Skip to content

Anti-Bribery and Corruption 101

What is corruption and bribery?

The term ‘corruption’ can be used to broadly describe a number of offences including; bribery, extortion, fraud, deception, collusion and money laundering.

Bribery is most commonly defined as “anything of value given, offered, promised, accepted, requested or authorised with the intent that a person who is trusted or expected to act in good faith or with impartiality, performs that function improperly or in order to obtain or retain an advantage in the course of business”.

What are key bribery offences?

  • Bribery of a private person or a public official is criminalised whether it occurs domestically or overseas
  • Companies can be prosecuted if your employee, or your agent, bribes another person to obtain or retain business or any other form of advantage for you if you do not have adequate procedures in place to prevent bribery – this offence is extra-territorial, meaning that domestic organisations can be prosecuted internationally and are not typically protected by local laws if the offence has been committed overseas
  • Facilitation payments, for example to speed up an application for a permit are not permitted

What are the core elements of a good anti-bribery and anti-corruption program?


The action you take should be proportionate to the risks you face and to the size of your business. You may need to do more to prevent bribery if you represent a big organisation or if you are operating in an overseas market where bribery is known to be commonplace.

Top-level Commitment

Leadership should set a top-down example that bribery is not tolerated. Those at the top of the organisation are in the best position to guard against and prevent bribery by making sure executives, middle managers, key people you do business with, and you yourself, understand that bribery is outlawed.

Risk Assessment

This step is key for researching the markets you operate in and the people you deal with, especially if you are entering into new business arrangements or new markets abroad.

Due Diligence around Third Parties

Knowing exactly who you are dealing with can help protect your organisation from taking on vendors that are less than trustworthy. Crucial to third-party risk, you should make adequate checks both before and after engaging others to represent you in business dealings.

Anti-Bribery Policies & Training

Setting up the right policies is a key component to getting your programme started. This includes knowing and clearly stating what your organisation will not tolerate and the steps of action to take when potential bribery is witnessed.

Monitoring & Reporting Misconduct

Think about how employees and others will let you know if they see bribery or corruption at play. Ensure clear lines of communication are open to you and those on your team. Identify any potential cultural or reporting issues that may prevent your employees from speaking up about a concern and ensure that your organisation has the mechanisms in place to act appropriately.

Further resources

Why not subscribe to the Anti-Bribery daily digest and keep up to date with the latest developments.


Anti-Bribery and Corruption

A brief history of anti-bribery and corruption regulations

Laws to prevent bribery and corruption have been effective for over 40 years when the United States Government introduced the Foreign Corrupt Practices Act (FCPA) in 1977.

Today, bribery and corruption remains a major issue with the World Bank estimating that over $1 trillion US dollars are paid in bribes every year – equating to around 3% of Gross World Product.

Eliminating bribery of foreign public officials remains a key priority for the G20 and there are a number of international efforts to combat these issues, including:

United Nations logo ISO logo

Other developments include the introduction of the UK Bribery Act 2010, which is viewed as the gold-standard for combatting bribery and corruption, as well as the first international anti-bribery management systems (ISO37001), introduced in October 2016, by the International Standards Organisation (ISO).

These initiatives combined with domestic anti-bribery legislation has raised the stakes for major multi-national corporations, with the largest fine for non-compliance exceeding USD$3.5 billion.

What are the things that your organisation can do to reduce bribery risks?

There are five things every organisation can do to reduce bribery and corruption risks:


Firstly, it needs top management to state a clear commitment to integrity in everything it does.


Secondly, it needs to have a clear understanding of the bribery and corruption risks that it faces and must develop effective systems, procedures and controls for minimising or mitigating risk exposures.


Thirdly, employees, contractors and business associates, particularly those most exposed to corruption risks, must be trained on what to do if they encounter problems or have any concerns.


Next, the organisation must provide effective tools to employees and others to help them to conduct business with integrity, such as registers for recording: conflicts of interest; gifts, hospitality and entertainment; political and charitable donations or tools for managing third party due diligence; audits and training.


Finally, organisations need to have a robust framework for regularly monitoring the effectiveness of the anti-bribery and corruption compliance program to assess whether it is adequate and proportionate; meaning, whether systems, procedures and controls have been designed in a way that are fit for purpose and have been implemented and are operating effectively.

The outputs of the Anti-bribery compliance program review should be provided back to top management and a commitment made for tracking and implementing continual improvement to address any compliance gaps.

What are the key anti-bribery and corruption obligations?

Designing, implementing and operating an effective Anti-Bribery and Corruption (ABC) Programs is a detailed and complex undertaking and presents a significant challenge to most businesses.

The table below sets out the major requirements that all regulated businesses must meet to be compliant with international anti-bribery and corruption standards:

What are the consequences of failing to comply with anti-bribery laws?

Since 1977, the US Department of Justice has undertaken over 150 FCPA enforcement actions resulting in billions of dollars in fines for failing to comply with anti-bribery and corruption laws.

In addition to fines and penalties imposed, the consequences for non-compliance are far-reaching and could include:

  • Civil and/or criminal penalties imposed on Boards and Senior Executives;
  • Enforceable undertakings to act or cease acting in a certain way;
  • Reputation damage resulting from negative media exposure;
  • Revocation of operating licenses;
  • Falling share prices; and
  • Extensive remediation programs to address compliance deficiencies.

What solutions do we offer?

Arctic Intelligence is a RegTech business that enables audit, risk and compliance ‘as-a-service’ through technology allowing our solutions to guide you to compliance.

Risk Assessments

The ISO37001: Anti-Bribery Management Systems standard sets out the requirement for organisations to undertake bribery risk assessments to identify the bribery risks that might reasonably be anticipated based on the organisation and its context, including but not limited to the:

  • size and structure of the organisation;
  • locations and sectors in which the organisation operates;
  • nature, scale and complexity of the organisation's activities and operations;
  • entities over which the organisation has control;
  • the organisation's business associates;
  • the nature and extent of interactions with public officials; and
  • applicable statutory, regulatory, contractual and professional obligations.

Conducting bribery and corruption risk assessments and identifying controls that can mitigate and manage these risks continues to provide significant challenges to many regulated businesses, which led to our focus on our risk assessment platform.


We have developed two Risk Assessment platforms – find out which is best for you:

The Risk Assessment Platform is designed to help you to identify, assess, mitigate and manage risks for financial crime and other risk domains.

The platform is highly configurable allowing you either purchase a content library or to create or upload your own risks and controls, as well as, change the risk methodology and risk weightings across the model and align the assessment to your risk management framework.

Anti-Bribery Program Manuals

Having completed the bribery and corruption risk assessment, you should create and maintain an Anti-Bribery Program Manual documenting the systems, procedures and controls that you have in place to mitigate and manage the identified risks.

Documenting an Anti-Bribery Program Manual that is appropriate and proportionate to your risks, as well as containing all of the expected sections and content, to the level of detail expected by anti-bribery regulators often presents a significant challenge for regulated businesses, which is why we developed the Anti-Bribery Program Manual.

Our Anti-Bribery Health Check platform also contains an Anti-Bribery Program Manual based on international best practice, which can be tailored to suit your organisations specific circumstances.

Independent Review

In order to determine whether the Anti-Bribery Program is effective in managing your organisations bribery and corruption risk exposure it is important to conduct regular independent reviews to determine whether the control framework is fit-for-purpose and operating effectively.  It is also important to identify any compliance gaps and opportunities for improvement and document key findings and observations, as well as management actions to address deficiencies.

The Anti-Bribery Health Check solution is an online platform dedicated to controls assurance. It provides a structured framework for conducting independent reviews to assess the design and operational effectiveness of anti-bribery and corruption programs.

The Health Check is aligned with the ISO 37001: Anti-Bribery management systems standard which reflects international good practice and is applicable across all jurisdictions, and to small, medium and large organisations in all sectors, and type; including public, private and not-for-profit sectors.

The Anti-Bribery Health Check is typically used to perform:

  • An internal self-assessment against regulatory obligations;
  • An assessment of a third-party for due diligence purposes;
  • Independent reviews by internal audit functions of major reporting entities;
  • Independent reviews/gap assessments performed by consultants; and
  • Remediation programs to track improvements against regulations.

The Anti-Bribery Health Check platform has been designed to leverage best practices in risk management controls assurance. It was built based on a logical hierarchy that links rules and obligations, with policies, risks and controls. This provides a means of assessing compliance against obligations, prioritising responses, providing auditor comments and management responses, as well as assigning actions and attaching documentary evidence to support audit findings.

After the assessment has been completed for each compliance obligation, users can create executive summary reports directly from the platform. Reports highlight the key observations, findings and recommendations, as well as actions, issues and risks identified during the review process.

The Anti-Bribery Health Check platform also contains rich data analytics that provide actionable business intelligence including:

  • Real-time operational dashboards for tracking open and outstanding actions, issues and risks.
  • Interactive reports which can slice and dice audit data in many ways including, drilling into particular areas of interest.
  • Benchmarking audit outcomes across different timeframes, divisions and countries.

It can even summarise on a single page the compliance status across hundreds of compliance obligations.