It has been three years since Section 17A of the Malaysian Anti-Corruption Commission Act 2009 came into effect, with the first charge under the provision made in 2021. The recent array of actions by the MACC coupled with the “zero tolerance for corruption” policy launched by the Madani Government provide a timely reminder of the importance of businesses in (i) reviewing their existing procedures and (ii) ensuring adequate procedures are in place to prevent bribery as they afford the only defence against liability under Section 17A.
In more detail
Section 17A imposes liability on a commercial organization if a person associated with the organization – this can be its director, partner or employee or any person who performs services for or on behalf of the organization – commits bribery to obtain or retain business or a business advantage for the organization.
Liability is strict in that no intention, knowledge or participation on the part of the organization in respect of the bribery needs to be proven. The organization may be liable regardless of whether or not it had actual knowledge of the bribery. There is no need to prove that the bribe was authorized or that the organization intended for the bribe to be paid.
The penalties are severe. A commercial organization committing an offense under Section 17A is liable upon conviction to imprisonment for a term up to 20 years and/or a fine of at least 10 times the value of the bribe, or MYR 1 million, whichever is higher. In addition, the director, officer or partner of the commercial organization or persons who are concerned in the management of the organization’s affairs may be deemed liable for the same offense, unless they can prove that the bribery was committed without their consent and that they exercised due diligence to prevent the bribery.
The only defense for the commercial organization is if it can prove that it had in place adequate procedures designed to prevent such persons associated with the commercial organization from undertaking bribery.
In this regard, a Guideline on Adequate Procedures was issued pursuant to Section 17A to provide guidance on what constitutes adequate procedures. The guideline outlines five key principles:-
- Top-level Commitment: Directors, partners or anyone concerned in the management of the organization’s affairs ought to be directly involved to ensure the organization complies with the applicable anti-corruption laws and regulations.
- Risk Assessment: Risk assessments ought to be conducted at regular intervals to identify evolving risks of corruption. The findings of these assessment should be documented and regularly reviewed.
- Undertaking Control Measures: Appropriate contingency measures to address corruption risks identified, including due diligence and stringent financial controls, ought to be in place.
- Systemic Review, Monitoring and Enforcement: The effectiveness and efficiency of the organization’s anti-corruption policies and controls ought to be regularly reviewed and assessed. An external audit by an independent third party should be conducted every 3 years to ensure effectiveness of anti-corruption controls.
- Training and Communication: The organization’s anti-corruption policies ought to be disseminated both internally and externally and regular and relevant trainings ought to be provided to the organization’s members and external stakeholders.
The Guideline on Adequate Procedures also recommends that a comprehensive risk assessment be done every 3 years, with intermittent assessments when necessary. The assessment should cover areas on:-
- Opportunities for corruption and fraud activities resulting from weaknesses in the commercial organization’s governance framework and internal system / procedures;
- Financial transaction(s) that may be disguised as corrupt payment(s);
- Business activities in countries or sectors that pose a higher corruption risk;
- Non-compliance of external parties acting on behalf of the commercial organization regarding legal and regulatory requirements related to anti-corruption; and
- Relationships with third parties in its supply chain which are likely to expose the commercial organization to corruption.
Whilst many Malaysian organizations may have adopted an anti-bribery and corruption policy, a policy alone is not enough. Businesses should continue to improve on their compliance programs and implement proactive practices in ensuring they have adequate procedures to prevent bribery, including instilling a culture of compliance from the top, periodically undertaking corruption risk assessments and auditing the effectiveness of anti-corruption controls as well as having adequate and sufficient training for all employees and associates.
* * * * *
This client alert was issued by Wong & Partners, a member firm of Baker McKenzie International, a global law firm with member law firms around the world. In accordance with the common terminology used in professional service organizations, reference to a “partner” means a person who is a partner or equivalent in such a law firm. Similarly, reference to an “office” means an office of any such law firm. This may qualify as “Attorney Advertising” requiring notice in some jurisdictions. Prior results do not guarantee a similar outcome.