Banking and finance dispute resolution
For the latest news and comment on banking and finance disputes.
For the latest news and comment on banking and finance disputes.
For all the latest news and comment in clinical negligence healthcare law
This collection looks at the latest news and comment on commercial contracting healthcare law. With the health and social care sector under…
For all the latest news and comment in employment and pensions healthcare law
For all the latest legal and regulatory news and comment in health technology
This collection contains DAC B eachcroft's latest report, The Route to Integrated Healthcare , which provides the first practical examples of how…
This collection looks at the latest strategic, commercial, regulatory and negligence legal and advisory news and comment in health and social care. …
For all the latest news and comment on employment and pensions law.
DAC Beachcroft Dublin specialises in insurance, professional indemnity, defendant personal injury, health, commercial litigation and employment work.…
For all the latest new and comment in tax law.
The GC Collective collection offers insight and comment for General Counsels (GCs) and in-house legal teams.
For the latest news and comment on Corporate, M&A and Equity Capital Markets.
Analysis, commentary and checklists on the legal and governance implications of Brexit on businesses operating in, and trading with, the UK
The Accountant's Liability Collection brings you topical news and insight of interest to accountants, actuaries, trustees and other financial…
Events and online training for the health and social care sector.
DAC Beachcroft's LatAm Quarterly Newsletter discusses topical news and issues in Latin America
In response to client suggestions and requests, DAC Beachcroft's insurance sector flagship publication.
For all the latest legal and regulatory news and comment in health and social care integration
For all the latest news and comment in corporate regulatory healthcare law
Find advice, commentary and thought leadership on all aspects of Director's & Officer's Insurance; from contract formation through to complex…
This collection looks at the latest news, comment and development on the law affecting mental health services. The law affecting mental health…
Our market-leading Information Law team regularly publish articles and updates addressing the ever-evolving Information Law landscape.
This collection looks at our Safety, Health and Environment Team and the products and services they can provide. In the climate of increased…
The Insurance Act 2015 comes into force in August 2016 and will represent a significant change to insurance contract law in this country. This…
Legislative changes are bringing major changes to the Insurance landscape. This collection houses DAC Beachcroft's alerts on the pertinent issues.
For all the latest news and comment in clinical regulatory healthcare law
Organisations face ever-increasing expectations from Government, regulators, customers or service users, and other stakeholders, so scrutiny and…
For all the latest legal and regulatory news and comment in healthcare estates and facilities management
This collection addresses the full spectrum of cyber security and data risk management – the zeitgeist of our age.
We have acted for clients in the majority of significant product liability cases that have been decided in the UK over the last 35 years. Our product…
Considering the future landscapes of our cities
The European General Data Protection Regulation (GDPR) came into force on 25 May 2016. A rewrite of European data protection law, the GDPR imposes…
Considering the future of housing
For the latest news and comment on public procurement law.
Welcome to the Construction Risks collection. This space is used to report upon issues of interest to those who seek to allocate, manage and reduce…
Technology, brands and intellectual capital are key assets for any successful business. Our intellectual property (IP) team are experts at helping…
Considering the future of retail
The Insurance Market Conditions and Trends report is DAC Beachcroft's insurance sector flagship publication. Now in its tenth year, the report…
The Solicitors' Risk Collection addresses issues and developments affecting legal practitioners, and the professional indemnity insurers of legal…
Published On: 17 March 2016
In a series of three articles, international law firm DAC Beachcroft LLP and leading global public strategy firm Mercury LLC highlight some of the key aspects of the UK's anti-bribery legislation and explain why multi-national businesses need to be aware of and take steps to guard against risk of criminal liability and associated reputational damage.
The Bribery Act came into force on 1 July 2011. After a slow start, the Serious Fraud Office (SFO) has started to gain traction with recent high profile prosecutions of Standard Bank  and the Sweett Group . The main issue to date has been the lead in time. The Bribery Act does not have retrospective effect. Consequently, where the conduct pre-dates the coming into force of the Act, prosecutions have been pursued under the prior legislation. We are now getting to the point where conduct is being caught by the Act as it occurred after 1 July 2011. The SFO has signalled its intent to be more aggressive in its pursuit of prosecutions under the Act, with the focus as much on corporate wrong doing as it is on individual misconduct. Consequently, at least for the reason we identify in this article, for multi-national corporations, bribery risk exposure will increasingly be an area of concern.
Under the Act, it is an offence for a person to bribe or be bribed. A bribe is essentially the offer of a financial or other advantage with the intent that the person receiving it is induced to improperly perform their function.
Section 7 of the Act makes it an offence for a "commercial organisation" to fail to prevent bribery, and they are guilty of any offence where an "associated person" bribes another person, intending to obtain or retain business or to obtain or retain an advantage in the conduct of business.
Importantly, it is a defence for the commercial organisation to prove it had in place adequate procedures designed to prevent a person associated with it from undertaking such conduct. The procedures to be put in place are guided by six non-prescriptive principles laid down by the government:
In this article, we focus primarily on Risk Assessment, however, it is important first to highlight the extra-jurisdictional reach of the Act as this goes a long way in explaining why risk assessment is such an important aspect
It is crucial for multi-national businesses to understand that the Act is not just concerned with what happens in the UK - it extends to conduct outside of the UK, even where that conduct occurs wholly outside of the UK. Its extra-jurisdictional reach is enshrined in the Act.
If a corporate carries out business in the UK, it can be prosecuted in the UK under s.7 regardless of where the conduct was carried out. As a result, all corporates who do business in the UK need to be aware of the provisions of the Act and have put in place policies and procedures, including carrying out a risk assessment, to prevent bribery. A failure to do so will leave the corporate exposed to prosecution under s.7.
It is worth noting there is some debate around what "carries on a business" means as it is not defined in the Act. It clearly denotes more than just a mere physical or legal presence in the UK. Whilst it is obviously inherent that there needs to be some activity, exactly what activity is open to debate. It naturally includes the corporates regular trade or commercial activity, but there can be little doubt that the intention was to widely define the activity being carried out. It seems likely this will be an area for judicial consideration and direction.
All of the six principles laid down by the government are important, however, the need to carry out and periodically review risk assessment processes and procedures is potentially the most challenging area. The fundamental requirement is that the corporate assesses the nature and extent of its exposure to potential external and internal risks of bribery on its behalf by persons associated with it. The assessment must be periodic, informed and documented. But what does this mean?
What the corporate needs to do is understand where its exposures lie. At a fundamental level, this may appear straight forward. Surely any responsible corporate will know how it does its business, who it deals with and where it does it. As a result, it should know and understand what risks are associated with its business sector, its business partners and the countries in which it operates.
However, getting it right requires a multi-faceted approach. There needs to be:
Getting it right in the first place is only half the story. There needs to be periodic review of the risks associated with the corporate’s business. Risks can and often do change. This can be driven by changes in the business itself or in the sectors or countries in which it operates. Most commonly, corporates will enter new sectors or new territories, possibly both at the same time. In doing so, it needs to assess whether its risk profile has changed. It must recognise the events that give rise to the need to undertake a review of its risk assessment. This may not mean, however, simply carrying out risk assessment on the specific sector or country. It may also require the corporate to consider whether its risk assessment resources are adequate to carry out the risk assessment in their current form. It may also need to consider whether it has access to the right information. In either case, before the corporate can embark on a sector/country risk assessment it may need to enhance its resources to enable it to properly do so.
External factors can also lead to a need to carry out further or enhanced risk assessment processes. Sometimes the need to do so is obvious, for example where social or political turbulence leads to changes in government or civil unrest. It may, however, be much more subtle: Laws may change which affect the way the corporate is able to do business in a particular jurisdiction, countries may exit from or join trade, economic or social alliances. Whatever the change is, the corporate needs the ability to recognise it and react accordingly. It is possible that no actual changes need to be made to processes and procedures as a result, but the corporate needs to consider it.
Failure to identify or address an obvious change in risk profile is going to give rise to a risk of exposure to prosecution under s.7 of the Act in the event that bribery has taken place. It will give rise to concerns about the adequacy of the procedures in place to identify and assess risk, most likely a lack of adequate resource, whether in terms of man power or experience and expertise. It may also lead to a finding that top level management has failed to exercise proper oversight of the process.
Identification of risk will naturally lead to consideration of how the risks are addressed. This may be via enhancement to existing control functions, implementation of new control functions, monitoring remedial actions to ensure they adequately fill any gaps identified and reporting outcomes.
What is important to bear in mind, however, is that corporates are not required to take exhaustive steps to eradicate the very possibility of bribery. Criminal activity is often by its very nature covert and difficult to identify. Adequate risk assessment enables corporates to understand where the risks lie, to put in place those procedures aimed at preventing bribery and to monitor and react to change. The ability to identify and assess risk is an essential part of the procedures that a corporate needs to have in place to enable it to address bribery, and to be able to defend itself against exposure to prosecution under s.7 of the Act. Recognising the fact that the Act applies to conduct outside of the UK is an essential element of understanding bribery risk.
In addition to the legal woes that come along with SFO investigations and prosecutions, corporates must also pay close attention to the potential for significant reputational damage. Given this damage often outlasts the legal process, the importance of understanding and managing reputational risk cannot be overstated.
It is crucial that corporates operating in territories with high corruption risk have plans in place to immediately address any instances or allegations of impropriety. In the midst of a crisis, there is no time to step back and build the internal capacity needed to effectively respond to reputational threats. Developing crisis communications strategies and protocols in advance enables corporates to quickly respond to any issues as they arise, rather than waiting for them to escalate.
These crisis communications plans must take into account both traditional and social media. Many companies have learned the hard way that social media can turn an obscure local story into an international issue overnight. In order to effectively manage their reputations in this new communications landscape, corporates must understand how to effectively monitor and engage through online platforms.
It is increasingly clear that legal and public relations risk management strategies cannot operate in a vacuum. The two must be seamlessly coordinated in order to be as effective as possible.
 Standard Bank agreed to pay £21.7m under the terms of a Deferred Prosecution Agreement
 Sweett Group was fined £1.4m, subject to an £851,152.23 confiscation order and ordered to pay £95,031.97 in respect of the SFO's costs.