The Australian Trade Commission (Austrade) recently released a guide for Australians doing business offshore, providing practical guidance in building a culture of compliance within their organisation to manage the risks of bribery and corruption.
The report, released in September 2018, highlights the 12 key steps to develop an effective Anti-Bribery & Corruption (ABC) compliance program.
Why is it important for Australian businesses to have an effective ABC program?
Bribery and corruption are serious risks for Australians doing business offshore. Bribery of a Foreign Public Official is a serious crime under Australian law, and penalties vary depending on whether the activity involves an individual or a corporation.
For an individual, the maximum penalties are imprisonment for up to ten years or a fine of $1.8 million.
For a corporation, the maximum penalties are a fine of the greater amount of three times the benefit received, 10% of the corporation’s annual turnover, or $18 million.
Australians and Australian companies engaging in such activity may be subject to prosecution under multiple foreign and domestic laws in multiple jurisdictions.
12 steps to an effective anti-bribery and compliance program
Austrade provides 12 steps to follow to develop an effective anti-bribery and compliance program, noting however that while a useful guide, “you should make you own enquiries and seek independent legal advice, to ensure your business complies with all applicable laws”.
The 12 steps to ABC compliance include:
- Commitment from the top
- Design a program
- Oversee the program
- Draft your ABC policy
- Develop detailed policies and processes
- Apply your program to business partners
- Have internal controls and keep records
- Communication and training
- Incentivise ethical behaviour
- Seek guidance, detect and report
- Address violations
- Review
1. Commitment from the top
A successful ABC program requires active support and commitment from an organisation’s senior management. Austrade provides some recommendations for ensuring commitment to an ABC program at senior management level.
Senior management to issue a short, authentic statement of intention – this statement should include clear and strong language, referring to the organisation’s ethical values.
Be open and transparent about your statement of intention – publish it internally (e.g. staff manuals, intranet, posters) as well as externally (e.g. website, email signatures).
Demonstrate that you take ABC seriously – allocate a senior manager to be responsible for ABC management, including initial launch of ABC statement and regular public statements to demonstrate ongoing commitment.
2. Design your ABC program
There are a number of important considerations outlined in designing an effective anti-bribery and compliance program:
Undertake a corruption risk assessment
This risk assessment will help a company to understand its corruption risk exposure, and should form the basis of the ABC program.
Questions should be asked such as the perceived level of corruption in the countries and sectors in which the company does business, and whether Foreign Public Officials are dealt with as part of any tenders, contracts or approvals.
A business should also be aware of a number of common red flags for bribery, such as when meetings with foreign officials or their agents are held in luxury restaurants or holiday locations.
Rate your risks
In order to identify an organisation’s inherent corruption risks, it should assess both the likelihood of the risk occurring, as well as the potential impact. This task should be undertaken for different countries or regions and for different sectors in which the business operates, and areas with a high inherent risk should be prioritised when putting in place mitigating controls.
Document your risk assessment
Create a risk register (e.g. a detailed spreadsheet) to document the ratings for each risk and the associated mitigation action.
Create a corruption risk matrix or ‘heat map’ visually representing risks, likelihood and potential impact.
Design your ABC program
The systems put in place will depend on the outcomes of the risk assessment. For example, if a high risk is determined that a country in which a business operates has a high perceived level of corruption, a decision could be made to avoid doing business in this location, or to put in place effective internal controls proportionate to the risk.
Be aware of Australian and offshore law
Both Australian and foreign laws that apply to a business in regards to bribery and corruption need to be considered. It should also be understood that Australian Anti-Bribery laws apply to Australian citizens, residents and corporations, even when they are offshore. Some key laws and developments that concerned parties should become familiar with include:
- Foreign bribery offence under section 70.2(1) of the Criminal Code Act 1995 (Commonwealth)
- Potential changes to anti-foreign bribery laws in Australia – In April 2017 the Attorney-General’s Department published a Public Consultation Paper on proposed amendments to the foreign bribery offence. Significantly, it was proposed to introduce a new corporate offence of failing to prevent foreign bribery.
- Various Anti-Money Laundering Laws
- Offshore laws that may be applicable – Austrade recommends seeking independent legal advice
3. Oversee your anti-bribery and compliance program
An effective ABC program should be regularly reviewed for effectiveness, taking appropriate corrective action where required. Key steps identified by Austrade include:
Allocate staff to implement and oversee ABC program
In addition to allocating a senior staff member to oversee the day to day operation of the ABC program, Accounts and Human Resources should be closely involved. Additional senior management should regularly review reports from Accounts and HR to check for anomalies. Channels for internal reporting and receiving information from whistle-blowers should also be implemented.
Regularly report to the board or equivalent
Expenditures: Accounts staff – Have Accounts staff prepare regular reports to record the amounts paid, the frequency of payments, the timing of payment relative to opportunities/proposals/tenders, the staff involved in requests for and approval of payments and any anomalies.
Training: HR staff – Have HR staff prepare regular reports to record the depth and frequency of training delivered, the seniority of staff who participate in training, the level of engagement at training sessions and any anomalies.
Compliance: Management staff – Have Management staff prepare regular reports to record the ABC program’s design, launch and rollout.
Regularly review ABC program
The corruption risk assessment should be reviewed periodically (e.g. annual review), as well as when significant events occur such as such as entry into new markets, significant reorganisations, mergers and acquisitions.
4. Draft ABC policy
As a minimum, Austrade recommends that an ABC policy:
- Expresses that compliance with Australian and offshore laws is compulsory, and that compliance is an internal (not only external) requirement;
- Provides clear guidance for conducting due diligence on Agents;
- Provides clear guidance on conducting due diligence on your organisation’s corporate social responsibility (CSR) programs;
- Outlines the processes that your business has in place to encourage and protect whistle-blowers; and
- Has clear policies on hospitality, gift giving, sponsored travel and entertainment.
Further suggestions about the type of information you may want to include about Agents, corporate social responsibility programs and whistle-blowers is provided in the Austrade guide.
5. Develop detailed policies and processes
In addition to the ABC policy, Austrade recommends that companies develop detailed policies for particular risk areas:
Facilitation payments
These customary, unofficial minor payments to secure or speed a Routine Government Action, whilst legal in Australia, are illegal in most countries. These payments are difficult to distinguish from bribes, and Austrade recommends to avoid them.
Develop a policy for recording and monitoring travel, gifts and hospitality
In countries where personal relationships are highly valued, it can be difficult to know where relationship building ends and bribery begins. Austrade recommends that a policy and procedures should be implemented, for example:
- Detail the expenditure categories of a business – e.g. travel, transport, accommodation, food and drink including alcohol, and entertainment.
- Keep proper records of costs, payments and approvals
- Consider what is appropriate and what is excessive – e.g. are entertainment and travel paired with a legitimate business activity, such as a new product launch?
- Set monetary limits for each category
- If a Foreign Public Official is involved, ensure that all arrangements are legal – ensure legality under both the local law of the Foreign Public Official and the law of the country where the hospitality will occur.
The above points are taken from a list of minimum criteria that should be met. Further recommendations are available in the Austrade guide.
Have a policy and process on conflicts of interest, solicitation and extortion
Key recommendations include:
- Define a conflict of interest for an individual within the context of your business
- Require your current and proposed employees to disclose all conflicts of interest
- Ensure a reasonable lapse of time between public tenure and employment with your business
- Establish processes to monitor declared conflicts of interest
- Have staff declare when they are asked to pass on gifts on behalf of another
- Be clear what is a socially acceptable expression of good will in business and what may be considered buying influence
6. Apply your ABC program to business partners
An organisation should implement its ABC program in all business entities over which it has effective control, and use its influence to encourage an equivalent program in business entities in which it has significant investment or with which it has significant business relationships. Austrade provides a number of key recommendations in this area:
Know your business partners
- Conduct due diligence – a thorough appraisal of all business entities should be performed before entering into a relationship with them, including through mergers, acquisitions and significant investments.
- Be very careful if the business partner is a current or former Foreign Public Official
Document your arrangements with business partners
The following aspects of arrangements with business partners should be documented:
- Accounting, payment, expenses and reimbursement;
- Training;
- Record keeping;
- Your right to termination;
- Indemnity;
- Your right to random audit; and
- Common/central procurement and engagement of Agents.
Require business partners to collaborate in your ABC program
You should consider:
- Having senior management of business partners acknowledge your ABC policy – if necessary, provide a translation
- Invite their staff to attend your training
- Encourage business partners to:
- Actively develop their own policy and program
- Seek their own legal advice
- Visit the Austrade website
Sanction any non-compliance
The behaviour of business partners should be monitored during the life of the relationship, monitoring compliance and being alert to any red flags. Appropriate action should be taken to address non-compliance, with one option to cease doing business with that partner if they do not comply.
7. Have internal controls and keep records
A business should establish and maintain an effective system of internal controls to prevent, detect and respond to bribery and corruption. Austrade recommends taking the following actions:
- Maintain written procedures for controls and for the audit process
- Keep fair and accurate books and financial records
- Follow a document retention period
- Prohibit destruction of documents earlier than required
8. Communication and training
An organisation should establish effective internal and external communication of its ABC program, and consider implementing the following actions:
- Make ABC policy available to all by publishing it on the company’s website
- Make detailed policies available to all staff – detailed policies outlined in step 5 should be communicated to staff through means such as a staff handbook or intranet
- Draft training materials – defining key terms, relevant laws and consequences, common risk factors, employee expectations, how to refuse a bribe and how to report bribery
- Tailor training materials to the specific business, based on the risk assessment conducted
- Train to persuade
- Make the training interactive
- Address common ‘push back’ responses upfront – e.g. ‘this is how business is done’
- Address the negatives of not changing behaviour – e.g. reputational damage
- Emphasise the positives of changed behaviour – e.g. competitive advantage
- Train on what to do if one is subject to, witnesses or suspects an act of bribery – e.g. endorse organisation’s ABC policy
- Train all staff and key external stakeholders
- Measure and report on training participation
- Refresh training regularly
9. Incentivise ethical behaviour
- Have management-led conversations on ethics and compliance – e.g. formal meetings or informal discussions
- Promote ethical behaviour in HR policies – e.g. make it clear that no employee will suffer adverse consequences for refusing to pay a bribe, even if the organisation loses business as a result
- Incorporate compliance into staff performance reviews
- Reward good behaviour – e.g. a lunch to reward a team for good ethical leadership
10. Seek guidance, detect and report
Austrade recommends that companies should:
- Investigate swiftly to avoid alerting wrongdoers
- Seek independent legal advice
- Understand that Austrade officers are to report suspected bribery to the AFP – this includes reports of bribery by an Austrade client concerning itself, others, or a foreign public official
- Cooperate with authorities in their investigations – e.g. produce a copy of the company’s ABC policy and program
11. Address violations
Violations of a company’s ABC program should be addressed internally and externally with the relevant authorities. It is recommended for organisations to:
- Report suspected or actual bribery or corruption – allocate personnel to report externally (e.g. a board member) and report quickly, avoiding lengthy internal investigations that delay reporting
- Discipline poor behaviour – e.g. terminate staff who breach the policy
12. Review ABC program
- Periodically re-assess and audit all aspects of the ABC program – share best practices within the organisation and identify any areas for improvement
- Regularly audit compliance – recommended by Austrade to be conducted annually
- Conduct regular due diligence on agents
- Regularly audit payment approvals – e.g. seek further documentation for suspicious payments
- Invest in an external auditor
- Consider external accreditation in anti-corruption and anti-bribery to supplement an organisation’s own ABC program
- Keep abreast of latest developments – e.g. by consulting a lawyer
- Continually improve ABC program – the outputs of assessments/audits should be used to address any compliance gaps identified