying a bribe, receiving a bribe, bribing a foreign public official and the failure of a commercial organisation to prevent bribery.
As Burgess points out, firms need to be aware of the Act’s extra-territorial application. “For the offences of paying a bribe, receiving a bribe or bribing a foreign public official, the Act applies to bribery that occurs within the UK or bribery that is carried out by someone with ‘a close connection’ to the UK, even if it occurs outside of the jurisdiction.” Corporates face the same risks – as Smith & Ouzman found out – with an offence of failing to prevent bribery, anywhere in the world, by any person associated with the organisation, as long as the organisation is partly located within the UK.
The Smith & Ouzman case also showed how important it is for printers that export to higher risk countries where bribery is commonplace to be aware of everything that is taking place in their name.
Claire Burrows, a colleague of Burgess and a senior associate at Walker Morris, says “ultimately courts have to consider whether the conduct in question amounts to a bribe.”
And that’s the problem. As Burrows has found in some cases this may seem clear cut, but in others, this is far harder to ascertain. “In cases of corporate hospitality, for example, when does taking a customer out for dinner or to a cricket test match cross the line from a simple ‘thank you’ or legitimate relationship building exercise, into the realms of bribery?”
The Ministry of Justice has made clear that the Act is not intended to prevent businesses from providing their customers with ordinary hospitality.
“This,” says Langley “applies as long as the hospitality is reasonable and proportionate, and not in itself intended to influence an official and therefore secure a business advantage”. Both Burrows and Burgess concur, noting, “it is important for organisations to consider the context in which gifts and hospitality are given very carefully, and with a mind to how a jury might interpret the conduct.”
The SFO’s spokesman commented that “we look for unlawful behaviour. We take on a very small proportion of cases – around 60 or 70 per year on average.
“Even so, bribery is very much still a key issue and we recently concluded the largest ever £497m Deferred Prosecution Agreement (DPA) with Rolls-Royce relating to bribery, with investigations still ongoing into individuals.”
It’s not easy to find printers with formalised anti-bribery policies, but one, Exeter-based QuickPrint (South West) has a specific webpage for this. Managing director Danny Frayne said that “when the Act came into force a number of our larger customers/clients requested to see our Bribery Act policy to see if we had one, which at the time we did not.” He felt this could become an issue with clients such as Exeter City Council, South West Water, Devon County Council, and Taylor Wimpey. He has also found that a policy is needed for most tendering processes.
But Langley is not too worried by the Act: “I don’t think the Act has had a huge impact on print – it’s not a high-risk sector for bribery.” And to an extent Frayne agrees as he says he’s not had any instances of attempted bribery, “but we do invite clients and customers to sporting occasions – football, rugby – with food and drink. Some of the larger ones have politely refused as it could be misconstrued that I was trying to receive favourable outcomes on quotes on orders” if they were to attend.
The impact on business
The worry is the corporate offence: the failure of a commercial organisation to prevent bribery, as it can impact both an entity and individuals concerned. Burrows says: “This offence is one of strict liability; it is irrelevant if the organisation had knowledge of or involvement in the bribe. Unless an organisation can make out the only statutory defence (by demonstrating on the balance of probabilities that it had in place adequate procedures to prevent bribery), then it is automatically guilty of the offence.” This is deliberate policy on the part of lawmakers, to ensure that corporations and those at the top take their responsibilities seriously and cannot avoid liability simply by turning a blind eye to what is done in their name.
But head of bribery and corruption at the SFO, Camilla de Souza, has previously gone on record saying that it’s very hard to use the defence: “We saw [in March 2018] the argument run for the first time and a jury rejecting a defence in a prosecution. I cannot comment on the prosecution... but, plainly if you are relying on the defence, corruption has been proved to have taken place which your procedures failed to prevent.” It’s catch-22 in other words.
Burgess reckons that firms need to be aware that the Act makes them responsible for the conduct of any persons “associated” with it, not only its own employees and officers – anywhere in the world – “including employees, subsidiaries, agents, distributors, business intermediaries and joint venture partners”.
It’s for this reason that she advises firms to carry out appropriate due diligence on all employees, officers and third parties with whom it does business to verify their integrity and establish any history (or high risk of) corruption.
The key is, as Langley puts it, to assess the level of risk for themselves, “looking at factors such as the countries that they trade with, and whether they use any intermediaries in those countries for example.” She says that from this point businesses should develop a detailed policy on bribery “and ensure that staff, particularly those in sales and procurement,” are fully trained.
From a practical perspective, Frayne says most of his customers and clients are quite impressed with his policies as “many of my larger customers or clients now have a Bribery Act policy on their websites and government bodies must have one.”
Ignoring the legislation, as Smith & Ouzman found out, risks harsh penalties. Individuals face up to 10 years imprisonment and/or an unlimited fine while corporate entities are subject to an unlimited fine based on the benefit derived from the bribe and the conduct of the organisation. Further, under the Proceeds of Crime Act 2002, the value of illegal deals may also be forfeited.
But Burgess notes the “collateral consequences for corporates include debarment from EU public procurement contracts and untold reputational damage. Convicted directors may be disqualified for up to 15 years.”
One alternative to prosecution highlighted by Burrows is the self-reporting of alleged bribery to the SFO, full co-operation with the investigation and the potential for a DPA to be offered. This avoids a prosecution in exchange for a number of conditions along with a substantial fine. “There is no requirement for the organisation to admit guilt when entering into a DPA and by avoiding a criminal conviction, adverse PR is substantially reduced. Crucially, the organisation can also avoid debarment from tendering for public contracts. However, an organisation has no right to a DPA.”
Only time will tell how the law plays out.
It certainly won’t stop Frayne inviting customers to enjoy a day out, but he suggests being very upfront about events and their purpose. He advises print companies “put something on their website about bribery as this and other policies are examined prior to public body orders and the majority of tenders now require this to be published and accessible.”
Unfortunately, firms cannot go to the SFO for advice. The director of the SFO, David Green, has stated “we do not give advice on what a good compliance programme looks like, or provide official guidance on adequate procedures. We are a prosecution agency, not a regulator. And of course, what is applicable to your business is dependent on the type of business we are talking about.”
The only solution is to take good advice before issues arise.
How to ensure you are protected
As the corporate offence of bribery involves strict liability, if a relevant offence is committed and the only available statutory defence cannot be relied upon, the organisation is automatically guilty of the offence and can be prosecuted accordingly.
It is imperative that all organisations have in place adequate procedures designed to prevent persons associated with the organisation from committing bribery to defend any potential prosecution.
Whether or not a commercial organisation is able to make out a defence under the Act is a function of whether they are able to convince the court that they had adequate preventative procedures in place, which will be assessed on a case by case basis. Unfortunately, as every organisation has a different and unique bribery risk profile, it is not possible to enforce a ‘one size fits all’ list of adequate procedures and all organisations should adopt a risk-based approach to managing bribery.
In the first conviction of an organisation after a contested trial since the implementation of the Act (R v Skansen Interiors Ltd (2018)), the organisation argued their procedures to prevent bribery, although limited, were adequate given the size of the organisation. However, the jury were not persuaded of this in light of the bribery risks the organisation faced and found the company guilty. Two directors were also found guilty of bribery offences and received custodial sentences, fines and directors disqualification as a consequence.
To assist organisations, the Ministry of Justice has published a list of six guiding principles which sets out the key matters organisations should focus on to enable them to rely on the statutory defence.
Proportionate procedures Adequate procedures to prevent bribery should be proportionate to the risks faced by an organisation. An initial assessment of risk across the organisation is therefore the necessary first step. What is proportionate will depend on both the bribery risks faced and the nature, size and complexity of the organisation. As such, large global organisations, even if in a low-risk industry, will be expected to put in place more by way of policies and procedures than a small business with the same level of bribery risk.
Top level commitment Commitment from the board of directors or the owners to prevent bribery and corruption by persons associated with the organisation will help to foster the right culture. In practice, top-level management will be expected to communicate the organisation’s anti-bribery stance both internally and, if appropriate, externally; and become involved to an appropriate degree in developing and monitoring bribery prevention policies and procedures. Most of all, top-level management will be expected to practise what it preaches.
Risk assessment An organisation should assess the nature and extent of its exposure to potential external and internal risks of acts of bribery by persons associated with it. The assessment should be periodic, informed and documented. What will be adequate in terms of an organisation’s procedures will be determined to a large extent by the bribery risks the organisation faces. Organisations will need to consider whether any risk assessment can be carried out internally, or whether external expertise will be required, and their use is proportionate to perceived risk. Different approaches include the use of workshops, questionnaires or roundtable meetings. Whichever method is chosen, organisations need to make sure that the risk analysis is documented.
To identify key risks, The assessment should consider country risk (a free Corruption Perception Index is available online at Transparency International to identify higher risk jurisdictions in which an organisation may operate); sectoral risk; transaction risk; business opportunity risk; and business partnership risk.
Due diligence An organisation should apply due diligence procedures, proportionate to risk, in respect of persons who perform or will perform services for or on behalf of the organisation in order to mitigate identified bribery risks. Generally, more information will need to be requested of corporates as opposed to individuals. In addition, it may be necessary to consider conducting due diligence on employees and adapt recruitment policies accordingly.
Communication (including training) An organisation should ensure its anti-bribery policies and procedures are embedded and understood throughout the organisation through internal and external communication and training that is proportionate to the risk it faces. Commercial organisations should ensure that the zero-tolerance approach to bribery is clearly communicated both internally and externally. Internal communications should convey the “tone from the top” and will naturally focus on the organisation’s policies and procedures. Training is a useful way to communicate the message.
Monitoring and review An organisation should monitor and review procedures designed to prevent bribery by persons associated with it and adapt these as appropriate. Examples provided include using existing internal checks and balances, e.g. financial monitoring, formal periodic reviews or external verification or assurance of the effectiveness of anti-bribery policies.
Guidance on conducting risk assessments and useful checklists on how to identify potential adequate preventative procedures are available (free of charge) online from Transparency International.
Without engaging in the risk management process fully and completing the appropriate follow-up actions, a commercial organisation is highly unlikely to be able to demonstrate having in place adequate procedures to prevent bribery and as such will be susceptible to conviction if prosecuted under the Act.
Having a clear policy on gifts and hospitality and keeping detailed records of the gifts/hospitality given and received (with a clear rationale of why this was acceptable) is an extremely useful tool in dealing with any future scrutiny.