5 NEGLIGENT FAILURE BY ORGANISATIONS
72. Clauses 5 and 6 propose a new offence for companies
and partnerships that negligently fail to prevent bribery by persons
who are performing services on their behalf. At present, a company
can only be convicted under corporate liability principles where
a senior officer who is its "controlling mind" is responsible
for key elements of the offence (under what is known as the "identification"
doctrine). The Director of Public Prosecutions described it as
"almost impossible" to prosecute successfully under
this principle.[135]
It has attracted criticism from the OECD's Working Group for
not being "effective, proportionate and dissuasive".[136]
73. Some surprise was expressed by the business community
at clauses 5 and 6, since the Law Commission had initially decided
not to pursue these proposals pending its ongoing review of the
way that companies are held accountable under the criminal law
as a whole. However, the Law Commission reversed its decision
in light of the Woolf Committee's conclusion that boards of directors
must take an active role in preventing bribery. It also followed
the recommendations of the Serious Fraud Office, which highlighted
the need to tackle corporate liability given its view that bribes
are most often paid in order to benefit a commercial organisation.[137]
74. Under the proposed offence a "responsible
person" must be found negligent for failing to prevent an
act of bribery. Clause 5(3) defines a responsible person to be
anyone (other than the briber) whose "functions" included
preventing bribes being paid in connection with the business.
The draft Bill treats any "senior officer" as the responsible
person where no-one else has been allocated this function. Significantly,
a defence is available where "adequate procedures" were
in place to prevent bribery (clause 5(4)).
Too complex and narrow?
75. Several witnesses were concerned by what they
viewed as an uncomfortable relationship between negligence (as
a fault element) and adequate procedures (as a defence), asking
whether this artificially separated out two versions of the same
thing.[138] Professor
Horder accepted that in most cases the two issues will merge,
but favoured separate steps to create a balance "whereby
a company would not be liable when its systems were perfectly
adequate but there was a failure solely by an individual".
He gave the example of an isolated failure by a "responsible
person" who had been "tempted by an offer from a rival
company to go and join them and so is not paying proper attention".[139]
76. A more sustained criticism related to the need
to prove fault on the part of an individual within the company,
rather than focusing on the company's collective failure to maintain
adequate procedures. In particular, Professor Wells listed the
steps that this approach entailed (proving bribery, identifying
a responsible person, proving they were negligent, and then countering
an adequate procedures defence), before describing clause 5 as
a "narrow and complex solution to a pressing problem".[140]
Monty Raphael of Peters and Peters was also concerned that linking
"negligence" to a specific individual unfairly risked
the introduction of a variable standard:
the test can differ between individuals and a
more qualified person may be judged more harshly on the basis
that they would be expected to operate at a higher level of diligence.[141]
77. PricewaterhouseCoopers noted that references
in the draft Bill to a "responsible person" could be
given a wide range of meanings, both broad and narrow. For instance,
it questioned whether a general obligation placed on every line
manager, or even on every employee, to be vigilant for evidence
of wrongdoing risked making every member of staff a responsible
person: "we recommend more clarity here, perhaps distinguishing
between explicitly assigned responsibilities (carrying a more
onerous duty of care) and implicitly defined responsibilities
(carrying a less onerous duty of care)".[142]
78. We considered a number of alternatives put forward
by Professor Wells, in particular removing the need to prove a
responsible person's negligence, thus leaving the company strictly
(or vicariously) liable for bribes paid on its behalf, subject
to an adequate procedures defence.[143]
This was supported by a number of witnesses including Transparency
International UK, officials from the OECD and also Professor Sullivan,
who described clauses 5 and 6 as a "half-baked compromise".[144]
79. We were informed about a number of jurisdictions
which impose corporate criminal liability in a way that is at
least as strict as Professor Wells's proposal, including the United
States, Australia, Switzerland, Finland, Italy and Austria.[145]
Examples were also provided of analogous strict liability offences
under health and safety legislation and money laundering regulations.[146]
80. Under Professor Wells's proposal it would be
necessary to reconsider the burden of proof in relation to the
adequate procedures defence:
- The commercial organisation
could be required to raise the defence as part of an "evidential"
burden, but leave the "probative" burden on the prosecution
to establish the inadequacy of the organisation's procedures beyond
reasonable doubt;
- Alternatively, the commercial organisation could
be required to raise the defence and also bear the "probative"
burden of establishing the adequacy of procedures on the balance
of probabilities.
81. Professor Wells described it as a "matter
for debate", but both she and Colin Nicholls QC preferred
the probative burden being placed on the organisation due to:
- The organisation's greater
access to information about the anti-bribery procedures that it
had in place; and
- the policy aims of the Conventions from which
the offence is drawn.[147]
82. We were advised by the Joint Committee on Human
Rights that a "reverse burden" of the type proposed
by Professor Wells posed little risk of violating the presumption
of innocence under Article 6(2) of the European Convention on
Human Rights.[148]
However, Louise Delahunty and Lawrence Hammond of BAE Systems
considered it fairer to require the prosecution, rather than the
organisation, to bear the probative burden, particularly as the
Serious Fraud Office has the power to request information on the
procedures that were in place.[149]
83. Professor Horder acknowledged the greater simplicity
of dropping negligence as an element of the offence, but he did
not believe that it would be fair to convict a company for the
criminal act of its employee or agent without requiring the prosecution
to prove that the company was itself at fault. He distinguished
bribery as a "step up" in seriousness from any existing
strict liability offence under health and safety or other legislation:
[It] is very different from attributing causal
consequences, like earwigs in tins or deaths occurring on ships
or wherever it may be, to a company [
.] You can only fairly,
in my view, connect a deliberate act of bribery by an employee
or agent to a company via the company's own fault, if I could
put it that way, or here we have got it as 'a responsible person
or number of persons'.[150]
The Directors of the Serious Fraud Office and Crown
Prosecution Service agreed, as did business representatives including
the International Chamber of Commerce (UK).[151]
Jeremy Cole of Lovells viewed the requirement to prove negligence
as an important layer of protection for business, while questioning
whether the benefits of Professor Wells's alternatives were overstated,
given that "consideration of whether procedures were adequate
will still lead to asking virtually the same questions".[152]
84. The Attorney General did not rule out the benefits
of removing the need to prove negligence, but urged caution:
This Clause has to balance the concerns of business,
who are facing potential criminal liability where none had existed
before, against the wider public policy imperative of tackling
bribery. It appears to me that the Clause as drafted strikes a
satisfactory balance, but there may be other ways of achieving
the same ends. The Committee mentions the possibility of a model
based on vicarious liability with a due diligence defence, which
I think has been advocated by Professor Celia Wells. I do not
have strong views on which approach is taken, but it may be thought
unwise to depart to a significant extent from the general law
on corporate liability by removing the need to prove fault on
the part of the company, in advance of the findings of the Law
Commission's review of the subject as a whole.[153]
85. For completeness, we note that the International
Chamber of Commerce (UK), among others, was concerned that clause
5(1)'s test of being "negligent in failing to prevent"
introduced an absolute obligation to stop bribery altogether.
This raised an underlying fear that a company risked being punished
for any bribe that slipped through the net, irrespective of the
circumstances.[154]
We note, however, the Law Commission's previous elaboration on
the meaning of negligence:
a [responsible] person is negligent if he fails
to exercise such care, skill and foresight as a reasonable man
in his situation would exercise.[155]
This definition does not create an absolute obligation
that will be breached automatically when a bribe is paid. On
the contrary, it imposes an obligation on the responsible person(s)
to take reasonable steps to prevent bribery. The Attorney
General rejected calls to further define "negligence"
on the basis that it is a "well-established concept"
that could be applied "with the greatest degree of ease".[156]
Gross negligence?
86. There was broad agreement among business and
some legal representatives that "negligence" represented
an insufficiently high threshold for a bribery conviction. This
led to calls for a test of "gross negligence", "recklessness"
or both. For instance, a body that represents the General Counsel
of leading companies, GC100, stated:
Unlimited fines and debarment from tendering
for public contracts are real consequences of the new offence.
As a basis for criminal liability, negligence is not generally
sufficient to establish liability for serious offences. The only
offence for which negligence is arguably sufficient is public
nuisance, and the most recent corporate offence which is analogous
is corporate manslaughter, where "gross negligence"
is the required threshold [
] The appropriate test in this
case should be that of "gross negligence". This would
apply where the standards of behaviour fall well below what could
reasonably be expected, and is a more realistic test for an offence
with such serious consequences.[157]
87. There was strong opposition to this proposal
from non-business witnesses and others, including the Secretary
of State for Justice, the Attorney General and the Director of
the Serious Fraud Office. In particular, the Director of Public
Prosecutions stated that it would "substantially reduce the
incentive for companies to put in place stringent anti-bribery
procedures" while impeding prosecutions in a way that might
"stifle, perhaps terminally, the policy intentions we understand
to be behind the creation of the corporate liability provisions".[158]
We note that more can be done to ensure that fines are proportionate
and debarment is non-mandatory, as addressed below.
A civil regime?
88. We considered the option of introducing a civil
regulatory regime under which companies would be fined for failing
to prevent bribery unless adequate procedures were in place.
This would have left the development of criminal corporate liability
to the Law Commission's broader review of the subject. It would
also have been broadly analogous with the Financial Services Authority's
power to penalise companies that breach its third regulatory principle,
including by failing to prevent bribery:
A firm must take reasonable care to organise
and control its affairs responsibly and effectively, with adequate
risk management systems.[159]
We note, however, that a civil regime received little
support during the Law Commission's consultation.[160]
Its critics stated that it would lack deterrence value and, in
any event, would require a criminal offence to be available as
a punishment of last resort.[161]
The Ministry of Justice emphasised its potential cost, while
Professor Horder was concerned that it would increase bureaucracy.[162]
The OECD also warned against the conflicting message that would
be sent through criminalising individuals but not companies.[163]
Monty Raphael stated that it would represent a "soft option"
which would continue to leave a corrupt company in greater fear
of the US Foreign Corrupt Practices Act than UK law.[164]
We also note that the European Commission has stated that civil
or administrative penalties would be insufficient to comply with
the UK's international obligations to the European Union.[165]
89. We support the Government's proposals for
a new offence that targets companies and partnerships which fail
to prevent bribery by persons acting on their behalf. The current
law has proven wholly ineffective and in need of reform. However,
we are concerned by the focus on whether a "responsible person"
was negligent, rather than on the collective failure of the company
to ensure that adequate anti-bribery procedures were in place.
In our view, clauses 5 and 6 introduce a narrow and complex solution
to a pressing problem. We therefore recommend the removal of the
need to prove negligence under clause 5(1)(c). While it would
lead to the commercial organisation being strictly liable, subject
to an adequate procedures defence, nevertheless we do not believe
this would be unfair, particularly given the parallel with the
approach taken in other leading countries. A commercial organisation
is well placed to demonstrate the adequacy of its procedures,
preferably on a probative burden of proof.
90. We do not accept the merits of increasing
the threshold of the offence to "gross negligence" or
the introduction of an alternative civil enforcement regime, since
neither will satisfy the policy aims of the draft Bill.
The "adequate procedures"
defence
(A) MEANING
91. There was near-unanimous agreement in evidence
that the meaning of "adequate procedures" in clause
5 will require amplification through guidance. For instance, Professor
Horder stated:
The OECD were understandably anxious that there
should be greater clarity over what would count as an 'adequate
system' [
] There is a case for saying that, even if it reaches
the statute book, this clause should not be brought into force
until some work has been done with the CBI, other business representatives,
anti-corruption experts, and others, to hammer out some basic
standards and procedures.[166]
92. The content and status of guidance is addressed
more generally below, in Chapter 6. However, we note two important
points that emerged on the meaning of the phrase "adequate
procedures" in clause 5:
- First, it must be interpreted
in a flexible and proportionate way depending on the size and
resources of the company, alongside the ethical risks associated
with the industry, geographical area and the types of transaction
concerned.
- Second, it must depend on what a commercial
organisation is doing in practice rather than in theory.
93. As part of taking a flexible approach, it is
clear that the impact on small businesses will need to be carefully
reviewed.[167] Professor
Horder warned about the "classic regulatory dead end"
under which businesses are forced to "tick-box" without
there being a clear link to the effectiveness of the measures
concerned.[168] The
Federation of Small Businesses called for this to be avoided through
"clear and accessible" guidance on the practical steps
to be taken:
Is it enough to merely have had a conversation
with a colleague or to have factored certain proposals into a
staff handbook or is there a need for a written and documented
evidence trail? For small businesses, that obviously begins to
get more difficult when you have only got a handful of employees
and you are very tight for time and resources.[169]
In this respect, we note the "light-touch"
approach endorsed by the Impact Assessment for small firms in
low risk sectors where it may be sufficient to demonstrate that
"anti-bribery principles have been fully communicated to
its workforce".[170]
We return to the impact of clause 5 on commercial organisations
later in this chapter.
(B) SENIOR OFFICERS
94. The adequate procedures defence is not available
where a "senior officer" is negligent in their role
as a responsible person (clause 5(5)). As the Law Commission
explained:
The existence of this defence is an important
limitation on liability for the offence. It shows that our concern
is to direct the criminal law at companies that fail to make continuing
and systematic efforts to ensure that active bribery is not committed
on their behalf, even when the risk of that happening may be high.
Our focus is not on ethically well-run companies which have made
an error (albeit culpable) in a particular case leading to the
commission of bribery by someone providing services on their behalf.
However, the defence should not be available when the negligence
that led to the failure to prevent bribery being committed was
attributable to a director of the company (or equivalent person)
him or herself.[171]
95. A good deal of criticism was directed at the
lack of certainty about the meaning of "senior officer"
which is defined to include any "director, manager, secretary
or other similar officer of the body corporate" (clause 5(7)).
The term "manager", in particular, has an uncertain
meaning within the workplace. The UK Anti-Corruption Forum noted
that it could include "quite junior" levels of employee.[172]
96. These concerns led the International Chamber
of Commerce (UK), and others, to state that an expansive interpretation
would lead to the defence being "robbed of any real content".[173]
The same could be said to a lesser extent about the meaning of
"secretary", which the Secretary of State for Justice
confirmed is intended to be limited to the traditional notion
of a senior-level "company secretary".[174]
97. Professor Horder highlighted the need for clarity,
particularly given the different definition of "senior management"
that is used under the Corporate Manslaughter and Corporate Homicide
Act 2007: "It is not desirable for companies to have to grapple
with many different understandings in law, for the purpose of
different offences, of who is 'in charge'".[175]
98. Both Herbert Smith and Thales UK recommended
that the draft Bill incorporate the definition of senior management
that is used under corporate manslaughter legislation, namely:
'senior management', in relation to an organisation,
means the persons who play significant roles in (i) the
making of decisions about how the whole or a substantial part
of its activities are to be managed or organised, or (ii) the
actual managing or organising of the whole or a substantial part
of those activities (section 1(4)).[176]
The Secretary of State for Justice explained that
the draft Bill's definition of "senior officer" was
"lifted from the Fraud Act 2006 [
while t]he Corporate
Manslaughter and Corporate Homicide Act has used a different approach.
We need to think about it".[177]
99. Other witnesses called for the "senior officer"
exception to be dropped rather than simply clarified, with the
effect that negligence by a senior officer would be a matter to
be considered as part of the adequate procedures defence. For
instance, Clifford Chance stated that the exception risked creating
a negative incentive to appoint lower level employees to the post
of "responsible person" as a way of ensuring that the
defence remained available. Several witnesses, including GC100,
also commented that the senior officer exception worked in contradiction
to the US Federal Sentencing Guidelines, which require high level
personnel to be responsible for preventing bribery in order to
qualify for sentencing credit.[178]
Herbert Smith, among others, argued that the exception served
no useful purpose since a court would be unlikely to find the
organisation's procedures to be adequate where a senior officer
acted negligently in designing or implementing those procedures.[179]
100. Professor Horder rejected the idea that the
exception created a negative incentive since senior officers who
employ a "dog to bark [
] must make sure the dog barks
properly":[180]
Any Board that appointed someone to supervise,
and then conveniently forgot all about the issue, would find themselves
looking at a justified claim that they had failed to ensure truly
adequate procedures were in place.[181]
This argument did not satisfy the law firm, DLA Piper:
As the draft currently stands, we seem to fall
into a circular argument. If you do appoint a senior officer you
lose the defence, if you don't appoint a senior officer the defence
will still be available but you might then be guilty of not having
'adequate procedures' if you do not have a senior officer in charge.
This tortuous clause appears to be an attempt to avoid imposing
strict liability on a company where an employee or agent has paid
a bribe but in doing so the requirements for the adequate procedures
defence have become confusing to say the least.[182]
101. However, Professor Wells stated that the senior
officer exception could be retained under her proposal for strict
or vicarious liability by replacing clause 5(5) (which creates
the exception) with an "avoidance of doubt" provision
along the following lines: "For the avoidance of doubt, the
defence of adequate procedures does not apply where the failure
to prevent the offence is attributable to the negligence, neglect
or fault of one or more senior officers".[183]
While accepting that this potentially re-introduces
the complexity involved in proving negligence in any case involving
a senior officer, she added:
[I]n many cases (those where the senior officers
have not been at fault in relation to the specific bribe) the
complexity will be removed altogether [
and] it is hard to
imagine that the procedures could be shown to be adequate where
senior officers were negligent in the implementation or monitoring
of any procedures. The avoidance of doubt clause puts that into
concrete form to save lengthy and expensive legal argument.
Under Professor Wells's proposal it would, in essence,
become a choice for the prosecution either to prove that a senior
officer had been negligent (upon which the defence would not apply),
or leave the issue to be resolved as part of the adequate procedures
defence (under which any failure by a senior officer would then
be relevant to the broader issue of "adequacy").
102. On a related point, the Federation of Small
Businesses stated that many small companies would have no option
other than to appoint a senior officer to be responsible for anti-bribery
procedures. This was viewed as unfair, since small business would
automatically be unable to rely on the defence given the senior
officer exception.[184]
Professor Horder rejected this argument since "a small firm
with no middle management must take responsibility for compliance
at directorial level". He re-iterated the Law Commission's
proposals that failure by senior management should be a bar to
the defence being available.[185]
103. The adequate procedures defence does not
apply where a "senior officer" is negligent in performing
their role as a responsible person by virtue of clause 5(5).
It is hard to imagine any circumstances in which the procedures
would be adequate where a senior officer was at fault. In line
with our recommendation to remove the requirement to prove negligence,
we further recommend that clause 5(5) be removed. This would
leave the role that has been played by senior officers to be determined
as part of the adequate procedures defence. It would also reflect
difficulties identified in relation to the meaning of the term
"senior officer".
Subsidiaries, joint ventures
and syndicates
104. The new corporate offence applies only in relation
to bribes paid by persons who are "performing services for
or on behalf" of the commercial organisation and "in
connection with" that organisation's business (clause 5(1)).
An official at the Ministry of Justice has stated that "all
the circumstances" would need to be considered to determine
whether a subsidiary was acting on behalf of its parent, but that
ownership alone would not be viewed as sufficient to mean that
a subsidiary was performing services within clause 5(1).[186]
This raises two issues. The first is whether the Government has
adopted the correct approach by excluding subsidiaries from automatically
being covered by the draft Bill. As James Maton of the UK Anti-Corruption
Forum explained:
The difficulty is that there is a conflict between
a feeling that it is wrong to have the holding company liable
for the acts of foreign joint ventures, subsidiaries, or whatever
they may be, in circumstances where there is no control over those
activities and the conflicting view that the payment of bribes
through subsidiaries is a relatively common way of meeting the
payment of bribes, and that is the difficulty with those two competing
problems. Not having some source of responsibility at head company
level does potentially leave a very significant gap in the law
and an obvious route for the payment of bribes.[187]
105. There are strongly held views on both sides
of the line, with business representatives particularly keen to
ensure that subsidiaries are not automatically being covered by
the draft Bill, while academics and some enforcement agencies
being equally keen to ensure that their omission does not lead
to loopholes emerging.[188]
The limited time that was available to complete our inquiry has
prevented us from focusing on this issue in more detail. However,
we note that a parent company's liability for a subsidiary
is one of the issues due to be considered as part of the Law Commission's
general review of corporate criminal liability and we anticipate
that the Law Commission's conclusions will valuably inform future
debate on this difficult issue.
106. A second issue is whether the draft Bill achieves
the Government's aim of excluding subsidiaries (among other legal
entities) except where a subsidiary is actually performing services
on the parent's behalf. Some witnesses considered that the draft
Bill risked creating an automatic liability for subsidiaries,
joint ventures and syndicates, notwithstanding the lack of control
over the activities of those entities. Several amendments were
proposed by witnesses, including to:
- Limit clause 5(1) to cases
where the commercial organisation "controls" the subsidiary,
joint venture or syndicate under an ownership interest of 50%
or more;[189]
- Limit clause 5(1) to cases where there is either
"control" (as above) or "knowledge" of bribery;[190]
- Limit clause 5(1) so that a subsidiary is treated
as performing services on behalf of its parent only in circumstances
where the parent wholly owns the subsidiary;[191]
- Limit clause 5(1) so that a parent company will
only be liable for its subsidiary where it pays a bribe in connection
with a business that is being operated by the parent company,
rather than a business that is being operated by the subsidiary
on its own behalf.[192]
107. Several witnesses viewed guidance as the appropriate
solution, rather than an amendment to the Bill. For instance,
James Maton of the UK Anti-Corruption Forum stated that what businesses
need is certainty above all else and that therefore there should
be "sensible guidelines, which describe in some detail what
companies should be doing in relation to foreign subsidiaries
and joint ventures, depending on their degree of control and the
degree of shareholding in those companies".[193]
Clifford Chance agreed, and a Ministry of Justice official stated
that the Government might consider this request.[194]
We note that any of the proposals for an amendment, above, could
effectively be achieved through suitable guidance to that effect.
We therefore return to this issue in Chapter 6 below, on guidance.
135 BB16, para 9 Back
136
OECD Phase 2 bis report, above, para 92 Back
137
Response of the Serious Fraud Office to the Law Commission Consultation
paper No 185, Reforming Bribery, cited in the OECD Phase
2 bis report, above, para 75 Back
138
For instance BB05, para 36 Back
139
Q60 Back
140
"Bribery: Corporate Liability under the Draft Bill 2009",
2009 Criminal Law Review 479; Q121 Back
141
BB51 Back
142
BB32 Back
143
"Bribery: Corporate Liability under the Draft Bill 2009",
2009 Criminal Law Review 479 Back
144
Ibid; Qq 113, 510; 536 Back
145
BB15; Qq 116, 510 Back
146
For instance BB15, para 1 Back
147
Qq 116 to 120; BB56 Back
148
BB61 Back
149
Q539 Back
150
Q64 Back
151
Qq 181, 184 and 389 Back
152
BB39, para 4.19 Back
153
BB60 Back
154
BB03, para 19; BB07, para 20 Back
155
Law Commission, Consultation No 31, The Mental Element in Crime,
1970 Back
156
Q684 (Baroness Scotland of Asthal) Back
157
BB10, para 2.3 (see also Appendix 3) Back
158
BB48, para 2 Back
1 159 60
Further information is available at http://fsahandbook.info/FSA/htm/handbook/PRIN/2/1 Back
160
Law Commission Consultation, Reforming Bribery, No 185,
November 2008, para 6.70 Back
161
BB37; Q365 Back
162
Impact Assessment, p6; BB37 Back
163
BB59 Back
164
Q365 Back
165
European Commission's report on Article 9 of the Council Framework
Decision 2003/568/JHA, 22 July 2003, COM (20076) 328, 18 June
2007, p111 Back
166
BB01, para 3 Back
167
Q171 (Rosina Robson, Federation of Small Busineses) Back
168
BB01, para 3 Back
169
BB08, pp 1-3; Q207 (Rosina Robson) Back
170
Impact Assessment, p9 Back
171
Law Commission, Reforming Bribery, No 313, November 2008,
paras 6.6 to 6.7 Back
172
BB04, para 16(b) Back
173
BB03, para 21 Back
174
Q615 (Jack Straw MP) Back
175
BB06, para 9 Back
1 176 77
Q330 Back
177
Q614 (Jack Straw MP) Back
178
BB10; BB46, para 12 Back
179
BB49 Back
180
BB06, para 10 Back
181
BB06, para 8 Back
182
BB20 Back
183
BB22 Back
184
BB08, para 2 Back
185
BB01 Back
186
Q583 (Michael des Tombe) Back
187
Q255 Back
188
BB03, paras 31 and 47 (iv); BB07, para 28; Q140, BB33, para 4.4;
BB48, para 6, BB47, para 5 Back
189
BB23; BB39; BB15; BB19, para 6.5 Back
190
Q358 Back
191
BB15 Back
192
BB07, para 28; Back
193
Q255; see also BB05, paras 34 to 35 Back
194
BB05, paras 34 to 35;Q538 Back
|