The UK had been heavily criticised for failing to address cross-border bribery and corruption, and for having laws that were deemed weak and ineffective. The UK has responded to this criticism with the introduction of the Bribery Act 2010 (the 2010 Act), which should come into force this year and will give the UK some of the strictest anti-bribery laws in the world. The financial services (FS) industry needs to be aware of its obligations in the 2010 Act and how these interact with the Proceeds of Crime Act (POCA) 2002.
background
There has been much debate about the 2010 Act since it passed through Parliament last April. A consultation period in relation to ‘adequate procedures’ was held in the Autumn of 2010, and in recent weeks many articles and press releases have suggested a wholesale government review of criminal regulation affecting businesses, which will include the 2010 Act itself. The picture is therefore a murky one, and businesses struggling to implement new anti-corruption measures are confused as to when and if the 2010 Act will come into force. What is clear from information emanating from the Serious Fraud Office (SFO) and the Ministry of Justice (MoJ) is that the 2010 Act will indeed come into force, the only uncertainty is the date itself. The implementation date of the 2010 Act will apparently be three months from the date of the release of the finalised guidance on adequate procedures. This guidance is overdue and all the MoJ will currently say is that it will be released in the ‘foreseeable future’. Further, they have confirmed that the government review will be looking at all legislation that affects business and not just the 2010 Act. The purpose of the review is to ensure the UK is not inhibiting economic recovery by draconian and unworkable legislation.
The 2010 Act is intended to force commercial organisations to review, update and take responsibility for their anti-corruption programmes, ultimately ensuring that adequate procedures are in place to minimise the risk of bribery and corruption. It does not have retrospective effect. As it applies in part to non-UK businesses and has extra-territorial reach, its effects are far reaching. The 2010 Act is also wider than the US Foreign Corrupt Practices Act (FCPA) 1977 as it covers commercial-to-commercial transactions, as well as transactions with foreign public officials or entities and prohibits facilitation payments.
The 2010 Act has an effect not only on those businesses based in the UK but also those who simply do part of their business in the UK. The 2010 Act does not define what doing part of a business means, but commentary from the SFO suggests at least some form of presence here is required. Thus, a branch office in the UK or employees based here and working here should suffice. The significance of this is that international companies can be prosecuted in the UK for corrupt acts they commit anywhere in the world, simply because they do part of their business in the UK.
The penalties for a company under the 2010 Act will be severe, and can include unlimited fines and debarment for bidding for public contracts in Europe. It is therefore vital that businesses not only understand the requirements of the 2010 Act but also ensure their systems and controls are updated to take into account its requirements.
Bribery Act 2010: provisions
The 2010 Act creates four new offences. The first three affect UK incorporated businesses, their employees and agents. The fourth offence applies to both UK and overseas companies that carry on a business, or part of a business, in the UK, and captures both the acts of their employees as well as those third parties who help them win business. This can therefore capture the acts of a company’s agents, intermediaries and subsidiaries. These four offences can be summarised as follows.
Active bribery
Active bribery entails the giving, offering or promising of a bribe intending to induce the recipient to act improperly. A bribe can be in the form of cash but also extends to hospitality, gifts and other ‘advantages’.
Passive bribery
Passive bribery is the requesting, accepting or agreeing to receive a payment or advantage in return for improper conduct.
Bribery of a foreign public official (FPO)
This has a wide definition and extends to those in a legislative, judicial or administrative capacity, regardless of having been appointed or elected, as well as anyone who performs a public function or is an official of a public international organisation. The offence, however, applies only to active bribery (the giving, offering or promising of an advantage), which means that if an FPO were to accept the bribe they would not be culpable under this part of the 2010 Act.
Failure of a commercial organisation to prevent bribery
This means that if a company fails to prevent an ‘associated person’ (such as an employee, agent, subsidiary or intermediary) from paying a bribe for its benefit, the offence is committed automatically. It is irrelevant whether the company was unaware of the bribe being paid. Controversially, however, this offence does not include any notion of improper conduct. It simply requires a payment or other advantage for the winning or retention of business. There is a limited defence of adequate procedures, which is discussed below.
defence of adequate procedures
The corporate offence of ‘failure to prevent bribery’ imposes a burden on companies to comply with its provisions but allows for a defence where the company can show it had adequate procedures in place to minimise the risk of bribery.
The 2010 Act does not define adequate procedures but the forthcoming MoJ guidance should clarify its meaning. From the draft guidance available now and from guidance produced by other bodies, such as Transparency International and the SFO, the six main areas of such procedures have been ascertained. It has been confirmed that the finalised guidance will remain focused on the following six areas.
Risk assessment
A company will need to comprehensively assess and regularly review the extent and nature of its risks relating to bribery and corruption.
Top-level commitment
A company’s board of directors will need to establish a bribery-free culture in which employees and those acting for the company understand there is a zero tolerance to such activity.
Due diligence
Undertaking adequate due diligence on all third parties, including the company’s supply chain, agents and intermediaries, all forms of joint venture and similar relationships, and all markets in which the company does business.
Clear, practical and accessible policies and procedures
A company should have an anti-corruption policy that includes policies on gifts and entertainments, political and charitable donations, and advice on relevant laws and regulations. Such policies should also be linked to a whistleblowing policy.
Effective implementation
A company must ensure that the anti-corruption policies are rolled out effectively and implemented, this cannot be a simple tick-box procedure. It needs to be an integrated and embedded policy.
Monitoring and review
A company must have monitoring and review mechanisms to ensure compliance with relevant policies and procedures, and identify any issues as they arise.
All companies trading in or with the UK need to review their anti-corruption policies and procedures or risk prosecution under the 2010 Act. While companies can minimise the risk of bribery being undertaken by employees or agents, it can never prevent it entirely. Being able to rely on the defence of adequate procedures will therefore be vital going forward.
Financial Services Institutions and adequate procedures
In addition to establishing the defence of adequate procedures to the corporate offence, as outlined above, financial institutions also have the incentive of avoiding censure under Financial Services Authority (FSA) regulation. The FSA also considers that effective systems and controls for countering the risk of bribery are essential, as can be seen from the recent Aon notice (http://www.fsa.gov.uk/pubs/final/aon.pdf). Aon were fined £5.25m by the FSA for their failure to establish and maintain such systems, and it is suggested that, in the future, the 2010 Act will be used to supplement the range of options available to prosecuting authorities. This view is reinforced by the recent much closer relationship between the SFO and the FSA.
Obligations to report corrupt acts under the 2010 Act
The 2010 Act does not require a regulated entity to report instances of bribery to the SFO. If a company discovered that a corrupt act had taken place it will not be committing a criminal offence if it does not notify the SFO of such an act.
However, the SFO’s guidance on self reporting, issued in July 2009, encourages corporate entities to report overseas corruption.1 A decision to self report can influence whether (and how) the SFO investigates or prosecutes a matter and a Civil Recovery Order may be imposed as an alternative to criminal prosecution. If there was a criminal prosecution, the early co-operation of a company by self reporting may be a mitigating factor in the sentencing and/or level of fine imposed by the criminal courts.
The SFO is keen to encourage self reporting by companies that discover corruption issues within their organisation. According to the SFO, the benefits of self reporting are:
- the prospect of a civil rather than a criminal outcome;
- an opportunity to manage with the SFO the issues and any publicity proactively;
- that the company will be seen to have acted responsibly by the wider community; and
- a negotiated settlement, rather than a criminal prosecution, which will mean no mandatory debarment under European procurement rules.
Clearly, a decision as to whether to self report is a finely balanced one. A company needs to weigh up the approach that may be taken by the SFO in respect to the company if it did not self report, with the company’s desire to avoid any possible risk of criticism in the future from failing to do so, including adverse publicity. A self report would certainly give the company more control over the process and show a greater willingness to co-operate.
Obligations to report corrupt acts under POCA 2002
Despite the fact that companies are not under any obligation to report corruption pursuant to the 2010 Act, financial institutions as ‘regulated entites’ will be under a POCA 2002 obligation to make a suspicious activity report (SAR) to the Serious Organised Crime Agency (SOCA) in the event that they know or suspect that they hold the proceeds of crime as a person commits an offence if they acquire, use, possess, conceal, disguise, convert, transfer or remove criminal property from the UK without the consent of SOCA.2
Accordingly, in the event that a regulated entity derived any benefit from the commission of a bribe, either in the UK or worldwide, then the money the company received as a consequence of that corrupt act would constitute the proceeds of crime and the company would be obligated to submit a SAR. The main POCA 2002 offences are punishable by imprisonment for up to 14 years, an unlimited fine, or both.
Third parties’ obligations in relation to corrupt acts under the 2010 Act and POCA 2002
In addition to the obligations of regulated entities, third parties may be obliged to make certain reports in relation to corrupt acts. Third parties do not have any such legal obligation under the 2010 Act, but will do so under POCA 2002. For example, if a company’s auditors become aware of a corrupt payment that the company paid to secure a contract, the auditors would be obligated to file a SAR because the money that the company would receive under the contract are the proceeds of a crime.
Facilitation Payments
If a regulated entity discovers that a facilitation payment had been made by it, the situation is less clear. In many countries around the world government officials ask for facilitation payments that are low-level payments to expedite routine government services.
There is an argument that certain facilitation payments in isolation, while illegal under the 2010 Act, do not generally taint the legitimacy of a contract and therefore the filing of a SAR with SOCA is not required to be made by a regulated entity. For example, if a facilitation payment was paid to a foreign government official to speed up payment of an invoice for services legitimately rendered under a legitimately obtained contract, the facilitation payment in this scenario would not be the proceeds of crime. Additionally, the facilitation payment is not the proceeds of a crime that has been paid into the company. Indeed the facilitation payment has been paid out of the company rather than being received in by it. The company is therefore not handling any proceeds of crime.
The SFO has recently stated that it will exercise prosecutorial discretion in relation to prosecuting a company for facilitation payments, and is unlikely to prosecute where there is no endemic or large-scale corruption accompanying the facilitation payments. In addition, the SFO is generally interested in cases of foreign corruption that involve payments or a benefit in excess of £1m. It is therefore unlikely that a company would be prosecuted for low-level facilitation payments.
However, some auditors (and some money laundering reporting officers) would take the cautious approach and file a SAR with SOCA in any event given that facilitation payments are not allowed under the 2010 Act. In addition, even if a regulated entity does not have an obligation to report facilitation payments to SOCA, it may well have obligations under its letter of representations with its auditors to disclose such payments to its auditors. This will turn on the specific terms of the letter of representations.
Summary re inter-relationship between the 2010 Act and POCA 2002
If a SAR is submitted to SOCA, then it is possible that the information contained in the SAR would be shared with a law enforcement agency such as the SFO. In recent times, the SFO and SOCA have increased substantially the extent of their co-operation, to the point that the SFO is likely to become aware of any SAR that is filed with SOCA. On becoming made aware of corrupt behaviour, the SFO could launch an investigation into a company and its part in the corrupt activities.
Therefore, while there is no obligation to report suspicions of bribery pursuant to the 2010 Act, there is likely to be an obligation to submit a SAR pursuant to POCA 2002 in circumstances where acts of bribery or corruption have occurred. Obviously, both the 2010 Act and POCA 2002 will need to be considered by a regulated entity carrying on a business or part of a business in the UK if a bribery issue arises, and a decision would need to be made as to whether a self report should be made to the SFO.
Conclusion
As set out above, breaches of the 2010 Act will result in severe consequences for companies not only in the UK, but also around the world. Companies will need to ensure they have adequate procedures in place to prevent bribery occurring on their behalf. FS institutions, in particular, also need to consider the inter-relationship between POCA 2002 and the 2010 Act, and must be aware that despite there being no obligation to report corrupt acts under the 2010 Act, it might be in the company’s best interests to do so in certain circumstances.
By Neill Blundell, head of fraud group, Eversheds LLP.
E-mail: neillblundell@eversheds.com.
