Corporate anti-corruption compliance: responsibility or entitlement?
All companies are obliged by law to actively prevent corruption and remove the causes of and conditions contributing to it in their organisations. For example, quasi-public companies are obliged to establish departments responsible for anti-corruption compliance, while all others are given the option to do so.
Who are responsible for corporate anti-corruption risks?
Anti-corruption law requires specific individuals be placed in charge of ensuring corporate anti-corruption compliance, depending on the type of company they work for. They can include quasi-public company management, such as CEOs or those responsible for organisational and administrative functions; procurement team management or individuals responsible for selecting and implementing state or National Fund financed projects.
These same people face either administrative or criminal liability for any corruption cases proven under their jurisdiction.
What is the punishment for corruption in Kazakhstan?
Corruption is subject to both administrative and criminal liability, depending on the offence. Administrative fines can reach up to 1,500 times the monthly calculation index (The monthly calculation index is the index used in Kazakhstan to calculate pensions, benefits and other social benefits, as well as fines, taxes and other payments, and is equal to 2 917 tenge (~7 USD).). Under criminal law, the guilty party can face a fine of up to 80 times the value of a bribe, correctional labour up to the same value, community service of up to 1,200 hours, restricted freedom for up to 7 years, imprisonment for up to 20 years with the confiscation of property, and a life-long ban on the right to hold certain positions or engage in certain activities for the same period.
What does anti-corruption compliance cover?
By law, all companies are obliged to analyse their own corruption risks and those of any subsidiaries, whether it be through an external study of normative legal acts affecting operations, so as to identify corruption risks related to personnel management; conflicts of interest; public services; approval functions; control and supervisory function implementation; staff turnover and other issues arising from organisational and management activities.
The list is not exhaustive, and we believe that corporate management may add other areas for analysis should they be required.
What sources are used to develop anti-corruption compliance?
External corruption risk analyses should be based on:
1) regulatory legal acts governing analysis target activities;
2) information provided by the target on the areas covered by the external corruption risk analysis;
3) information duly obtained from state and law enforcement agency data systems in line with external corruption risk analysis guidelines;
4) the results of previous state authority inspections of external corruption risk analysis targets;
5) the results of anti-corruption monitoring in accordance with external corruption risk analysis guidelines;
6) media publications;
7) requests from individuals and legal entities in relation to the external corruption risk analysis target;
8) details on the identification and prosecution of officials of the external corruption risk target for corruption;
9) other information permitted for presentation by law.
Internal corruption risk analyses should be based on:
1) regulatory legal acts governing operations;
2) the results of previous state authority inspections;
3) media publications;
4) requests received from individuals and legal entities;
5) prosecutor acts;
6) court rulings;
7) other information permitted for presentation by law.
Corruption risk analysis findings are issued in reports that include recommendations for eliminating them and improving anti-corruption compliance systems.
What are anti-corruption standards?
Companies subject to anti-corruption law, including those in the quasi-public sector, must develop internal anti-corruption standards.
Rules of conduct for people working in public relations cover the exercising of the rights and legitimate interests of individuals and companies in the area governed by anti-corruption standards; the preparation and adoption of managerial and other decisions within their competence; the preparation of draft regulatory legal acts; other relationships that arise depending on the specific activities involved; and other restrictions.
Corporate associations and unions are also entitled to adopt corporate corruption prevention standards.
What companies can do to introduce anti-corruption compliance?
The first thing is for the company to carry out an independent analysis of its activities, which may include studying regulations around corporate activities and internal documents, such as orders, instructions, internal policies and job descriptions; reviewing organisational and management business processes and controls.
The second step involves filling in the gaps identified by the analysis, such as defining the persons responsible for specific issues, indicating the job remit and authority in job descriptions; ensuring internal documents refer to liability for corruption; amending policies to provide instructions on how to act in situations not defined in acts, specifically who to contact for advice and/or approval; holding training on all anti-corruption compliance issues, including with the participation of company management; familiarising company employees with anti-corruption compliance documentation, including regulations and others; aligning the relevant corporate business processes and anti-corruption controls; and others.
We recommend engaging experienced consultants to analyse corporate activities and improve corruption risk mitigation activities.
Other important anti-corruption issues
A key to developing and implementing anti-corruption compliance is deciding whether corporate operations are subject to international anti-corruption acts. For example, under the UK Anti-Bribery Act, a company would need to examine its activities for registration or doing business in the UK, and also for whether it employs UK citizens or residents.
Another example would be to ascertain whether the US Foreign Practice Act 1977 applies by determining relationships with US companies or companies listed on the US Stock Exchange, or whether US or citizens residents work for the company, and so on.
These acts establish extensive obligations to combat corporate corruption and failure to comply may result in significant financial sanctions.
To determine, whether corporate activities fall within the scope of these international or other anti-corruption acts, we recommend hiring an international consulting company with a presence in the required countries.
Taking the above actions will help create an effective an anti-corruption culture and eliminate or at least reduce corporate corruption, and make sure that corruption is identified quickly and correct persons are made accountable.
Dariga Tokpayeva, Senior Lawyer, Tax and Legal Department, Deloitte Caspian