‘Failure to prevent bribery’ offence will soon take effect in Australia

Set to take effect on 8 September, the new offence is a significant and long anticipated step in Australia’s regulation of foreign bribery. It follows the Attorney-General’s further consultation on draft guidance (28-page / 404KB PDF) on compliance programs that corporations should implement to prevent foreign bribery by the corporation and its associates. Implementing appropriate compliance programs will be critical to establishing the ’adequate procedures’ defence in the event of a prosecution for the new corporate offence.

New ‘failure to prevent bribery’ offence

The new Crimes Legislation Amendment (Combatting Foreign Bribery) Act 2024 (Cth) amends section 70.5A of the Criminal Code 1995 (Cth) to establish a new criminal offence that will apply to corporations incorporated or registered in Australia - including ASX-listed companies, unlisted public and private companies, foreign registered companies, government entities and not-for-profits - which fail to prevent foreign bribery by an associate for the profit or gain of the corporation. It is modelled on similar provisions set out in the UK’s Bribery Act 2010.

The amendment inserts a broad definition of ‘associate’ into section 70.1 of the Criminal Code. A person will be an associate of a corporation if they are an officer, employee, agent, contractor, subsidiary of, or are controlled by, the corporation, or otherwise perform services for or on behalf of the corporation. The corporation will commit the offence if an associate bribes a foreign official for that corporation’s profit or gain.

It is an absolute liability offence, which means there is no requirement to prove negligence, fault or intent by the corporation. There is also no need to establish that the bribe was authorised by the corporation, or that the corporation intended for the bribe to be paid.

In addition, a corporation may be convicted for failing to prevent bribery even if the associate themselves is not convicted of a bribery offence under the Criminal Code.

Cross-border reach

The new and existing anti-bribery offences have extra-territorial effect – meaning that they apply to conduct not only in Australia, but also outside Australia where the offence is committed by an Australian citizen or resident, or by an Australian corporation. The new failure to prevent bribery offence will therefore apply to Australian corporations for bribery committed both inside and outside Australia by their associates, whether those associates are Australian or not. The offence will also apply to foreign organisations for bribery committed inside Australia by their associates, whether those associates are Australian or not.

‘Adequate procedures’ defence

The amendments include a statutory defence that a corporation will not be guilty of failing to prevent bribery if the corporation had in place ‘adequate procedures’ to prevent bribery. The corporation will bear the legal burden of proving this defence. The question of what procedures will be adequate will ultimately be determined by the courts. While the legislation does not outline what those adequate procedures might include, it did require that the Attorney-General develop and publish guidance on the steps that a corporation can take to prevent an associate from bribing foreign officials.

Attorney-General’s Department’s guidance on adequate procedures

The recently published draft guidance on adequate procedures considered the UK government’s guidance relating to the similar ‘failure to prevent’ offence in section 7 of the UK Bribery Act, as well as guidance published by Transparency International UK, both designed to assist corporations with their compliance with the UK Bribery Act. The draft guidance is principles-based. One of the key principles is proportionality - the obligation to implement such procedures will be proportionate to the circumstances of the corporation, including the scale, location and level of risk identified. A second key principle is effectiveness.

Australia’s draft guidance provides five indicators of an effective anti-bribery compliance program:

• a robust culture of integrity within the organisation demonstrated by a high degree of awareness and understanding of the corporation’s anti-bribery compliance program among employees, particularly those in high-risk control functions;
• demonstrated pro-compliance conduct by top-level management and, where applicable, the board of directors;
• a strong anti-bribery compliance function or functional equivalent that operates autonomously and is adequately resourced to perform its functions - which includes regular training, performance reviews and reporting;
• effective risk assessment and due diligence procedures; and
• careful and proper use of third parties, such as agents, in dealing with foreign officials.

Penalties

The maximum penalties for the new corporate offence are high and will be the greater of:

• 100,000 penalty units - currently AU$31.3 million (US$20.4 million);
• if the court can determine the value of the benefit obtained that is reasonably attributable to the bribery offence – triple the value of that benefit; or
• if the court cannot determine the value of that benefit, 10% of the annual turnover of the corporation during the period of 12 months ending at the end of the month in which the associate committed or began committing the offence.

Deferred prosecution agreements

Previous versions of the draft legislation provided for a deferred prosecution agreement (DPA) which was supported by several legal and professional bodies including the Australian Law Reform Commission and Australian Institute of Company Directors. This would have been similar to self-reporting schemes in the Privacy Act 1988 (Cth) and the Competition and Consumer Act 2010 (Cth) where there are opportunities for regulated entities to self-report and work with the regulators to agree on enforcement outcomes to encourage compliance.

The DPA scheme would have allowed the Commonwealth Director of Public Prosecutions to enter into a voluntary agreement with the defendant corporation to defer a prosecution if the corporation met certain conditions. The proposed conditions were broad and may have required a defendant corporation to cooperate with an investigation, admit to agreed facts, pay a financial penalty and implement a program to improve future compliance.

The decision not to include a DPA scheme has been criticised as a missed opportunity to encourage corporations to self-report foreign bribery when it is identified, to cooperate with law enforcement agencies, and to reduce some of the financial and reputational costs that would result from criminal proceedings.

The Act does provide for statutory review 18 months after its commencement. This means there could be an opportunity for a DPA scheme to be introduced following this review, but it would mean a very short timeframe to review and assess the effectiveness of the new offence.

Next steps for businesses

The purpose of the new offence is to establish criminal liability for corporations that fail to prevent bribery and corruption by their employees and network of associates operating on their behalf in and outside of Australia. The adequate procedures defence is aimed at encouraging a culture of robust anti-bribery compliance so that corporations invest in proportionate and effective anti-bribery strategies and programs.

Consultation on the Attorney-General’s draft guidance closed on 9 June and, with the commencement of the offence fast approaching, companies should be ready for the final guidance to be published and ensure they have critically assessed their bribery and corruptions risks, and reviewed and tested their anti-bribery compliance programs to ensure they are proportionate and effective in addressing those risks in line with the principles set out in the draft guidance.

Specifically, companies should look at the ‘Monitoring and Review’ section of the draft guidance for steps they could take to review and test their current compliance programs against the new ‘adequate measures’ requirements, including reviewing internal audit and financial control mechanisms, staff and associate surveys, implementing confidential and anonymous reporting channels, feedback on training, and internal or external expert reviews or verification of the existing programs.

Companies should also note the emphasis placed on the central role of senior management in leading a pro-compliance culture in the guidance and ensure that senior management are appropriately briefed and trained, if necessary, on the new reforms and their expected roles and responsibilities.

Co-written by Gagan Singh of Pinsent Masons.