Posted: 24th May 2017
Most directors will be aware of the UK Bribery Act and what’s involved in managing the risk of anti-bribery and corruption (AB&C), but is your firm doing enough in a changeable regulatory climate?
The UK Anti-Corruption Plan puts pressure on UK-based firms to help fight against global corruption and to stamp out bribery. This added responsibility poses significant challenges to UK firms when viewed alongside current compliance demands.
A low appetite amongst firms for doing business in certain jurisdictions due to the AB&C risks present is a potential issue for the world economy. UK firms’ response to more stringent regulation and legislation in this area should not be wholesale de-risking, and indeed any move to de-risk should be accompanied by robust reasoning.
So, with all of this in mind, how can firms approach the challenges of anti-bribery and corruption in a compliant and business-enabling way?
Key challenges for your firm in the AB&C climate
There has recently been a step-up in international standards for anti-bribery management systems in the form of ISO 37001. It specifies a framework of measures that institutions need to implement to mitigate against bribery.
As well as this, 2017 will see the Fourth Anti-Money Laundering Directive implemented, and the Fifth Anti-Money Laundering Directive announced (otherwise known as 4 and 5AMLD, respectively), with a focus on politically exposed persons, high-risk, non-EU countries and beneficial ownership. On the horizon is a new offence of ‘failing to prevent economic crime’, which is likely to be similar in nature to the Bribery Act, requiring ‘reasonable considerations’ to be applied to prevent economic crime. Firms must also consider the FCA’s whistleblowing rules.
Firms will need to be confident that the many aspects of their business affected by these upcoming changes are set up compliantly. The Bribery Act 2010 has a worldwide reach, with its extra-territorial power over any firm with a UK footprint, and firms will therefore need to mitigate the risks when conducting business abroad to avoid delivering ‘improper performance’.
How does your firm oversee and manage ‘proper performance’ with employees, intermediaries and agents that do business abroad? Operating in high-risk jurisdictions may hold lucrative business opportunities, but a robust AB&C programme is needed to ensure the commercial advantages of this business are truly realised.
Ensuring your AB&C programme is fit for purpose
An effective and ongoing risk assessment is the backbone of your AB&C programme as it provides a benchmark for acceptable risk. There isn’t a ‘one-size-fits-all’ approach to effective policy and risk management planning, and rather an appropriate reaction is one that takes account of the unique risks the firm is exposed to. Achieving proportionality is a key function of a firm’s agreed risk appetite and risk assessment – measuring prospective risk against these can greatly assist a firm in its decision to pursue specific business. Once a firm is comfortable with the risk inherent in a piece of business, it is the role of their due diligence process to establish any hidden issues, and so this also needs to be robust.
Since 2011, most firms have understood the Bribery Act and implemented appropriate risk controls, but does your risk assessment stand the test of time?
As well as maintaining an up-to-date risk assessment, some practical tips for firms include:
- Ensuring a tone from the top that endorses ethical standards of behaviour for employees and clients and looks to address poor behaviours proactively
- Implementing ethical and transparent policies to cover AB&C, gifts, offsets, hospitality, sponsorship and lobbying
- Ensuring responsibility for compliance in this area has been assigned to the appropriate senior manager (especially given the senior managers regime in banking and its imminent extension across financial services)
- Introducing or further developing employee-wide training programmes covering ethics and compliance
- Making sure employees can report concerns via easy-to-access channels – for example, a 24-hour ethics line – and reacting appropriately to concerns
- Focusing on intermediaries to ensure that they comply with ethical and compliance standards
Effective training that goes further than the obligations of individual staff members (for example, providing the wider context for the need to manage and mitigate AB&C) can help set the tone for AB&C risk management and enforce the right attitudes towards it. Implementing an adequate training programme that addresses staff at all levels of the business can be a challenge, however, it’s crucial to consider tailored training for key people with high risk exposure to bribery.
When thinking about the above areas, the principle of proportionality is vital. Firms focusing their resource on the highest risk areas (and documenting what this looks like in terms of activity) are doing the right thing from a regulatory point of view. The endorsement of this activity from the top of a business is another key element of its effectiveness – senior leaders must appreciate the connection between failures in oversight today and potential regulatory issues in the future, and how this may negate the original commercial benefits of the decision to do business.
Setting an example
UK-based firms who review, re-shape and respond to AB&C are the leaders in an evolving anti-corruption climate. In this area (and in many areas of financial crime risk management) the approach of UK firms sets a precedent to the rest of the world, so it is even more crucial that UK firms operating across all regulatory jurisdictions are unified and robust in their approach.
This is a factor for firms to bear in mind over and above the changeable nature of regulatory requirements, which are invariably a response to an increasingly developing threat. Those firms who accept this responsibility and ensure the compliant approach and accompanying messages proliferate throughout the business will be in a good position going forwards.