47% of South Africans paid a bribe in the past year


By Roy Gillespie (Senior Manager) and Megan McEvoy (Manager) in Anti-Bribery
Compliance at ENSafrica

The international community has been shocked to learn of alleged bribery in
the pharmaceutical sector taking place in China, with both GlaxoSmithKline and
Alcon, the eye care division of Novartis, being accused of bribing officials.

In both cases third parties were used to apparently make illegal payments
to doctors. Consequently, firms with global offices are being urged to step up
internal compliance, and take care when using third party suppliers.

As in the above cases, organisations face a range of bribery risks and most
large organisations will have hundreds of third party relationships stretching
across multiple jurisdictions that expose the organisation to increased bribery

Understanding these risks and where an organisation is most vulnerable is
critical to managing anti-bribery compliance, as well as managing third party
relationships very carefully.

Current anti-bribery laws, such as the Foreign Corrupt Practices Act (FCPA),
U.K. Bribery Act (UKBA) (including OECD recommendations) state that all third
parties must be appropriately vetted by a company before engaging their

Alarmingly, in terms of the UKBA, a commercial organisation can be held
liable, even if the bribery is carried out by an employee, an agent, a subsidiary,
or another third-party, and the location of the third-party is irrelevant to the

For example: a South African company, with a branch or office in the UK,
which pays a bribe anywhere, for example, in Africa or Latin America could, in
terms of this legislation, face prosecution in the UK. This is particularly
precarious for organisations operating in high risk bribery jurisdictions globally.

In South Africa, according to Transparency International, 47% of South
Africans paid a bribe in the past year, while Minister of Justice and Constitutional
Development Jeff Radebe said that in the 2012-2013 financial year there were
criminal investigations into the activities of 242 people in 89 priority corruption
cases each involving R5-million or more. In the Deloitte?s Anti-Corruption
Practices Survey 2011, participants attributed 52% of the source of corruption
risk to "use of third parties'.

Organisations therefore need to ensure they have robust anti-bribery
compliance procedures in place, especially to protect themselves against
unscrupulous third parties. As further incentive to comply with legislation, the
UKBA does provide the commercial organisation with a defence, if it can show
that, while bribery did take place, the commercial organisation had taken
"adequate procedures designed to prevent persons associated with [the
organisation] from undertaking such conduct".

The burden of proof in this situation is on the organisation, with the standard of
proof based on a balance of probabilities. In terms of "adequate procedures'
taken out by organisations to curb bribery, the guidelines set out six non
prescriptive fundamental principles. These are: Appropriate procedures, Top-
level commitment, Risk assessment, Due diligence, Communication (including
training) Monitoring and Review.

The UK Ministry of Justice also suggests that in terms of the third party due
diligence that these procedures need to be "proportionate' and "risk based' in
order to mitigate the identified bribery risks. The organisations? due diligence
process in respect of third parties should include:

? An evaluation and logical business rationale for wanting to engage with the
third party;/>
? An evaluation of the company profile, including shareholding, directors,
background, experience, government interaction and reputation of the third
party; />
? Any information relating to any past incidents, convictions, investigations of
its directors, shareholders and/or employees. An adverse media investigation is
advised here as an independent check. />
? Information on the organisations current anti-bribery policies (if any)/>
? A detailed understanding of the type of services that the third party will be
providing; />
? An understanding of how the third party will be remunerated, compensated
and paid;/>
? Determine whether the third party intends using other third parties;/>
? Reasonable controls to monitor the transactions of third parties going
? Ensure there is a written agreement/contract in place which acknowledges
the third parties understanding of the organisations commitment to anti-bribery

It is equally important to keep properly documented evidence of this due
diligence and to ensure that the person initiating the contact with the third
party, the person carrying out the due diligence, and the person ultimately
authorizing the contact are not the same person.

Organisations are ultimately responsible for ensuring that third parties who act
on their behalf are compliant with the global anti-bribery legislation as well as
any other local country legislation. Should the organisation fail to do this, it will
remain completely vulnerable to stringent enforcement action. As a bare
minimum and in order to mitigate third party bribery risk further, organisations
should ensure that standard third party agreements / contracts include the
following clauses:

? Representation by the third party to comply with the organisations code of
conduct, ethical business practices and with all laws;/>
? Audit rights, including audit rights for anti-bribery compliance procedures;
(these rights must be exercised for this to be considered effective)/>
? The right to terminate the third party relationship due to breach of contract
or non-compliance with the organisations code of conduct, ethical business
practices, or other laws;/>
? The third party may not engage with agents, subcontractors, intermediaries
or consultant without the prior approval of the organisation;/>
? The third party agrees to cooperate with any anti-bribery compliance
? The third party agrees to implement anti-bribery compliance training for its
? Annual certification that the third party has not engaged in or aware of any
bribery or corruption violations or other applicable laws;/>

Due diligence does not stop at the initial approval or selection process; it is
an ongoing process which must continue until the relationship with the third
party ends.