Cohort plc. Anti-Bribery Policy. Version June Authorised by: AS Thomis Chief Executive. Page 1 of 18

Transcription

1 Cohort plc Anti-Bribery Policy Version June 2013 Authorised by: AS Thomis Chief Executive Page 1 of 18

2 Change History Version Date Comments 1.0 April 2011 Initial issue in draft June 2011 Release authorised by Cohort plc board June 2013 Draft revised version for comment June 2013 Release authorised by Cohort plc board Page 2 of 18

3 1 Introduction The Bribery Act 2010 came into force in July It makes ry a crime whether committed in the UK or abroad, in many cases regardless of whether local laws or practice permit it. It also creates a new crime for commercial organisations of failing to prevent ry by an associated person. Bribery is wrong, is a crime, and does great damage to individuals and organisations. The Cohort plc Board will not tolerate ry by employees or associated people. No employee of a Cohort company must offer, promise, give, request, agree to receive, or accept a. Such an activity would be regarded as gross misconduct as well as a breach of the law and would result in disciplinary action and the authorities being informed. We also have an active duty to prevent anyone associated with us bribing on our behalf, and we must implement and adhere to policies and procedures that achieve this. Failure to do so could result in the company being criminally liable, and would again be a serious disciplinary matter. Since the issue of the original version of this policy in June 2011 anti-ry training has been introduced for employees in the group who might be exposed to the risk of ry. In line with this policy, and as an indication of our commitment to it, all Cohort plc Board members have undergone this training. This document is a formal statement of Cohort policy issued by the Chief Executive and approved by the Board. It sets out mandatory minimum standards and a framework to implement them. Page 3 of 18

4 2 Management This Policy will be published on the website and reviewed as required as a result of changes in legislation, case law, and experience within Cohort, and in any case not less than every two years. Each subsidiary of Cohort is required to implement its own anti-ry procedures in line with the requirements set out in this Policy. These must be incorporated into a company policy document, subject to approval by the Cohort Chief Executive, and implemented through changes to company management systems, process diagrams, contract terms, operating manuals and other documents as required. Each company s top management is responsible for communicating the policy to all staff members and ensuring that they are aware of their responsibilities. All Cohort subsidiary managing directors will be required to provide annual reports to the Chief Executive on anti-ry activities. Page 4 of 18

5 3 Definitions According to the Guidance on the Bribery Act 2010 issued by the Ministry of Justice, the Act makes it illegal to: Offer, promise or give a financial or other advantage to another person in one of two cases: Case 1 applies where [the bribing person] intends the advantage to being about the improper performance by [the other] person of a relevant function or activity or to reward such improper performance. Case 2 applies where [the bribing person] knows or believes that the acceptance of the advantage... in itself constitutes the improper performance of a relevant function or activity. The meaning of improper performance is summarised in the Guidance as: Performance which amounts to a breach of an expectation that a person will act in good faith, impartially, or in accordance with a position of trust. The prohibition of ry applies to both public and private sectors. It specifically applies to foreign public officials, and in this special case it is not necessary for prosecutors to prove that improper performance was the intention of the bribing person. In this Policy, the word ry has the meaning: to, as defined above; or to accept, agree to receive or request a. The Bribery Act 2010 makes illegal both: ry; and failing to prevent ry on behalf of a commercial organisation. There is no exemption in the Act for the provision or acceptance of hospitality, although the Ministry of Justice Guidance makes clear that it is not intended to prevent legitimate and reasonable business entertaining. There is also no exemption for so-called facilitation payments, the payment of small amounts of money to officials, which is not officially required, to enable or speed up a process which it is the official s job to arrange, which is a widespread practice in many countries. It is Cohort policy that: Bribery is a prohibited activity for all Cohort staff and will be regarded as a serious disciplinary matter as well as a criminal offence. All subsidiary company Managing Directors are required to implement policies that prevent ry by employees and by any other associated individual or organisation on our behalf. Page 5 of 18

6 4 Approach The Cohort approach is based on the six principles set out in the Ministry of Justice Guidance: (i) (ii) (iii) (iv) (v) (vi) Proportionate procedures: measures that are appropriate to the risks we face and the nature, scale and complexity of our activities. Top level commitment: the Board and the Chief Executive of Cohort are committed to preventing ry by employees and others associated with the business. A similar level of commitment is required from subsidiary company Managing Directors. Risk assessment: we carry out periodic, informed assessments of the risks we face and document the results as a guide to the measures we need to take. Due diligence: where appropriate we implement a targeted and proportionate due diligence procedure in relation to individuals or organisations who perform services for us in order to mitigate ry risks. Communication: we will ensure this Policy is understood by all employees, and that our stance on ry is made clear to associated individuals and organisations. Monitoring and review: as part of this Policy we will ensure that both the design of and compliance with our anti-ry measures are regularly reviewed. 4.1 Group Risk Assessment A top-level summary ry risk assessment for Cohort and its subsidiaries is at Annex A. The assessment concludes that most risks in relation to day-to-day UK business are low or medium. Bribery is relatively rare (though not unknown) in the UK and the UK public sector is internationally regarded as a good example in relation to corruption. Whilst the main areas where risks are likely to be higher relate to overseas relationships and transactions, the UK risk cannot be ignored. Our approach is to adopt a set of standard procedures in relation to day-to-day business which should ensure that the risk of ry is minimised. However, in relation to certain activities a risk-based approach must be adopted that applies ry prevention measures in proportion to the specific risks of the activity. Sections 4.2 and 4.3 below set out, respectively, the standard procedures and the circumstances where a risk-based approach is necessary. 4.2 Standard Procedures The following procedures must be implemented by all Cohort subsidiaries to manage the risk of ry arising from day-to-day activities. (i) Management communications. Managing Directors of all Cohort subsidiaries must make clear to all employees that ry is unacceptable behaviour at least annually either through a written message or a personal briefing. This must include a request for any employee encountering a breach of the policy to report it to management immediately, and must draw employees attention to the whistle blowing service provided by Cohort to all employees. Specific briefings should also be considered, for example, for teams engaged in pursuits or negotiations in regions where there is an Page 6 of 18

7 increased risk of ry. All new employees must be informed of the company s anti-ry policy as part of the induction process, with particular emphasis on the specific risks faced by staff working in areas where the risk is other than low. The subsidiary company s anti-ry policy, and this Policy, must be available to all employees via intranet or in hard copy. (ii) Ensuring that employees are trustworthy. References must be taken up on all new employees, and a specific question asked of past employers about whether the individual is considered trustworthy or has ever exhibited dishonest behaviour. Employment, including temporary employment, should not be offered to any individual who is believed to be untrustworthy, or who has an unspent conviction for any offence involving dishonesty. Any employee who does not require security clearance must be asked to disclose any criminal convictions, and a basic CRB check must be carried out. (iii) Adopting suitable disciplinary policies. Bribery under the 2010 Act, and failing to comply with the company s anti-ry policy, must be identified explicitly as serious disciplinary offence terms in the relevant company HR policies and manuals. Any instance of untrustworthy behaviour by any employee must be treated as a serious matter. (iv) Day-to-day entertainment and gifts given to any external party. These: must not be intended or likely to induce a sense of obligation in the recipient; must be reasonable and in line with business norms; and must not be provided to the same individual repeatedly and frequently. Where entertainment is provided by an individual employee (e.g. business lunches) details of the recipient must be included in the expenses claim. In general, no Cohort company should entertain the same individual more than once in a three month period. Line managers must review expenses claims for inappropriate entertainment. Branded giveaways must be no more than 40 in value. Larger or unbranded gifts, or the organisation or sponsorship of any form of hospitality event must be subject to a risk assessment (see Section 4.3 below). (v) Hospitality and gifts from other organisations. These may be accepted only if appropriate to the business relationship, in line with business norms and are reasonable. Cohort company employees should not in general accept hospitality from the same organisation more than once in a three month period. All hospitality and gifts received must be recorded (in the form of Annex B), with the following exceptions: food and non-alcoholic drink provided in a meeting room as a normal business courtesy; small branded gifts under 40 in value; attendance at briefings organised by professional organisations for marketing purposes and open to a wide audience; and food and drink sponsored by companies at conferences where we have paid for individuals to attend. Page 7 of 18

8 Approval must be sought from the company Managing Director (or a Cohort executive director) to receive hospitality likely to exceed 200 in value or a gift that exceeds 25 in value. This will only be allowed if judged appropriate to the circumstances. Where gifts or hospitality are offered that cannot be accepted they should be declined politely. In the case of gifts, where this cannot be done without causing offence the gift should be accepted and either donated to charity or retained by the company and put on display. (vi) Management supervision and questioning of unexpected decisions or transactions. Part of the line manager s role is to ensure that those in their reporting line are not involved in ry. Line managers should be sufficiently aware of employees activities to note anything unusual and should question any unexpected decisions or financial transactions initiated by subordinates. (vii) Proper financial records. The finance department in each company is responsible for highlighting any unusual transaction to the appropriate level of management. This includes proper checking of invoices against purchase orders or other commercial documents, and checking to ensure proper countersignature of expense claims. Anything unusual must be reported to the level of management above the level of approval of the relevant transaction. (viii) Ensuring that ry by associated parties is not tolerated. All associated parties that provide or wish to provide services to the company must be informed of the company s anti-ry policy before any commercial agreements, including non-disclosure agreements, are entered into. Standard contractual terms must prohibit the giving or receiving of s by the other party(ies), with any breach allowing the agreement to be terminated by the Cohort company without compensation. Where agreements are entered other than on the company s standard terms, similar clauses must be included. (ix) (x) Approval of agency agreements. All agreements appointing sales agents, distributors or other partners outside the UK must be approved by Cohort before signature. Any contract or agreement, formal or informal, to work with, acquire goods or services from, or supply a private or public body based in a country with a score in the most recent Transparency International (TI) Corruption Perceptions Index (CPI) of less than 70 (or, in the event of a change of the scoring system used in the 2012 CPI, a score below that of France) must be subject to a risk assessment and approved by Cohort (see Section 4.3 below). Training for employees who may be exposed to ry risks. Cohort will provide a computer-based training package covering the implications of the Bribery Act 2010 and this policy. All employees judged to be at risk of exposure to ry risks must be given this training and must pass the assessment module included within it. 4.3 Company Risk Assessment Risk-based measures must be considered in relation to activities that are intrinsically of higher risk in relation to ry. They include, as a minimum, the activities set out below that have been identified as high risk by the Group risk assessment (see Annex A). All subsidiaries must carry out their own top-level risk assessment and if necessary add further activities to this list. Page 8 of 18

9 The purpose of a risk assessment is to identify accurately and prioritise ry risks and to propose specific measures that should be adopted to mitigate them. Risk assessments should be overseen within the company at Director or Managing Director level, and should have sufficient resources made available. The execution of a risk assessment requires: (i) Identification of key risks related to the activity in question (who might be likely to whom, based on the incentives and opportunity available to the individuals concerned). The Ministry of Justice Guidance identifies six key risks areas which should be evaluated in this process: a) Internal risk Employee seniority/function/department? Look for deficiencies in: employee knowledge of a company s business profile and understanding of associated ry and corruption risks; employee training or skills sets; and the company s compensation structure or lack of clarity in the policy on gifts, entertaining and travel expenses. b) Country risk UK or overseas? Look for perceived high levels of corruption as highlighted by corruption league tables (see (ii) below); factors such as absence of anti-ry legislation and implementation and a perceived lack of capacity of the government, media, local business community and civil society to effectively promote transparent procurement and investment policies; and a culture which does not punish ry or other extortion attempts. c) Sector risk e.g. extractive industries and the large scale infrastructure sector are considered higher risk. Defence is also widely considered to be a high risk area. d) Transaction risk private or public client, new or existing, direct or via prime? e.g. transactions involving charitable or political contributions, the obtaining of licenses and permits, public procurement, high value or projects with many contractors or involvement of intermediaries or agents. e) Business opportunity risk e.g. high value projects or with projects involving many contractors or intermediaries; or with projects which are not apparently undertaken at market prices, or which do not have a clear legitimate objective. f) Partnership risk e.g. use of intermediaries in transactions with foreign public officials; consortia or joint venture partners; and relationships with politically exposed persons where the proposed business relationship involves, or is linked to, a prominent public official; insufficient knowledge or transparency of third party processes and controls. (ii) Identification of internal and external information sources that will enable risk to be assessed and reviewed. These might include open sources (public databases, media, the Internet), commercial or government organisations (e.g. UKTI DSO) private information (other or former clients of an individual) and direct discussions with and questioning of the individual(s) concerned. Page 9 of 18

10 (iii) Due diligence enquiries: collection and assessment of the evidence from the identified sources and recommendations on whether the proposed course of action has an acceptable level of risk, and if not whether this could be rectified by the adoption of specific measures. (iv) Documentation of risk assessment. This should include: a statement of the identified risks; a statement of information sources checked; a summary of relevant information reviewed, with reference to sources; a go/no go recommendation and if appropriate a risk management plan; and the approval or rejection of recommendations by the relevant director. If there is any doubt about whether an activity should take place, companies should refer to Cohort for advice. If necessary, external legal advice will be taken. 4.4 Higher Risk Activities Additional risk-based measures may be required for activities identified as higher risk on the Company risk assessment and, as a minimum, in relation to the circumstances listed below. In each case a non-exhaustive list of factors to be considered in judging the level of risk is provided. Additional risk assessments may also be appropriate in other circumstances where the risk of ry is unusually high (for example, if a commercial relationship with a UK company that has a record of ry convictions is under consideration). If in doubt, Cohort will be able to advise on the appropriate course of action Agent appointments All agreements appointing sales agents or distributors must be approved by Cohort. Any contract or agreement, formal or informal, to work with, acquire goods or services from, or supply a private or public body based in a country with a score in the most recent CPI of less than 70 (or, in the event of a change of the scoring system used in the 2012 CPI, a score below that of France) must be subject to a risk assessment and approved by Cohort. Risk and mitigation factors to be considered include: relationships with senior officials or government members; ownership of agency or business; reputation in country; client list; reputation with clients; other commercial relationships with overseas companies (risk of partners bribing customers or company s employees); membership of corruption prevention organisations such as TRACE; relationships with other reputable companies; and reputation with other relevant parties Export sales and marketing activities Export sales and marketing activities with potential or actual customers, especially in countries with a score in the most recent CPI of less than 70 (or, in the event of a change of the scoring system used in the 2012 CPI, a score below that of France), may give rise to a risk of s being solicited in return Page 10 of 18

11 for business, as well as facilitation payments being demanded from visitors or as part of supply. Relevant factors include: the country s CPI score; and the reputation of the country in relation to similar past purchases Long-term employees working overseas This may create a risk of individuals having to make facilitation payments, or adopting local practices that would be unlawful under the Bribery Act. Relevant factors include: the country s CPI score; working and living arrangements; and any special need for interaction with local officials Hospitality or other events organised or sponsored by Cohort companies Relevant factors include: the cost per head of the event; the number and nature of invitees; whether the event will be held in a public or private setting; whether the event is in line with normal business practice; and whether any particular attendee might feel any obligation towards the company as a result of accepting an invitation The giving of gifts to business contacts This applies to any gift other than items of low value (less than 40) marked with the company brand. Relevant factors include: whether there is any likelihood that the recipient will feel any sense of obligation as a result of receiving the gift; whether the gift is in line with the (reasonable and proportionate) norms for the sector; and whether the gift could be connected with any decision by the recipient which could lead to a business advantage for the company Charitable or political donations All political donations and charitable donations exceeding the levels set down in the Cohort plc Delegated Authorities require approval from the Cohort Board. Other charitable donations are a matter for the relevant subsidiary Managing Director or the Cohort Chief Executive. Relevant factors include: the reputation, standing and ownership of the charity; whether the donation will result in personal gain or advantage for any individual in a position to advance the company s interests; and whether the donation will be made public. 4.5 Mitigation Risk mitigation measures that may be taken based on the outcome of risk assessments include: Page 11 of 18

12 adjustments to the scale or nature of the proposed activity to minimise the associated ry risk; management briefings on company anti-ry policy; inclusion of specific terms and conditions in commercial agreements in addition to the standard anti-ry clauses; training courses for individuals; and a requirement for regular follow-up reviews with information sources. Page 12 of 18

13 5 Monitoring and review The measures required by this policy must be implemented in company processes and documents. Companies must ensure that compliance with these processes is regularly reviewed as part of the quality assurance system, and that quality audits are carried out on activities that include anti-ry measures at least twice each year. Managing Directors must produce a short annual Anti-Bribery Report by 31 May each year for review by the Cohort Chief Executive covering the following: confirmation of policy and procedural compliance with this Policy; any serious incidence of non-compliance by individuals and the action taken; list of activities where ry risk is assessed as medium or greater; and measures being taken to mitigate risk in each case. Page 13 of 18

14 6 Summary of measures to be taken in Cohort subsidiaries Serial Requirement Action 1. Company anti-ry policy document incorporating standard procedures, subject to approval by Cohort Chief Executive 2. Specific risk assessments for higher risk activities as required, including: (i) Agent appointments and export sales and marketing activities in countries with a score in the most recent CPI of less than 70 (or, in the event of a change of the scoring system used in the 2012 CPI, a score below that of France) (ii) Long-term employees working overseas (iii) Organisation/sponsorship of hospitality or other event (iv) Larger (over 25)/unbranded gifts (v) Charitable/political donations 3. Implementation through changes to company management systems, process diagrams, contract terms, operating manuals and other documents as required, including: (i) Employee reference processes (ii) Disciplinary processes (iii) Gifts/hospitality policy and registers (iv) Management supervision (v) Proper financial records (vi) Associated party processes (vii) Overseas agent processes 4. Compliance and review of anti-ry policy and procedures to be imbedded in quality assurance processes 5. Communication to staff, including introduction from Cohort Chief Executive 6. Communication to associated parties Page 14 of 18

15 Serial Requirement Action 7. Annual Anti-Bribery Report by MDs for Chief Executive by 31 May each year, including: (i) confirmation of policy and procedural compliance with this Policy (ii) any serious incidence of non-compliance by individuals and the action taken (iii) list of activities where ry risk is assessed as medium or greater (iv) measures being taken to mitigate risk in each case Page 15 of 18

16 Group Risk Assessment Annex A Associated Person Activity Opportunity Benefit to Individual Overall Risk Policies Senior management Giving High. Strong direct control over company resources, ability to appoint associated parties to execute s. However, known well to Cohort top management. High risk of damaging a successful career. High risk target for a ry approach. Indirect, through bonus and advancement as a result of business success. Medium References always taken before appointment specifically on trustworthiness and strength of character. Financial and anti-fraud controls in place to highlight unusual transactions. Receiving High. Ability to influence major decisions to favour giver. Known well and trustworthy. High risk to career. Direct Medium Approval of major decisions by Cohort plc Chief Executive or board. Middle and project management Giving Receiving Medium. Ability to offer or approve inappropriate hospitality, or to work with associated parties (e.g. agents) to potential customers. High. Ability to influence appointment of suppliers and subcontractors. Indirect Medium Financial and anti-fraud controls in place to highlight unusual transactions. Direct Medium Questioning by management of any apparently unusual decisions. Business development, sales and marketing employees Purchasing employees Giving Receiving Giving Medium. Limited to inappropriate hospitality or sharing of personal incentive payments. High in relation to appointment of agents or other partners in return for commission kick-backs etc. Possibly direct benefit through incentive schemes for winning orders. Medium Low Indirect if at all Low Expenditure on hospitality subject to management approval. Avoidance of relationships with agents managed solely through a single employee. Direct Medium Appointment of agents subject to due diligence and senior management approval. Avoidance of relationships with agents managed solely through a single employee. Receiving High. Direct influence over selection of suppliers. Questionable supplier behaviour not uncommon. Direct High Compulsory declaration of gifts or hospitality. Training. Page 16 of 18

17 Annex A Associated Person Activity Opportunity Benefit to Individual Overall Risk Policies Other employees Giving Low Indirect Low Receiving Low or medium. Limited ability to influence decisions affecting third parties. Direct Low Associates Giving Low or medium, dependent on the customer. Direct contact with customers. Less close supervision by company management. Direct through continued employment Medium Risk assessment and training if appropriate. Receiving Low. Limited influence over company decisions. Direct Low Supplier companies Giving Low Indirect Low Receiving Low Direct Low Overseas agents Giving Dependent on territory but likely to be high. Direct through commission High Due diligence based on risk assessment. Training if appropriate. Receiving Medium or high. Likely to have influence over company s selection of local partners. Direct High Due diligence based on risk assessment. Training if appropriate. Customers Giving Generally low but may be medium or high for low value-added primes in some territories. Dependent on circumstan ces Due diligence based on risk assessment. Receiving Low Direct Low Page 17 of 18

18 Gifts/Hospitality Register Annex B Register of Gifts/Hospitality Received [Office/Dept] to which this register relates: [Person/Dept] responsible for maintaining the register: This register should be maintained on an ongoing basis. A copy of the up-to-date register should be sent to [the relevant Head(s) of Department] every [quarter]. The complete register should be sent to [the Managing Director] every [financial year end, i.e. 30 April], where a copy shall be kept. Date Offered Ref Number Received From Description Action Taken/ Outcome Value ( ) Approved By/Date