September 22, 2010
In anticipation of the April 2011 implementation of the new UK Bribery Act 2010 (the "Act"), on September 14, 2010, the UK Ministry of Justice launched an eight-week consultation regarding the Government’s proposed guidance to commercial organisations on the prevention of bribery. The consultation features the publication of draft guidance on the "adequate procedures" defence under the Act.
The Act introduces the strict liability offence of failing to prevent bribery for commercial organisations. Commercial entities may commit this offence if persons or entities providing services on their behalf pay bribes, intending to obtain a business advantage for the organisation. But by showing that it has in place "adequate procedures," a commercial organisation can escape liability for this new offence. To inform corporate behaviour in this regard, the Act provides that the Government must publish guidance on the "adequate procedures" defence.
The draft guidance is not prescriptive and does not detail specific anti-bribery measures, but instead adopts a principles-based approach which is intended to be used as a guide by businesses when implementing their own anti-bribery programmes. The draft guidance sets out six general principles for the prevention of bribery:
1. Risk Assessment
Businesses must be aware of the current bribery risks they face in the sectors and markets in which they operate. The proper nature of any risk assessment procedures will depend on the size of an organisation, as well as its activities, customers and markets. But organisations are generally advised to consider the following:
For multinational corporations already subject to the US Foreign Corrupt Practices Act ("FCPA") and other anti-bribery enforcement regimes, this requirement should be no surprise. Section 8B2.1 of the US Sentencing Guidelines for Organizations already list periodic risk assessments as a component of an effective compliance programme. And the OECD’s Working Group on Bribery in International Business Transactions issued guidance in November 2009 that similarly advised risk assessments as a good practice for companies. Regardless of official guidance, no organisation can properly design a compliance programme without identifying and understanding the risks it wishes to guard against.
2. Top Level Commitment
Top level management (usually the board of directors and senior executives) must establish a culture within their organisation in which bribery is unacceptable. They also should ensure that the organisation’s policy to operate without bribery is effectively communicated throughout the organisation. The draft guidance provides examples of what top level commitment should include:
"Top level commitment" is another commonly identified element of an effective compliance programme. This principle, as articulated in the draft guidance, appears to combine the requirement of a strong "tone at the top," noted by almost every respected guide on compliance programmes from the Committee of Sponsoring Organizations of the Treadway Commission ("COSO") to the US Department of Justice, and the need for a clear, firm anti-bribery policy—a principle also widely endorsed in the compliance literature and by governmental organisations.
3. Due Diligence
Commercial organisations should employ due diligence policies and procedures covering all parties to a business relationship, including the organisation’s supply chain, intermediaries and agents, "all forms of joint venture and similar relationships" and "all markets in which the commercial organisation does business." The sorts of enquiries that should be made may concern the following:
In many ways, counterparty due diligence has become the frontier of anti-bribery enforcement around the world. Spurred in part by the US Government’s enforcement of the FCPA, multinational corporations have focused with greater intensity in recent years on the risks posed by their business partners and intermediaries. In additional to the numerous US Government and Justice Department sources emphasising the need for effective due diligence, the United Nations Global Compact issued guidelines this past June for fighting corruption in organisations’ supply chains, in part, through robust due diligence.
4. Clear, Practical, and Accessible Policies and Procedures
Organisations should promulgate and maintain "clear, practical, accessible and enforceable" policies and procedures that prohibit bribery and reflect the various roles of different members of the entity’s work force, including "all people and entities over which the commercial organisation has control." The guidance details some aspects of adequate anti-bribery polices and procedures:
Additionally, an organisation may wish to promulgate a code of conduct that details the required standards of behaviour for employees and constitutes part of their employment contract.
Organisations may also wish to consider the following:
This category seems to serve as a catch-all for all other important elements of an effective anti-bribery compliance programme. The need to provide clear effective anti-corruption compliance guidance appears in the US Sentencing Guidelines and COSO guidance, among many sources. On the other hand, modification of sales incentives in the face of bribery, while not a radical proposition, is something that enforcement agencies generally do not ask corporations to do.
5. Effective Implementation
Organisations must embed anti-bribery policies and procedures throughout the business. "Paper compliance" is insufficient. Larger organisations should consider establishing an implementation strategy detailing the rollout of these policies and procedures:
Larger organisations may also consider requiring or suggesting that business partners participate in anti-corruption training courses.
The admonition that "paper compliance" is insufficient echoes warnings issued numerous times by US enforcement officials. Indeed, US Deputy Attorney General Mark Filip’s famous 2008 memorandum on prosecuting business organisations explicitly cautions that a mere "paper program," lacking the necessary design, implementation, and review, will not protect a company from prosecution.
6. Monitoring and Review
Organisations must institute mechanisms to monitor and review their compliance with anti-bribery policies and procedures. Among other things they may wish to do the following:
As with the other five principles, the need for ongoing monitoring and periodic reviews of anti-bribery programmes is widely recognised by governments and non-governmental organisations alike. For instance, the OECD’s Working Group on Bribery in International Business Transactions recommended "periodic reviews of the ethics and compliance programmes or measures, designed to evaluate and improve their effectiveness in preventing and detecting foreign bribery, taking into account relevant developments in the field, and evolving international and industry standards."
Guidance on Specific Issues
The draft guidance also attempts to clarify several key issues:
The draft guidance also sets out a number of illustrative case studies, although these will not form part of the final guidance.
What is perhaps most surprising is that the guidance remains silent on the jurisdictional implications of the strict liability offence of failing to prevent bribery for commercial organisations. Any partnership or corporation that "carries on a business, or part of a business, in any part of the United Kingdom" is subject to the requirement. What precisely it means to carry on business in the United Kingdom remains shrouded in mystery. The illustrative examples contained in Annex B of the guidance only deal with UK-based organisations. Thus, we still do not know what nexus with the territory of the United Kingdom will subject an organisation to this aspect of the Act.
The UK Ministry of Justice must receive any comments on the draft guidance before 5 p.m. on November 8, 2010. The questions accompanying the consultation are general in nature, but provide a valuable opportunity for businesses to influence the final form of the guidance. The final guidance is scheduled for publication early in the New Year. The Director of Public Prosecutions and the Serious Fraud Office will jointly publish further guidance to the Act in early 2011.
 On July 26, 2010, the Senior Staff of the UK’s Serious Fraud Office ("SFO"), the agency with lead responsibility for investigating and prosecuting bribery cases under the Act, met with lawyers from Gibson Dunn to discuss the contours of the Act and provide specific guidance for companies seeking to comply with the Act’s provisions. A summary of this discussion is available at: http://www.gibsondunn.com/publications/pages/UKSeriousFraudOfficeDiscussion-RecentlyEnactedUKBriberyAct.aspx
 The guidance states that even if hospitality or promotional expenses do "on their face" violate the Act, "the exercise of prosecutorial discretion provides the degree of flexibility required to ensure the just and fair operation of the Act." This is consistent with what the SFO Senior Staff told us during our July 26 discussion (see supra note 1) – that in some instances a "technical" breach of the Act likely would not require prosecution. This is of little comfort to companies wishing to draft policies that do not endorse breaches of the Act, either technical or otherwise.
 Similarly, during our July 26 meeting the SFO Senior Staff declined to discuss specific, hypothetical scenarios we designed to test elements of the Act’s jurisdictional scope, stating instead that whether a company "carries on" business in the UK will be a fact-specific question, unique to each case.
Gibson Dunn has extensive experience advising clients with respect to the US Foreign Corrupt Practices Act, the UK Bribery Act, and other countries’ anti-corruption statutes. For questions relating to these or any related issues, or any of the issues discussed above, please contact the Gibson Dunn lawyer with whom you work or any of the following lawyers:
F. Joseph Warin (202-887-3609, firstname.lastname@example.org)
Daniel J. Plaine (202-955-8286, email@example.com)
Judith A. Lee (202-887-3591, firstname.lastname@example.org)
David P. Burns (202-887-3786, email@example.com)
Jim Slear (202-955-8578, firstname.lastname@example.org)
Brian C. Baldrate (202-887-3717, email@example.com)
Michael S. Diamant (202-887-3604, firstname.lastname@example.org)
John W.F. Chesley (202-887-3788, email@example.com)
Patrick F. Speice, Jr. (202-887-3776, firstname.lastname@example.org)
Joel M. Cohen (212-351-2664, email@example.com)
Lee G. Dunst (212-351-3824, firstname.lastname@example.org)
Mark A. Kirsch (212-351-2662, email@example.com)
Jim Walden (212-351-2300, firstname.lastname@example.org)
Alexander H. Southwell (212-351-3981, email@example.com)
Lawrence J. Zweifach (212-351-2625, firstname.lastname@example.org)
Adam P. Wolf (212-351-3956, email@example.com)
Nicola T. Hanna (949-451-4270, firstname.lastname@example.org)
J. Scot Kennedy (949-451-3805, email@example.com)
Eric Raines (949-451-4050, firstname.lastname@example.org)
Bryan E. Smith (949-451-4055, email@example.com)
Debra Wong Yang (213-229-7472, firstname.lastname@example.org),
the former United States Attorney for the Central District of California,
Michael M. Farhang (213-229-7005, email@example.com)
Douglas M. Fuchs (213-229-7605, firstname.lastname@example.org)
Marcellus A. McRae (213-229-7675, email@example.com)
Melissa Epstein Mills (213-229-7314, firstname.lastname@example.org)
Charlie Falconer (+44 (0)20 7071 4270, email@example.com)
Philip Rocher (+44 20 7071 4202, firstname.lastname@example.org)
Barbara Davidson (+44 (0)20 7071 4216, email@example.com)
Tim Vogel (+44 20 7071 4271, firstname.lastname@example.org)
© 2010 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.