Adequate Procedures in Malaysia, how to demonstrate it?

Adequate procedures in Malaysia are the guidelines issued by the Malaysian Anti-Corruption Commission (MACC). It also is a term made popular through the UK Bribery Act of 2010. It presents a company’s potential to avoid liability for failing to prevent bribery if that organisation can fully demonstrate clear, sound and established policies and procedures that deter individuals (inside and outside of the organisation) from partaking in questionable or corrupt conduct.

Malaysian National Anti-Corruption Plan 2019-2023

Under Section 17A (3) of the Malaysian Anti-Corruption Commission, if the commercial organisation is found liable under the corporate liability provisions, a person who is the director, controller, officer or partner of the organisation, or a person who is concerned with the organisation’s management affairs at the time of the commission of an offence, is deemed to have committed that offence unless such person can prove that the corrupt act was committed without his consent or connivance and that he exercised due diligence to prevent that commission of the offence as he ought to have exercised with regard to the nature of his function in that capacity and the circumstances.

Hence, there is a need for the company to put in place “adequate procedures” as a defence in case there is proven corruption by the associated individual.  The Malaysian Anti-Corruption Commission MACC has issued guidelines that constitute “adequate procedures.” In the National Anti-Corruption Plan, Tun Dr Mahathir bin Mohamad, Prime Minister of Malaysia on 29th January 2019 developed initiative number 2.1.3 which seeks

To introduce Anti-Bribery Management System (ABMS)MS ISO 37001 certification in all Government agencies”  within two years (Jan 2019-Dec 2020).

The guidelines further state in initiative 6.2.4:

To propose Anti-Bribery Management System (ABMS) MSISO 37001 certification as a requirement for State-Owned Enterprises (SOEs), Company Limited By Guarantee (CLBG) and the private sector to bid for Government contracts”.

In complying with these guidelines and to prove “adequate procedures”, public and private sector organisations should implement the ISO 37001 certification process which would provide proper assurance that the organisation has succeeded in establishing, implementing, maintaining, reviewing and improving its Anti-Bribery Management System.

State of Corruption in Malaysia

In Malaysia, apathy and ignorance towards bribery and corruption in your business will personally cost you. Malaysia’s seemingly never-ending battle to combat bribery and corruption took a decidedly different turn on June 1st of this year, as specific measures go into effect that saddle corporations and other organisations – along with their directors, controllers and senior management – with the full burden of proving that they are not involved in allegations of corrupt activity by their employees and third-party partners. That burden of proof means that corporations will have to effectively demonstrate that policies and procedures are firmly in place that deters, detect and defend against incidences of bribery at all levels of the organisation.

While a large part of the political and economic universe still believes that engaging in some form of corruption is the only way to survive and advance, many countries now are taking drastic measures to root out corruption, and Malaysia is rushing to the forefront of that trend. Currently ranked at 51 out of 180 countries on Transparency International’s “Corruption Perception Index” (2019), with a score of 53 (where 0 is perceived to be highly corrupt and 100 is perceived to be very clean), the Malaysian government emerged from the highly publicized 1MDB financial scandal on high alert and with a firm resolve to adopt tough anti-corruption legislation as one of its main priorities.

The result was the empowerment of the Malaysian Anti-Corruption Commission (MACC) and its 2009 Act which addressed corruption on both the political and private sector levels.  The Parliament’s subsequent amendment – Section 17A – was added in 2018, which likened the legislation to the UK Bribery Act but added a “parallel” element of personal criminal liability in corporate bribery cases. And that’s where business organisations need to take notice and take immediate action.

Demonstrating “Adequate Procedures” through ISO 37001 Certification

ISO 37001 Anti-Bribery Management System is an internationally accepted standard that specifies the procedures by which an organisation should implement in preventing bribery while detecting and reporting any bribery incident that occurs. The standard requires organisations to implement these procedures on a reasonable and proportionate basis according to the type and size of the organisation, and the nature and extent of bribery risks faced. It applies to small, medium and large organisations in the public and private sector and can be implemented in any country. Though it will not provide absolute assurance that bribery will completely cease, the standard can help establish that the organisation has in place reasonable, proportionate and adequate anti-bribery procedures.

ABAC® Center of Excellence Limited is fully accredited as a Conformity Assessment Body (Certification Body) to assist your organisation in attaining ISO 37001 certification through a thorough bribery risk assessment and audit covering the entire scope of the standard The audit methodology is evidence-based, meaning any issues raised will be confirmed through adequate evidence that the ABAC® Certification team has discovered during the audit. Auditing techniques take a risk-based approach to examining your organisation’s Anti-Bribery Management System (ABMS), and the ABAC® Certification team will increase the scale of the investigation if they determine that a specific process presents a higher risk side.  Factors such as Impact, Negligence, Minor, Major, and Critical are taken into consideration during the audit.

A separate audit method is a process-based approach where the ABAC® Certification examines the organisation’s processes while considering the interaction between those processes.  Finally, there is a sampling-based audit approach where ABAC® Certification incorporates an appropriate sampling plan utilising samples from different ABMS processes to conclude and support the audit findings and results.

The audit is extremely thorough in its approach, which results in accredited certification for the scope of the ISO 37001 Anti-Bribery Management System.  Because of the standard’s international acceptance and the thoroughness of the audit process, such certification can provide a valuable safeguard in demonstrating an “adequate procedures” compliance defence in cases posing a liability for a company’s failure to prevent bribery. Indeed, from an FCPA perspective, certification may provide tangible evidence that a compliance program was in place at the time of the alleged bribery actions. And from a UK Bribery Act perspective, the certification could provide the company with tangible prima facie evidence presented by an accredited certification body attesting to the establishment and effectiveness of the organisation’s compliance program. Notably, per Section 17A of the Malaysian Anti-Corruption Commission, the Prime Minister’s National Anti-Corruption Plan 2019-2023 has declared ISO 37001 certification a requirement for companies operating in Malaysia.

There is a strong likelihood that ISO 37001 Anti-Bribery Management System will continue to set the pace for a globally recognised “adequate procedures” standard for corporations embroiled in corruption litigation proceedings. But for now, the most powerful “insurance” tool that public and private sector organisations can use in their defence strategy is ISO 37001 ABMS certification.


About CRI Group

Based in London, CRI Group works with companies across the Americas, Europe, Africa, Middle East and Asia-Pacific as a one-stop international Risk Management, Employee Background Screening, Business IntelligenceDue Diligence, Compliance Solutions and other professional Investigative Research solutions provider. We have the largest proprietary network of background screening analysts and investigators across the Middle East and Asia. Our global presence ensures that no matter how international your operations are, we have the network needed to provide you with all you need, wherever you happen to be. CRI Group also holds BS 102000:2013 and BS 7858:2012 Certifications, is an HRO certified provider and partner with Oracle.

In 2016, CRI Group launched the Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 37301 Compliance Management Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through its global network of certified ethics and compliance professionals, qualified auditors and other certified professionals. As a result, CRI Group’s global team of certified fraud examiners work as a discreet white-labelled supplier to some of the world’s largest organisations. Contact ABAC® for more on ISO Certification and training.