Anti-corruption programme for organisations
This anti-corruption programme is designed to be used by all organisations, including:
Contractors, consulting engineers, and any organisations providing equipment, materials, work or services.
- Funders (i.e. organisations providing financing)
Project owners (i.e. organisations which own or are developing projects)
- Any other types of organisation.
It is applicable to small, medium and large organisations in the public, private and voluntary sectors.
Organisations face serious risk of incurring criminal and civil liability, financial loss and reputational damage due to corruption by their personnel and business associates. To minimise this risk, organisations should implement a management programme to prevent, detect and deal with corruption both within their own organisation and in their dealings with their business associates.
An anti-corruption programme will not guarantee that there will be no corruption. However, it could materially assist in its prevention and detection. In addition, in the event of possible prosecution of the organisation or its personnel, such a programme could provide important evidence that the organisation had taken reasonable steps to prevent corruption. This may help to avoid or mitigate criminal liability.
GIACC provides below an anti-corruption programme, together with supporting guidance and templates, which can help an organisation implement or improve its anti-corruption programme. As all GIACC tools are prepared specifically for the infrastructure, construction and engineering sectors, this programme has been designed with these sectors in mind. However, the programme can be used by organisations in all sectors.
This GIACC programme incorporates international good practice, and so can be used in any country. It is consistent with British Standard BS 10500 Anti-bribery Management System. It comprises policies and procedures which an organisation can integrate into its management procedures so as to help it reduce the risk of corruption.
The intention of this programme is to reduce the risk of corruption:
by the organisation, or by its personnel or others acting on its behalf or for its benefit
against the organisation, or its personnel or others acting on its behalf or for its benefit.
whether direct or indirect
within the country in which the organisation is based, and in other countries in which the organisation operates
of any value, whether large or small.
The anti-corruption programme should be implemented and monitored with care and attention equal to that given to any other corporate management or audit process (e.g. safety or quality). The measures recommended in this programme should be adapted by the organisation to take account of the organisation’s specific requirements, and should be implemented in a manner which is reasonable and proportionate to the corruption risk which the organisation faces. In particular, the programme should be modified according to applicable laws, the size of the organisation, value and nature of business transactions, location of projects, and perception of risk. Low value or low risk contracts or projects are likely to require a lower level of preventive action than high value or high risk contracts or projects. However, it should be remembered that while commercial risk may be lower in relation to lower value contracts or projects, the criminal risk may remain the same. There is no precise recipe for such modification. This is a value judgment to be made by the organisation itself. Guidance is given in the links below to assist in such judgement.
An organisation can copy and use the GIACC guidance and templates below at no charge. However, no organisation is permitted to sell GIACC’s guidance and templates.
GIACC is providing the following guidance and templates at no cost in order to help prevent corruption. GIACC does not guarantee that the guidance and templates will in practice stop all corruption or prevent or mitigate criminal liability, and GIACC is not liable to any organisation or person who uses the guidance and templates.
Template: Anti-Corruption Programme
The following paragraphs list a series of measures which constitute the anti-corruption programme.
Guidance on implementation of some measures is contained on separate web-pages. Click on the measure title to access the relevant guidance. In some cases, templates have been provided in order to assist in implementation. These can be accessed from the relevant guidance page.
The following definitions apply to this programme:
“board” means the body or person(s) who controls the organisation at the highest level (for example, the board of directors, supervisory council, or other top leadership individual or body).
“business associate” means any party with which the organisation has, or plans to establish, some form of business relationship, including but not limited to clients, customers, joint venture partners, consortium partners, contractors, consultants, sub-contractors, suppliers, vendors, advisors, agents, distributors, representatives and intermediaries (but excluding personnel).
“compliance manager” means the relevant manager appointed by the organisation to undertake the compliance manager responsibilities.
“corruption” means bribery, extortion, fraud, cartels, abuse of power, embezzlement, money-laundering and other similar activities. (The organisation may, if it wishes, choose to limit the programme to cover specific corruption risks only, such as bribery. However, this GIACC programme is intended to cover all the above defined corruption risks).
“implement” means design, develop, introduce, operate, maintain, monitor and continually improve.
"organisation" means the organisation implementing the anti-corruption programme.
“personnel” means the organisation’s directors, officers, employees, staff or workers (whether full time or part time, permanent or temporary).
Anti-corruption policy: The organisation should adopt an anti-corruption policy. The policy should be a commitment by the organisation that it:
prohibits corruption; and
will implement measures to:
prevent corruption; and
detect, report and deal with any corruption which does occur.
Anti-corruption programme: The organisation should implement an anti-corruption programme in order to give effect to the anti-corruption policy. The programme should:
- comprise the appropriate policies, procedures and controls specified in paragraphs 3 to 20 below; and
- be designed and implemented in a manner which is reasonable and proportionate having regard to the nature and extent of corruption risks which the organisation faces.
- Board and management responsibility for the policy and programme:
- The board should take overall responsibility for the effective implementation of the anti-corruption policy and programme.
- The board should ensure that the organisation’s managers assume responsibility for overseeing day-to-day compliance by personnel within their department, function or project with the anti-corruption policy and programme.
- Communicating the policy and programme:
- The chief executive (or equivalent leader) of the organisation should issue a written statement to personnel confirming the board’s commitment to the anti-corruption policy and programme.
- This statement and the anti-corruption policy should be communicated to all personnel and be published on the organisation’s website.
- All personnel should be required to sign a document that they have received, read and understood the anti-corruption policy, and will comply with it.
Resources: The organisation should provide the resources needed to implement the anti-corruption programme.
- Personnel should be vetted before they are employed to ascertain as far as is reasonable that their employment is appropriate and that they are the type of person who is likely to comply with the organisation’s anti-corruption policy and programme.
- Conditions of appointment should require personnel to comply with the anti-corruption policy and programme.
- New personnel should be informed of the organisation’s anti-corruption policy to ensure that they understand it and the importance of complying with it.
- Personnel should be required to declare any conflict of interest. A register of conflict of interests should be maintained.
- The organisation should ensure that personnel have the necessary competence to undertake the responsibilities entrusted to them, based on their experience and / or training.
- Disciplinary procedures should be in place which entitle the organisation to take appropriate disciplinary action against any personnel who breach the anti-corruption policy or programme
- Personnel must not be penalised (e.g. by demotion, disciplinary action, transfer or dismissal) for refusing to participate in, or for turning down, a business opportunity in respect of which they have reasonably and in good faith judged there to be an unacceptable risk of corruption. Nor should any personnel be penalised for reporting in good faith any actual or suspected corruption.
- Performance bonuses and performance targets and other incentivising elements of remuneration should be reviewed periodically by an appropriate manager to ensure that there are reasonable safeguards to prevent these from encouraging corruption.
Risk assessment: The organisation should on a regular basis assess the risk of corruption in relation to its existing and proposed activities, and assess whether its policies and procedures are adequate to reduce those risks to an acceptable level.
Due diligence: In the event that the organisation’s risk assessment identifies a more than low corruption risk in relation to any country, transaction or project, or business associate, the organisation should undertake further appropriate enquiries on the relevant aspects in order to learn more about them and the possible corruption risks they may pose.
- The organisation should implement procedures which ensure that all other organisations over which it has control implement anti-corruption procedures which are reasonable and proportionate having regard to the nature and extent of corruption risks which the controlled organisation faces. (An organisation might have control, for example, over a subsidiary, joint venture or consortium, either through exercising management control or through having a majority ownership interest.)
- In relation to business associates over which the organisation has no control, and in relation to which the organisation’s risk assessment has identified a more than low corruption risk, the organisation should implement procedures which ensure the following:
- Where it is reasonable for the organisation to do so, it should take steps to ensure that its business associate implements anti-corruption procedures which include the relevant business transaction within their scope, and which are reasonable and proportionate to the nature and extent of relevant corruption risks.
- Where it is not reasonable for the organisation to require the business associate to implement anti-corruption procedures, or for the organisation to verify the existence or effectiveness of the business associate’s anti-corruption procedures, then the absence of such procedures, or inability to verify them, is a factor which should be taken into account by the organisation in undertaking the risk assessment on the business associate.
- as far as is reasonable, all contracts between the organisation and the business associate contain a prohibition of corruption; and
- where it is not reasonable to require the contract to contain such prohibition, that the absence of the prohibition will be a negative factor taken into account in undertaking the relevant risk assessment.
Financial controls: The organisation should implement financial controls which minimise the risk of corruption by, on behalf of or against the organisation.
- require appropriate investigation by the organisation of any corruption, or any breach of the anti-corruption programme, which is reported, detected or reasonably suspected; and
- require appropriate action in the event that the investigation reveals corruption, or breach of the anti-corruption programme.
Records: The organisation should keep reasonably detailed records of its anti-corruption programme and any compliance issues which arise.
Several organisations provide services and/or have developed tools to assist in the implementation of anti-corruption measures. These organisations are listed below in alphabetical order. If the following details are inaccurate or incomplete, or if you wish your organisation to be listed below, please send details to GIACC. Only services and tools which are available free of charge will be listed.
British Standard BS 10500: Specification for an anti-bribery management system. This is a management systems standard, together with attached guidance, published by British Standards. It can be independently certified in a similar manner to ISO 9001, ISO 14001 and OHSAS 18001. See GIACC summary on BS 10500. This was replaced in October 2016 by ISO 37001. See GIACC summary on ISO 37001.
Business Anti-Corruption Portal has produced the following anti-corruption resources and tools:
- Country Profiles: Corruption related information on various countries.
- Compliance system guidance:
- Due Diligence Tools: Tools related to vetting an agent, consultant or contractor, setting up a joint venture and participating in public procurement.
- Training: On-line training modules
Centre of Anti-Corruption Studies provides resources for the study and analysis of issues pertaining to the fight against corruption in Hong Kong and internationally. It is a research institute established in 2009 under the auspices of the Hong Kong Independent Commission Against Corruption.
FIDIC - International Federation of Consulting Engineers has published its Business Integrity Management System (BIMS), which is designed to help businesses deal with integrity risks.
Global Transport Knowledge Partnership (GTKP) is developing a data base of reports and actions in relation to good governance and corruption prevention on road projects.
International Chamber of Commerce (ICC) has published Combating Extortion and Bribery: ICC Rules of Conduct and Recommendations (2005)
International Organisation for Standardization (ISO) ISO 37001 anti-bribery management systems standard. This is a management systems standard, together with attached guidance, which was published in October 2016. It can be independently certified in a similar manner to ISO 9001, ISO 14001 and OHSAS 18001. See GIACC summary on ISO 37001.
Organisation for Economic Co-operation and Development (OECD) has produced the following two tools:
- OECD Guidelines for Multinational Enterprises (June 2000)
- OECD Risk Awareness Tool for Multinational Enterprises in Weak Governance Zones
Transparency International has produced, in conjunction with several leading international organisations, the Business Principles for Countering Bribery suite of documents designed to assist organisations to implement and manage an effective anti-bribery system.
- Business Principles for Countering Bribery is an anti-bribery code that organisations can either adopt or use to benchmark against their own systems.
- Business Principles for Countering Bribery - Small and Medium Enterprises Edition is an edition of the Business Principles tailored to the needs of small and medium enterprises.
UK Anti-Corruption Forum has published an Anti-Corruption Action Statement recommending anti-corruption actions for business associations and professional institutions, companies, project owners, funders and governments. It has also published the following papers:
- Guidance on the Bribery Act 2010 for the Infrastructure Sector
- Preventing corruption on construction projects - risk assessment and proposed actions for funders
- Fair and efficient debarment procedures
- Corruption prevention should have equal standing with health and safety
- Transparency in public sector construction projects
The Woolf Committee has published the Woolf Committee Report (May 2008) which advises on an ethical compliance programme for BAE Systems plc.
World Economic Forum – Partnering against Corruption Initiative (PACI) has adopted the PACI Principles for Countering Bribery which are closely modeled on TI’s “Business Principles for Countering Bribery”.
World Federation of Engineering Organisations (WFEO) has published an Anti-Corruption Action Statement recommending anti-corruption actions for professional engineers, professional engineering institutions, governments, project owners, project funders, and companies. This has been published in two language versions:
Most recent update on 30th November 2016
Page first published on 1st May 2008
© 2016 GIACC