The following is taken from a special paper produced for the In-House Community™ by Dr Justine Walker, Director Financial Crime (Sanctions and Bribery) at the British Bankers’ Association, which was presented to delegates at the recent Hong Kong Outbound Risk & Corruption Symposium, which took place on May 30th, 2013

The UK Bribery Act 2010, which came into force in July 2011, means the UK now has the most comprehensive anti-bribery legislation in the world. To help support banks in their ongoing efforts to comply with the Act, the British Bankers’ Association (BBA) published its own guidance to assist in the implementation of adequate procedures to prevent bribery and corruption. The BBA guidance was published in December 2011 and is currently undergoing a process of up-dating so as to reflect the emerging practice that has developed since first publication. This article gives advance insight into the main changes that industry can expect to see.
The BBA has always been mindful that the anti-bribery and corruption (ABC) responsibilities of banks do not stop with implementation of the UK Bribery Act alone. Regulatory expectations have increasingly come to the forefront of how banks have approached the development of robust safeguards. Recent thematic reviews and enforcement action by the Financial Services Authority (and now its successor the Financial Conduct Agency) have served to stimulate the importance of regulatory risk.
To support members in understanding their obligations, the BBA in 2011 established a dedicated ABC working party of member banks. Along with developing strategic thinking on ABC matters this group is also tasked with producing industry guidance. As part of the process a series of informal bench marking sessions have been held covering issues such as ABC risk assessment methodologies; implementing gifts and entertainment thresholds and procedures; management and due diligence of third party risk; the provision of senior management information; and key performance indicators.
Our work has clearly highlighted that the practical implementations arising from legal and regulatory obligations in the ABC arena can be an onerous affair. Pragmatic and risk-based responses are the only viable solution and at the very heart of this will be an ABC risk assessment. What constitutes an adequate risk assessment will vary enormously depending on the size of an organisation, its activities, customers and the markets in which it operates. Operational risks will exist throughout all elements of the business and have the potential to impact on the breadth of ABC controls. For example, ineffective due diligence procedures or inaccurate and missing data can all result in key risk information not being identified resulting in an incorrect risk assessment. Consequently, and not unsurprisingly, information validation is a central topic for ABC officers.
Many UK banks have now moved to using some form of risk assessment linked to ‘heat maps’ which drive ongoing monitoring arrangements, frequency of reporting and identification of activities which need further testing. ABC dashboards are now commonly used as a risk management tool. What is included in such dashboards will vary between banks but may include areas such as: volumes of internal staff bribery investigations; recommendations from monitoring visits; training completion rates (new joiners and refreshers); compliance statutes with gift and hospitality policies; and, oversight of third party arrangements (i.e., volume accepted and declined, red flags raised, due diligence process followed etc.).
Both legal and regulatory obligations place significant importance on the management of third party relationships, such as suppliers, consultants, finders, agents, brokers, introducers, joint venture partners etc. Given the sheer volume of such relationships and payment flows this is an area where the BBA’s working party has focused considerable attention. It is also an area which exemplifies the vital need for a well founded risk-based approach in determining what level of due diligence and monitoring will be necessary and appropriate. Examples of how banks approach this mammoth task will be expanded within the revised BBA guidance. For larger organisations the use of bucket categorisations, such as separating out third parties into varying risk groups of high, medium or low remains the only viable way forward. Options for overcoming some of the most common challenges surrounding identification, management and approval procedures for third parties will also be highlighted. Throughout this theme a stronger focus can be expected on the importance of drawing upon existing payment controls and audit functions so as to ensure the level of payment is reasonable and consistent with the agreed contract. Basic safeguards such as prohibitions on cash payments, restrictions to non-approved bank accounts and ensuring there is a clear connection between the payment details and the country of incorporation should all be common place. As a staff communication tool, banks may find it helpful to set out a flow chart of the third party due diligence process from engagement of sourcing, business rational, level of investigation, sign off procedures, payment controls and review processes.
A further facet of the BBA dialogue with members has been on mechanisms for achieving and demonstrating top level commitment and tone from the top. Experience within banks has shown that for different organisations the appointment of one person, or solely putting reliance on the board, may not be the most effective way to instil zero tolerance towards bribery and corruption. As a consequence the trend for some organisations – and particularly large global ones – has been towards the introduction of nominated senior managers within individual business lines or champion-type figures who have anti-bribery responsibilities.
In 2012, the then FSA published revised anti-bribery and corruption guidance within its amended ‘Financial Crime: a guide for firms’. On the whole BBA members felt that the majority of themes identified within the guidance were areas where they had been actively implementing systems and controls. That said a number of issues were identified as requiring further deliberation as to practical implementation. For instance, experience in implementing group wide gifts and hospitality policies by the use of open registers may at times have unintended consequences in exposing clients, or may even provide an indication as to forthcoming mergers and acquisitions. On the whole, the issue for future discussion with the regulator is ‘what is a proportionate and risk-based’ response? Training of every third party is not appropriate, or indeed required. What is important is that banks can demonstrate that they are serious and committed to addressing bribery and corruption. This will require demonstrating integrity throughout the organisation and that the culture is sufficiently robust to forego unacceptably risky business opportunities. In reality evidencing this will only be achieved through an end-to-end process which includes, tone from the top, risk assessment, allocation of resources to the areas of highest risk, monitoring, review, record-keeping and importantly, the provision of appropriate management information.

justine.walker@bba.org.uk

Related Articles by Firm
Foreign Banks Allowed to Operate in Myanmar
After more than 50 years of banning, the Central Bank of Myanmar has issued the first final licenses allowing four foreign banks to operate in Myanmar.
Tanzanian Draft National Energy Policy of 2015
Highlights on the ongoing and upcoming industry developments with focus on the transition of the energy sector since the introduction of the Big Results Now! campaign
Mineral Rights Available in Tanzania
Overview of the mineral rights available in Tanzania, with specific focus on the various categories of mineral rights
The Legal Framework of the Aviation Sector in Tanzania
As attention turns to Tanzania’s trade and energy opportunities, the spotlight has fallen upon the nation’s infrastructure. This update focuses on the capabilities and issues of the Tanzanian aviation sector.
Oil price volatility - Offshore oil storage
Are there any legal concerns with tankers being used for floating storage?
Oil price volatility - risks and opportunities in 2015
While many companies can weather the oil price slide and volatility, some industry players face a real risk of insolvency.
India: Union Budget 2015
A bullet-point overview of changes in Direct Tax, Indirect Tax and Goods and Service Tax in India in light of Finance Minister Arun Jaitley’s first full-year Budget…
Prohibition against transfer of personal data outside Hong Kong
Section 33 of the Personal Data (Privacy) Ordinance (PDPO) prohibits the transfer of personal data to places outside Hong Kong, except in circumstances specified in the PDPO.
Security of payment under FIDIC contracts: more secure, for now
The High Court of Singapore recently handed down an important judgment in relation to the enforceability of Dispute Adjudication Board (DAB) decisions under the FIDIC forms of contract.
Insurance Laws (Amendment) Bill passed as Ordinance in India
The long-awaited Insurance Laws (Amendment) Bill has become a provisional law in India. The Bill amends the Insurance Act (1938), the General Insurance Business (Naturalisation) Act (1972), and the Insurance Regulatory and Development Act (1999).
SICC: now open for business
On Monday 5 January 2015, the Singapore International Commercial Court ("SICC") was officially opened...
Myanmar insurance update
Clyde & Co partner Michael Horn recently visited Myanmar's commercial capital Yangon and reports on the current state of the insurance market...
Launch of the online mining cadastre transactional portal
Plus, a summary of the key mineral rights available in Tanzania; and, a look at the manner in which mineral rights can be transferred.
Restrictions imposed on holders of mineral rights
This briefing looks at some of the restrictions imposed on holders of mineral rights in Tanzania by the Mining Act 2010
Draft local content policy for the oil & gas industry in Tanzania
The first draft of the long-awaited local content policy for the oil & gas industry in Tanzania has now been published by the Ministry of Energy and Minerals ...
Tanzania: Revocation of mining licences
The Tanzanian government recently announced the cancellation of a total of 174 mining licences. This mining update examines the key continuing obligations imposed by the Mining Act upon mining licence holders.
Mining Development Agreements
In this month’s mining briefing we look at Mining Development Agreements (MDAs) and the role that they play in the mining sector in Tanzania.
The Tanzanian railway system: current legal framework
The railway system of mainland Tanzania has a total track length of 3,676 kilometers (km) with two separate networks, run by two separate organisations ...
Related Articles
Disrupting the law
Technology has been changing the world of work since the dawn of the industrial revolution, but it is only in the past decade or so that technological innovations have truly started to disrupt the way that legal services are delivered ...
NewLaw takes-off in Southeast Asia
Rob Shakespeare of KorumLegal discusses the market for flexible and innovative legal solutions in one of the world’s fastest-growing regions ...
The five stages of the board management maturity model
The tools boards use to communicate should be simple to use, meet their needs (and no more) and be secure ...
Related Articles by Jurisdiction
Latest Articles
Are you optimising project management skills in your legal department?
Because you should! We all need to upscale our skillset in areas of people, process and technology.
Regulatory Authorities to regulate Relevant Activities in accordance with Economic Substance Regulations announced
Businesses licensed in the UAE should fast track an assessment to determine if they are subject to the regulations.
What every in-house counsel must know about handling data breaches
Mishandling data breaches is now on the list of "career killers" for lawyers.