In the world of prosecution, it’s sometimes damned if you do and damned if you don’t. Since the Bribery Act 2010 came into force on 1 July 2011, the UK authorities have had access to the corporate offence of failing to put in place adequate procedures to prevent bribery – often called the Section 7 offence. The only statutory defence to this offence is to “have in place adequate procedures designed to prevent [those associated with your business] from [bribing another person]”. Guidance on what those adequate procedures might look like was published by the Ministry of Justice in March 2011. Of course, the phrase “adequate procedures” implies a value judgement: what I consider adequate might not be considered so by someone else. But the guidance does make it clear that “organisations should adopt a risk-based approach to managing bribery risks… procedures should be proportionate to the risks faced by an organisation [because] a risk-based approach will serve to focus the effort where it is needed and will have most impact”.
Now we jump forward to 21 February 2018. The jury at Southwark Crown Court is returning its verdict in the case of Skansen Interiors Limited, an office interiors contractor, which had self-reported to the National Crime Agency that its former managing director had paid a bribe to secure a £6 million refurbishment contract. As a result of ‘fessing up, Skansen itself was charged with the Section 7 offence. Not fair, cried some: Skansen put itself in the firing line and should be given credit for that. A waste of time, cried others: Skansen is dormant and has no assets, so there can be no penalty anyway. All true, but the Crown Prosecution Service took the view that it would be a useful reminder to other companies.
Skansen’s lawyers argued that the firm had had adequate procedures in place at the time of the admitted bribery by its MD (although the words “proof” and “pudding” do inevitably come to mind). It said that it employed only thirty people, who all sat together in an open-plan office in London, and so it didn’t need detailed or elaborate ABC (anti-bribery and corruption procedures) on top of its policies concerning transparency and integrity, and its financial controls requiring multiple approvals for transactions. But the CPS argued that the company did not have a policy specifically directed to preventing bribery – relying instead on vague statements about ethical behaviour – and that it did not have a dedicated compliance officer. Moreover, there was no evidence that Skansen had trained its staff in ABC procedures, or that employees had read or been reminded of the company’s existing policies or had agreed to comply with them. The jury returned a guilty verdict, and it was only through having no assets that the company avoided a financial penalty.
The CPS is right when it says that cases like this are useful for other companies, but more as a clarification than as a warning. The Skansen outcome gives us a clearer idea of what will be considered “adequate”. Procedures must be based on specific risk judgements – not vague guesses – and must be clearly documented and communicated. This is even more important now that we have another corporate offence, under the Criminal Finances Act 2017: the offence of failing to prevent the facilitation of tax evasion offers as a defence that your firm had in place (you’re ahead of me here) adequate procedures.