At a time when multinationals may feel they have bribery under control – in accordance with the US Foreign Corrupt Practices Act (FCPA) – anti-bribery regulation has come back with a vengeance in the form of the UK Bribery Act 2010, which will come into force in April 2011.
Goaded by criticism from the Organisation for Economic Co-operation and Development for non-adherence to the 1998 Convention on Combating Bribery of Foreign Public Officials, the UK Government in April passed stricter anti-bribery legislation. This stipulates that, for the first time, organisations are liable for the corrupt activities of associated parties and their own employees, with the maximum penalty increased to 10 years imprisonment.
Multinationals’ only defence is to prove they have introduced “adequate measures” to prevent bribery, with further guidance on what such measures should entail to be published later in the year.
Bribery is defined as both the giving and receiving of bribes in terms of someone who offers, promises or gives another, or requests, agrees to receive or accepts, a financial or other advantage in connection with a person performing a function improperly.
The deduction is that the improper performance of a function is one that breaches an expectation that the function will be performed in good faith, impartially or as a result of a position of trust. So there is no need to show corrupt intent.
Businesses must therefore reappraise their corporate compliance strategies and ensure their defences are up and running and that they have adequate measures
The two extremes – doing nothing or positioning an army of compliance people at every intersection in the organisation – are no longer feasible, whatever the guidelines say. But what can organisations do to ensure compliance without a serious impact on the established business process or a dent into the bottom line?
Measures can include anything from improving communication, introducing policies and investing in adherence measures, but without the appropriate technology companies are only papering over the cracks. Such technology should be able to anticipate wrongdoers using veiled speech to disguise their purposes and be able to derive meaning from content, enabling organisations to automate compliance.
The smoking gun usually resides in human-friendly information, such as emails, video and instant messaging, which is where regulators are learning to look.
With employees and associated organisations dispersed geographically, communicating in several languages and across data formats, legacy technologies fall short of providing a holistic view of activity, thus depriving organisations of the opportunity to take swift and effective action. It is only through using technology that understands information regardless of how it is expressed – in slang, jargon or even code – that organisations can automate compliance with legislation such as the UK Bribery Act.
With the right technology businesses can detect incriminating activity as it unfolds and apply legal holds to prevent deletion of evidence.
Until now systematic monitoring for corrupt activity in the enterprise might have seemed optional. Only by intelligently automating real-time auditing, alerting and reporting can organisations address the multijurisdictional sanctions from the FCPA and the UK Bribery Act and track down bribery regardless of location, language or data format.
Organisations would be well-advised to consider countermeasures to bribery now, even while they await guidelines on what constitute adequate measures.