The first contested “failure to prevent” case, in which a company sought to rely on having adequate procedures in place, concluded with a small British refurbishment company being found guilty.
Despite now being dormant, it was decided to be in the public interest to try the case and in doing so sends out a strong message that companies of all sizes should be considering whether they have what might constitute adequate procedures in place.
The case is not the typical headline-grabbing events often associated with bribery enforcement action but they give a first glimpse into how prosecutors (and in turn a jury) may assess the adequacy of procedures.
The facts outline that the former managing director of Skansen Interiors paid bribes in two payments to a former project manager at a real estate company totalling £10,000 (about $13,900), as well as another that was not paid, to secure contracts worth £6 million (about $8.3 million) for the refurbishment of offices in London.
In its defense, the company argued that it had adequate procedures in place. The jury disagreed and a guilty verdict was returned.
Skansen Interiors argued that since it operated a localized, domestic-focused business out of a small, open plan office, consisting of no more than 30 staff, it did not require substantial controls. It explained that while it did not have a separate anti-bribery and corruption policy, it had various policies to ensure that business dealings were conducted in an ethical, open and honest way and not paying bribes was simply common sense. They argued that the financial controls that might be expected at a smaller company were in place and company contracts included provisions in relation to bribery.
While the case did not provide companies with explicit guidance on what constitutes adequate procedures, it at least provides some clarity on what are not adequate procedures.
Some of the many lessons that can be learned from this particular case include the need for:
- A comprehensive, standalone anti-bribery and corruption policy with a senior individual that is accountable for cascading it across the business
- Periodic risk assessments in order to identify business locations, operations and people that may present an increased bribery and corruption risk to the company
- A mechanism for those wishing to report suspected wrongdoing in an anonymous and confidential way that is appropriately communicated across the organisation
- Robust procedures and controls in place that are proportionate to the potential bribery risk presented to the company
- Provision of training that is regular and appropriate to the roles and responsibilities of each employee
- Ongoing monitoring activities to identify potential unusual or anomalous transactions, and
- Regular review and benchmarking of a company’s compliance program against industry good practice, evolving legislation and ongoing enforcement action.
In addition, the decision that it was in the public interest to prosecute a company that had since become dormant sends out a strong message that:
- A defense of adequate procedures may not be as straightforward as it seems on paper
- The UK Bribery Act is not just for large, multi-national corporations
- Just having a policy and some controls does not constitute adequate procedures, and
- Companies will still be held responsible for rogue employees even when they have some form of controls in place.
The case serves as a stark reminder of the need for companies of all sizes to periodically revisit their anti-bribery and corruption programs. How would your company’s procedures measure up against this benchmark?
Annabel Reoch, pictured above, is a Partner and UK Head of Anti-bribery and Corruption investigation and compliance at KPMG in the UK. She’s a qualified Chartered Accountant and an experienced forensic consultant with subject matter expertise in bribery and corruption. She can be contacted here.