On 14 September 2010, the United Kingdom’s Ministry of Justice issued its Consultation Paper on what might be “adequate procedures” prevent bribery. Under section 9 of the Bribery Act, the only defense against criminal liability for a commercial organization which has “failed to prevent bribery” is that the organization had adequate procedures” to prevent bribery.
The consultation is a designed to seek public comment. Responses are due by November 8.
It lays out six principles for bribery prevention:
Risk Assessment – this is about knowing and keeping up to date with the bribery risks you face in your sector and market;
Top level commitment – this concerns establishing a culture across the organisation in which bribery is unacceptable. If your business is small or medium sized this may not require much sophistication but the theme is making the message clear, unambiguous and regularly made to all staff and business partners;
Due diligence – this is about knowing who you do business with; knowing why, when and to whom you are releasing funds and seeking reciprocal anti-bribery agreements ; and being in a position to feel confident that business relationships are transparent and ethical;
Clear, Practical and Accessible Policies and Procedures – this concerns applying them to everyone you employ and business partners under your effective control and covering all relevant risks such as political and charitable contributions, gifts and hospitality, promotional expenses, and responding to demands for facilitation demands or when an allegation of bribery comes to light.
Effective implementation – this is about going beyond ‘paper compliance’ to embedding anti-bribery in your organisation’s internal controls, recruitment and remuneration policies, operations, communications and training on practical business issues.
Monitoring and review – this relates to auditing and financial controls that are sensitive to bribery and are transparent, considering how regularly you need to review your policies and procedures, and whether external verification would help.
It also sets out a few scenarios and how the principles would be applied.