U.K. Bribery Act "On-Line" as of July 1 – U.S. Employer Impact
The U.K.’s Bribery Act of 2010 became effective on July 1, 2011, and has a major impact on U.S. employers with business operations in the U.K. The Act sweeps away antiquated and piecemeal British bribery laws to create a regime of criminal offenses described by the Director of the Serious Fraud Office as, “the toughest bribery legislation in the world.” Despite this, the U.K. government has emphasized that compliance with potentially stringent legislation should be a matter of common sense: a mixture of risk assessment and proportionality.
This Insight Article examines the main compliance issues from an employment perspective and highlights where U.S. organizations, used to complying with the Foreign Corrupt Practices Act (“FCPA”) and the patchwork of U.S. anti-bribery laws, should focus their attention.
The Special Relationship – Why U.S. Companies Need to Pay Attention
Imagine you are a manager of a U.S. distribution corporation with a branch office in London. The corporation employs a Managing Director in London, who is regularly required to pay “inspection fees” to import inspectors in the destination country of Nigeria, before the corporation’s goods are let into that country. The fees are allegedly required to be paid before the import inspectors will issue a certificate of inspection and facilitate import clearance. However, these payments are increasing in frequency and amount. You are suspicious and do not believe the payments are required under Nigerian law. However, it is necessary to ensure the corporation’s goods are distributed to African customers. As a result, for the last six months you have been approving these payments.
If a payment which is not authorized under the written law of Nigeria has been made, the U.S. corporation could be guilty of the offense of failing to prevent bribery under the Bribery Act 2010. You could also be personally liable of an offense and face jail or a fine for your part in what the Act would consider to be bribery.
Unless the corporation can show it had adequate procedures in place designed to prevent the Managing Director from engaging in this conduct, it could be liable, upon prosecution, for an unlimited fine. Conviction could lead to debarment from international procurement exercises.
Such is the reach of the Bribery Act 2010. It is therefore imperative for U.S. organizations that carry on any business in the U.K. to ensure that their anti-bribery procedures are robust enough to meet the challenges of the Act.
U.K. Bribery Act—Key Provisions
Given that the Act will apply to many U.S. employers, understanding its key elements is crucial. Under the new Act, there are four key criminal offenses.
Bribing Another Person
A person is guilty of a crime if he or she “offers, promises or gives a financial or other advantage to another person” intending that advantage to “induce the person to perform improperly a relevant function or activity” or to reward a person for such behavior. For employers used to the FCPA, note that this provision applies to public and private transactions.
A function or activity is “performed improperly” if it is performed in any way other than the manner in which a reasonable person in the U.K. would expect it to be performed. Of particular note to U.S. employers, even if the performance of the function or activity takes place outside the U.K., any local custom or practice must be disregarded unless it is expressly permitted by the written law applicable to that country.
Following business concerns that corporate hospitality would fall foul of this offense, Government guidance states that reasonable and proportionate hospitality, as part of a public relations exercise designed to cement good relations or enhance knowledge in the organization’s field, is unlikely to be prosecuted.
A person is guilty of this offense if he or she requests, agrees to, receives or accepts a financial or other advantage intending that, as a consequence, a relevant function or activity should be performed improperly.
Bribery of a Foreign Public Official
This provision prohibits a person from offering, promising or giving a financial or other advantage to a foreign public official with the intention of influencing the official in the performance of his or her official functions. To be unlawful, the person must intend by doing so to obtain or retain business or an advantage in the conduct of business. Importantly, there is no violation where the official is permitted or required by the applicable local written law to be influenced by the advantage.
A foreign public official is one who holds a legislative, administrative or judicial position of any kind in a country or territory outside the U.K. The definition can also include those who perform public functions for foreign governments or public agencies in foreign countries, and officials or agents of public international organizations, such as the United Nations.
Failure of A Commercial Organization to Prevent Bribery
The fourth and perhaps the most significant offense is the strict liability offense of failure of a commercial organization to prevent bribery.
A commercial organization will be liable for prosecution if a person “associated with it” bribes another person, intending to obtain or retain business or an advantage in the conduct of business for that organization.
The definition of “commercial organization” is wide. A body or partnership that is incorporated or formed in the U.K., irrespective of where it carries on business, will be included in the definition, as will be an incorporated body or partnership which carries on a business or part of a business in the U.K. (irrespective of where it was incorporated or formed). It does not matter whether the business is charitable, educational, public or private: if it is incorporated or a partnership and engages in commercial activities, it will be included in the definition.
Similarly, the definition of “associated” persons is very broad. It will include a person (whether an individual or an incorporated or unincorporated body) who “performs services” for or on behalf of a commercial organization. An “associated” person includes employees, agents and subsidiaries and even suppliers who are providing services for the organization (except suppliers who are simply acting as the resellers of goods). A joint venture could also be included in the definition if it is performing services for the commercial organization.
This broadly cast net may cause U.S. organizations to look closely at who can be said to be performing services on behalf of the U.K. entity and whether existing policies and procedures adequately address the risks they may pose.
Before the Government guidance was published, there had been some debate as to whether facilitation payments (which are payments to induce officials to perform routine functions they are otherwise obligated to perform) were prohibited by the Act. It is now clear that they are prohibited, but, before deciding whether to prosecute, prosecutors will consider carefully whether a prosecution is in the public interest. The Government recognizes that this prosecutorial discretion provides a degree of flexibility which is helpful to ensure the just and fair operation of the Act. However, it also provides an element of uncertainty.
As this area is a key difference between U.K. and U.S. law, this should be an area of focus for compliance programs. The FCPA contains an explicit exception to the bribery prohibition for "facilitating payments" for "routine governmental action" and similarly provides affirmative defenses which can be used to defend against alleged violations of the FCPA.1 Under the FCPA, payments for legally required administrative fees or fast-track services do not constitute facilitation payments. Thus, organizations operating in both countries will need to be careful that they are following the more strict provisions of U.K. law.
Individuals or organizations convicted of the offenses of bribing another, being bribed or bribing a foreign public official can be liable on conviction to unlimited fines, and individuals can receive a jail sentence of up to ten years. An organization can be convicted for failure to prevent bribery with the penalty being an unlimited fine.
No one can be prosecuted in England and Wales, however, unless one of the two most senior prosecutors (the Director of Public Prosecutions or the Director of the Serious Fraud Office) is personally satisfied that conviction is more likely than not, and that prosecution is in the public interest. Factors taken into account will include whether the organization reports an incident of bribery using the organization’s procedures, and the organization’s willingness to make full disclosure and cooperate with an investigation under the Act.
A potentially more damaging impact of the conviction of the organization lies outside of the remedies specifically enumerated in the Act. For example, an organization convicted under the Act may be debarred from taking part in European Union procurement exercises.
As mentioned above, an organization does not violate the offense of “failing to prevent bribery” if the organization can show that it had adequate procedures in place. Government guidance makes it clear that adequacy of procedures will depend on the risks of bribery faced by the organization. In practice, this means that a risk assessment should be undertaken that takes into account a number of factors that will affect risk, including the size of the organization, the countries in which the organization carries out business, the business sector and the value and duration of the work.
There are six core principles which should be considered in assessing whether procedures are adequate or whether further measures need to be taken. The good news for U.S. companies is this list is very similar to the preventative measures listed under the U.S. Federal Sentencing Guidelines (FSG) to reduce liability under the FCPA and other anti-corruption laws.
The following are six core principles under the U.K. law, with the equivalent recommendations under the FSGs.
Proportionality of Procedures
Bribery prevention procedures should be proportionate to the bribery risks faced. For example, if the organization operates in overseas markets where fraud is perceived to be more commonplace, then more may need to be done. The procedures should also be clear, practical, accessible, effectively implemented and enforced.
The Government guidance sets out a non-exhaustive list of the topics that bribery procedures may cover, which includes: involvement of top-level management in the commitment to prevent bribery; risk assessment and due-diligence procedures; provision on promotional and hospitality expenditures; governance of business relationships; financial and commercial controls; transparency of transactions; procedures for the reporting of bribery; sanctions and disciplinary procedures for breaching anticorruption rules; training and communication of policies and procedures; and ongoing monitoring, evaluation and review.
FSG Equivalent: The requirements are intended to achieve reasonable prevention and detection of criminal conduct for which the organization would be vicariously liable. . . . Such compliance and ethics program shall be reasonably designed, implemented, and enforced so that the program is generally effective in preventing and detecting criminal conduct. The failure to prevent or detect the instant offense does not necessarily mean that the program is not generally effective in preventing and detecting criminal conduct.
The senior-level management of an organization should be committed to a culture of integrity in which bribery is unacceptable. A formal internal and external statement appropriately communicated by senior management can be effective in establishing an anti-bribery culture, and the statement should be drawn to employees’ attention on a periodic basis and be generally available on an organization’s intranet and internet site. Such statements should include: a commitment to carry out business fairly, honestly and openly; zero tolerance towards bribery; clear consequences for breaching the policy; an explanation of the business benefits of rejecting bribery; an explanation of how prevention procedures are being implemented; and identification of those involved in development and implementation of procedures.
The guidance suggests that top-level managers, who may themselves benefit from training on these issues, may want to be personally involved in developing and implementing anticorruption procedures and making critical decisions.
FSG Equivalent: The organization’s governing authority shall be knowledgeable about the content of the operation of the compliance and ethics program and shall exercise reasonable oversight with respect to the implementation and effectiveness of the compliance and ethics program.
An organization’s exposure to risk should be assessed in terms of external and internal risks. External risks can generally be categorized into five groups:
- Country risk: perceived high levels of corruption and an absence of implemented bribery legislation in the countries in which the organization does business.
- Sectoral risk: examples of high-risk sectors include the extractive industries (mining) and large-scale infrastructure sectors.
- Transaction risks: there may be higher risks in making charitable or political contributions, in obtaining licenses and permits, or in transactions relating to public procurement.
- Business opportunity risk: this may involve projects not undertaken at market prices or that do not have a clearly legitimate objective.
- Business partnership risk: for example, using intermediaries in transactions with foreign public officials, consortia or joint-venture partners, or where a politically exposed person or public officials are involved.
The internal risk assessment should examine the extent to which internal structures or procedures add to the level of risk. This will include: assessing training; whether there is a culture of reward for risk taking; and the clarity of policies, financial controls and an anti-bribery message from top-level management.
FSG Equivalent: The organization shall periodically assess the risk of criminal conduct and shall take appropriate steps to design, implement, or modify each requirement . . . to reduce the risk of criminal conduct identified through this process. The organization shall use reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, is engaged in illegal activities or other conduct inconsistent with the effective compliance and ethics program.
Appropriate questions and checks should be undertaken before engaging others to represent the organization in business dealings. The extent of questions and checks should be assessed based on the risk assessment principles above and be applied not just when hiring employees, but also when engaging other “associated persons.”
FSG Equivalent: The prior diligence of an organization in seeking to prevent and detect criminal conduct has a direct bearing on the appropriate penalties and probation terms for the organization if it is convicted and sentenced for a criminal offense.
Communication (Including Training)
Policies and procedures setting out the basis on which the organization does business should be communicated to staff and others who will be providing services. General training (which is proportionate to risk) could be mandatory for employees as part of an induction (orientation) process but consideration should also be given to tailored training for those involved in higher-risk functions, for example: purchasing, contracting, distribution and marketing, and those working in high-risk countries.
FSG Equivalent: The organization shall take reasonable steps to communicate periodically and in a practical manner its standards and procedures, and other aspects of the compliance and ethics program by conducting effective training programs and otherwise disseminating information appropriate to such individuals’ respective roles and responsibilities.
Monitoring and Reviewing
As risks may change over time, perhaps through acquisition or the opening of new markets, there should be regular monitoring of the effectiveness of an organization’s anti-bribery procedures and a review of procedures when any particular change to bribery risks occurs; for example, when the business enters new markets. Staff surveys, questionnaires and feedback from training can also provide a source of information on the effectiveness of procedures.
FSG Equivalent: The organization shall take reasonable steps to ensure that the organization’s compliance and ethics program is followed, including monitoring and auditing to detect criminal conduct and evaluating periodically the effectiveness of the organization’s compliance and ethics program.
Key Differences for U.S. Employers
The U.K. Act has a glancing similarity to U.S.’s FCPA. Indeed, the two Acts cover many of same subjects. Yet, there are many differences, the most striking of which is the U.K.’s laws scope covering domestic and foreign bribery to representatives of private and public entities. Indeed, one can think of the law of the U.K. Act as a combination of the FCPA, federal, state, and common bribery statutes and rulings, and common law.
Another surprise for U.S. employers is that there is strict liability for failing to prevent bribery. Further, while the FCPA has set caps on monetary liability, the U.K. Act has none. With these differences in mind, U.S. employers that may be covered by the U.K. Act should pay close attention to the following outline of key differences.
U.S. FCPA vs. U.K. Bribery Act
U.S. companies and citizens, foreign companies listed on U.S. stock exchange, or any person acting while in the U.S.
Corporate Offense - Failing To Prevent
Who can be bribed?
Only bribery of "foreign official" is prohibited However, a host of other federal and state statutes and case-law, many of which are industry specific, may apply to bribery of other U.S. officials and private persons.
Prohibits bribes offered promised or given to any person to induce them to act "improperly" (not limited to foreign officials)
What advantage must be obtained?
Payment is made be "to obtain or retain business"
Focus is on intention to induce or award a person to perform function or activity rather than being limited to the business nexus (except in case of strict corporate liability)
"Active offense" vs. "passive offense"
Only the act of payment, as opposed to the receipt/acceptance of payment, is prohibited
Two offenses: (1)active offense: bribing another and (2) passive offense of being bribed
Evidence of corrupt intent required.
General Offenses: Intention to induce or reward improper performance. Relevant expectation is that of a reasonable person in the U.K.
Corporate strict liability
Limited to the accounting provisions for public companies (failure to maintain adequate systems of internal controls)
A new strict liability corporate offense for the failure of a commercial organization to prevent bribery (subject to defense of having "adequate procedures" in place designed to prevent bribery)
Liability for Senior Officers
Conspiracy, aiding/abetting standards apply
Senior officers who consent or connive in a an act of bribery committed by the corporation are guilty of that offense.
Business promotion expenditures
Affirmative defense for reasonable and bona fide expenditures directly related to the business promotion or contract performance
No similar defense
Allowable under local law
An affirmative defense if payment is lawful under written laws/regulations of foreign country
In cases of bribery of foreign public official, there is no violation if permissible under written laws of foreign country
Limited exception for payment to a foreign official to expedite or secure the performance of a routine (nondiscretionary) government action
No facilitating payments exception.
Affirmative Steps to Prevent Bribery
No offense for compliance failures. However, taking such active steps will be considered in deciding to prosecute, the amount of fines, and settlement. See also FSG.
Strict liability for commercial organizations that fail to prevent bribery unless the corporation can demonstrate that it had "adequate procedures."
Both civil and criminal proceedings can be brought by DOJ and SEC
Criminal enforcement only by the U.K. Serious Fraud Office (SFO). The Director of the SFO and the Director of Public Prosecutions must give personal consent to a prosecution under the Act.
Criminal: Bribery: for individuals, up to five years' imprisonment and fines of up to $250,000; for entities, fines of up to $2 million Books and records/internal control violations: for individuals, up to 20 years' imprisonment and fines of up $5 million; for entities, fines of up to $25 million Civil penalties also apply
Individuals: Up to 10 years' imprisonment and potentially unlimited fines; for entities, potentially unlimited fines
While the Act is uncompromising in its application, the government’s stated aim is “not to make life difficult for the vast majority of decent, law-abiding firms.” As a result, combating the risk of bribery should be about common sense and not burdensome procedures; hence the emphasis on proportionality.
Every organization is different, as are the risks they will face. There is no one–size-fits-all solution, particularly as many U.S. organizations will already have a full compliance program in place. Nevertheless, U.S. companies should still consider taking action as follows:
- The Act extends to private transactions, not just to those with public officials. Existing group-wide codes of ethics may need to be amended to reflect this.
- Your existing risk assessments may not cover employee, contractor or business partner relationships which may be covered by the U.K. definition of “associated persons.”
- You may already have a gifts, entertainment, and hospitality policy, but you should review it in light of the U.K. legislation and make sure it sets clear standards; consider what needs to be done to extend existing policies to persons who could be considered to be “associated” with the U.K. entity.
- Check that disciplinary rules cover bribery and that the consequences of breach are clear.
- Review any U.K. employment contracts. Consider inserting an express obligation to disclose wrongdoing and, depending on the potential risk, introducing an annual self-certification process.
- Review your company’s whistleblowing policy. Consider whether it adequately accounts for the risks faced and whether it should be extended to those who are not just employees but who provide services on behalf of the organization.
- Review remuneration and commission arrangements to ensure that they do not encourage risk taking or otherwise provide an incentive to engage in bribery. Consider referring to anticorruption statements or an anti-bribery policy.
- Review and introduce training where appropriate, and make sure training is supported by senior management. Ensure that specific guidance is available for those who may face circumstances which are prohibited by the Act—for example facilitation payments—and clarify why these are now in scope.
- Issue a top-level statement both internally and on your website confirming the commitment of senior management to anti-bribery measures.
1 The FCPA lists the following examples: obtaining permits, licenses, or other official documents; processing governmental papers, such as visas and work orders; providing police protection, mail pick-up and delivery; providing phone service, power and water supply, loading and unloading cargo, or protecting perishable products; and scheduling inspections associated with contract performance or transit of goods across country.
Philip Berkowitz is a Shareholder in Littler Mendelson's New York City office; David Goldman, Managing Shareholder of the Littler Learning Group, is in the San Francisco office; Ellen Temperton is a Partner at Lewis Silkin. If you would like further information, please contact your Littler attorney at 1.888.Littler or firstname.lastname@example.org; Mr. Berkowitz at email@example.com; Mr. Goldman at firstname.lastname@example.org; or Ms. Temperton at email@example.com.