When U.K. rail industry boss Anthony Burgess was found dead, with his wife, in the leafy village of Clavering in the South East of England, their deaths became yet another stark example of the realities of bribery.

Burgess had been “showered” with cash, five-star holidays, and goods in kind by two suppliers to his company, and after being fired, had come under intense police scrutiny. “It couldn't happen in my organization” is the riposte of many; but how do you know?

The U.K. Bribery Act became law on July 1, 2011 and brought with it a new reality—described as one that would target a  “failure of a commercial organization to prevent bribery”—with the only defense that the corporate had put in place “adequate procedures” designed to stop incidences of corruption.

While there is no question that industries—those in Britain and worldwide—have responded to the Bribery Act with additional training, reporting, and procedures, until recently there has been no standard to help organizations prove, to both internal and external stakeholders, that appropriate procedures are in place to prevent bribery— and to help answer the perennial challenge for all compliance officers: Are my adequate procedures adequate— and how do I know?

Bribery Standard

In a new development, however,  that potentially goes some way to answer that question, the renowned British Standards Institute (BSI) has launched a new bribery standard, known as BS10500: Specification for an Anti-Bribery Management System (ABMS). The intention of the standard is to provide organizations with an objective bribery standard and a rigorous bribery framework which then form the basis of an independent verification and accreditation system, appropriate to both the Bribery Act and, crucially, to bribery legislation, worldwide.

BSI's plan for BS10500 is for it to be applicable in the private, public, and voluntary sectors, and to enable companies using it to clearly (and publicly) demonstrate their commitment to anti-bribery, good governance, and business ethics. Shirley Bailey-Wood, Director of Publishing at BSI, says that “Responsible organizations are increasingly seeing bribery prevention as on a par with safety and quality control. They want a means to demonstrate that they have an adequate system to prevent bribery taking place. A significant amount of guidance already exists on anti-bribery however as yet there is no system of measuring to an agreed benchmark that an organization's anti-bribery practices are adequate. This is what BS 10500 will provide.”

Over time it is expected that BS10500 will become much more than just a way that organizations can demonstrate their commitment to anti-bribery and compliance; BS10500 will become the next ‘must have' standard for organizations.

Over time, however, it is expected that BS10500 will become much more than just a way that organizations can demonstrate their commitment to anti-bribery and compliance; BS10500 will become the next “must have” standard for organizations—comparable to those for Quality Management and Environmental Management .

 Moreover, it is likely that BS10500 will also become a de facto tender qualification, particularly for U.K. governmental work and comparable major commercial activities. At a practical level this could mean that tendering organizations, irrespective of nationality, have to achieve accreditation to BS10500 or, at least, be able to demonstrate comparable capabilities and controls.

While there is extensive guidance on the Bribery Act, don't be lulled into thinking that it will tell you exactly what needs to be done; the guidance is not prescriptive, and it does not set out a fail-safe checklist of requirements for companies to implement; as with many issues, context is everything.

Until now there has been no system of measuring to an agreed benchmark that an organization's anti-bribery practices were objectively adequate for the risks that they faced—and it is this issue that BS10500 is designed to address. Given the geographic reach of the Bribery Act, the standard is clearly not confined to U.K. companies and it offers an anti-bribery standard that has international application, using internationally recognized best practices. The standard has been written without providing its own definition of bribery, and so enables an organization's ABMS to be targeted at preventing all types of bribery, as defined by laws applying to that organization and geography.

 

Bribery Risk

The bribery risks facing an organization will vary widely depending on size of organization, the countries and sectors in which that company operates, and the nature, scale, and complexity of the organization's operations; as a consequence, the standard specifies the implementation by a company  of appropriate risk-based policies, procedures, and controls. While no standard can provide assurance that corruption has taken place, or will take place, BS10500 can help an organization establish that it has implemented reasonable and proportionate measures—“adequate procedures”—intended to prevent bribery.

There is no question that BS10500 mirrors closely the terminology and guidance for the Bribery Act; however, BS10500 does cover some areas in more detail, such as gifts and hospitality, and procurement and commercial controls.

BS10500 runs 20 pages and at top-level specifies the requirements for implementing an anti-bribery management system—or at least the anti-bribery element of an overall management system. The bulk of the standard, however, covers planning and adoption of an anti-bribery policy, and implementing an ABM covering areas such as implementation of ABMS by controlled organizations and business associates,' clearly intended to discharge the ‘associated persons' requirement of the Bribery Act.

The guidance on gifts, hospitality, donations and similar benefits does include some invaluable advice on procedures that should be considered by companies. This includes advice to consider the timing of benefits of this type, particularly those that tend to tender negotiations. This is an aspect often overlooked and certainly not “joined up” within the corporate governance processes of many organizations.

The final section of BS10500 focuses on using the “Plan-Do-Check-Act” (PDCA) cycle common to other standards to implement an organization's ABMS, such that there is consistency with other management systems.

 

The Opportunity

 

Despite legislative developments, in reality some organizations simply do not have the necessary bribery controls and processes in place, despite a belief to the contrary. While many organizations, for example, may well have an inbound gifts and hospitality record, relatively few even now have an outbound equivalent; even fewer reconcile that record with expense reports and petty cash claims for gifts or hospitality, in order to understand exactly what is being spent by who on whom.

The challenge for organizations is clear; every one of the Bribery Act's six principles directly or indirectly hinges on a well-run, effective, and compliant organization, with effective processes. More than that, however, companies also have to make sure that their interfaces—externally with third parties (termed ‘business associates' in BS10500) and internally with internal audit, compliance, ethics, accounting, and finance—are fully effective and can deliver the controls, processes, and ongoing exception monitoring that will be required. For a company to have an effective anti-bribery and corruption program in place, one that meets both the spirit and letter of the Bribery Act, will require all the bribery angles—such as tendering, expenses, and hospitality— to be monitored, audited, and controlled. Implementing and maintaining this infrastructure, and so upholding the highest levels of corporate governance, will be at the heart of the challenge.

Until now, organizations had little or no way of evaluating and benchmarking, at least realistically, their anti-bribery and Bribery Act capabilities; BS10500 has the potential to change all that, particularly if an organization commits to a genuinely independent assessment against the standard.