Checklist: Gifts and hospitality (UK)

Introduction

This checklist suggests steps to take to embed gifts and hospitality (G&H) procedures within your organisation in order to assist with the prevention of bribery. It is aimed at in-house lawyers and compliance professionals in organisations of all sizes and all sectors in the UK.

Under the Bribery Act 2010 (BA 2010), it is an offence to pay or receive a bribe, and companies and partnerships will also commit an offence where a bribe is paid on their behalf. In order to reduce the risk that a BA 2010 offence is committed, risk management procedures that enable the identification and prevention of anti-bribery and corruption (ABC) need to be implemented and embedded within your organisation as part of an ABC compliance framework (ABC Framework).

This G&H checklist can be incorporated as part of an overall risk management framework, forming part of your organisation’s code of conduct or as part of your standalone ABC Framework.

The checklist addresses the following steps:

1. Assess business risks
2. Draft a policy and procedure to implement it
3. Embed a gifts and hospitality procedural control
4. Monitoring and ongoing governance and compliance requirements

The checklist is presented as a list of requirements that you can tick off as they are addressed. At the end of the document there are explanatory notes, and specific notes corresponding to the relevant step in the checklist. There is also an example precedent of a G&H record.

The checklist can be used in conjunction with How-to guides: Understanding the Bribery Act 2010 offences, Understanding penalties for breach of the Bribery Act 2010, How to prevent bribery and corruption in your organisation and How to identify and assess bribery and corruption risk as well as the Checklists: Anti-bribery and corruption procedures, Anti-bribery and corruption risk assessment and Charitable and political donations.

Step 1 - Assess business risks

Step 2 – Draft a policy and procedure to implement controls

Step 3 - Embed a gifts and hospitality procedural control

Step 4 – Monitoring and ongoing governance and compliance requirements

Explanatory notes

General notes

This checklist is designed to assist your organisation in its approach to gifts and hospitality, in order to help prevent bribery offences under the BA 2010. It will be incorporated as part of your organisation’s ABC Framework.

Gifts and hospitality expenditure that seeks to improve the image of a commercial organisation, to better present products and services or to establish cordial relations is recognised as an established and important part of doing business in the UK Government’s guidance on the BA 2010. The BA 2010 does not seek to prohibit or penalise reasonable and proportionate hospitality or gifts for this purpose. However, bribery risks relating to gifts and hospitality do need to be identified by your organisation. This is because hospitality and gifts can be employed as bribes. The more lavish the hospitality or expenditure (beyond what may be reasonable standards in the circumstances), the greater the inference of bribery.

Your procedures need to manage against any inference of bribery. This includes ensuring that G&H expenditure by your organisation or associated persons is not intended to encourage or reward improper performance or influence (especially in relation to a public official). Other bribery red flags include circumstances where the hospitality or expenditure was not clearly connected with a legitimate business activity or it was concealed.

Step 1 - Assess business risks

Step 1 of the checklist considers the assessment of business risks and the evaluation of the results obtained from the risk assessment with a view to considering actions that will need to be taken to identify, manage and prevent BA 2010 risk in relation to G&H.

1.1 Identify internal and external sources of information about risk

Identify the available internal and external information sources to be gathered to enable each key risk to be identified, analysed and assessed. Sources may be individuals, invoices, databases of non-standard contracts or terms of business, vendor lists, customer records, whistleblower reports, findings from investigations, audit findings etc.

1.2 Consider whether your business operates in the public sector

Your ABC risk assessment will indicate dealings with business partners and foreign public officials. This will include the provision of hospitality and promotional expenditure. Care must be exercised whenever individuals within or associated with your organisation wish to offer gifts or hospitality to government officials. Government officials are typically employees of national, regional, local or international government. They can include employees of companies owned or controlled by national, regional or local government as well as members of government (MPs, ministers, councillors etc).

Your ABC risk assessment must note that the provision of hospitality for public officials needs to be cleared with the relevant public body so that it is clear who and what the hospitality is for.

For global organisations, you should consider The Corruption Perception Index issued by Transparency International that provides risks and scores for jurisdictions by their perceived levels of public sector corruption.

1.3 Identify and consider the risks as they relate to different departments within your organisation

Consider whether there are certain business units or departments in your organisation that are more exposed to the risk of offering or accepting a bribe in the form of G&H. For example, a sales or logistics team is likely to be at greater risk of bribery than a back office team. Those teams at greater risk may merit a greater focus in assessing the risks or in later mitigating them and therefore they should be identified.

1.4 Consider the risk factor of countries where your organisation does business

Consider Transparency International’s guidance on the risk factor of the country. For example, you may need to consider how to deal with local customs in overseas markets. Your organisation will need to be sensitive to local customs and avoid creating any impression of offence with regard to gifts and hospitality, including where these are from government officials and non-government officials, whilst at the same time being mindful that there is no exception in the BA 2010 for local customs. Where different cultural practices may pose questions around compliance, a process should be put in place for employees to seek advice.

1.5 Consider the overall risk factors of the sector(s) in which your business operates

A high percentage of cases of foreign bribery have historically been found in certain sectors, these include the extractive and construction sectors. Whilst being active in a particular sector does not necessarily indicate that a specific business is a higher risk, this is one factor to be considered in the overall risk assessment.

1.6 Consider the types of transactions where G&H may be relevant

For example, the receipt of vouchers and discount cards should be declared as a gift and recorded, as they are likely to be considered a financial or other advantage within the scope of the BA 2010. The purpose of the gift/hospitality will also need to be considered. Your organisation will need to make a judgement as to whether staff would have received the item if they did not work for your organisation. If they would have received the item regardless of their connection, then this is a good indicator that there is financial inducement.

1.7 Consider how business opportunities and partnerships generally arise

A consideration of how business opportunities and partnerships arise will need to consider a number of things, which will vary depending on the nature of business opportunities and partnerships your organisation has. General risk considerations will include:

• the way the business opportunities tend to arise – whether through formally tendered opportunities or more informal means
• whether there is a clear and legitimate objective to the opportunities with balanced benefits for both parties
• whether there is direct communication or a number of intermediaries involved
• whether foreign public officials are involved.

Step 2 - Draft a policy and procedure to implement controls

Step 2 of the checklist is a list of items to consider when drafting or updating an existing G&H policy.

2.1 Decide where your organisation’s G&H policy will be located

Consider whether your G&H policy will be a standalone document, or whether it will be incorporated into a wider code of conduct, ethics policy, compliance manual or employee handbook.

2.2 After reviewing the BA 2010, prepare to draft your G&H policy

The G&H policy must clearly articulate your organisation’s commitment to bribery prevention. It will ensure that your organisation:

• complies with its legal responsibilities
• can demonstrate effective management and accountability
• provides clear conduct expectations guidance for staff
• clearly establishes its beliefs, positions or values

The G&H policy statement needs to commit to transparent, proportionate, reasonable and bona fide hospitality and promotional expenditure. This can be set at an appropriate level when taking into consideration the level of risk identified in your organisation. The G&H policy therefore needs to include guidance on the provision of hospitality and/or promotional expenditure. The G&H policy and procedures must provide instructions that ensure transparency and conformity with any relevant laws and codes applying to:

• your organisation and its associated persons; and
• foreign public officials.

Consider whether the G&H policy should state that:

• it is the employee’s responsibility to record all gifts and hospitality given or received in the course of business
• it covers any gifts and hospitality offered to members of family or friends of employees and/or
• acceptance of G&H requires prior permission from your compliance team and/or line management

2.3 Decide on a G&H monetary threshold

If your organisation decides to operate monetary thresholds (rather than a total prohibition), proportionate values need to be agreed. For instance, this might be GBP50 for gifts and GBP100 per head per day for hospitality (remember to ensure that overseas associated persons use the local currency equivalent).

2.4 Consider over limit approval

If your organisation decides upon monetary thresholds, you need to assess whether it will require pre-acceptance or post-acceptance controls for G&H (eg below and/or above the threshold).

2.5 Consider approval routes

Your organisation may want staff to seek pre-approval from their line manager before accepting gifts above a threshold. However, this might not always be practical. In cases where pre-acceptance approval is not possible and the gift is deemed to be lavish, the policy could offer a solution by stating that the gift(s) are to be donated to charity etc. Judgement will be dependent on the circumstances. For example, a bottle of champagne that is gifted to a lawyer after a deal has closed (as opposed to before closing) is unlikely to lead to an inference of a bribe taking into account the timing and relative value to the transaction.

Approval requests could be recorded centrally as well as locally (eg on the individual’s personnel compliance record). The organisation’s risk assessment might determine that expenditure over certain limits requires further approval by appropriate senior level management. The value amount to be recorded should also include all associated costs for the G&H eg, travel and accommodation.

Guidance given to approvers should determine what is deemed to be reasonable. This can be achieved by specifying that a request for G&H should only be approved if it is at a level where the recipient is not given the impression that they are under an obligation to confer any business advantage or the recipient’s independence will be affected.

Approvers should understand any criteria to be applied when deciding the appropriate levels of hospitality for private and public business partners, clients and suppliers, and foreign public officials. This might also include the type of hospitality whose appropriateness is dependent on the circumstances. Such information is determined by the levels of risk related to the respective business units or departments.

2.6 Define the terms

Defining the terms will make the objectives of your G&H policy clear to those expected to draft the procedural controls required to implement it. Your G&H policy should define its key terms, such as:

• Gift – this is any item of value provided or offered for the personal benefit of the recipient or a close contact (family, friend or colleague) at no cost, or a cost that is less than its commercial value. Gifts can also include offers of employment to family members
• Hospitality – this is any offer of travel, accommodation, food, drink or an invitation to any event (eg concert or sporting event, either as a spectator or participant) in the company of a third party (including a client), which the recipient has received, or has themselves offered, for free as a result of their or their business’s employment within an organisation.

2.7 Define absolute prohibited G&H activities

Certain gifts and/or hospitality should not be given or accepted. Examples to include in your policy are:

• anything that is illegal or sexual in nature
• cash, irrespective of amount
• anything that will cause discrimination in accordance with the Equality Act 2010
• anything that is received on the basis that it is conditional upon receiving something in return
• anything that might give rise to a perception or suspicion that the recipient has been unduly influenced
• gifts or hospitality offered during a tender, procurement or bid process, to or from any party involved
• gifts or hospitality which are recurring, regular and/or could be part of a reciprocal arrangement
• keeping a gift and or hospitality that was not approved in accordance with the policy
• giving a gift and or hospitality that has not been approved in accordance with the policy
• holidays in the UK or abroad

In certain cultures, it is impolite to refuse or return a gift. In those circumstances, your policy should contain information on what options the receiver has, for example, consider donating to charity or seeking assistance from the compliance department.

2.8 Ensure the wording, length and complexity of the policy are appropriate

Consider tailoring your policy to fit different areas of your organisation. The risks identified in your ABC Risk Assessment may indicate that certain business units or departments will require more detailed guidance (for instance, because the risk level means they should be subject to pre-approval requirements).

2.9 Include practical guidance on example scenarios in line with the nature of your business

Your policy will be more effective if it contains guidance on different practical scenarios, for instance:

• what should the employee do if not allowed to keep the gift or take the hospitality? In some cases, even though the employee may not be able to keep the gift, it may be permissible to use the gift or share it within a business unit (eg sharing a box of chocolates, or displaying a bouquet received in reception), or possibly donating the gift to a charity (having advised the donor with a suitably worded note explaining why the gift cannot be retained)
• if a gift or hospitality cannot be accepted by an employee it must be declined with courtesy, but without apology, along with an explanation that it falls outside your organisation’s gifts and hospitality policy. For example, the employee might say:

“Thank you for your generous offer of [        ]. As you may be aware, [organisation’s name] has a strict policy on the giving and receiving of gifts and hospitality. In the circumstances, [add detail] I am not able to accept your kind offer/gift, and [assuming that you have no objection,] will be donating it to charity.”

2.10 State how the policy will be enforced

The G&H policy should be enforced through disciplinary action (see Checklist: Carrying out a disciplinary process). This means you will need to describe the types of conduct viewed as unacceptable and not permitted by individuals (eg accepting or giving bribes) along with the penalties for breaching internal policy (eg disciplinary action) and the law (eg imprisonment and fines).

2.11 Keep a version control tracking record

Compliance with this task is a key part of your policy documentation housekeeping. Updates, amendments and annual reviews of the G&H policy will then be transparent and easy to retrieve. This will also assist you in the event of an internal or external request for historical information or previous versions of the policy.

2.12 Test the draft policy

Ask someone who was not involved in drafting the policy to read it and confirm it is clear and understandable. This might be a colleague or carried out more formally by a member of the assurance or audit function.

2.13 Finalise the policy

You will need to determine who will finalise your G&H policy. It is important that all relevant stakeholders (eg senior management responsible for ABC risk) agree on its contents.

2.14 Ratify the policy

You will need to decide who will ratify your G&H policy. Because this is a strategic policy issue it should be approved by top-level management, who are responsible for all policies and procedures within your organisation.

2.15 Draft and agree a practical route map to communicate the policy

It is easiest to send a copy (or the link to a copy) to staff via email. You could print and distribute hard copies too so that the policy can be accessed manually and/or make a copy available on an intranet. Members of your organisation who are subject to the G&H policy should indicate that they have read and understood the G&H policy. You might include it as part of your organisation’s compliance manual or staff handbook.

2.16 Prepare a formal statement for top-level management to communicate the policy to the organisation

This task is most effective if tailored to different audiences and made generally available (on an intranet and/or internet site) and refreshed periodically. As a guide, all employees should be reminded via email and/or your organisation’s intranet to speak to their line manager about any gifts or hospitality they may wish to offer (or they may be offered or receive) prior to offer or acceptance.

2.17 Use targeted communications and permanent signposts for the policy

Wherever appropriate, include permanent hyperlink signposts and cross references to the G&H policy so that it is easily accessible to business and support staff.

2.18 Provide staff and business with tailored training on the policy

This is part of the process for ensuring effective implementation of the G&H policy. Training should be tailored to each area of the business based on the level of risk identified and using practical examples relevant to business activities. Higher risk areas such as sales or bid teams should be prioritised.

Step 3 - Embed a gifts and hospitality procedural control

Step 3 sets out practical steps which your organisation should consider as part of its overall management strategy and looks at specific actions to take and consider in controlling and managing against BA 2010 risk.

3.1 Review disciplinary procedures

Consider ensuring compliance with your organisation’s internal policies and procedures by making them a contractual requirement that can be enforced (eg through disciplinary procedures). Ensure your relevant policies state failure to comply may result in disciplinary action.

3.2 Review third-party contracts and ensure G&H policies are included

If you have decided that third parties must adopt an equivalent G&H control, it may be necessary to require an audit right for assurance purposes (depending on the risk level assigned). Ensure contracts are well written and ensure all third party personnel are conformed to the G&H controls.

3.3 Locate critical accounting activities and review payment and invoicing arrangements

Consider procedural controls and/or tailored training so that staff with oversight in the areas identified as having high risk can identify unapproved payments for G&H.

3.4 Consider approval controls via manual or automated systems

This task will depend on the size of your organisation and the budget available to implement a procedural control for G&H. Automated controls require careful consideration at design implementation stages for effectiveness. This also requires regular auditing and testing to ensure it is working.

3.5 Consider guidance for approvers

You might consider what guidance line managers and compliance staff will need to consider when deciding whether to approve or decline a gift or hospitality.

When line managers and compliance teams are considering whether or not to authorise gifts and hospitality, they will need to think about how it would look to an outsider. Consider reviewing records of previous invitations or gifts to determine if this is indicative of a wider pattern of behaviour from a third party or conduct regarding a member of staff. For example, a scenario where a personal friend of an employee is seeking a favourable outcome in their contract negotiation with your organisation should be assessed with caution.

Approved hospitality should reflect a desire to cement good relations and show appreciation. Promotional expenditure should seek to improve the image of the firm as a commercial organisation, to better present its products or services, or establish cordial relations.

Guidance should also include any industry-specific information on G&H controls.

3.6 Establish a road map to embed G&H procedures

Establish a written project plan and road map to completion to enable your organisation to embed the G&H procedural controls. This will include bespoke training (on G&H procedural controls, how to spot red flags, where to escalate concerns etc). The project plan needs to identify milestones such as:

• gaps identified
• procedures drafted
• procedures finalised
• training rolled out to all employees
• collection of management information designed
• independent reviews scheduled (such as monitoring or audit assessments)

Consider how your G&H policy will be applied to individual projects or functions in your organisation.

3.7 Design a way to record and monitor G&H data in a central location

An accurate record of all G&H should be made. Design a manual or automated monitoring system for collating and reporting management information data centrally.

3.8 Implement version control tracking

This task is a key part of your documentation housekeeping. Regular updates, amendments and annual reviews of your G&H procedural controls should be scheduled and recorded. This will also assist you in the event of an internal or external request for historical information or previous versions.

3.9 Test your G&H procedures

Your organisation can do this in-house by way of monitoring or auditing, or outsource the service to a specialist professional adviser, depending on the complexity of the G&H procedural controls you are testing.

3.10 Finalise your G&H procedures

All relevant stakeholders will need to approve the procedural controls.

3.11 Ratify your G&H procedures

Ratification is when the procedure has been endorsed by the senior management team and becomes a ‘live’ document.

3.12 Educate relevant staff on risks

Your organisation’s training will need to be tailored to meet the requirements of the KRIs. For instance, top-level management and staff in business development, finance, and human resources etc will need to know how to spot potential BA 2010 red flags.

Appropriate training and supervision provided to staff. E-learning or in-person training should be offered to all employees to ensure they are aware of what is expected of them under the G&H controls and the resulting implications in relation to bribery and corruption (for instance, applicable penalties for breaking the law).

Staff may receive tailored training to suit their roles within their relevant functions. This can be best achieved using each function’s risk.

A record of attendance at the G&H training will assist in providing assurance of compliance by employees. You should also ensure that G&H training is embedded in your induction and onboarding procedures.

Step 4 – Monitoring and ongoing governance and compliance requirements

Step 4 of the checklist considers how to respond to and manage the practical business-as-usual aspects of G&H risks. The list considers steps to take in respect of maintaining an up-to-date ABC Programme.

4.1 Review the G&H policy and procedures regularly

To ensure that policies and procedures are kept up to date, taking into account the law, best practices and risk, a review of the G&H policy and procedures should be carried out at least annually and/or when circumstances change (for example, if your organisation merges with another or you offer a new product or service).

4.2 Consider robust enforcement of G&H procedures

You may need to amend your organisation’s third-party contracts and practices to ensure ongoing robust enforcement. You should also consider appropriate escalation channels or contractual arrangements with third parties (eg amending job descriptions and third-party terms of engagement).

4.3 Document actions taken when misconduct is identified

This includes staff disciplinary action and remediation. Use this information as training scenarios to educate and understand how lessons can be learned by your organisation.

4.4 Monitor industry developments

Draw on information from other organisations’ practices, eg relevant trade bodies or regulators might highlight examples of good or bad practice in relation to G&H in their publications. In addition to regular monitoring, you might monitor governmental changes in countries in which you operate, an incident of bribery or negative press reports.

4.5 Provide information on incidents to top-level management

This task requires your organisation to provide information on the oversight of procedural controls, and levels of compliance and incidents, along with the provision of feedback. Ideally, this information should be reviewed at board level or by the relevant board committee (eg risk or audit committee). It should include:

• periodic management information (eg every quarter);
• relevant analysis (eg internal audit findings); and
• commentary on BA 2010 risks (eg information on breaches or the findings of internal investigations).

4.6 Consider different types of data to monitor

This could include information on how often your G&H policy is viewed online and which business area or department views it most often. You should also consider this in reverse, to check which functions should be viewing it more regularly and are not doing so.

4.7 Ensure transparent engagement with internal or external auditors

Ensure transparent engagement with internal or external auditors so that lessons can be learned. This task also requires that your G&H record (see suggested precedent below) be completed in sufficient detail so it can be understood by an independent third party ie use names and job titles rather than initials.

4.8 Continuous demonstration of commitment by top-level management

Tone from the top is important in creating a culture of compliance. If appropriate, consider top-level management engagement with relevant associated persons and external bodies, such as sectoral organisations and the media, to help articulate your organisation’s policies and commitment to the BA 2010.

4.9 Survey staff to ensure understanding

This task requires that your organisation’s communications on expectations on standards of conduct needs to be socialised and understood. This message needs to come directly from top-level management. A sample survey of staff can help you understand if the message from the top of your organisation is clear and unambiguous or if further action or communications are required.

Additional resources

It is important to continuously stay abreast of developments and to add to and update your checklist as needed. In respect of the Bribery Act 2010 (BA 2010) there are several anti-bribery and corruption website resources to draw on including:

• The UK government’s quick start guidance on the BA 2010 is here
• The UK government’s guidance about procedures which relevant commercial organisations can put into place to prevent persons associated with them from bribing is here
• The Serious Fraud Office
• The Department for International Trade
• The Organisation for Economic Co-operation and Development
• Transparency International

Related Lexology Pro content

How-to guides:

Understanding the Bribery Act 2010 offences
Understanding penalties for breach of the Bribery Act 2010
How to identify and assess bribery and corruption risk
How to conduct an internal investigation into bribery allegations
How to prevent bribery and corruption

Checklists:

Anti-bribery and corruption risk assessment
Anti-bribery and corruption procedures
Charitable and political donations
Conducting third party due diligence and managing third party bribery risk

Reliance on information posted:

While we use reasonable endeavours to provide up to date and relevant materials, the materials posted on our site are not intended to amount to advice on which reliance should be placed. They may not reflect recent changes in the law and are not intended to constitute a definitive or complete statement of the law. You may use them to stay up to date with legal developments but you should not use them for transactions or legal advice and you should carry out your own research. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to our site, or by anyone who may be informed of any of its contents.