×

Our award-winning reporting has moved

Context provides news and analysis on three of the world’s most critical issues:

climate change, the impact of technology on society, and inclusive economies.

Q&A: Ernst & Young anti-corruption expert on the UK Bribery Act

by Luke Balleny | http://www.twitter.com/LBalleny | Thomson Reuters Foundation
Tuesday, 8 March 2011 17:07 GMT

TrustLaw talks to fraud investigator John Smart about whistleblowing and the UK Bribery Act

LONDON (TrustLaw) – John Smart leads Ernst and Young’s Fraud Investigation and Dispute Services practice in London.  TrustLaw speaks to him about whistleblowing, the UK Bribery Act and whether companies who have complied with the U.S. anti-corruption law will also have complied with the UK law.

You receive a call from the General Counsel of a FTSE 100 company who says someone has called in on their internal whistleblower hotline.  What’s your first reaction?

How seriously you take each allegation depends a little bit on the quality of the evidence that underlies it, so we work closely with them (the company) to identify whether or not actually it merits the full bore lawyers on planes, accountants on planes, go and pull up the drains and really investigate it because at that stage, you can’t really put the lid back on the can of worms, as it were.

The first stage of these investigations is always about securing the evidence because there’ll be some sort of email trail somewhere. So are the emails all secured? Are the laptops secured, is the documentary evidence all secured? Then let’s start sifting through this to see where the tentacles take us, that’s what we typically do.

The big issue with all the investigations that I do in this area is the proportionality question. What is a proportionate response to the allegation that’s come through? Because if the allegation is he’s just got a very close relationship with somebody, is that something that merits a full investigation, potentially reporting to the U.S. Securities and Exchange Commission (SEC), the U.S. Department of Justice (DOJ), the UK Serious Fraud Office (SFO) etc. And if it is, there are all sorts of ramifications around that, particularly around the annual financial statements, reporting to the stock exchange etc. which are very onerous.

One of the things that we spend a lot of time doing is the email analysis. If you’re doing key word searches on emails across 400 or 500 people, that can literally go on forever because each person you investigate has links to another  400 or 500 people.  I think this proportionality requires a strong, central team really driven by the company, working with the regulator to make sure it’s going in the right direction but with strong advice from external lawyers and accountants with a view that we’re not trying to grow this into some massive fee paying exercise. I think that’s the biggest issue with a lot of these investigations, managing the stakeholders in a way which is proportionate to the problem.

The U.S. Dodd-Frank Act allows a corporate whistleblower to receive up to 30 percent of the fine imposed on a company. Would you like to see similar legislation passed in Europe?

I think the costs associated with it are quite high. There’s a political dimension around whether or not you really want to create a culture of whistleblowing because that culture of whistleblowing creates a massive burden, legal and investigative and the costs associated with that can be quite enormous. If you take the pharmaceutical sector, the costs of compliance are enormous. You can argue whether or not that’s proportionate to the potential risks in that sector but it adds to the cost of pharmaceutical products around the world.

There’s probably not enough (legislation) yet in this country in terms of encouragement around actually blowing the whistle when there’s a breach of a law. I think whistleblower protection is very inconsistent across Europe and to some extent that causes problems. It’s the interaction of the various laws around data privacy, human rights legislation, employment legislation etc that creates real barriers to doing proper investigations in some countries.

Corporations don’t like the Dodd-Frank Act whistleblower provision because an employee is unlikely to go to the company’s own internal hotline if they can make a lot of money by going straight to the SEC. Do you think the provision diminishes the relationship between the employer and the employee?

It does. I think there are all sorts of mechanisms for making it work better, some leading edge companies will create roles like an ombudsman or somebody independent of the management of the business which allows an openness which you wouldn’t get through that sort of whistleblowing regime. I think there is a happy medium somewhere between the two of a, always report it externally then you know you can get a payout at the end of it to a, there’s no obvious route externally to expressing your concerns. I think there’s a medium in between which the best companies are addressing but not many of them.

The UK Bribery Act has received a lot of criticism from business associations and in the media. Is that criticism fair?

I think a lot of the criticism is reasonable in that not enough thought was put into the implementation of the Act as it was coming into force. A lot of it is media hype because there was never any intention - and when the guidance does come, we’ll see there was never any intention that normal business entertainment was going to be caught by this act or prosecuted by it. But not enough thought was given to how you’re going to demonstrate that in practice to corporates who are putting in place policies. There’s no good putting in place a policy which says we’ll never pay any facilitation payments if you know that’s going to happen anyway because that puts compliance in a very difficult position. You need some means of getting a proportionate response to trying to stamp out bribery, corruption and facilitation payments but recognising the reality of doing business in the emerging economies as well as some Western economies.

If you had the chance to rewrite the Bribery Act, knowing what you know about the FCPA and other European anti-corruption legislation, would you make any significant changes?

That’s an interesting question. I think the Act itself isn’t badly drafted, it’s the implementation of it that’s the problem. I probably wouldn’t make any changes in the Act. I’m in slightly two minds about the facilitation payments part, I can see why we’ve gone the way we have, but it would make life a lot easier for my clients if there was some form of de minimis cut off for it. But I can see why there’s a statement of we’ve got the gold standard in terms of bribery legislation, you might want to leave it in there. But to my mind that’s the one that’s going to cause the most problems. I think actually, I’d be a lot clearer in the guidance that was issued around it and the prosecutorial guidance around it and have some mechanism over time to make it become more onerous over a period of time (rather) than trying to make a cut off this year, which is going to create all sorts of difficulties.

If, as a compliance officer, you receive a call from someone saying they’ve just paid a facilitation payment, what should you do? Should you tell the SFO or should you just say don’t do it again?

That’s a good question and I suspect the answer is going to come out of pronouncements by the SFO on adequate procedures among other things and their guidance about what you do in those circumstances. I think the last thing you want to do is create another environment where the SFO is being sent 10,000 notifications a day of someone who’s being paying facilitation payments in some remote country of $10 or $20 or whatever it happens to be. Now clearly, you’ve got a problem because if it’s against the law, you’ve got a money laundering issue and the interaction of those two is going to cause some interesting debates in a lot of legal groups.

Do you think that a company that has got a compliance programme in place for the FCPA needs to make many changes for the Bribery Act?

Not many I think is the answer, but some. It’s interesting, the companies that I deal with at the moment ought to be FCPA compliant but when they start doing some work to see whether they’re going to be Bribery Act compliant they discover they’re actually not very compliant with the FCPA either. I think the best companies with a very good FCPA policy which has been rolled out and is being implemented and monitored and reviewed etc  won’t have to make many changes at all, but there aren’t many of those around; so I think there will be some real work needed to be done in our biggest companies, as well as the small and medium sized ones that haven’t even thought about it yet, to address the risks they’re running, particularly in markets that are remote.

 

Our Standards: The Thomson Reuters Trust Principles.

-->