Bribery Act 2010 Compliance
A guide to Bribery Act 2010 compliance for UK businesses, including the offences, the adequate procedures defence and the steps needed to prevent bribery.
The Bribery Act 2010 is one of the strictest anti-bribery and anti-corruption laws in the world. It applies to all UK businesses and to any individual or organisation with a connection to the UK, regardless of where the bribery takes place. The Act creates four criminal offences and introduces a unique corporate offence of failing to prevent bribery, which can only be defended by proving that the organisation had adequate procedures in place.
For businesses, the practical impact is clear: if anyone associated with your organisation bribes another person to obtain or retain business, the organisation itself is guilty of an offence unless it can demonstrate that it took reasonable steps to prevent it.
The four offences
| Offence | Section | What it covers | Maximum penalty |
|---|---|---|---|
| Bribing another person | Section 1 | Offering, promising or giving a financial or other advantage to induce someone to perform a function improperly | 10 years’ imprisonment and/or unlimited fine |
| Being bribed | Section 2 | Requesting, agreeing to receive or accepting an advantage in return for improper performance | 10 years’ imprisonment and/or unlimited fine |
| Bribing a foreign public official | Section 6 | Bribing a foreign public official to obtain or retain business | 10 years’ imprisonment and/or unlimited fine |
| Failure to prevent bribery | Section 7 | A commercial organisation fails to prevent bribery by an associated person | Unlimited fine |
The Section 7 offence is the one that most directly affects businesses. It is a strict liability offence – the prosecution does not need to prove that the organisation intended or knew about the bribery. It only needs to show that an associated person (employee, agent, subsidiary, contractor, consultant) bribed another person to obtain or retain business or a business advantage for the organisation.
The adequate procedures defence
The only defence to a Section 7 charge is proving that the organisation had adequate procedures in place to prevent bribery. The Ministry of Justice has published guidance setting out six principles that should inform those procedures:
The six principles
| Principle | What it means |
|---|---|
| Proportionate procedures | Procedures should be proportionate to the bribery risks the organisation faces and the nature, scale and complexity of its activities |
| Top-level commitment | Senior management must be committed to preventing bribery; this must be communicated throughout the organisation |
| Risk assessment | The organisation must assess the nature and extent of its exposure to potential external and internal bribery risks |
| Due diligence | Due diligence must be applied to persons who perform services for or on behalf of the organisation |
| Communication and training | Bribery prevention policies and procedures must be embedded through communication and training |
| Monitoring and review | Procedures must be monitored and reviewed periodically, and improvements made where necessary |
These principles closely parallel the risk-based compliance approach required under anti-money laundering regulations.
What counts as bribery?
The Act uses a broad definition. A bribe is any financial or other advantage offered, promised or given to induce someone to perform a relevant function or activity improperly, or to reward them for doing so. Relevant functions include any function of a public nature, any activity connected with a business or performed in the course of employment, and any activity performed by a body of persons.
Hospitality and gifts
Reasonable and proportionate hospitality is not prohibited. The Act is not intended to criminalise genuine corporate hospitality, promotional expenditure or gifts that are reasonable and proportionate. However, lavish or disproportionate hospitality, particularly when connected to a business decision, can cross the line.
| Likely acceptable | Potentially problematic |
|---|---|
| Modest working lunch during a business meeting | Expensive dinner and entertainment for a public procurement decision-maker |
| Branded promotional items of nominal value | Luxury gifts to a foreign official shortly before a tender decision |
| Invitation to a corporate hospitality event (proportionate to the relationship) | All-expenses-paid overseas trip timed to coincide with a contract renewal |
| Seasonal gifts in line with industry norms | Cash payments of any kind |
The key test is whether the hospitality is reasonable and proportionate and whether it is intended to influence improper performance of a function.
Risk assessment
A bribery risk assessment should consider:
- Country risk – operations or dealings in countries with high levels of perceived corruption (Transparency International’s Corruption Perceptions Index is a useful reference)
- Sector risk – some industries (construction, defence, extractives, pharmaceuticals) carry inherently higher bribery risks
- Transaction risk – large or complex transactions, particularly involving public procurement or government contracts
- Business opportunity risk – entering new markets, obtaining licences or permits
- Business partnership risk – use of agents, intermediaries, joint ventures or consortia
Document the assessment, assign risk ratings and prioritise mitigation efforts on the highest-risk areas.
Due diligence on associated persons
Because Section 7 extends liability to acts of associated persons, due diligence on third parties is essential:
- Agents and intermediaries – check their reputation, track record and any history of corruption allegations
- Joint venture partners – assess the partner’s own anti-bribery controls
- Contractors and consultants – ensure contracts include anti-bribery representations, warranties and termination rights
- Suppliers – particularly those in high-risk jurisdictions or sectors
The depth of due diligence should be proportionate to the risk. A low-risk UK supplier of office stationery requires less scrutiny than a commission agent in a high-risk jurisdiction.
Policies and procedures
At a minimum, every business should have:
- A written anti-bribery policy that defines bribery, sets out the organisation’s zero-tolerance position and explains the consequences of non-compliance
- A gifts and hospitality policy with clear thresholds for approval and a register for recording all gifts and hospitality given and received
- Financial controls – segregation of duties, approval limits and regular review of payments to agents or consultants
- Contractual protections – anti-bribery clauses in contracts with agents, consultants, suppliers and business partners
- Reporting channels – a mechanism for employees and associated persons to report suspected bribery in confidence
Training
All employees should receive proportionate training on the Bribery Act and the organisation’s anti-bribery policies. Staff in higher-risk roles (sales, procurement, business development, finance, those dealing with foreign public officials) should receive enhanced training covering what constitutes bribery, the organisation’s policies, how to recognise red flags, how to report concerns and the consequences of non-compliance.
Enforcement
The Serious Fraud Office (SFO) is the principal enforcement body for Bribery Act offences. Enforcement actions have included:
- Criminal prosecutions of individuals and companies
- Deferred Prosecution Agreements (DPAs) – negotiated agreements where the company admits wrongdoing, pays a financial penalty and implements compliance improvements, in return for the prosecution being deferred and ultimately discontinued
- Financial penalties running into hundreds of millions of pounds
Beyond SFO enforcement, a bribery conviction can result in:
- Debarment from public contracts – contracting authorities must exclude bidders convicted of bribery
- Regulatory consequences – loss of licences or authorisations
- Confiscation orders under the Proceeds of Crime Act 2002
- Directors’ disqualification under the Company Directors Disqualification Act 1986
Practical steps for SMEs
The Bribery Act applies to businesses of all sizes, but the adequate procedures defence is proportionate – what is expected of a small business is different from what is expected of a multinational. For most SMEs:
- Carry out a bribery risk assessment – even a simple exercise identifying your main risk areas is valuable
- Write an anti-bribery policy – keep it clear, practical and proportionate to your business
- Establish a gifts and hospitality register and set approval thresholds
- Include anti-bribery clauses in contracts with agents, intermediaries and key suppliers
- Conduct proportionate due diligence on third parties, particularly those in higher-risk roles or jurisdictions
- Train your staff – even brief training that explains the Act and your policy counts
- Monitor and review – revisit your risk assessment and policies annually
- Lead from the top – senior management must visibly support the anti-bribery programme
The cost of implementing proportionate procedures is modest. The cost of a bribery conviction – in fines, debarment, reputational damage and potential imprisonment – is not.