by Roy Gillespie and Megan Mc Evoy

Third party bribery risk

SA companies take caution

Third party bribery risk
Legal Compliance.jpg

The international community has recently been shocked to learn of alleged bribery in the pharmaceutical sector taking place in China, with both GlaxoSmithKline and Alcon, the eye care division of Novartis, being accused of bribing officials.  In both cases third parties were used to apparently make illegal payments to doctors. Consequently, firms with global offices are being urged to step up internal compliance, and take care when using third party suppliers. 

As in the above cases, organisations face a range of bribery risks and most large organisations will have hundreds of third party relationships stretching across multiple jurisdictions that expose the organisation to increased bribery risks.  Understanding these risks and where an organisation is most vulnerable is critical to managing anti-bribery compliance, as well as managing third party relationships very carefully. 

Current anti-bribery laws, such as the Foreign Corrupt Practices Act (FCPA), U.K. Bribery Act (UKBA) (including OECD recommendations) state that all third parties must be appropriately vetted by a company before engaging their services. 

Alarmingly, in terms of the UKBA, a commercial organisation can be held liable, even if the bribery is carried out by an employee, an agent, a subsidiary, or another third-party, and the location of the third-party is irrelevant to the prosecution. For example: a South African company, with a branch or office in the UK, which pays a bribe anywhere, for example, in Africa or Latin America could, in terms of this legislation, face prosecution in the UK.  This is particularly precarious for organisations operating in high risk bribery jurisdictions globally. 

In South Africa, according to Transparency International, 47% of South Africans paid a bribe in the past year, while Minister of Justice and Constitutional Development Jeff Radebe said that in the 2012-2013 financial year there were criminal investigations into the activities of 242 people in 89 priority corruption cases each involving R5-million or more. In the Deloitte’s Anti-Corruption Practices Survey 2011, participants attributed 52% of the source of corruption risk to “use of third parties”.

Organisations therefore need to ensure they have robust anti-bribery compliance procedures in place, especially to protect themselves against unscrupulous third parties.  As further incentive to comply with legislation, the UKBA does provide the commercial organisation with a defence, if it can show that, while bribery did take place, the commercial organisation had taken "adequate procedures designed to prevent persons associated with [the organisation] from undertaking such conduct". 

The burden of proof in this situation is on the organisation, with the standard of proof based on a balance of probabilities.  In terms of “adequate procedures” taken out by organisations to curb bribery, the guidelines set out six non prescriptive fundamental principles. These are: Appropriate procedures, Top-level commitment, Risk assessment, Due diligence, Communication (including training) Monitoring and Review.

It is equally important to keep properly documented evidence of this due diligence and to ensure that the person initiating the contact with the third party, the person carrying out the due diligence, and the person ultimately authorizing the contact are not the same person. Organisations are ultimately responsible for ensuring that third parties who act on their behalf are compliant with the global anti-bribery legislation as well as any other local country legislation.

Should the organisation fail to do this, it will remain completely vulnerable to stringent enforcement action.

Due diligence does not stop at the initial approval or selection process; it is an ongoing process which must continue until the relationship with the third party ends.

comments powered by Disqus


This edition

Issue 2020