• Governance I Risk I Compliance Management

UK Bribery Act 2010

Rather than addressing all forms of corruption, the UK Bribery Act 2010 focuses on bribery, which is defined as the offer, promise, or giving of any advantage, financial or otherwise, to another person, with the intention of inducing that person to improperly perform their duties or functions (UK Parliament, 2010, p. 1). Prior to this law, UK anti-bribery legislation consisted of the Public Bodies Corrupt Practices Act 1889, the Prevention of Corruption Act 1906, and the Prevention of Corruption Act 1916. Yet by 2008, these laws were criticised as outdated and inadequate by the OECD’s Working Group on Bribery (2008, p. 4). Consequentially, the UK Bribery Act 2010 repeals all previous UK bribery legislation. It criminalizes bribery in both the public and private sectors and is enforced by the Serious Fraud Office (SFO), which has the power to prosecute violations of the act.

The act is presented with a series of hypotheticals, whereby a person in question is a variable (“P”, “R”, etc.) and examples of UKBA violations are presented in bullet-point format.

In section one, general bribery offences are explained in detail. It is illegal to offer a bribe or to receive or request a bribe, irrespective of who ultimately gains a financial incentive from the bribe or if an individual does not believe it to be a bribe.

The second section prohibits a person “P” from bribing, either directly or through a third party, a foreign public official “F” in order to gain an unfair business advantage or induce F to abuse his or her position for P’s advantage (UK Parliament, 2010, p. 4). Furthermore, it is illegal to bribe a member of a public international organization. In the third section, commercial organizations “C” are guilty of bribing if an individual associated with “C” bribes another individual with the intention of obtaining an unfair business advantage for “C” from that individual.

There is however one exception: if “C” can prove that it had in place “adequate procedures”, or in other words an effective ABAC programme, that is a legitimate defence and the SFO should not press charges. Duress is also an acceptable defence.

The SFO advises that six principles are followed by commercial organizations wishing to put in place an acceptable adequate procedure:

  • proportionate procedures;
  • top-level commitment;
  • risk assessment;
  • due diligence;
  • communication and training; and
  • monitoring and review (UK Ministry of Justice, 2011, p. 20).


  • Principle 1 is necessary in order to neither overspend nor underspend on resources when establishing a culture of anti-bribery.
  • Principle 2 identifies the responsibility of boards of directors or business owners in leading internal ABAC programmes.
  • Principle 3 identifies five broad categories of risk: country risk, sectoral risk, transaction risk, business opportunity risk, and business partnership risk.
  • Principle 4 calls for internal and external periodic assessments of risk potential.
  • Principle 5 involves the protection of whistle-blowers and mandatory ABAC training. Lastly,
  • Principle 6 addresses ABAC programme and culture maintenance steps.

Similar to the FCPA, the UKBA is extraterritorial. It applies to offences committed in UK and to overseas offences committed by UK-associated persons (UK Ministry of Justice, 2011, p. 9). It is also like the FCPA in that it stipulates all bona fide hospitality and promotional or other business expenditures should be reasonable and proportionate in order to be recognized as a customary part of doing business (UK Serious Fraud Office, 2012). Otherwise, the SFO 11 will consult with the Code for Crown Prosecutors’ Full Code Test to decide whether or not to prosecute.

There are several key differences between the UKBA and FCPA, however. First is the issue of facilitation payments: in contrast to the FCPA, the UKBA does not allow facilitation payments under any circumstances, whereas the FCPA views it as a sometimes necessary part of expediting business. This is based on the 2009 OECD Recommendation of the Council for Further Combating Bribery of Foreign Public Officials in International Business Transactions, which asserts that exceptions for facilitation payments are difficult to enforce and contribute to a culture of bribery.

Another major contrast between the US and UK is the difference in SEC and SFO investigatory power. According to Alison Dennis, lawyer and head of Fieldfisher’s life sciences and healthcare team, the SFO lacks the resources and enforcement team power of the SEC; it is becoming stronger, but historically has not had the same teeth as the latter (Dennis, 2018). Whereas the US DOJ has a long history of considering a company’s cooperation or voluntary disclosure when deciding whether or not to pursue an investigation, such a practice is only “in its infancy” in the UK SFO (White, Lord Goldsmith QC, & Yannett, 2010, p. 6).

There are other important textual differences in what each law specifically covers and does not cover. The FCPA does not explicitly outlaw private-level bribery, whereas the UKBA does. The FCPA only prohibits the offer of a bribe (‘active’ bribery), whereas the UKBA prohibits both the offer and acceptance of a bribe (‘passive’ bribery). Lastly, the FCPA requires that the briber must have had “corrupt” intent in order to be found in violation, but the UKBA does not require regarding the bribery of a foreign public official (Norton Rose Fulbright, 2011).

The UKBA is highly relevant to the pharmaceutical industry, whose compliance violation risks are particularly acute due to the “unique nature of the healthcare system” – in other words, there are large incentives for HCPs and HCOs to accept bribes and for pharmaceutical companies to offer them (Osajda, 2014, p. 4).

The possible gains from these lucrative and unethical dealings are large enough to risk prosecution. Furthermore, there has historically been a particular kind of bribery hugely prevalent in the life sciences sector: “grease”, or facilitation payments.

Michael Osajda, an attorney and FCPA compliance expert, explains why: the pharmaceutical industry is one of the most highly regulated in world due to its business centring on the most priceless commodity of all – human life. In order for its products and services, namely drugs and medical devices, to be safe for human consumption, the WHO outlines nine complex steps, a “medicine chain”, for pharma companies to complete:

  • R&D and clinical trials,
  • patents,
  • manufacturing,
  • registration,
  • inspection,
  • promotion,
  • selection ,
  • procurement, and
  • dispensing (Osajda, 2014, p. 5).

Each of these steps, but particularly patents, registration, and inspection, may involve the oversight of government officials. Consequentially, healthcare companies are incentivized to falsify evidence or bribe foreign government officials through facilitation payments in order to expedite a drug or medical device approval.

There are ways to counter this form of corruption, and the UKBA is one of them. What makes it so indispensable is its extraterritorial jurisdiction, its coverage of both private and public bribery, and its inclusion of facilitation payments as a form of bribery, which the FCPA does not. Its stipulation that a company have “adequate procedures” in place, or else the company will be liable for violating the UKBA, should further encourage life sciences companies to adopt compliance programmes.


The UKBA and FCPA are international yet non-industry specific, helpful given their strong enforcement mechanisms yet not tailor-made for the life sciences sector. The Blue Guide, ABHI Code, ABPI Code, and MedTech Europe Codes are regional and industry specific, yet whilst they have helped the life sciences collaborate in mitigating risk, they do not address ABAC problems specific to one company. This is where internal ABAC policies become necessary.

Yet there remains an important problem: no matter how much a life sciences company promises that its internal ABAC policies are effective, there is a degree of concern on the part of consumers and potential clients that such policies are not enough. How does one know that a company is committed to mitigating risk and risk mitigation steps are in place? This is our final question of this article: could there be an additional way for companies to ensure to the outside world and their internal staff that their ABAC policies are adequate, appropriate, and dependable? Could this final risk mitigation method be IS37001 Certification? The answer is yes.

Could ISO 37001:2016 have prevented bribery and corruption in the case studies reviewed?

If a life sciences company had appropriately and fully followed all of the ISO 37001:2016 requirements, bribery risk should have been greatly mitigated. The benefit of ISO 37001 is that it is an internationally accepted standard, and whereas an individual company may try to replicate its tenants in its own ABAC code, any such replication lacks the impartial nature and widely accepted reputation of ISO 37001 certification. To be sure, ISO 37001:2016 does not prevent all bribery from ever happening. Furthermore, it remains impossible to definitively say that had a company from the case studies above earned ISO 37001 certification; it would have never faced government enforcement action. That being said, if a company earns ISO 37001:2016 certification following appropriate training, tailors the ISO 37001 requirements to its business operations, and adheres to all other ABAC laws, conventions, and codes, then this Certification should prove a strong and effective deterrent against bribery in future.

Stop bribery and corruption with ISO 37001 Anti-Bribery Management System (ABMS) certification 

ISO 37001 Anti-bribery Management Systems (ABMS): corruption and bribery affect any organisation, large or small, public or not-for-profit. It has the potential to cause severe harm to your business, including financial loss, dire legal consequences, damage to your brand, company’s reputation and sustainable development. Therefore, anti-bribery needs to be managed correctly and effectively.

ISO has developed a standard – ISO 37001:2016 ABMS – to help organisations promote an ethical business culture. “Designed to help your organisation implement an anti-bribery management system (ABMS) and/or enhance the controls you currently have. It helps to reduce the risk of bribery [and corruption] occurring and can demonstrate to your stakeholders that you have put in place internationally recognised good-practice anti-bribery [and anti-corruption] controls”.

This new standard mirrors numerous steps contained in the U.S. Foreign Corrupt Practices Act (DOJ and SEC) and Good Practice Guidance on Internal Controls, Ethics and Compliance (OECD), Anti-Corruption Ethics and Compliance Handbook for Business (OECD), U.K. Bribery Act 2010 and the British Ministry of Justice’s Adequate Procedures document. ISO 37001 ABMS Standard is flexible and can be adapted to manage many types of bribery in addition to suiting any type of business locally or worldwide.

ISO 37001 certifies that your organisation has implemented reasonable and proportionate measures to prevent bribery. These measures involve top-level leadership, training, bribery risk assessment, due diligence adequacy, financial and commercial controls, reporting, audit, and investigation.

Why do you need our ABAC® program?

The ABAC® offers a complete suite of services and solutions designed to help organisations against bribery and corruption even when operating in multi-jurisdiction and multi-cultural environments. ABAC© offers Introductory, Internal Auditor and Lead Auditor training (online and in-class training) to all personnel who are involved in the development, implementation and evaluation of their organisation’s ABMS and in coordinating anti-bribery compliance activities within the organisation. Whilst our Certification is a mitigating piece of evidence to regulators, prosecutors, or even courts that your company has taken meaningful steps in its efforts to prevent bribery and corruption.

ABAC® program helps ensure that your business has implemented a management system that prevents, detects and responds to bribery and complies with anti-bribery laws, internally and externally (i.e. agents, consultants, suppliers, distributors and other third parties). ABAC© works with clients of all industries, sizes and organisation types to develop robust programs using the latest techniques and best practices that help foster an ethical business culture.

  • Extensive and Effective Global Coverage
  • Our vast network of Certified Fraud Examiners, Compliance Officers and Research Consultants possess diverse industry backgrounds and are strategically positioned across five continents. Our multi-national corporate intelligence and forensics network is based in Dubai and operates in Europe, the Middle East, Asia, North Africa and outlier territories where reliable information is difficult to obtain.
  • Our professionals are acutely trained in international business compliance, including the Foreign Corrupt Practices Act (FCPA), U.K. Bribery Act, OECD Anti-Bribery Convention, Money Laundering Regulations and their associated developments. Business intelligence is gathered from regulators, industry observers, suppliers, competitors, distributors and even current/former customers.

Contact our team

Do you have questions about ISO Certification or Training? Or are you interested in learning more about ISO standards in your region? Meet the ABAC® team, qualified and dedicated to helping worldwide organisations to overcome business risks across the globe. We are an international team of talented compliance professionals that are shaping the future of the compliance solutions industry globally.