In the wake of Malaysia’s 14th General Elections in May this year, an important piece of legislation has come into law.
The Malaysian Anti-Corruption Commission Act, 2009 has now been amended to introduce, for the first-time, corporate liability for bribery and corruption activity. This piece of important legislation was quietly moved through the legislator just days before the May 2018 elections.
Once the amendment comes into effect, this will mean that companies, and their officers, will no longer be immune to the bribery and corruption activity of their employees, and they can now be held liable if workers are found to be involved in acts of corruption to support the business, especially if the investigation into these activities discovers that the business owners, and or officers, failed to take adequate steps to prevent bribery from occurring. This aspect of the new legislation is very similar to the provisions of the U.S. Foreign and Corrupt Practices Act FCPA) and elements of the UK Bribery Act.
The amendments also significantly enhance the scope of penalties for owners and officers to include financial penalties that can be as much as ten times the value of the bribe or RM1 million (about US$240,000), whichever is higher, or up to 20 years in prison for any owner or officer of an organization deemed to have been even indirectly responsible.
The new amendments have similarities to the provisions within the FCPA and UK Bribery Act, namely provisions that hold liable owners or officers of the company, if it is revealed that they authorized the act of bribery or turned a blind eye to it, or if they failed to have acted reasonably in uncovering or preventing the fraudulent acts.
Another similarity to the FCPA and UK Bribery Act relates to the activities of third parties acting on an organization’s behalf, and which are found to be involved in bribery. In this respect the organization is potentially culpable. This rule applies to business owners, officers, their employees and agents and, more importantly, this includes bribery offences in both Malaysia and anywhere else in the World in which the organization operates.
The amendment however provides companies with an adequate procedures defense. Again, similar to the FCPA and UK Bribery Act, if a company can prove that it took sufficient steps (or adequate procedures) to prevent acts of bribery and corruption from occurring, then the procedures in place will be examined and, if deemed adequate, will be considered as mitigating the offence.
The Malaysian government is expected to soon publish guidance on the procedures it will consider adequate to prevent bribery occurring, as well as the kind of response a company is expected to make once an act of bribery has been discovered.
In the meantime, Key Risk Consulting Asia has developed a series of requirements, based on our experience working with clients in Malaysia and elsewhere within the region who have to comply with the U.S Foreign and Corrupt Practices Act or the UK Bribery Act, so as to help companies cope with the new amendments to the Malaysian Anti-Corruption Commission Act, 2009.
Requirement 1: Conduct risk assessments.
Commercial organizations operating in Malaysia should regularly and comprehensively assess the nature and extent of the risks relating to bribery to which it is exposed, especially in relation to its core services and the unique geo-political environment of Malaysia.
Requirement 2: Top level commitment.
The senior management of the enterprise must comprehensively demonstrate a commitment to preventing bribery. They must establish a culture within the organization that dictates bribery, at any level, is never acceptable, and then take steps to ensure that the organization’s policy to operate without bribery is clearly communicated to all levels of the workforce.
Requirement 3: Due diligence.
It is essential that the enterprise has due diligence policies and procedures in place that cover all forms of business relationships to which the business is and will be exposed. In Malaysia this is no easy task due to the often-opaque business environment and often the lack of reliable data. Key Risk Consulting recommends such due diligence should focus on first, the location where the organization seeks a business relationship and the laws and procedures for reporting bribery; secondly, the risks that a particular business opportunity raises; and thirdly whether the individuals or other entities involved in the business relationship have a history of bribery or corruption. We would also strongly recommend when operating in Malaysia that enquiries be made into what anti-corruption policies and procedures a business partners or third party have in place.
Requirement 4: Unambiguous, practical and accessible policies and procedures.
The commercial organization’s policies and procedures to prevent bribery being committed on its behalf must be clear, practical, accessible and enforceable. Policies and procedures must take account of the roles of the whole workforce from the owners or board of directors, to all employees, and all people and entities over which the commercial organization has control.
Requirement 5: Policy implementation.
It is imperative that the enterprise effectively implements its anti-bribery policies and procedures and ensures they are embedded throughout the organization. The appropriate implementation strategy will of course vary depending on the nature and size of the business activity. Training employees is a key element. Senior management should consider inviting key vendors to participate in these training sessions.
Requirement 6: Reviewing and monitoring.
Commercial enterprises in Malaysia are not static, and neither is the local environment in which they operate. As such Key Risk Consulting recommends another important element in building a vigorous anti-bribery programme is the need to establish regular review mechanisms to ensure compliance with relevant policies and procedures, and importantly, to identify new threats as they emerge.
We feel that that this new legislation will now compel companies operating in Malaysia to move to a second generation of compliance; one that more genuinely addresses culture, leadership, incentives and ethical decision-making to a level that we have hitherto not seen so far in Malaysia.
Key Risk Consulting Asia has many years experience assisting corporations develop and implement compliance programmes to adequately protect business operations from the rigors of the FCPA and UK Bribery Act, and we are now ready to bring that experience and capability to help the business community in Malaysia.
For more information regarding our services please visit us at www.keyriskconsultingasia.com