Strict liability for failure to prevent bribery - The most significant departure from the FCPA is the UK Bribery Act's introduction of a new separate offense for a company's failure to prevent bribery by its employees, agents, subsidiaries or others who perform services for the company. This new offense applies on a strict liability basis, and is only subject to one defense: proof that the company has in place "adequate procedures" to prevent bribery. The fact that the company was not aware of improper action by, for example, a sales agent or distributor is not a defense. Thus, companies should consider whether they have adequate measures in place, such as appropriate anti-bribery provisions in their contracts with third parties. A summary of the recently issued guidance regarding "adequate procedures" under the UK Bribery Act is included below.
Applicable to public officials and private parties - The UK Bribery Act does not distinguish between public and private sector bribes. Bribery of private parties as well as public officials is prohibited.
"Corruption" not required for liability - Under the UK Bribery Act, a bribe by a company or any of its employees or agents is an offense under the act if done with the intention to obtain or retain business or to obtain a business advantage. This is a lower threshold than under the FCPA, which requires that a payment be made "corruptly" to establish liability.
Accepting bribes is also prohibited - While the FCPA does not target recipients of a bribe, under the UK Bribery Act, both the bribe-taker and the party paying a bribe may be liable. In some cases, the offense of accepting bribes may be prosecuted without proof of intent. For example, accepting lavish hospitality from a supplier may be subject to prosecution.
"Facilitation payments" are not expressly permitted - The UK Bribery Act does not contain any exemption for payments made to facilitate or expedite routine governmental action by a foreign official, such as issuing licenses or permits. These so called "facilitation payments" are expressly excluded from the anti-bribery provisions of the FCPA. However, it is worth noting that even under the FCPA, U.S. enforcement agencies appear to be taking an increasingly narrow view of what falls within the "facilitation payment" exception.
No affirmative defense for hospitality and bona fide expenses - The FCPA includes an affirmative defense for payments that represent reasonable and bona fide expenditures directly related to the promotion, demonstration or explanation of products or services or the execution or performance of a contract with a foreign government. There is no such defense under the UK Bribery Act. Instead, any financial or other advantage given or promised to another could amount to a bribe if a reasonable person in the UK would regard that action as improper or if it is an inducement or reward for something that a reasonable person in the UK would regard as improper. The test is clearly subjective. Modest corporate entertainment or gifts may be considered permissible, and lavish ones may not. It will not necessarily be straightforward to decide where the line should be drawn.
Penalties for violating the UK Bribery Act can vary widely, but may include unlimited fines on companies failing to prevent bribery, up to ten years in prison per offense for responsible persons and debarment from public contracts in the European Union.
"Adequate Procedures" Required to Avoid Strict Liability
The offense of failure to prevent bribery applies on a strict liability basis unless a company can demonstrate that it had in place "adequate procedures." The UK Bribery Act therefore incorporates a strong mandate for companies to establish and maintain effective internal controls to prevent acts of bribery.
The UK Ministry of Justice recently published guidance on the "adequate procedures" that companies must take to avoid strict liability for violations of the Bribery Act by employees, agents, subsidiaries or others who perform services for or on behalf of the company. This guidance is formulated around six principles, which include familiar elements seen in principles for FCPA compliance:
Proportionate procedures - A company's procedures to prevent bribery by persons associated with it should be proportionate to the bribery risks it faces and to the nature, scale and complexity of its business. Close attention should be paid to the people associated with the company, and the procedures should be clear, practical, effectively implemented and enforced.
Top-level commitment - Similar to the focus on board and senior management involvement under the FCPA, the UK guidance emphasizes the need for a company's top-level management, including the board, to be committed to preventing bribery by persons associated with the company. Company leaders must foster a culture in which bribery is never considered acceptable, and this should be communicated both internally and externally.
Risk assessment - A company should assess the nature and extent of its exposure to risks of bribery, including bribes made on its behalf by persons associated with it. The assessment should be periodic, informed and documented. The guidance identifies several types of external risks that a company should consider, including country risk (which may be evidenced by perceived high levels of corruption), sector risk (with certain industries, such as oil and gas and large-scale infrastructure, involving greater risks) and business partnership risk (such as risks associated with joint venture partners and third-parties interacting with government officials).
Due diligence - The guidance directs companies to conduct due diligence on the individuals and businesses who perform services for or on behalf of the company in order to mitigate identified bribery risks. The due diligence can be performed internally or by consultants or lawyers. The level of due diligence performed should be proportionate to the risks involved. In certain high-risk situations, such as engaging a third-party to assist in establishing a business in a foreign market, greater due diligence may be required. Background checks, for example, on proposed foreign distributors may be appropriate. The guidance also suggests that companies may wish to conduct due diligence on their potential and existing employees, depending on the role of such employees and the associated risks.
Communication (including training) - Companies should seek to ensure that their bribery-prevention policies and procedures are embedded and understood throughout the organization through internal and external communication, including dissemination of the company's bribery-prevention policies and training programs.
Monitoring and review - Companies should regularly monitor and review their anti-bribery procedures and make adjustments and improvements where necessary. The guidance notes that because the bribery risks that a business faces may evolve over time, the controls required to mitigate those risks are also likely to change and must be regularly reviewed.
In light of the broad scope and territorial reach of the new UK Bribery Act, companies that conduct business in the UK - both those with well-established anti-corruption policies, as well as those that are developing a formal compliance program for the first time - should carefully consider their potential exposure to the risks of bribery and corruption, and should develop and implement tailored policies and procedures to address such risks.