Regulators continue to pursue prosecutions under the Bribery Act 2010, and appear to be targeting more mainstream companies after a string of successful prosecutions. Failing to prevent bribery can have serious consequences for corporate entities.
The Bribery Act has now been in force for nearly 5 years, and the Serious Fraud Office is getting more and more familiar with the tools at its disposal. The main target will always be the action of giving or receiving bribes itself, which can be punished by unlimited fines and custodial sentences. In an age of international trade (and employee/agent independence) this may be an increasingly common concern for employers, but even more concerning is the novel offence of "failing to prevent bribery". This offence can be committed by an otherwise innocent company if they fail to prevent rogue individuals within their business.
In short, a company commits the offence when a person "associated" with the company commits bribery in order to obtain or retain business. The offence is defined very widely - "associated persons" for example will definitely include employees, but can also extend to agents, contractors or any individual that is providing services to the company. Any company that uses third party agents would be particularly wise to review and update (or create) anti-bribery policy and procedures.
The offence is punishable by an unlimited fine, but conviction will lead to other consequences. The company will have a criminal record, which may affect its ability to obtain new work or tender for contracts (especially in the public sphere). Reputational damage will also follow any conviction, as the SFO (and the general media) commonly publicise Bribery Act convictions. Senior officials can also face disqualification as a director, or the seizure of assets under the Proceeds of Crime Act.
Companies can take action to prevent any allegation of failing to prevent bribery. If a Company can demonstrate that "adequate procedures" were in place, then the company has a complete defence. What "adequate procedures" are will vary greatly depending on the size of the Company and the risk that they face. Examples include board and staff training, internal monitoring and reporting of hospitality and gifts, encouraging transparency and whistleblowing, and discipline and sanction where things go wrong. Proper risk assessment and preventative measures will be key to avoiding corporate liability and criminal prosecution.