Criminal and Civil Compliance in Germany post-passage of the U.K. Bribery Act

Vortrag für den Ausländischen Anwaltverein bei ECOVIS, Berlin, Februar 2012, (Deutsch);

Honorarkonsulat von Trinidad und Tobago", Hamburg, August 2012, (Englisch).




The UK Bribery Act was passed in 2010 and has been law since July 1, 2011. Corruption and Compliance are up-to-date themes/subjects that should be of interest to large and small to mid-size companies alike.  Due to globalization and the international business relationships German companies have abroad, their becoming the focus of civil or criminal investigations and/or being convicted of  corruption under the US Foreign Corrupt Practices Act (FCPA) or the UK Bribery Act has vastly increased.


The UK anti-corruption law has to be seen in the context of the FCPA, particularly because the term “compliance“ was developed by the USA.  The overall development of international anti-corruption laws further includes the United Nations (UN) and the Organization for Economic Cooperation and Development (OECD) anti-corruption conventions.


The first internationally important anti-corruption law was the 1977 passage of the FCPA,  which was further strengthened in 1991 by the inclusion of the Federal Sentencing Guidelines (Rules for Sentencing of Criminal Activity).  During recent years, steadily increasing numbers of  international companies have been sentenced or have settled charges under the FCPA.


In 1997 OECD passed the Convention on Combating Bribery of Foreign Public Officials in International Business Transactions.


In 1998 the FCPA was amended to include foreign companies and individuals.


In 2003 the United Nations passed the Convention against Corruption.  The preamble states “Corruption is no longer a local matter but a transnational phenomenon that affects all societies and economies.“


The current public discussion in Germany about bribery and corruption is indicative of a change in governmental philosophy and hints of what may be the passage of some form of German anti-corruption law in the near future.


The Term Compliance


In the German language  compliance is translated as “Regeltreue“ (loyalty to rules), “Einhalten von Regeln“ (abiding by rules“), or “Einverständnis“ (consent, agreement).  The Harvard Business Manager offers the following definition: “The self-obligation to abide by certain rules.“  Self-obligation hits at the heart of the matter.


Compliance developed simultaneously with commercial law and parallel to various US corruption scandals (Enron, Tyco, Worldcom, HealthSouth, etc.).   These corporate scandals involved white collar crime, such as money laundering, fraud, corruption (active and passive bribery), shell companies, off the book slush funds, and insider dealing.  The US anti-corruption law penalizes the corruption of public officials as long as the underlying corruptive action is somehow connected to the US.


Costs relating to FCPA Investigations


A good example for the effects and costs of a FCPA investigation is the case of Siemens, a large German-owned company.  In 2008 Siemens pled guilty to having paid more than $1.3 billion in bribes to officials in Argentine, Bangladesh, France, Iraq, Turkey, and Venezuela.  Siemens had to pay a $1.7 billion penalty to the US Department of Justice, Security Exchange Commission, and the German government.  The participation in the two-year-long investigation cost an estimated $1 billion.  In all, there were 1,750 interviews, 1,000 informational briefings, 82  million documents electronically searched, 14 million documents reviewed, 38 million financial transactions analyzed, and 10 million bank records reviewed.


Due to the high costs of a FCPA investigation, concerns about damage to reputation and perceived lack of competitiveness, some large US companies decided in the 80's to regulate themselves.  It was obvious that it was more beneficial to self-regulate and abide by the rules than running the risk of an expensive criminal or civil investigation.  When the U.S. Government incorporated the Federal Sentencing Guidelines into the FCPA allowing companies to avoid charges as long as they had an effective compliance program in place, more and more companies set up compliance programs.   Compliance and compliance programs are the result of entrepreneurial self-protection.


The UK Bribery Act


The new UK Bribery Act is considered the world’s toughest anti-corruption law.  Its reach goes further than the FCPA since it does not require the bribery of a public official.  It is sufficient that the corruption takes place in a BUSINESS CONTEXT.  The law applies to individuals and business entities.  The law applies to all commercial organizations who do business, or “part of a business“, in Great Britain and Northern Ireland.  Every business transaction which has any connection to the UK can trigger the law.  It is not required that the action which is intended to be brought about by the bribery takes place in the UK


German companies can be held liable for corruption anywhere in the world, even if the act of corruption is not connected to any activity in the UK.   Doing business in the UK may be sufficient for charges to arise.  However, as the Lord Chancellor Kenneth Clarke, Ministry of Justice, stated in his Guidance Statement,  a “mere listing on the London Stock Exchange or just the fact of having a UK incorporated subsidiary would not necessarily mean the Act applies.“


Organizations are not only be liable for the corrupt action of their organisation, but also for the corrupt action of their business partners.  German companies should use due diligence when selecting brokers, advisors, or other partners. 


A violation of the FCPA or the UK Bribery Act can result in the organisation's exclusion from public contracts in Germany.  German law contains various provisions that provide for the exclusion of bidders, if they are found to have violated the anti-corruptions laws of other countries.


Organisations generally are liable, even if they do not have knowledge of their employee's corrupt action.


Exculpation:  As long as an organisation can prove that they have taken adequate steps towards the prevention of corruption and have established an effective compliance program, chances are that it will not be found liable under the Act.


Structure of the ACT


The Act consists of three (3) parts:


1. Active bribery ( §334 StGB) and passive bribery ( §332 StGB), and active/passive bribery in the realm of business activities (§299 StGB).


Different from German provisions there is no requirement that a competitive situation/competition exists.


2. Bribery of foreign public officials and persons who are comparable to public officials


Passive bribery of a public official is not liable to prosecution.  But the offering, promising, and granting of an advantage is culpable.  These provisions correspond to the FCPA and OECD Anti-Bribery Convention.


The term “public official“ has a wide meaning.  Public officials serve either in a legislative, administrative or judicial function, but can be “anyone carrying out a public function“.  UK Courts will decide how far they want to take the definition of public official. 


3. Failure of commercial organizations to prevent briber by employees or persons associated with the company (corporate offence)


If an organisation neglects to prevent bribery by not installing adequate measures for the prevention of bribery, it can be held liable.  It is sufficient if an “associated person“ bribes another person, individual or public official, as long as the bribery furthers the interest of the organization.  Representatives, agents and contractors can be associated persons.  However,  this person must represent the company and must have the intent to bribe.


Manager, board members, etc. can be held liable, if they had knowledge of the corruption or consented to the corruption.


Specific elements of the offence


The element “financial or other advantages" appears in several categories.  This term comprises all material and immaterial advantages.


The standard for breach is objective: what a reasonable person in the UK might expect of a person in that situation.


Intent is required, but not for the action of the bribed person (passive bribery).




An individual can be sentenced to up to ten (10) years of imprisonment or can be fined with an unlimited amount.  An organisation can be fined with an unlimited amount and/or excluded from public contracts.


In comparison:  Under the FCPA an individual can be sentenced to up to five (5) years of imprisonment or a fine of maximum $250,000.  An organisation can be fined up to $2,000,000.




Companies who are doing business in the UK should take steps to prevent violations of the UK Bribery Act.  Especially small and mid-size firms are at danger to overlook potential corruption situations due to attitudes and habits which are based on tradition and/or autocratic structures.  Fear of additional costs should not deter companies from striving towards limiting the risk of liability.


Besides a compliance program companies should consider a document management policy.


I. Document Management Policy


The UK common law jurisdiction  requires that all parties are capable of producing all documents, including electronic documents, for litigation purposes in an organized fashion.  Parties who do not comply with proper document production will be sanctioned.


Documentary proof may determine the outcome of litigation, since documents either substantiate or invalidate a claim.  Common law discovery/disclosure consists of a seemingly endless exchange of documents between the parties.  All documents need to be screened and evaluated by attorneys in order to determine whether certain information is privileged and should be excluded from discovery.  All documents have to be translated into English.  One investigation or trial can require the discovery of thousands or millions of documents.  Common law trials are lengthy and expensive.


Companies doing business in the UK and USA should develop a seemless and secure document management policy.  UK procedural rules have been amended in 2010 to regulate electronic discovery.


Documents can be either in writing or electronic.  They include every item that is part of the business operation.  A document management policy clarifies what, when, how, and how long has to be stored.  All employees have to be familiarized with the policy and have to sign and date the receipt of the policy.  Storage and destruction of documents which no longer need to be stored are the main function of the program.


II.  UK Compliance Guidelines


Kenneth Clarke, Lord Chancellor and Secretary of State for Justice, UK, has issued guidelines for commercial organizations who want to prevent corruption through compliance.


His guidelines consist of six (6) principles:


1. Proportionate procedures:  the compliance program should be suitable for the size and type of business.  “Periodic oral briefings“ may be sufficient for a small company.


2.  Top level commitment to the prevention of bribery


3. Risk assessment


4. Due diligence


5. Communication (including training)


6. Monitoring and review


III.  Guidelines for compliance programs (UK Bribery Act and FCPA)


1.  Risk Assessment


Management must determine whether and to which extent the company is at risk for violations of anti-corruption laws.  The assessment must take place periodically to allow the review of every new business relationship.


External risks of corruption are categorised into five groups - country, sectoral, transaction, business opportunity and business partnership.  Some countries have a perceived high level of corruption, an absence of anti-bribery legislation, and a failure of the foreign government, media, and society to promote transparent procurement and investment policies.  In some sectors (raw materials, infra structure) the risks are traditionally high.  High value projects or projects involving many contractors are high risk.


Internal risks are deficiencies in employee training, skill and knowledge; bonus cultures that reward excessive risk taking, lack of clarity in the organisation's policies; lack of clear financial controls; and finally the most common risk: a lack of a clear anti-bribery message from top-level management.


2. Top Level Commitment and Code of Conduct


An ethical “tone from the top“ that corruption will not be tolerated should be clear and strong.  An effective Code of Conduct should address all significant areas of the company's operations and should be instilled in corporate culture.  There should be an established and clear reporting practice with guidance for employees. The company's Code of Conduct should be provided to all employees with an annual certification that each employee has read, understands and has not knowingly violated the company's Code of Conduct. 


Hallmarks of a sound compliance program are qualified managers and compliance officers, a clear compliance program, periodic live training and consulting, program monitoring, and periodic audits.  Any company which lacks a sound compliance program, has weak internal controls, and demonstrates a lack of urgency when it comes to compliance issues, can be punished under the FCPA and UK Bribery Act.


3. Due Diligence


Due diligence is required when dealing with third parties, including business partners, advisors, distributors, subcontractors and joint ventures. Interviews are a helpful tool to clear procedures and expectations.  Consideration of cultural and legal differences in other countries is important.  If corruption has already occurred in the past, special caution is advised.




In today's world all commercial organizations must promote ethical behavior or risk being the next corruption headline.