The Bribery Act 2010 - an outsourcing perspective

Publication | November 2010

An outsourcing perspective

The Bribery Act (the Act) will make corruption a key risk in outsourcing transactions. We review the Act, its implications for the parties to outsourcing transactions and the anti-corruption policies which customers should put in place to remain in control of their business risks and to comply with the Act.

The new regime

In July this year Hewlett-Packard paid $55 million to settle a US Department of Justice investigation into claims that it overcharged the US government on multiple federal government contracts and paid kickbacks to government consultants. In recent years the UK has significantly increased anti-corruption enforcement activity; however, in the future the Act will render corporates much more vulnerable to investigation and prosecution by the UK authorities.

The Act is due to come into force in April 2011. The Act will make it a criminal offence to bribe another person or to be bribed. It also introduces a new criminal offence for corporates of “failing to prevent bribery”. Corporate entities can be guilty of this offence if an “associated person”, such as an outsourced service provider, carries out an act of bribery when acting on their behalf.

The Act will impact upon the way customers of outsourced services run tender processes, the terms of outsourcing contracts and the governance procedures for outsourcing relationships.

The offences

The Act will make it a criminal offence to:

  • bribe another person
  • be bribed ( together the general offences)
  • bribe a foreign public official to obtain or retain business
  • fail to prevent bribery.

It will be presumed that an employee performs services on behalf of his or her employer, and consequently companies will be liable for bribery committed by their employees.

The US anti-corruption legislation makes an exception for small facilitation payments. The Act makes no such exception; all illicit payments, no matter how small or routine, or expected by local customs, would be classed as corrupt acts and be illegal.

One of the key elements of the Act is the introduction of a new offence for corporate entities (including partnerships) of failure to prevent bribery being carried out on their behalf. This new offence is one of strict liability; if a corrupt act is carried out by the corporate, or by an associated person on its behalf, the corporate will automatically be guilty of the new offence, subject to one possible defence (see below).

Associated persons

Under the Act an “associated person” is one which performs services on behalf of the principal. The definition of performing services is vague; the Act states that it will be determined by reference to all the relevant circumstances. What this means is that where a company has operations carried out by another individual or entity on its behalf, even in small part, particularly in difficult jurisdictions, it is important to ensure that the third party is aware of and commits itself to robust anti-bribery policies.

Depending on the circumstances, a supplier of outsourced services could be regarded as an “associated person” for the purposes of the Act. As some of the terms used in the Act are vague, we would recommend treating all outsourced service suppliers as associated persons when developing anticorruption policies and procedures.

The only defence for an entity being prosecuted for failing to prevent bribery is to show that it had “adequate procedures” in place designed to prevent bribery being carried out on its behalf. Given the significant scope and extraterritorial reach of the Bribery Act, it is extremely important for companies that have operations carried out by outsourced service suppliers on their behalf to ensure that such suppliers have robust anti-corruption compliance programmes and are subject to appropriate due diligence and monitoring. So far as possible, customers should seek to align their suppliers’ anticorruption practices with their own.

Who will the offence of failure to prevent bribery apply to?

The offence applies to all corporates who carry on a business, or part of a business, in the United Kingdom. This is very wide, and will capture entities that have any operations in the UK, through a subsidiary service company, a branch, or even those that engage third party agents to operate on their behalf in the jurisdiction.

Individuals guilty of one of the principal offences are liable on conviction to imprisonment for up to 10 years, or to a fine, or to both. The Act also penalises those senior officers of the corporate with whose “consent or connivance” the bribery was committed (although where the bribery takes place outside the UK, they must have a “close connection with the UK”). This consent or connivance could be committed by the passive acquiescence of a director, if in practice that amounted to consent to the bribery. In addition, failure to maintain “adequate procedures” could render directors vulnerable to civil claims.

Bribery prevention procedures

In September 2010 the Government issued draft guidance to help commercial organisations determine what bribery prevention procedures should be put in place. The draft guidance is formulated around “Six Principles for Bribery Prevention” which are summarised below.

Each company needs to tailor the principles to their business, taking into account the nature of the company, its operations and the jurisdiction(s) in which it operates.

Principle 1: Risk assessment

In order to put in place effective controls to prevent bribery, it is essential that organisations have a thorough understanding of the bribery risks that they face. Risk assessment procedures will vary enormously between different organisations.

Factors affecting internal risk include:

  • employees not understanding the organisation’s business profile and associated bribery risks
  • the organisation’s remuneration structure (for example, are staff motivated by commission payments and the like to procure business at any cost legal or otherwise)
  • deficiencies in employee training or skills sets
  • lack of clarity in the organisation’s policy on gifts, entertaining and travel expenses.

External risk factors include:

  • Country risk – perceived high levels of corruption as highlighted by corruption league tables published by reputable organisations.
  • Transaction risk – for example, transactions involving charitable or political contributions, licences and permits, public procurement, high value or projects with many contractors or involvement of intermediaries or agents.
  • Partnership risks – business partners located in higher-risk jurisdictions, associations with prominent public office holders, insufficient knowledge or transparency of third party processes and controls.
  • Principles 2 to 6 deal with how the risk assessment will inform the development, implementation and maintenance of effective anti-bribery policies and procedures.

Principle 2: Top level commitment

Establishing a culture in which bribery is unacceptable across the organisation.

Principle 3: Due diligence

Knowing the extent of the organisation’s business relationships; understanding the risks that a particular business opportunity raises; seeking reciprocal anti-bribery agreements and being in a position to feel confident that business relationships are transparent and ethical.

Principle 4: Clear, practical and accessible policies and procedures

Ensuring that these are applied to everyone employed by the business as well as business partners under the organisation’s effective control and ensuring that they cover all relevant risks such as:

political and charitable contributions; gifts and hospitality; promotional expenses; and responding to demands for facilitation payments or an allegation of bribery coming to light.

Principle 5: Effective implementation

Embedding anti-bribery in the organisation’s internal controls, recruitment and remuneration policies, operations, communications and training on practical business issues.

Principle 6: Monitoring and review

Ensuring effective financial monitoring and auditing with controls that are both sensitive to bribery and transparent and considering how regularly the business needs to review its policies and procedures.

Organisations will need to ensure that they are devoting sufficient resources to the assessment and mitigation of bribery risks and as the business evolves and external conditions change.

The above principles will apply when companies develop their own anticorruption policies. If companies enter into outsourcing arrangements, these policies should set out what specific procedures will apply to the selection of suppliers and outsourcing contracts.

In the following sections we consider what these principles could mean in practice when entering into outsourcing transactions and the conduct of supplier/customer relationships.

Outsourcing: the contract award

Due diligence

Because suppliers (as associated persons) can expose customers to corruption risk, it will be critical for customers to conduct detailed due diligence and risk assessments in respect of prospective suppliers. Customers should satisfy themselves that suppliers have no previous convictions for corruption and will not expose them to future liability for failure to prevent bribery. In addition to the usual due diligence carried out, customers should ask for full details of the supplier’s anti-corruption procedures. Customers should verify these procedures as part of the due diligence process. Particular care should be taken when reviewing tenders from suppliers based in jurisdictions where corruption is a problem to make sure they understand that corruption will not be tolerated and that they are compliant with their procedures. Suppliers should be aware that such due diligence will become standard practice in the future and should ensure that they have anti-corruption procedures in place which meet UK standards and can demonstrate compliance with them. Failure to have adequate standards in place will lead to disqualification from the tender process.

The tender process

Tender processes should be reviewed and updated to ensure compliance with the Act. In particular customers should consider whether their tender processes are sufficiently robust if they are dealing with suppliers in jurisdictions where corruption is a known risk. The tender process should be in writing and transparent. The process should be designed to ensure that the scope for corruption is minimised. As part of the tender process potential suppliers should be made aware that the customer has a zero tolerance approach to corruption and bribery and understands the expectations of the customer. A key element of the supplier selection process should be an examination of the anti-corruption practices of each prospective supplier.

Gifts and entertainment

The customer should have a clear policy on gifts, entertaining and travel expenses. Its staff should all be fully aware of such policy and receive training to ensure they understand it. When tendering for contracts, customers should remind both their staff and all potential suppliers of this policy and they should be advised to exercise particular restraint in a tender situation.


The tender process and all accompanying documentation should make it clear that the payment of kickbacks, commission and facilitation payments will not be tolerated and that the offer of such payments will result in immediate disqualification from the process.

Outsourcing: the contract terms

Warranties and representations

Customers should seek full warranty protection in respect of the following:

  • the supplier’s full compliance with all relevant anti-corruption legislation
  • the supplier having no previous anti-corruption convictions
  • the supplier having adequate anti-compliance procedures in place and complying with them and having staff all fully trained to be aware of corruption issues
  • the supplier having effective accounting procedures and internal controls necessary to record all expenditure
  • the supplier ensuring that all sub-contractors and suppliers it engages to perform the outsourced services meet the same standards as the supplier as regards anti-corruption practices and being contractually obliged to meet the same requirements as the supplier.

Audit rights

In addition to the usual audit provisions found in an outsourcing contract, the customer should ensure that it has the right to audit all expenditure made by the supplier in connection with the outsourced services. The customer should have full access to the supplier’s records for this purpose. One concern for customers is that in some countries it is normal to make facilitation payments to officials in conducting business. Such payments are often small and in the relevant jurisdiction may be paid by suppliers as a matter of course. Suppliers need to be made aware that however small, such payments will not be tolerated. The parties may need to have open and frank discussions as to to how best to conduct business in such jurisdictions without making such payments.


The supplier should agree to train its staff to comply with anti-corruption legislation to the standards required by the customer. The customer may wish to consider whether the supplier should be obliged to follow the customer’s own training processes. The customer should reserve the right to attend such training to ensure it is satisfied with it or else ask the supplier to demonstrate that its training is adequate.


The supplier should demonstrate on a regular basis that it is in compliance with its anti-corruption procedures. The customer can do this either by asking the supplier to self-certify or to complete a questionnaire designed by the customer. All such records should be kept on the central register referred to below.

Termination rights

The customers should reserve the right to terminate the contract with immediate effect if during the term the supplier is either convicted of an offence of corruption or fails to comply with the anti-corruption provisions in the contract.

Renewal rights

Before the contract is renewed or extended, the supplier should demonstrate full compliance with all the terms of the contract relating to anti-corruption.

Outsourcing: monitoring

Responsible individual

Under its own anti-corruption programme, the customer should nominate a senior member of staff to be responsible for monitoring the supplier and its performance under the contract.

Regular review

The customer should monitor the contract and the behaviour of the supplier on a regular basis to ensure that the supplier is complying with the anticorruption procedures and that there are no signs of corruption. Corrupt suppliers may view lax monitoring procedures as an encouragement to attempt bribery.

Central register

As a matter of good governance, the customer should hold a central register of all major contracts with associated persons. These should include outsourcing contracts.

Are your anti-bribery procedures adequate?

In practice, it will be difficult for all but the smallest companies to implement the necessary “adequate”policies and procedures before the Act comes into force next April. We would therefore recommend that all entities which operate part of their business in the UK start to consider whether their procedures are adequate now.

We would also recommend that:

  • all current outsourcing tenders are conducted in accordance with the principles outlined above and that customers include appropriate protection in their contracts
  • companies review all existing outsourcing agreements to ensure compliance with the Act.

The Ministry of Justice suggests that senior management consider whether to commission external verification of the effectiveness of the organisation’s anti-bribery policies. Such independent reviews can be helpful in providing organisations with an insight into the strengths and weaknesses of its anti-bribery controls. External reviews may also enhance the organisation’s credibility with business partners or restore market confidence following the discovery of a bribery incident, help meet the requirements of both voluntary or industry initiatives and any future pre-qualification requirements.



Sam Eastwood

Sam Eastwood

London Nordic region