Anti-Bribery Policy

A formal corporate policy that prohibits employees, officers, agents, and third parties acting on the company's behalf from offering, promising, giving, or receiving bribes, kickbacks, or improper payments to obtain or retain business or gain an unfair advantage.

What Is an Anti-Bribery Policy?

Key Takeaways

  • An anti-bribery policy is a written commitment that no employee, officer, agent, or third-party representative will offer, promise, give, or accept bribes, kickbacks, or facilitation payments in any business dealing.
  • The two major anti-bribery laws with global reach are the US Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act 2010. Both apply to conduct outside their home countries.
  • FCPA enforcement penalties hit $2.9 billion in 2023 alone (DOJ/SEC). A single violation can cost a company hundreds of millions in fines, disgorgement, and compliance monitor fees.
  • The UK Bribery Act goes further than the FCPA: it criminalizes private-sector bribery (not just government officials) and creates a strict liability corporate offense for 'failure to prevent bribery,' with an 'adequate procedures' defense.
  • An effective policy isn't just a legal document. It's a practical guide that helps employees recognize bribery risks and know exactly what to do when they encounter them.

An anti-bribery policy draws a clear line: this organization doesn't pay bribes, accept bribes, or look the other way when someone else does it on our behalf. That sounds obvious, but the reality of global business makes the line blurry fast. A government official requests a 'consulting fee' before approving a permit. A distributor asks for an unusually high commission that might be partly passed to a procurement officer. A customs agent hints that a small payment will speed up clearance. These situations aren't theoretical. They happen daily in international commerce. The FCPA and UK Bribery Act impose enormous penalties on companies that get it wrong. FCPA enforcement in 2023 generated $2.9 billion in penalties and disgorgement. Individual executives have faced prison sentences. The UK Bribery Act creates a corporate offense of 'failure to prevent bribery' where the only defense is having 'adequate procedures' in place. That adequate procedures defense starts with a written anti-bribery policy. For HR teams, the policy creates training obligations, drives due diligence on third-party intermediaries, and establishes the disciplinary framework for violations.

$2.9BTotal FCPA enforcement penalties and disgorgements in 2023, one of the highest years on record (DOJ/SEC)
27FCPA enforcement actions brought by DOJ and SEC in 2023 (Stanford FCPA Clearinghouse)
44Countries whose laws have extraterritorial anti-bribery reach, meaning violations abroad can be prosecuted at home (Transparency International)
69%Of business executives who believe anti-bribery compliance has become more complex in the past five years (EY Global Fraud Survey, 2024)

Essential Elements of an Anti-Bribery Policy

A credible anti-bribery policy goes well beyond a general prohibition. It gives employees practical guidance for real-world situations.

Clear definitions and prohibitions

Define bribery explicitly: offering, promising, giving, requesting, agreeing to receive, or accepting any financial or other advantage intended to influence someone's actions in their official capacity or business dealings. Cover all forms: cash payments, gifts above a threshold, entertainment, travel expenses, charitable donations made at an official's request, political contributions, and facilitation payments (small payments to speed up routine government actions). State the company's position on facilitation payments clearly. The FCPA technically allows them in limited circumstances, but the UK Bribery Act doesn't. Most multinational companies prohibit them entirely to avoid confusion.

Third-party due diligence

Third parties (agents, consultants, distributors, joint venture partners) are the primary vector for bribery. Over 90% of FCPA enforcement actions involve third-party intermediaries. The policy should require risk-based due diligence before engaging any third party who will interact with government officials or conduct business on the company's behalf. Due diligence should include background checks, reference verification, assessment of the third party's own anti-corruption program, and red flag screening (family connections to officials, requests for unusual payment terms, lack of a legitimate business purpose).

Gifts and hospitality guidelines

Gifts and entertainment are where bribery risks hide behind social customs. The policy should set clear monetary thresholds (common ranges are $50-$250 per gift), require pre-approval above certain amounts, prohibit gifts to government officials during active procurement or licensing processes, require accurate recording of all gifts and entertainment in a log, and ban cash gifts entirely. What counts as a 'reasonable' business meal in one country may look like an improper payment in another. The policy needs to be specific enough to guide decisions in different cultural contexts.

Books and records requirements

The FCPA's books-and-records provision (Section 13(b)) requires publicly traded companies to keep accurate books and maintain adequate internal controls. Bribes disguised as legitimate expenses (consulting fees, commissions, miscellaneous charges) violate this provision even if the underlying payment might not have met the anti-bribery standard. The policy should require that every payment, expense, and transaction be recorded accurately with its true business purpose. No slush funds. No off-books accounts. No mislabeled expenses.

Anti-Bribery Red Flags

Train employees to recognize the warning signs that a transaction or relationship may involve bribery. These red flags don't prove bribery, but they demand additional scrutiny.

  • A third party requests payment in cash, to a personal account, or in a country with no connection to the transaction.
  • Commission rates or consulting fees are significantly higher than market norms for the services provided.
  • A government official recommends a specific agent or consultant and insists the company use them.
  • A third party has close family or business relationships with the government officials involved in the transaction.
  • Invoices lack detail, describe services vaguely ('consulting services'), or don't correspond to any identifiable deliverable.
  • A third party operates in a country ranked high on Transparency International's Corruption Perceptions Index.
  • Requests for last-minute changes to payment terms, amounts, or recipients without clear business justification.
  • A third party asks for advance payments or 'success fees' that are contingent on obtaining a specific government decision.
  • The third party has little or no track record in the services they've been hired to provide.
  • Employees are told that local customs require payments or gifts to officials to 'get things done.'

FCPA Enforcement Trends

FCPA enforcement data illustrates the financial scale of anti-bribery risk and the sectors most frequently targeted.

$2.9B
Total FCPA penalties and disgorgements in 2023DOJ/SEC FCPA enforcement data, 2024
27
FCPA enforcement actions by DOJ and SEC in 2023Stanford FCPA Clearinghouse, 2024
$1.6B
Largest single FCPA settlement in history (Airbus, combined with UK/French authorities, 2020)DOJ
90%+
Of FCPA cases involving third-party intermediariesFCPA Professor analysis, 2024

Anti-Bribery Training and Awareness

Training is one of the six 'adequate procedures' principles under the UK Bribery Act's guidance, and DOJ/SEC guidance for the FCPA emphasizes training as evidence of a genuine compliance program.

Who needs training

Everyone needs baseline awareness, but the depth of training should be risk-based. Board members and senior leadership need training on their oversight obligations and personal liability. Sales, business development, and procurement teams need detailed training on third-party risks, gifts and hospitality rules, and red flags. Finance teams need training on the books-and-records provisions and suspicious payment patterns. Employees in high-risk geographies need country-specific guidance. Administrative staff need enough awareness to recognize and escalate concerns.

Training methods

Combine annual online training (for documentation and broad coverage) with in-person workshops for high-risk roles. Use real scenarios drawn from actual enforcement cases. Abstract principles don't stick. A story about a company that paid $800 million because a distributor bribed customs officials sticks. Test comprehension and track completion rates. Regulators look for evidence that training was delivered, understood, and refreshed regularly. Maintain training records for at least seven years.

HR's Role in Anti-Bribery Compliance

HR sits at the intersection of policy, training, culture, and discipline. Every component of anti-bribery compliance touches HR directly.

  • Include anti-bribery acknowledgment in the onboarding process. Every new hire should sign the policy before starting work.
  • Build anti-bribery questions into the hiring process for roles with bribery exposure (international sales, government affairs, procurement).
  • Administer and track completion of annual anti-bribery training across all employee populations.
  • Conduct pre-employment screening, including background checks and reference checks, with enhanced due diligence for high-risk positions.
  • Enforce disciplinary consequences for policy violations consistently, regardless of the violator's seniority or revenue contribution.
  • Include compliance metrics in performance evaluations for managers in high-risk functions.
  • Ensure that incentive structures (commissions, bonuses) don't inadvertently reward bribery by tying compensation exclusively to revenue without compliance guardrails.

Frequently Asked Questions

Does the FCPA apply to private companies?

The FCPA's anti-bribery provisions apply to all US persons (citizens, residents, and entities organized under US law), whether public or private. Any US company, regardless of size or public/private status, that pays a bribe to a foreign government official to obtain or retain business violates the FCPA. The books-and-records and internal controls provisions under Section 13(b) apply specifically to SEC registrants (public companies), but the anti-bribery criminal provisions have much broader reach.

What are facilitation payments, and should the policy address them?

Facilitation payments (sometimes called 'grease payments') are small payments to low-level government officials to speed up routine, non-discretionary actions like processing a visa, clearing goods through customs, or connecting utility service. The FCPA contains a narrow exception for facilitation payments, but the UK Bribery Act doesn't recognize it. Most multinational companies prohibit facilitation payments entirely because the exception is narrow, difficult to apply correctly, and inconsistent across jurisdictions. Your policy should state the company's position clearly.

How does the UK Bribery Act differ from the FCPA?

The UK Bribery Act is broader in several ways. It covers bribery of private individuals, not just government officials. It creates a strict liability corporate offense for 'failure to prevent bribery' (the FCPA requires proof of intent). It doesn't exempt facilitation payments. It applies to any company that conducts any business in the UK, regardless of where the bribery occurred. The 'adequate procedures' defense under Section 7 is the primary reason companies need written anti-bribery policies: if you can prove you had reasonable prevention measures in place, you can defend against the corporate offense.

What should happen when an employee violates the anti-bribery policy?

Violations should trigger an immediate investigation by compliance or legal. If the violation is confirmed, disciplinary action should be consistent with the severity of the conduct, which typically means termination for actual bribery. The organization must also assess its legal obligations: does the violation trigger self-reporting obligations under voluntary disclosure programs (DOJ, SEC)? Self-reporting can significantly reduce penalties. DOJ's FCPA Corporate Enforcement Policy offers declinations or reduced penalties for companies that voluntarily self-disclose, cooperate fully, and remediate.

How often should the anti-bribery policy be reviewed?

At minimum, annually. Review triggers should also include expansion into new countries (different corruption risk profiles), changes in the regulatory environment (new enforcement guidance, court decisions), acquisition of companies with different risk profiles, findings from internal audits or investigations, and changes in enforcement trends. The DOJ and SEC have published updated guidance on evaluating corporate compliance programs several times in recent years. Your policy should reflect the most current expectations.
Adithyan RKWritten by Adithyan RK
Surya N
Fact-checked by Surya N
Published on: 25 Mar 2026Last updated:
Share:
Previous
Next