Born from increasing international co-operation on anti-bribery issues and a general acceptance that legislation relating to the issue in the UK is outdated, the Bribery Act 2010 (the 2010 Act) received royal assent on 8 April 2010.
On 2 September the Ministry of Justice announced that the 2010 Act will be brought into force in April 2011, preceded by a consultation process in respect of guidance to be provided by the Ministry of Justice, regarding adequate procedures and issuance of that guidance. At present, only certain provisions are in force. These provisions are mainly administrative and refer, for example, to the application of the 2010 Act to individuals in the public service of the Crown and the abolition of the common law offences of bribery in the UK.
This article looks at related issues affecting insureds, insurers and brokers.
The 2010 Act covers companies with a UK base and employees based abroad, for example, those employees working at a branch or subsidiary in another country. If an employee of an insurance company, (InsCo), bribes a public official to be the lead underwriter in respect of a state project and that public official is convicted of having received a bribe from InsCo, or one of InsCo’s agents, then on the face of it, there has been an offence committed by InsCo under the 2010 Act for which both the directors of InsCo, and InsCo itself, may be liable. Consequently, a greater degree of control will need to be exercised and training regimes imposed by UK-based companies over their employees working abroad.
Dangers are exacerbated in territories where culturally it is viewed as ‘customary’ to offer some sort of benefit or facilitation payment to counterparties or agents to conduct day-to-day business. Certainly, this practical reality will not be accepted as a valid form of defence to charges under the 2010 Act.
Companies entering into joint ventures also need to ensure that their counterparties adopt practices that do not fall foul of the 2010 Act, otherwise they too may be caught under the corporate offence (ie the failure to prevent bribery). The corporate offence catches companies if a person ‘associated’ with the company bribes another person intending to obtain or retain business for the company, or obtain or retain an advantage in the conduct of business for the company. A company that enters into a joint venture would therefore be associated with the conduct of the employees of the joint venture, as defined in s8 of the 2010 Act, and can be held responsible for the acts of these employees and subject to penalties.
What should all UK-connected insurance companies be doing?
At a general level, insureds, insurers and brokers should:
- review the adequacy of their internal procedures to prevent bribery;
- compile a global bribery and corruption policy, and publish it clearly to all staff and third parties where appropriate;
- ensure that all contracts expressly prohibit bribery and corruption;
- foster a culture where concerns can be reported up through line managers or to a central compliance function;
- put in place proper and compulsory staff training, and clearly ban the making of payments designed to ‘smooth’ transactions;
- carry out careful due diligence before entering into arrangements with other parties;
- ensure that all appropriate checks are carried out during the process of payments; and
- ensure that management agrees on a procedure, detailing how they will deal with an allegation of bribery or corruption made internally within the company or in public (and insureds should also conduct an assessment of their directors and officers (D&O) liability insurance coverage).
Companies, particularly those with a large international presence, must ensure that they exercise a greater degree of control over their employees, preventing them from engaging in bribery. They should review their risk profile and anti-bribery programmes, and factor in the likelihood that a transitional period may be required to adapt to the changes required by the 2010 Act. This strategy will prove an effective way of combating the risk of prosecution as regulators are thought to be less likely to push for maximum punishment against firms who have demonstrated that they are taking active steps to adapt to the 2010 Act and prevent employees from engaging in corruption.
One method of companies demonstrating that they are taking these new measures on board is by publishing a list of steps that they intend to implement on their website as an indication of how they plan to adapt to the 2010 Act. Firms could also introduce a rewards culture for engaging in ethical business procedures, such as highlighting where a contract was not entered into by an employee or pursued, due to ethical issues, which can convey the changing corporate approach of firms that are subject to the 2010 Act.
Insureds should check the scope of, and not prejudice, their D&O coverage
A D&O liability policy may fund the costs of defending an action by prosecuting authorities against a director or manager under the 2010 Act unless intention or knowledge of the crime is formally admitted, or the director or manager is convicted of the offence. Given its scope, implementation of the 2010 Act raises the importance of D&O cover, perhaps to ‘not an option’ status.
A properly tailored policy could assist companies and their senior professionals to cover the costs of investigations. The US experience is instructive. In respect of Foreign Corrupt Practices Act 1977 exposures, D&O cover assisted a European multinational to the tune of $148m in one case, where a $800m settlement was reached with the Department of Justice in respect of two executives accused of paying a $6m bribe to another European company.
However, cover will not be provided for any criminal penalty or fine that is ultimately imposed, either because a specific exclusion applies or on public policy grounds, preventing insurance of penalties or fines for criminal acts.
Individuals insured under a D&O policy need to be aware that in any internal investigation or interview under caution, they must not make any admission of liability, because D&O policies, as a condition of cover, usually require insured individuals to not admit any liability for their conduct.
An exclusion in the policy will usually provide that as soon as the crime is proven or the wrongful act is admitted, coverage ceases immediately. The policy may also provide for the recovery of defence costs already paid by insurers if the fraud and dishonesty exclusion has been triggered.
Insurers have opportunities
Connected with the above, the introduction of the 2010 Act and the differing demands of individual businesses offer an opportunity for innovative providers to market more nuanced products. More analysis is expected to ensure that the coverage fits.
It may be that the demand for D&O cover has an upward affect on price, and that price should properly reflect the risk involved.
Insurers should thoroughly investigate the operating procedures of the insured. Additional questions could be asked to assess whether an insured has adequate procedures, which would make it more likely to support a valid defence in the event that it is subject to a civil claim or regulatory investigation. Note that the 2010 Act applies to any parts of a business as long as it carries on some business in the UK.
The terms of existing trade credit and political risk policy wordings are expected to be tested by insureds and insurers, where the facts might support an allegation of bribery.
Brokers need to review their systems and controls
At the end of May 2010, the Financial Services Authority (FSA) published its report ‘Anti-Bribery and Corruption in Commercial Insurance Broking’.
There were some surprising findings in the broking sector including:
- weak governance of anti-bribery and corruption effort;
- a poor understanding of bribery and corruption risk;
- a failure to implement a risk-based approach to anti-bribery and corruption processes;
- poor responses by firms to significant bribery and corruption events (which the FSA believe should lead to a re-assessment of preventative systems and controls).
The FSA noted that the commercial insurance broking sector has seen several mergers and acquisitions, and it is common for business relationships to be transferred from one firm to another as teams are acquired. The FSA said it was ‘disappointed’ to find that firms were not conducting due diligence on third party relationships when those teams or that business was acquired. The FSA indicated that there was over-reliance on the possibility that the firm, from which the business was acquired, would have carried out its own, adequate due diligence. The FSA pointed out that where business is acquired from another firm that represents a significantly higher level of risk than the traditional book of the acquirer, stricter controls and/or extra due diligence would be appropriate.
The FSA also suggested that firms consider the risk that ‘commission payments’ to third parties could themselves be bribes or passed on by the third parties to others as illicit payments for obtaining or retaining business. The FSA’s view was that generally, the level of commission paid to third parties was not carefully assessed by brokers from the anti-bribery and corruption perspective. The drivers of winning business, maximising brokerage and incentivising third parties to generate more business in the future seemed to take priority. The FSA suggested that there was no real consideration of whether payments made to third parties were commensurate with the services provided, the costs likely to be incurred, or the bribery and corruption risk posed by paying large amounts of commission to third parties, particularly for high-risk businesses.
The 2010 Act is a complex piece of legislation with a material business impact, a huge scope and extraterritorial effects. Breach of the 2010 Act entails severe penalties.
There are several ways in which the insurance sector is affected. Companies should urgently check their risk management matrix. Insurers have an interesting market to develop, assisted by specialist brokers, which, because of the regulated nature of their business, should themselves assess their own systems and controls.
The guidance to be published in respect of adequate procedures should be regarded as required reading by risk managers, senior managers and compliance officers.