Has the government published any guidance advising how to comply with anti-corruption and bribery laws in your jurisdiction? If so, what are the elements of an effective corporate compliance program?

Bribery & Corruption

Australia Small Flag Australia

The federal government has not published any authoritative guidance on complying with anti-corruption and bribery laws, though both the Australian Trade and Investment Commission and the federal Attorney-General's Department provide some information and general guidance on their respective websites. In December 2017, the AFP and CDPP issued guidelines on 'Self-Reporting of Foreign Bribery and Related Offending by Corporations', which explain the principles and processes that the AFP and CDPP will apply where a company self-reports conduct involving a suspected breach of the foreign bribery offence or related offences. The AFP and CDPP note that the guidelines will be reviewed within two years (or earlier, if a Deferred Prosecution Agreement (DPA) scheme is introduced - see responses to questions 18 and 25 below).

Additionally, and as noted below in the response to question 18, there is currently a bill before Australia's federal parliament which among other things, introduces the offence of corporate criminal liability in relation to foreign bribery. Like its equivalent provision in the Bribery Act 2010 (United Kingdom), an absolute defence to the charge will be made out if the company can establish that it had 'adequate procedures' in place to prevent bribery. The bill also proposes that guidance be published on what amounts to adequate procedures, so companies can take steps to prevent their employees or other associates from bribing foreign officials. The adequate procedures guidance would set out the elements of an effective corporate compliance program.

Poland Small Flag Poland

The CBA regularly publishes Anti-Corruption Guidelines for entrepreneurs, which provide suggestions on how to effectively manage the risk of bribery. These guidelines are, however, of a very general nature and are not binding.

Based on the CBA's most recent guidelines (published in December 2015), a corporate entity should have a code of ethics in place and make sure that its employees are acquainted with it. Furthermore, companies are recommended to implement policies on giving or receiving any gifts, conflicts of interests, lobbying, sponsoring, and political contributions. Corporate entities should also train their employees and provide them with the possibility to report all irregularities, while whistle-blowers should be protected against negative consequences of having reported irregularities. The guidelines also state that specific persons should be designated within the organisation to monitor the enforcement of the compliance mechanisms.

The draft Act on Transparency in the Public Sphere has, however, been recently published. This law, if implemented, will specifically require companies to apply internal anti-corruption procedures. Such anti-corruption compliance program is to consist of, among other things, the following:

  • a code of ethics (to be signed by all employees, consultants and all entities acting for the company);
  • internal procedures and guidelines on gifts and other benefits received by employees;
  • procedures for reporting corruption allegations to the entity's bodies and procedures for dealing with such reports;
  • mechanisms to prevent the costs of giving economic and personal benefits from being financed by the entity;
  • the use of anti-corruption clauses in agreements;
  • training for employees on criminal liability for corruption offences.

The work on the draft Act on Transparency in the Public Sphere is at an early stage, but it is expected that its provisions regarding anti-corruption compliance will come into force in 2018 (see: answer to Question 18).

Ireland Small Flag Ireland

The government maintain a cross-departmental website to assist in tackling bribery and corruption, www.anticorruption.ie. This website contains FAQs in relation to tackling bribery and corruption and what to do if one is suspicious of corrupt practices.

Brazil Small Flag Brazil

According to the Federal Decree, the compliance program will be analysed with respect to its existence and enforcement in accordance with the following parameters:

  • tone at the top, including the Board of Directors, and the importance of gaining the commitment of upper management, which shall be evidenced by the full and undoubtful support to the program;
  • standards and codes of ethics and conduct for all employees (regardless of their positions) and managers;
  • standards and codes of ethics and conduct for all third parties, as applicable, including suppliers, service providers, intermediary agents and associates;
  • periodic training on the program;
  • periodic risk assessment to enable the required amendments to the compliance program;
  • accounting records that reflect in a complete and precise manner the transactions carried out by the legal entity;
  • internal controls that assure the prompt drafting and the reliability of the reports and financial statements of the legal entity;
  • specific proceedings to prevent fraud and illicit acts in the context of public biddings, in the execution of contracts with the public administration or in any interaction with the public sector, even in case the legal entity is represented by an intermediary, such as the payment of taxes, the carry out of tax audits, or the obtaining of authorizations, licenses, permissions and certificates;
  • independence, structure and authority of the internal body responsible for the enforcement of the compliance program;
  • reporting channels open and widely disclosed to employees, managers and third parties, and mechanisms to protect bona fide whistle-blowers;
  • disciplinary measures in the event of a violation of the compliance program;
  • proceedings that assure the immediate interruption of the irregularities or violations identified and the timely remediation of the damages caused;
  • appropriate diligence for the hiring of third parties and, as the case may be, their supervision, including suppliers, service providers, intermediary agents and associates;
  • adequate diligence in mergers, acquisitions and corporate restructurings, in order to identify the occurrence of wrongful acts or the existence of vulnerabilities of the legal entities involved;
  • continuous monitoring of the compliance program, towards its enhancement in the prevention, detection and fight against the occurrence of wrongful acts;
  • transparency of the legal entities with respect to contributions made to candidates and political parties (applicable to the extent that such contributions were allowed under Brazilian laws).

When reviewing and analysing the compliance program, with the purposes of determining its existence and enforcement, the authorities shall consider the size and specificities of the legal entity, including:

  • total number of employees and associates;
  • complexity of the internal hierarchy and number of departments and sectors;
  • use (or lack of use) of intermediary agents, such as consultants and commercial representatives;
  • the market in which the legal entity operates;
  • the countries where the legal entity operates, both directly and indirectly;
  • the interaction grade with the public sector and the relevance of governmental authorizations, licenses and permits in its operations;
  • the quantity and location of the legal entities that are part of the economic group; and
  • the qualification of the legal entity as a “microempresa” or entity of “pequeno porte” (companies with limited turnover).

In November 2015, the CGU has published both in English and Spanish the guide named “Compliance Programs: Directives to Private Companies”, with the purpose to assist private entities in their fight against corruption. The guide explains the Compliance Program provided for in the Brazilian Anticorruption Law and contains rules on the implementation or enhancement of the instruments for prevention, detection and remediation of wrongful acts against the public administration. The English version is available at http://www.cgu.gov.br/Publicacoes/etica-e-integridade/arquivos/integrity-program.pdf and the Spanish version is available at http://www.cgu.gov.br/Publicacoes/etica-e-integridade/arquivos/programa-de-integridad.pdf.

In addition to presenting practical examples of conducts to fight corruption, the guide also details the five pillars of a compliance program: (1) commitment and support from the top management (“top down policy); (2) definition of body responsible for the program; (3) profile and risk analysis that should be specific to the corporate entity; (4) structuring of rules and procedures; and (5) strategies for continuous monitoring.

It should be noted that the guide should be used for orientation purposes and is not binding upon the corporate entities. Therefore, the confirmation (or not) that the Compliance Program follows the rules provided for the in Brazilian Anticorruption Law and in the Federal Decree shall be obtained on a case by case basis, upon specific review from the authorities.

United Kingdom Small Flag United Kingdom

The UK Ministry of Justice has issued guidance on procedures that commercial organisations can put into place to prevent persons associated with them from bribing.

The Ministry of Justice’s guidance is not prescriptive as to the nature of systems and procedures that firms should implement in order to meet the “adequate procedures” standard necessary to provide a defence against the Section 7 corporate offence. A one-size-fits-all approach is simply not possible; whether an organisation has adequate procedures in place to prevent bribery will depend on the specific facts and circumstances of the case. However, the guidance highlights six principles of bribery prevention that an organisation’s officers should consider when drafting an anti-bribery compliance program:

(a) Proportionate procedures
An organisation’s internal procedures to prevent bribery by persons associated with it ought to be proportionate to the bribery risks it faces and to the nature, scale and complexity of the organisation’s activities.

(b) Top-level commitment
The management of an organisation (i.e., directors, owners or any other equivalent body or person) ought to be committed to preventing bribery by persons associated with it. The management should endorse a culture in which bribery is never acceptable.

(c) Risk assessment
An organisation should consider the nature and extent of its exposure to potential risks of bribery on its behalf by persons associated with it. Its assessment ought to be “periodic, informed and documented”.

(d) Due diligence
An organisation must implement due diligence procedures, applying a proportionate approach, in respect of persons who perform or will perform services for or on its behalf.

(e) Communication (including training)
An organisation should seek to ensure that its anti-bribery policies are understood throughout the organisation via internal and external communication and, if appropriate, training.

(f) Monitoring and Review
An organisation needs to periodically monitor and review its anti-bribery procedures, and where necessary, make improvements.

UAE Small Flag UAE

  1. The Government has published the Laws and Regulations on Bribery and Corruption and has created obligations for companies in Federal Law No. 2 of 2015 on Commercial Companies (the Company Law) which sets out obligations for companies to follow. These include appointing a completely independent auditor who is listed in the Register for Auditors and Accountants as per Federal Law No. 12 of 2014, the Organisation of Auditing Profession (OAP) law, which regulates the professions of auditing and accountancy and stipulates that the auditor must have more than five years’ experience in auditing private and public companies.
  2. Article 153 of the Company Law prevents the following:
    1. I) Article 153(1) states that joint stock company may not issue any loans or guarantees to any member of the board. It further states that the board members’ family members up to the second degree, will also be considered “Board members” in terms of the law.
    2. Article 153(2) states that no loan may be granted to a company where a Board member, [and his family as described in 153(1)], owns more than a 20% share of that company
    3. Article 153(3) states that any agreement in contravention of the provisions of Article 153, shall not be valid and the Auditor is to include the extent of compliance by the company in their annual report to the General Assembly of the company.
  3. Article 222 of the Company Law prevents the company or its subsidiaries from giving financial aid to a shareholder to enable the shareholder to hold shares, bonds or Sukuk issued by the company. It further defines financial Aid as any of the following:
    1. Providing loans;
    2. Providing gifts or donations;
    3. Providing assets of the company as security;
    4. Providing security or guarantees for the obligations of another person.
  4. Article 242 of the Company Law prevents the company from making any donations within the first two years. Therefore, after this period, donations may be made once they meet the following requirements:
    1. It cannot exceed 2% of the company’s average net profits of the previous two years;
    2. It must be for the benefit of society;
    3. The beneficiary of the donation must be disclosed in the company’s audit report;
    4. A special resolution is required to make the donation.

Singapore Small Flag Singapore

In April 2017, the CPIB and SPRING (Singapore's Standard, Productivity and Innovation Board) launched the Singapore edition of Standard (SS) ISO 37001 on anti-bribery management systems. This is a voluntary standard designed to help companies with the design and implementation of effective anti-bribery compliance systems.

In October 2017, CPIB also unveiled PACT – its Practical Anti-Corruption Guide for Businesses in Singapore – to provide guidance for corporates on the developing and implementing an anti-corruption system. Key areas of focus of PACT include the following:

  • Tone from the top promoting a corporate culture of compliance;
  • The implementation of clear and visible anti-corruption policies and a code of conduct;
  • Guidance on common corruption risk areas including:
    • Corporate gifts and entertainment;
    • Conflicts of interest; and
    • Contributions and sponsorship.
  • Conducting bribery and corruption risk assessments;
  • The implementation of effective internal controls;
  • The availability of effective reporting and whistleblower systems; and
  • Regular monitoring of the compliance system.

China Small Flag China

Thus far there has been no official guidance for how to comply with anti-corruption and bribery laws published by the Chinese government. Nevertheless, it is said that the State-owned Assets Supervision and Administration Commission of the State Council (“SASAC”), which is the governing authority for all the state-owned enterprises in China, is under the process of drafting a compliance guidance for all the state-owned enterprises governed by the central government. The driving force for a new compliance guidance originates from the outbound investment upsurge of the China’s state-owned enterprises, in which companies are susceptible to compliance risks due to the incompatibility arising from the different standards and practices adopted by each country. And a wide range of compliance issues will be covered including anti-corruption and bribery, anti-money laundering, export control, and the like. Although the compliance guidance will be mainly applicable to state-owned enterprises governed by the central government, other entities could also use it as major reference for establishing a solid compliance system.

Additionally, the Shenzhen Standard for Anti-Bribery Management Systems (“Shenzhen Standard”) was published by Shenzhen government as a recommended practice, rather than a compulsory requirement in June 2017. The Shenzhen Standard was drafted based on ISO 37001 Anti-bribery Management Systems, developed by ISO technical committee ISO/TC 309. The recommended elements of an effective corporate compliance program include third party due diligence, internal control (both financially and operationally), standardization on the gift and entertainment rules, anti-bribery control on business partners, effective reporting mechanism, proper investigation and crisis management process, and corrective measures on the identified issues.

Mexico Small Flag Mexico

The Mexican government has not published specific guidelines regarding compliance with anticorruption laws. However, Article 25 of the LGRA (described in answer to question 11 above) states that when determining liability of legal persons (companies), having in place an integrity policy shall be considered. Said Article outlines the main elements that an integrity policy shall contain, such as: (i) manuals of organization and procedures; (ii) a code of conduct which is duly made available between all members of the organization; (iii) adequate and effective control, audit and surveillance systems; (iv) adequate denouncing and reporting systems, both within the company and towards the authority, including disciplinary processes and concrete sanctions; and (v) adequate training systems; among others.

Greece Small Flag Greece

Several enforcement agencies and regulatory bodies have issued over the years guidelines in respect to anti-corruption regulation, best practices, signs of irregularity of transactions etc. In addition to the guidelines issued by Regulatory Bodies (e.g. Bank of Greece, Hellenic FIU, Capital Market Commission), business associations in sensitive industries (e.g. healthcare) are proposing guidelines to their members, recommending best practices, evaluating market statistics, sharing experience from other jurisdictions etc.

The effectiveness of a corporate compliance program is always dependent on the special characteristics of a business activity. Generally, a compliance program is effective when:

  • It sets out uniform practices within the entity in relation to communication and interaction with clients, suppliers and third parties. These practices should be reviewed on a regular basis and updated when necessary.
  • It has useful and comprehensive tools to enable identification of red flags or signs of irregularity
  • It sets out a standard procedure for internal reporting

It is also important to include provisions for regular training of employees on signs of possible misconduct and encourage them to address signs of irregularity using available procedures.

India Small Flag India

Currently there is no such guidance published by the government advising how to comply with anti-corruption bribery laws in India. However, penal provisions of anti-corruption laws (as mentioned above) act as a deterrent in preventing corruption. Usually corporate entities follow a strict code of ethics and mandatory policy regime discouraging its officials to indulge in any such activity.

Angola Small Flag Angola

To the best of our knowledge, the government has not published any specific documents advising how to comply with anti-corruption and bribery laws. However, there are certain legal instruments that include provisions related to anti-corruption matters. For a reference to such laws, please see our answer 1.

Portugal Small Flag Portugal

Resolution of the Council of Ministers no. 53/2016, 21 September, which approved the Government Code of Conduct, deals expressly with the acceptance of offers and invitations by members of the 21st Constitutional Government, among others.

Pursuant to said statute, accepting offers of consumables or durables, or invitations to attend social, institutional or cultural events, or any other similar benefits that may compromise the impartiality and integrity of the functions performed is forbidden. It is deemed that such a compromise exists whenever the value of the offer made is estimated at or higher than 150 euros which is the annual and accumulated limit for offers.

There are, however, several exceptions such as those concerning invitations that correspond to consolidated social and political customs and events in which the presence of members of the Government either on national territory or abroad, is of relevant public interest because such situations require the official representation of the Portuguese State, or because refusing such an invitation may be construed as a lack of interinstitutional respect.

Denmark Small Flag Denmark

In 2015, the Ministry of Justice published a booklet called Undgå korruption (“Avoid corruption”) which provides an overview of the law as well as corresponding guidance. The booklet emphasises two elements in an effective corporate compliance program: 1) companies should establish a code of conduct which contains general guidance on conduct as well as specific guidelines on how employees should conduct themselves in relation to bribery issues. The booklet further states that the code of conduct could contain a description of the consequences that a violation of the code of conduct could have for the employee and 2) companies should identify areas of business that entail special risks (in relation to bribery offences) and seek to mitigate these risks by establishing relevant internal procedures.

Germany Small Flag Germany

In 2001 the German Federal Minister of Justice introduced the commission “Deutscher Corporate Governance Kodex” to provide some guidance for German listed companies on corporate governance. The commission consists of representatives of German listed companies and their stakeholders, who are appointed by the German Federal Minister of Justice. Under the current German Corporate Governance Code, transparency is of high importance. In order to achieve this, a significant part of the code’s regulations deals with the improvement of the annual general meeting of the German stakeholders, the strengthening of the minority stakeholder’s position, the increase of the management’s and supervisory board’s liability in certain situations and the introduction of independent auditors. According to section 161 of the German Stock Corporation Act, the management board and supervisory board of a listed company shall declare annually that the recommendations of the German Corporate Governance Codex have been and will be complied with, or declare which recommendations have not been, or will not be applied and why. However, the German Corporate Governance Codex is a non-statutory guideline.

In 2004 the government published a guideline on preventing corruption in the German Federal Administration. The Ministry of Interior’s additional recommendations regarding the said prevention are supposed to support the guideline.

Lately, all the major companies have shown a strong commitment towards the establishment of an effective corporate compliance program.

Italy Small Flag Italy

There are guidelines published by the ANAC as well as other guidelines (regarding the criminal liability of corporations) published by private organizations and trade associations, also with the involvement of the Ministry of Justice. The key elements of an effective compliance program regard the segregation of duties, the separation between decision-making and control functions, the traceability and documentation of the relationship with the public administration, the correct allocation of powers (which has to be consistent with the roles of the individuals entrusted with such powers), a thorough training activity of personnel, etc.

Macau Small Flag Macau

To the best of our knowledge, the government has not published any specific documents advising how to comply with anti-corruption and bribery laws. However, there are certain legal instruments that include provisions related to anti-corruption matters. For a reference to such laws, please see our answer 1.

Mozambique Small Flag Mozambique

HRA: The Mozambican government has not yet published any guidance regarding anti-corruption, other than that provided for in the law.

Japan Small Flag Japan

As for the bribery of national government officials, the Ethics Code functions as comprehensive guidance to comply with the relevant rules.

With respect to bribery of foreign officials, the METI provides “Guidelines to Prevent Bribery of Foreign Public Officials” The guidelines provide the following elements for establishing effective corporate compliance program:

  • Establishment of fundamental principles;
  • Establishment of internal regulations based on risk basis approach;
  • Establishment of effective organizational structure in accordance with the size of corporation;
  • Provision of internal educational programs;
  • Establishment of regular audit system; and,
  • Review of prevention framework by managements and executives in charge of compliance.

France Small Flag France

The French Anti-Bribery agency which has national competence, is under the authority of the Minister of Justice and the Minister responsible for the Budget, whose task is to help the competent authorities and those confronted with bribery, influence peddling, bribery, fraud, illegal taking of interest, misappropriation of public funds and/or favouritism.

The Sapin II Act has set out an obligation for companies with 500 employees or groups of 500 employees with a turnover of €100 million. This requirement is a general obligation to ‘take measures to prevent and detect the committing of bribery or influence peddling in France or abroad’ (Article 17).

In practice, eight measures have to be implemented by corporate management teams and legal departments:

  • mapping the risks ,
  • establishing a code of conduct describing the behaviours to be prohibited ,
  • establishing procedures for verifying the integrity of the most important customers suppliers, partners and intermediaries ;
  • establishing procedures for internal or external audit controls usually carried out by an external auditor) ,
  • implementing disciplinary sanctions ,
  • training of the most exposed managers and staff ,
  • implementing internal procedures for processing alerts ,
  • organising an internal evaluation and control system for the measures implemented.

Switzerland Small Flag Switzerland

The Swiss State Secretariat for Economic Affairs (SECO) publishes guidelines for compliance with anti-corruption and bribery laws. According to those guidelines, a robust compliance program includes (1) organisational measures (e.g. transparent business processes and competencies, dual controls, integrity clauses in contracts, due diligence processes for the selection of local agents), (2) measures relating to staff and management (e.g. awareness training, checklists, escalation and advisory processes), and (3) supervisory measures (e.g. supervision of compliance measures, regular testing, external audits).

When assessing organizational measures to prevent bribery, the Swiss law enforcement authorities take into account the SECO guidelines as well as the guidance available from international organizations such as the OECD or the ICC. A failure to adhere to those guidance is seen as a strong indication of a defective organization.

United States Small Flag United States

The DOJ and SEC jointly issued guidance in 2012, and published an update in 2015, entitled A Resource Guide to the US Foreign Corrupt Practices Act, which, among other things, addresses the hallmarks of an effective corporate compliance program. In addition, the DOJ’s FCPA Corporate Enforcement Policy from November 2017 describes the criteria it will apply in evaluating whether a corporate entity has an effective compliance and ethics program, which criteria overlap with those discussed in the Resource Guide. The DOJ and SEC recognize that an effective corporate compliance program must be tailored to each company’s own needs, risk and challenges, but should have the following elements:

  • Senior management should show a commitment to a ‘culture of compliance’ and clearly articulate a policy against corruption. Employees should be aware that any criminal conduct will not be tolerated.
  • The company should have a written code of conduct and compliance policies and procedures.
  • One or more senior executives should be assigned to oversee the compliance program and be provided with sufficient autonomy, authority and resources, including adequate funding and experienced personnel.
  • The compliance program should analyse the company’s risk and be tailored to those risks.
  • The company should provide training on its compliance policies and offer continuing advice concerning those policies.
  • The company should have clear disciplinary procedures for compliance violations and offer positive incentives to drive compliant behaviour.
  • The company should engage in due diligence of third parties and monitor those relationships, including payments to third parties.
  • The company should have a mechanism for confidential reporting of violations and a procedure for conducting internal investigations.
  • The company should seek to continuously improve their compliance program by periodically reviewing and testing its controls through audits.

DOJ, FCPA Corporate Enforcement Policy [Nov 2017]; DOJ and SEC, A Resource Guide to the US Foreign Corrupt Practices Act at 57-62 [2012, updated 2015].

Updated: June 11, 2018