In the recent years, Malaysia has intensified its efforts in combating corporate corruption, culminating in the introduction of Section 17A into the Malaysian Anti-Corruption Commission (MACC) Act through an amendment in 2018. This significant legal development, which came into effect on June 1, 2020, marks a pivotal shift towards imposing corporate liability, fundamentally altering the landscape of corporate governance and accountability within the country. This article aims to dissect the legal underpinnings of Section 17A of the MACC Act 2009, evaluate its implications for commercial organisations, and elucidate the defences available to the board of directors and senior management to mitigate liability risks.
Section 17A (1) [1]of the MACC Act 2009 stated as follows:
- A commercial organisation commits an offence if a person associated with the commercial organisation corruptly gives, agrees to give, promises or offers to any person any gratification whether for the benefit of that person or another person with the intent:
- To obtain or retain business for the commercial organisation; or
- To obtain or retain an advantage in the conduct of business for the commercial organisation.
The Essence of Section 17A of the MACC Act 2009
At its core, Section 17A [2]of the MACC Act 2009 states that a commercial organisation can be held criminally liable if any person associated with it is found guilty of offering or giving gratification, broadly understood as bribes, to obtain or retain business or a business advantage for the organisation. This provision introduces the concept of corporate liability, where previously, liability predominantly rested on the individuals committing the corrupt act. Thus, Section 17A of the MACC Act 2009 widens the net of accountability to encapsulate not just individuals but entire commercial organisations.
Who is considered a “person associated” with a commercial organisation
Section 17A(6)[3] of the MACC Act 2009 provides that person associated with a commercial organisation include the commercial organisation’s directors, partners, employees and persons who perform services for and on behalf of the commercial organisation.
Implications of Corporate Liability
The legal provision carries significant ramifications for organisations engaged in business activities within Malaysia. Pursuant to Section 17A(2)[4] of the MACC Act 2009, non-compliance attracts severe penalties, including fines amounting to at least ten times the value of the illicit gains, or RM 1 million, whichever is higher, as well as imprisonment for a maximum of 20 years or both. Furthermore, the scope of a commercial organisations is extensive, encompassing registered companies and partnerships, regardless of their location in Malaysia or their business dealings within the country.
This stipulation represents a definitive stance by the Malaysian government toward cultivating an ethical business environment free from corruption. Commercial organisations are now obligated to ensure the implementation of stringent compliance measures aimed at detecting and preventing corrupt practices within their operations.
Defences for Commercial Organisations
Crucially, Section 17A of the MACC Act 2009 provides commercial organisations with the opportunity to shield themselves by demonstrating the adoption of ‘Adequate Procedures’ geared toward preventing corruption. The concept of ‘Adequate Procedures’ assumes critical importance as it affords organisations the means to exhibit their dedication to ethical business conduct through the establishment of comprehensive anti-corruption policies and systems.
The commercial organisation must prove to the court that such procedures were not superficial but effectively communicated, implemented, and enforced within the organisation. This necessitates a proactive approach to developing a robust corporate governance framework capable of withstanding legal scrutiny.
Legal Defences for the Board of Directors and Senior Management
In the post-Section 17A legal landscape, the board of directors and senior management are responsible for ensuring the robustness of the organisation’s compliance framework. The law stipulates that they can mount a defence by proving that the offence occurred without their consent and that they had implemented adequate procedures to prevent such corrupt practices.
In this context, the significance of the ‘Adequate Procedures’ defence cannot be overstated. It serves as a crucial mechanism not only for absolving the organisation but potentially its leadership from liability. Therefore, the role of legal counsel becomes crucial in guiding these individuals and the broader organisation in understanding the principles of ‘adequate procedures’. In December 2018, the Prime Minister’s Department issued guidelines[5] to assist organisations in this regard, emphasising the importance of tailored procedures reflecting each organisation’s unique risks and operational complexities.
With regard to the guidelines, a commercial organisation’s adequate procedures should be based on the principle of T.R.U.S.T., comprising the following components:
- Top-Level Commitment:
The board and top management hold a critical responsibility in ensuring that the commercial organisation maintains the highest standards of integrity and ethics. This involves adhering to anti-corruption laws and regulations while effectively managing the key corruption risks that affect the organisation.
- Risk Assessment:
Extensive assessments are essential to uncover, thoroughly examine, evaluate, and rank potential bribery risks. These assessments can be carried out independently or integrated into a comprehensive risk register.
- Undertake Control Measures:
Establish robust controls and contingency plans.
- Systematic Review, Monitoring, and Enforcement:
Ensure that regular reviews of anti-corruption programs are conducted to assess their efficiency and effectiveness.
- Training and Communication:
Develop and distribute internal and external training and communications to employees and business partners. Tailor the training and communications based on the size of the operations. Make the anti-corruption policy readily available to all personnel and business associates, including the policy itself, training materials, reporting channels, and the consequences of non- compliance.
Navigating Anti-Corruption Compliance in Malaysia
Since the introduction of Section 17A of the MACC Act 2009, it’s encouraging to note the adoption of anti-bribery and corruption policies by a significant number of commercial organisations in Malaysia. However, the establishment of such policies marks merely the
starting point. For commercial organisations, it’s essential to continually refine their compliance strategies and take pre-emptive actions to deter bribery. This entails fostering a culture of ethical compliance across the organisation, performing regular evaluations of potential corruption risks, conducting audits to verify the effectiveness of anti-corruption initiatives, and ensuring all employees and partners receive thorough training. Through these steps, commercial organisations can establish robust mechanisms to effectively combat bribery.
Commercial organisation must implement systematic anti-corruption measures. The responsibility for overseeing these risks falls squarely on the commercial organisation’s board and/or top management, demonstrating the pervasive nature of corruption risks throughout various operational areas. Individuals tasked with managing corruption risks need to be granted ample authority and wide-ranging responsibilities, taking charge of anti-corruption compliance initiatives under the board’s and/or top management’s strong guidance and strict rules.
Creating a comprehensive anti-corruption compliance plan is crucial, particularly for larger commercial organisations. This plan should encompass a commitment from the board and/or top management, methodologies for identifying corruption risks, the application of preventive strategies, ongoing monitoring and enforcement measures, along with training and effective communication. Although discussing all necessary compliance components with Section 17A of MACC Act here is challenging, the focus will be on three critical elements[6] for developing an anti-corruption framework:
- Evaluating corruption-related risks.
- Handling risks associated with external entities.
- Promoting a culture that encourages the revelation of corruption.
Evaluating corruption-related risks
Evaluation of corruption risks involves a process similar to any business risk assessment but with a specific focus on corruption. The procedure includes:
-
Planning:
Set up the assessment team, including stakeholder identification. Define the assessment scope to cover every business area. Ensure the availability of resources and expertise to comprehend corruption risk thoroughly and define the steps for a comprehensive and efficient assessment.
-
Data Collection:
Interview key staff like department heads and high-risk position holders for insights on corruption risks. Review policies and procedures for corruption vulnerabilities. Use focus groups or surveys among junior staff to gauge the real-world application of policies and the existence of any policy-practice gaps.
-
Identifying Risks:
Given that Section 17A of the MACC Act 2009 makes both giving and receiving bribes illegal under the MACC Act, both aspects should be explored. Broader discussions on what constitutes a bribe will help identify more extensive risk areas.
-
Identifying Controls/Mitigation Factors:
Existing controls to mitigate corruption might already be in place, but assessing their relevance to corruption is vital. These can include audits by financial teams, procurement policies, gift and hospitality guidelines, and robust HR procedures. Training and leadership communication are key to mitigating risk.
-
Assessment of Net Impact/Likelihood:
After identifying inherent risks and control measures, commercial organisation is left with residual risks. These should be evaluated to highlight control enhancement opportunities, repeating the process until the residual risk is minimal and acceptable.
Handling risks associated with external entities
In the landscape of modern business operations, external engagements with third parties represent a significant area of risk, particularly in the arena of corruption. An understanding of this can be deepened by recognising that a substantial number of corruption incidents involve these external entities. Legal frameworks, such as the one indicated in Section 17A of the MACC Act 2009, outline that any corrupt actions perpetuated by intermediaries and their associates effectively equate to actions conducted by the principal party itself. This implies that if a third party representing a commercial organisation engages in corrupt practices, the commercial organisation could be held accountable and potentially face legal repercussions, even if it was unaware of the third party’s misconduct. To strategically navigate and mitigate the risks tied to third-party associations, several proactive steps are recommended.
-
Due Diligence:
The cornerstone of effective third-party risk management lies in due diligence. This involves an extensive vetting process of potential and existing external partners to fully grasp their ownership structure and assess their integrity. Utilising resources like the MACC’s website to screen for individuals previously convicted of corruption, alongside leveraging global databases for risk, governance, and compliance evaluations, is crucial. This comprehensive screening should extend to checking the company’s directors and owners, conducting criminal background investigations, and seeking out any negative reputational insights through a variety of sources including news and social media outlets. Such diligence ensures clarity and confidence in who you are engaging with.
-
Contracting
A uniform approach to contracting with third parties can significantly fortify a commercial organisation against corruption risks. It is prudent to embed an anti-corruption clause in all agreements that necessitate compliance with legal norms and the commercial organisation’s specific anti-corruption policies. Provisions allowing for audits of the third party’s operations under the agreement can offer transparency and control. Moreover, the option to terminate relationships upon discovering corrupt activities underscores the commercial organisation’s commitment to integrity. Integrating these clauses into procurement and contracting processes is an effective strategy.
-
Monitoring
To ensure compliance and mitigate risks, ongoing supervision of third party relationships is essential. Commercial organisations should integrate the monitoring of these entities into their internal audit schedules, paying particular attention to those posing higher risks. Continuous or periodic due diligence, especially in response to significant changes in the third party’s situation, remains imperative. Utilising advanced analytics to detect suspicious patterns indicative of corruption further strengthens this oversight, as does maintaining and regularly updating a categorised list of vendors based on their risk levels and compliance records.
-
Education:
Awareness and education form another pillar of a robust anti-corruption framework. Given that vendors are equally subject to regulations like Section 17A of the MACC Act 2009, actively communicating the commercial organisation’s expectations and the anti-corruption measures the commercial organisation are implementing is vital. For high-risk partners, providing specialised anti-corruption training can be very effective.
Overall, a strategy that includes rigorous due diligence, transparent contracting, vigilant monitoring, and proactive education establishes a foundation for managing third party risk. By fostering a culture of compliance and integrity with vendors, commercial organisations can create a protective barrier that enhances their anti-corruption measures, safeguarding against the significant risks associated with external engagements.
Promoting a culture that encourages the revelation of corruption.
Establishing an environment that encourages openness is paramount. No compliance framework can eradicate corruption entirely. Being the first to know when corruption arises is crucial. Ensuring that the commercial organisation’s employees and vendors are aware of how to report corrupt activities and trust the reporting mechanism positions commercial organisation to proactively manage corruption risks.
Ensure the availability of multiple reporting avenues such as emails, online submissions, traditional mail, a direct approach to leadership, and a 24/7 hotline in all relevant languages, staffed by both male and female operators. These channels should be widely publicised both internally and externally.
Guarantee that reports made in good faith receive proper attention and are taken seriously, with a strict non-retaliation policy for such reports.
Avoid centralising the receipt of disclosure reports to a single individual. Instead, implement a structured ‘triage’ process to allocate the report to the most suited team, avoiding any conflict of interest. This team could include members from various departments such as HR, finance, ethics and compliance, legal, and/or the executive office, potentially with internal audit representation. It is advisable to regularly update the board and/or top management, or at least provide a summary of reports and consequent actions.
Encouraging the reporting of issues not only helps identify and resolve potential corruption before escalation but also avoids the challenges of first learning about such issues through regulatory interventions.
Simply executing a corruption risk assessment is not enough. Commercial organisations need to demonstrate how the outcomes have enhanced their anti-corruption strategies. Furthermore, regular assessments should be performed and scaled according to the business size and complexity. For example, public listed companies must include corruption risk in their annual assessments. In recent years, the public listed companies in Malaysia, have adopted specific strategies to enhance compliance and governance, including:
- Introducing strict no-gift policies to eliminate any form of basic corruption.
- Implementing all open tender processes to ensure transparency in procurement.
- Establishing anti-bribery and corruption policies as a clear stance against corruption.
- Mandating procurement processes to be open and transparent to prevent under-the-table deals.
- Fortifying governance by increasing the number of independent directors on the Board, ensuring decisions are made in the best interest of the corporation without undue influence.
Such strategies are essential in reinforcing the anti-corruption framework, especially considering the mandatory Board involvement as per listing requirements.
Ending Note
Section 17A of the MACC Act 2009 presents a watershed moment in Malaysia’s fight against corruption, signalling a shift towards increased corporate accountability. This provision not only broadens the scope of entities liable under the law but also prioritises preventive measures through the concept of Adequate Procedures.
Navigating this legal landscape requires a meticulous and proactive approach to developing, implementing, and enforcing comprehensive anti-corruption measures for commercial organisations and their leadership. Failure to do so risks severe penalties and could irreparably damage the organisation’s reputation.
As Malaysia marches towards a more transparent and ethical business environment, compliance should not be viewed merely as a statutory obligation but as a cornerstone of sustainable business practices. Section 17A of the MACC Act 2009, thus, serves as a critical legal framework for catapulting Malaysia towards its goal of eradicating corruption and fostering a business ecosystem that is conducive to growth, development, and integrity.
If you have any questions or queries, please contact our Partner, Mr. Afif Che Had (afif@nzchambers.com)
Author:
- Afif Che Had
References:
[1] Section 17A(1) of Malaysian Anti-Corruption Commission Act 2009
[2] Section 17A of Malaysian Anti-Corruption Commission Act 2009
[3] Section 17A(6) of Malaysian Anti-Corruption Commission Act 2009
[4] Section 17A(2) of Malaysian Anti-Corruption Commission Act 2009
[5] Prime Minister’s Department Guidelines On Adequate Procedures – PURSUANT TO SUBSECTION (5) OF SECTION 17A UNDER THE MALAYSIAN ANTI-CORRUPTION COMMISSION ACT 2009
[6] https://bursasustain.bursamalaysia.com/droplet-details/corporate-governance/practical-steps-to-address-section-17a