Bribery and corruption are two sides of the same coin. Public officials who accept bribes are usually considered corrupt, as are organizations that attempt to bribe. That makes anti-bribery and corruption equally essential parts of your compliance programs.
Anti-bribery guidelines prevent people and organizations from attempting to bribe others, while anti-corruption guidelines prevent public officials from accepting those bribes. Both bribery and corruption are unethical, but there are also laws to prevent them, such as the Foreign Corrupt Practices Act (FCPA) in the U.S. and the UK Bribery Act.
What follows is everything you need to know about bribery and corruption to build an effective third-party compliance program.
What is Anti-Bribery and Anti-Corruption (ABAC)?
Anti-bribery makes it a crime to offer a bribe, accept a bribe, attempt to bribe a foreign official or fail to prevent someone else from offering a bribe for your organization. That means your organization can be held accountable if a third-party attempts to bribe public officials while acting on behalf of your organization.
Anti-corruption guidelines are similar to anti-bribery. They prohibit paying foreign public officials or the leaders of state-owned organizations in return for favorable treatment. Payment isn’t just money, either. Lavish trips, fancy cars and expensive dinners could all fall under anti-corruption laws.
Anti-Bribery and Corruption Laws and Guidelines
Around the world, 46 jurisdictions have laws associated with anti-bribery and corruption. The U.S. and the UK have influential ABAC laws that set a global standard for bribery and corruption and the penalties associated with each.
It’s essential to understand the specific ABAC guidelines for the jurisdictions where you or your third parties do business since the regulations vary.
Anti-bribery laws and guidelines exist around the globe. Some are legally enforceable, but others create frameworks for how organizations can prevent bribery and other related criminal activity.
The UK Bribery Act
The UK Bribery Act is considered a landmark law. It establishes criminal law related to bribery and covers not only those that offer or accept bribes but also any third parties that offer or accept bribes on behalf of another entity. Unlike other laws, the UK Bribery Act covers the private and public sectors.
Under the act, bribery is defined as:
- An individual or organization that pays a bribe to gain favorable treatment towards their business activities.
- This doesn’t require the intent of the individual or business paying the bribe.
It’s important to note that the UK Bribery Act sets a stricter standard than many other laws since even paying to expedite a routine government action is considered a bribe. You are still accountable even if a third party offers a bribe to benefit your organization.
Penalties vary depending on the severity of the violation. These can include:
- Up to ten years in prison
- Unlimited fines
- Prohibition from bidding for public contracts
- Confiscation orders
- Convicted company directors can be barred from leadership for up to 15 years
The OECD Anti-Bribery Convention
The OECD Anti-Bribery Convention criminalizes the bribery of foreign public officials. This policy is legally binding and applies to international business transactions. Though it’s not the only anti-bribery law on the books, it’s unique in that it focuses on what it calls the “supply side” of the bribe. This means it punishes the entity offering the bribe, not the entity receiving it.
Organizations that agreed to the new 2021 Anti-Bribery Recommendation will have to implement new processes to detect and mitigate risks related to foreign bribery.
ISO 37001 sets a standard, not a law, but it’s integral to achieving compliance. Organizations of all sizes can incorporate ISO 37001 into their unique activities. Implementing aspects of this stand can include:
- adopting anti-bribery and compliance policies
- appointing someone to oversee the organization's anti-bribery programming
- completing appropriate due diligence to mitigate risks associated with bribery
Though ISO 37001 is not punishable by law, ISO compliance paves the way for compliance with conventions (like the aforementioned UK Anti-Bribery Act and OECD) that are.
The United State’s Foreign Corrupt Practices Act (FCPA) of 1977 can be seen as a companion to the UK Bribery Act. It prevents organizations from bribing foreign officials to benefit their business. It also sets a global standard for corruption since it was amended in 1998 to cover domestic and foreign organizations.
The FCPA requires all publicly-traded companies to document their internal accounting controls to reflect all transactions. The Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) enforce the FCPA, which has been a top priority for both organizations for over a decade.
Organizations that violate the FCPA could face penalties, including:
- Up to five years in prison
- Up to $100,000 in criminal penalties
- Up to $10,000 in civil penalties
Your organization and third-party partners will be held to this standard, so you must complete thorough due diligence before forming a relationship with a vendor.
Achieving Anti-Bribery and Corruption Compliance
Many organizations know that anti-bribery and corruption compliance is important. But it can take more work to achieve than you might think. Between strict laws, essential guidelines and your entire supply chain, knowing whether or not the organization is compliant comes down to compliance monitoring and due diligence.
Taking an always-on approach to compliance monitoring ensures that risks don’t go unchecked, whether evolving regulations with ramped-up requirements or new employees needing more training around bribery and corruption. While this may sound time-consuming, it’s critical to achieving and maintaining compliance with anti-bribery and corruption policies around the globe.
Due diligence means thoroughly investigating other entities before you form a business relationship. It also means rigorously testing any new software or processes to ensure they won’t introduce vulnerabilities. Even with effective due diligence, bribery and corruption risks can still surface. That’s where compliance monitoring helps.
ABAC Compliance and Risk-Based Due Diligence
Regulators routinely uncover evidence of corrupt acts by an intermediary acting on the company’s behalf, both with and without the company’s knowledge, making risk-based due diligence a top priority for your anti-bribery and corruption compliance program.
Assigning the appropriate level of due diligence for the company’s third parties requires assessing risks objectively and systematically, but finding the right balance of how much and how often to conduct due diligence isn't always easy.
Download 5 Steps to Implementing a Risk-Based Due Diligence Program to discover the challenges many compliance teams face in managing third parties and how to overcome them.