While the United Kingdom has positioned itself as a leader in the fight against fraud and corruption, the shifting economic conditions surrounding Brexit have raised uncertainty and vulnerability. As some organisations are forced to forge new trade deals outside of already established European Union (EU) relationships, some experts warn that there will be more exposure to corrupt markets. This new wrinkle comes nine years after passage of the Bribery Act 2010, which marked a major salvo in the war against bribery and corruption. The Bribery Act enhanced existing British law against corruption and placed a new level of responsibility squarely at the feet of organisations. It requires organisations to demonstrate anti-bribery procedures and controls, while also providing strict penalties for breaches of anti-bribery laws. The takeaway for UK companies is that they need to take action now. With Brexit posing challenges through new, untested trade deals in various markets, organisations need ISO 37001 – Anti-Bribery Management Systems standard as a comprehensive approach to mitigating risk. ISO 37001 include adopting an anti-bribery policy, including anti-bribery compliance, training, risk assessments and due diligence on projects and business associates. It also calls for implementing financial and commercial controls, and instituting reporting and investigation procedures.
The Persistence of Bribery and Corruption
Worldwide, bribery and corruption are still massive problems. Global anti-fraud watchdog Transparency International states that “only 11 major exporting countries – accounting for about a third of world exports – have active or moderate law enforcement against companies bribing abroad in order to gain mining rights, contracts for major construction projects, purchases of planes and other deals”. Great Britain is certainly one of those countries actively enforcing against bribery, and the UK Bribery Act placed it within the leading edge of the fight against bribery and corruption. Even still, Great Britain fell three places in Transparency International’s 2018 Corruption Perceptions Index (released in 2019). The country slipped from 8th place to 11th. The drop is seen by some as an embarrassment for a government that takes a hard line against corruption, and faces new challenges posed by a post-Brexit future.
Rolls-Royce Agrees to Massive Fines
Recent high-profile bribery and corruption scandals demonstrate how pervasive the problem is. Among them, a scandal involving British engineering giant Rolls-Royce led to the corporation agreeing to pay £671m to settle corruption cases with UK and U.S. authorities (£497m plus costs earmarked for the UK Serious Fraud Office, which conducted its biggest ever investigation into the firm). The SFO found conspiracy to corrupt or failure to prevent bribery by Rolls-Royce in China, India, Russia, Thailand, Malaysia, and other markets. The firm apologised “unreservedly” for the cases spanning nearly 25 years.
The wrongdoing involved Rolls-Royce’s “intermediaries”, which are local companies that handle sales, distribution and maintenance in countries where the British firm does not have enough people on the ground. Thirty-eight employees have faced disciplinary proceedings. Eleven left the firm during the disciplinary process. Six were dismissed. Rolls-Royce has also reviewed 250 intermediary relationships across the company – 88 have now been suspended.
Recently, the Serious Fraud Office says it ended its investigation but only after Rolls-Royce entered the deferred prosecution agreement and accepted responsibility “for corrupt conduct spanning three decades, seven jurisdictions and three businesses, for which it paid a fine of £497.25m”, according to SFO director Lisa Osofsky.
Cadbury Limited Pays for FCPA Violations
In another recent case, British confectionary company Cadbury Limited and its owner, Mondel?z International, Inc., agreed to pay $13 million to settle charges of violating the internal controls and books-and-records provisions of the FCPA. According to the order from the U.S. Securities and Exchange Commission (SEC), the FCPA violations arose from payments their subsidiary in India made to a consultant to obtain government licenses and approvals for a chocolate factory in Baddi, India.
An SEC investigation found that in February 2010, Mondel?z, formerly known as Kraft Foods, Inc., acquired Cadbury and its subsidiaries, including Cadbury India Limited, which manufactures and sells chocolate products in India. Cadbury India retained and made payments to an agent to interact with Indian government officials to obtain licenses and approvals for a chocolate factory in Baddi, India. Cadbury India failed to conduct appropriate due diligence on, and monitor the activities of, the agent.
From February 2010 to July 2010, the agent submitted five invoices to Cadbury India for, among other things, preparing license applications. Cadbury India employees at Baddi, not the agent, prepared these license applications. Cadbury India paid the agent a total of $90,666 (after withholding tax) upon receipt of the invoices. After receiving each payment, the agent withdrew from its bank account most of the funds in cash. During this time period, Cadbury India obtained some of the licenses and approvals. Without admitting or denying the findings, Cadbury and Mondel?z agreed to a cease-and-desist order and payment of a $13 million civil penalty.
The Bribery Act 2010 and UK Anti-Corruption Strategy 2017-2022
Passage of the Bribery Act 2010 in the UK marked a major milestone in the effort to prevent, detect, and prosecute bribery and corruption. Building off of existing British law and other international legislation like the U.S. Foreign Corrupt Practices Act (FCPA), the Bribery Act 2010 created a new offence which can be committed by commercial organisations that fail to prevent persons associated with them from bribing another person on their behalf. In turn, an organisation that can demonstrate having adequate procedures in place to prevent persons associated with it from committing bribery have a defence to the section 7 offence. In 2018, eight years after passage of the UK Bribery Act, the total number of SFO investigations was “believed to be in region of 70-75,” with “dozens” of bribery and corruption cases in the investigative pipeline.
In 2017, the HM Government (formerly Her Majesty’s Government) released its first UK Anti-Corruption Strategy 2017-2022 to provide a framework to guide government policy and action against corruption. The strategy aims to reduce threats to national security, protect the economy and foster business opportunities (especially for British businesses) and build public trust and confidence. It also sets out six clear priorities for the British Parliament: (1) reduce the insider threat in high-risk domestic sectors such as borders and ports; (2) strengthen the integrity of the UK as an international financial centre; (3) promote integrity across the public and private sectors; (4) reduce corruption in public procurement and grants; (5) improve the business environment globally; (6) work with other countries to combat corruption. The strategy’s emphasis on transparency, risk mitigation and compliance should serve as a strong indication that organisations are expected to be held to a higher standard if they are based or do business in the UK.
This is why it is of such critical importance that organisations doing business from the UK, or through/across its borders, have credentialed and tested processes like the ISO 37001 Anti-Bribery Management System Standard in place. Switzerland-based International Organization for Standardization issued the 37001 Anti-Bribery Management System Standard in 2016 to help organisations worldwide increase and measure their efforts against bribery and corruption. The standard will be discussed in depth later in this article.
Brexit and the Potential for Increased Bribery
With the UK leaving the European Union, the debate and protests have mostly been political in nature. A major concern, however, that is only recently being discussed is the potential business impact regarding bribery and corruption. In particular, the UK’s National Crime Agency (NCA) has warned that the UK’s exit from the EU will impact the prevalence of bribery and corruption over the next five years, as UK companies potentially come into greater contact with corrupt markets. In addition, there is a report so secret that it has not been made public, according to an article in the Independent that quotes NCA Director-general Lynne Owens as saying that “We produce an ‘official sensitive’ and ‘top secret’ report that would go into the detail of where and what we are concerned about”. For watchdogs on bribery and corruption, such a statement is ominous, at best.
It’s worth noting that some Brexiters see the departure from the EU as an opportunity to cut red tape, which could further the regulation problem. Brexit could prompt the UK to strike trade deals with countries that have a heightened corruption risk. To embrace a reduction of “red tape” in favour of lax controls, however, would be a monumental mistake – with the Bribery Act 2010 still in full force, along with SEC enforcement of FCPA provisions. In fact, having anti-bribery standard implemented will now be more important than ever, as the SFO and other enforcement bodies will likely be scrutinising new trade deals more than ever in a new post-Brexit landscape.
ISO 37001 Anti-Bribery Management Standard
It is in this environment that ISO 37001 ABMS becomes a critical centrepiece for any organisation’s ABMS systems. Accredited providers of ISO 37001 such as ABAC (Anti-Bribery and Anti-Corruption) Center of Excellence, a global network of certified ethics and compliance professionals, qualified auditors, financial and corporate investigators, certified fraud examiners, forensic analysts and accountants, can be used as a tool for organisations to prevent bribery and corruption. ABAC Certification is an accredited provider of ISO 37001 ABMS Certification and Training for organisations of all types and industries.
The ISO 37001 standard specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. ISO 37001 addresses the following in relation to the organisation’s activities:
- Bribery in the public, private and not-for-profit sectors
- Bribery by the organisation
- Bribery by the organisation’s personnel acting on the organisation’s behalf or for its benefit
- Bribery by the organisation’s business associates acting on the organisation’s behalf or for its benefit
- Bribery of the organisation
- Bribery of the organisation’s personnel in relation to the organisation’s activities
- Bribery of the organisation’s business associates in relation to the organisation’s activities
- Direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party)
When administered by an accredited provider of ISO ABMS certification and training, the protocol can:
- Help an organisation create new and better business partnerships with entities that recognise ISO 37001 certified status, including supply chain manufacturing, joint ventures, pending acquisitions and co-marketing alliances
- Potentially reduce corporate insurance premiums
- Provide customers, stakeholders, employees and partners with confidence in the entity’s business operations and ethics
- Provide a competitive edge over non-certified organisations the organisation’s industry or niche
- Provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption
The ISO 37001 process helps companies and government organisations reduce the risk of bribery by establishing, implementing, maintaining and enhancing internal anti-bribery and anti-corruption systems. ISO ABMS certification is a mitigating piece of evidence to regulators or even prosecutors and the courts that the entity has taken meaningful steps in its efforts to prevent bribery and corruption.
With the UK moving from the EU to a post-Brexit world, the time is now for organisations to protect their investments, their reputations and their business. The Bribery Act 2010 puts an emphasis on proactive prevention and compliance. The SFO and other enforcement bodies will almost certainly respond to guidance that warns of a post-Brexit potential for increased bribery and corruption. The result will be increased scrutiny and a likely no-tolerance approach for breaches. As such, UK corporations and their overseas partners should stand ready to demonstrate their implementation of internal processes, policies and controls to prevent and detect bribery and corruption and remain in compliance.
The ISO 37001 ABMS standard is established, tried and tested program that addresses those issues head-on through a comprehensive program of training and certification. The training process is tailored to the organisation, while still following the developed curriculum and documented best practices. Certification requires demonstrating that processes have been implemented effectively, with follow-up evaluations. The shift to a post-Brexit economy is the perfect opportunity to implement ISO 37001 standards – no reputable board of directors or governors should question the timing and importance of taking this step. It’s a matter of safeguarding the organisation, its reputation, and its future.
If you have any further questions or interest in implementing compliance solutions, please contact us.
CRI Group has safeguarded businesses from any risks, providing investigations (i.e. insurance fraud), employee background screening, investigative due diligence, business intelligence, third-party risk management, forensic accounting, compliance and other professional investigative research services. In 2016, CRI Group launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. Contact ABAC® for more on ISO Certification and training.