Requirements: (15) Controls over business associates

Controlled business associates

Ensure that all other entities over which the organisation has control implement reasonable and proportionate anti-bribery procedures. 

An organisation might have control, for example, over a subsidiary, joint venture or consortium, either through exercising management control or through having a majority ownership interest.

Non-controlled business associates

In relation to business associates over which the organisation has no control, and in relation to which the organisation’s risk assessment has identified a more than low bribery risk, take steps, where it is reasonable to do so, to ensure that the business associate has in place appropriate anti-bribery procedures which include the relevant business transaction within their scope.

Contractual provisions

As far as is reasonable, ensure that all contracts between the organisation and any business associate which poses a more than low bribery risk:

• contain a prohibition of bribery
• allow the organisation to terminate the contract in the event of bribery by the business associate.

Inability to ensure that these controls are in place

Where it is not reasonable for the organisation to ensure that its business associate has in place appropriate anti-bribery procedures, or to ensure that the contract contains an anti-bribery prohibition and termination rights, then the absence of such procedures or provisions should be taken into account by the organisation as a negative factor in undertaking the risk assessment on the business associate.