Bribery Act systems and controls - start with a risk assessment
Companies have until 1 July 2011 to put in place anti-bribery systems and controls. There is some confusion though over what this entails.
In our view the first thing to do is a risk assessment. A risk assessment is a management exercise by which a reasoned judgement is made of the risks that those connected with the company might bribe others to procure business for it. The risk assessment also involves an evaluation of the measures that should be put in place to render the risks acceptable. The risk of bribery cannot be eliminated in its entirety, and that is not what the law requires. The procedures just need to be adequate.
The temptation when producing any set of internal systems and controls is to rush straight to the drafting of the internal rules and arrangements. This is not the right approach. If the risk assessment is not undertaken first then the company may apply inappropriate controls, perhaps too permissive - allowing it to be said that they are an invitation to staff to behave corruptly, or too draconian - putting the company at a disadvantage to its competitors.
We are asked often how much our involvement in helping companies implement their procedures would cost. The good news is that Ken Clarke was quite right when he said that the costs of implementation should not be burdensome or oppressive. However the costs vary from business to business. I have created an on-line questionnaire that contains half a dozen straightforward yes/no questions. If you complete the questions and submit the questionnaire to me I will send you an quote for assisting you in your work.
The questionnaire refers to a Bribery Briefing. Please let me know if you would like a copy of that.