Why IT leaders need to prepare for the Bribery Act

The Bribery Act hits the UK statute book on 1 July 2011. The new legislation widens coverage from public officials and their agents to the whole of the private sector and associated transactions. Clearly this area is being taken seriously as failure to comply can result in penalties of up to 10 years in prison and unlimited fines.

The Bribery Act hits the UK statute book on 1 July 2011. The new legislation widens coverage from public officials and their agents to the whole of the private sector and associated transactions. Clearly this area is being taken seriously as failure to comply can result in penalties of up to 10 years in prison and unlimited fines.

It does feel a little odd that bribery restraints have historically only been applied to half the UK economy but now the net has widened many organisations will be in a rush to ensure processes and documentation is all in order.

The actual offences under the act include;

  • Bribery or promising a bribe;
  • Soliciting, receiving or agreeing to receive a bribe;
  • Liability covering organisations where an agent acts on their behalf;
  • Bribing a foreign official.

While none of these feel particularly difficult to manage, under the umbrella of a modern company's ethical and commercial policies, the wider implications of failure to establish strong processes will have many people burning the midnight oil. I have been in discussions with a whole range of private-sector contacts and their preparedness ranges from "soundly ready" to "unaware".

The scale of internal activity needing review is wide. Obvious processes around the purchasing function and tender documentation attract a heavy focus. The legislation casts a large net and I have found my peers needing to review less well-trodden paths around hospitality, facilitation payments and third-party arrangements.

Technology has a major part to play and it has become clear that a handful of IT and service vendors have grasped this opportunity with both hands.

One of the key challenges has been around proving which individuals had access to information and at exactly what time. Reliance on e-mail trails simply isn't suitable and now is the time to bring a more rigorous solution.

One of the organisations I have been working with, who have really thought through how to keep time-bound processes totally auditable, is Trust Solutions. Its digital authentication and identity management software solutions combined with a proper understanding of the Act have allowed a range of partners to start planning for a post-July world without the concerns of major investment at a difficult point in the economic cycle.

Chris Pardoe of Trust Solutions says, "We are finding that many people just want to understand how the new law will really affect them. Early challenges from board members can be quickly answered and a range of solutions discussed. Finding the right technology to fit within a current architecture often solves the problem very quickly. A high security level combined with a cost-effective deployment results in happy IT directors and legal counsel."

My advice continues to be, understand this new Act, it will affect almost every business. Think through how your current governance and technology can be adapted rather than reworked and make sure you spend your money wisely.

Robin Young is commercial director at hospitality firm Mitchells & Butlers.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close