Anti-bribery and corruption controls: proportionate frameworks for advisory firms
The Bribery Act 2010 imposes a corporate offence of failing to prevent bribery (Section 7) that applies to all commercial organisations with a UK connection. The only defence is demonstrating that the organisation had in place 'adequate procedures' designed to prevent persons associated with it from committing bribery offences. The Ministry of Justice's guidance on adequate procedures identifies six principles: proportionate procedures, top-level commitment, risk assessment, due diligence on associated persons, communication and training, and monitoring and review. For advisory firms — which typically operate in relationship-intensive environments with significant hospitality and gifts exposure, and which may work extensively with public officials or regulated counterparties — designing a proportionate ABC framework requires careful risk assessment.
The risk assessment is the foundation of any ABC programme. It must identify the specific scenarios in which the firm's business activities create bribery risk: the jurisdictions in which the firm operates, the sectors it serves, the nature of its client relationships, the involvement of public officials or state-owned entities in its business, and the risk profile of its intermediaries and introducers. For a UK-focused advisory firm with limited international operations, the risk profile is typically lower than for a global investment bank — but this does not eliminate the need for a structured assessment. Common risk areas for advisory firms include: gifts and hospitality offered to or received from regulated firms, local authorities, or government bodies; payments to third-party intermediaries who source client relationships; and tendering for public sector contracts.
Gifts and hospitality is the highest-frequency risk area for most advisory firms. A well-designed policy should set monetary thresholds for gifts and hospitality that require pre-approval, define categories of prohibited hospitality (anything that could reasonably be seen as influencing a business decision), and require a central register of all material gifts and hospitality given and received. The policy should address the specific risk of hospitality to public officials — where a much lower threshold of risk applies — and should be communicated to all staff and refreshed following any changes in business model or client base.
Third-party due diligence is a frequently neglected element of ABC compliance. Where a firm uses intermediaries, referrers, or joint venture partners to win or retain business, it should conduct documented due diligence on those parties before entering into the arrangement and at periodic intervals thereafter. Due diligence should include: verification of the third party's identity and business activities; assessment of their reputation and any adverse media; review of the nature and transparency of the payment arrangements; and satisfaction that the arrangement is commercially legitimate. Commission arrangements that are opaque, unusually large, or dependent on government approvals in high-risk jurisdictions warrant particular scrutiny.
Training and culture
Top-level commitment to ABC compliance must be genuine and visible. A culture in which relationship managers are praised for winning business through aggressive hospitality and generous gifts, while the ABC policy gathers dust in the compliance manual, is not a culture that would constitute adequate procedures. Firms should ensure that senior leadership publicly endorses the ABC policy, that training is delivered to all relevant staff at least every two years, and that the policy is reviewed following any enforcement developments in comparable organisations.