MACC Guidelines

AN EXPLANATION OF ANTI-CORRUPTION POLICIES (MACC SEC17A)

On 1st June 2020, Section 17A of the Malaysian Anti-Corruption Commission Act 2009 (“MACC Act”) came into force. Section 17A introduces an offence by commercial organisations. Under Section 17A, a commercial organization can be charged with a criminal offence if an associated person (e.g., employees, directors, partners, external service providers etc.) commits an act of bribery or corruption for the benefit of the commercial organization, even if the bribe was not authorized by the commercial organization. Furthermore, directors or other persons concerned with the management of the commercial organization at the time of commission of the offence will also be deemed liable.

Corporate Liability Concept

Section 17A introduces the strict liability concept of Corporate Liability. This effectively means that:

  1. The commercial organization itself is now deemed to have committed the bribery offence.
  2. The directors/management and “persons associated” is also now deemed to have committed the bribery offence.

Even if the company or directors/management did not authorize the bribe nor had any knowledge of it, such a defence is insufficient, by itself, to absolve them of liability.

Coverage of Commercial Organisation

The MACC Act covers both the public and private sector, and it applies to citizens and permanent residents of Malaysia. In other words, any Commercial Organisation (“CO”) that is incorporated in Malaysia or has business activities in Malaysia—whether it is a private entity or a government-linked company or is local or foreign owned—must comply with the MACC Act. It is also important to note that the MACC Act has extraterritorial reach, where a CO can be held liable under the MACC Act for an offence that has been committed outside of Malaysia.

Persons Associated

“Persons associated” to a commercial organization could mean directors, partners, employees and persons who perform services on behalf of the commercial organization. This means that non-employees such as service providers who engage in bribery could also implicate the commercial organization under the concept of Corporate Liability. Hence, the risk of rogue employees or service providers giving bribes could now easily implicate the commercial organisation itself and/or the Senior Management.

“Senior Management” is defined as director, controller, officer, partner or a person concerned in the management of the Company’s affairs.

Adequate Procedures

In order for the company to be absolved from liability, it must be proven that the company had ‘adequate procedures’ to prevent ‘persons associated’ with the company from undertaking such conduct.

Similarly for the directors/management to defend themselves from prosecution, they need to prove both of the following:

  1. the bribe was committed without their knowledge or connivance; AND
  2. they had exercised due diligence to prevent the commission of such an offence
Penalty

The penalty under section 17A of the MACC Act is as follows:

  1. A minimum fine of RM1m or 10 times the amount of the bribe (whichever is the higher); and/or
  2. Imprisonment for up to 20 years.
Guidelines

Malaysian Anti-Corruption Commission (the “MACC”) issued the Guidelines on Adequate Procedures (“Guidelines”). The Guidelines, which were issued pursuant to Section 17A(5) of the Malaysian Anti-Corruption Commission Act (“MACC Act”), set out adequate procedures a commercial organisation (“CO”) needs to put in place as a defence to a corporate liability charge under the MACC Act.

Active Steps in Groundwork for Adequate Procedures

The directors and management of many commercial organizations must take active steps to ensure that the commercial organization has ‘adequate procedures’ to prevent bribery. This would then provide a defence to the commercial organization and the directors/management in the case of a rogue employee/service provider committing a corruption offence.

  1. The Guidelines on Adequate Procedures were published by the Prime Minister’s Department of Malaysia. Whilst there is no definite and standard determination of “adequacy” of the corruption prevention policies and procedures, the question of whether a commercial organisation has implemented “Adequate Procedures” is dependent on the level of risk it faces considering its size, nature, and complexity of business.
  2. Hence, an organisation should adopt a risk-based approach in drawing up the polices and implementation procedures in order to fulfil the requirement of “Adequate Procedures”.
Laying the Groundwork for Adequate Procedures

To comply with Section 17A, the starting point would be to formulate and implement anti- corruption policies, procedures, programmes, and controls around the five (5) principles of

T.R.U.S.T principles as per the Ministerial Guidelines. The Guidelines are not intended to be prescriptive as there is no one-size-fits-all that would work for companies across different industries and business climates. However, there are certain baseline practices, processes, and procedures a company can adopt and tailor to its organisation, and in turn, demonstrate that it stays on the right side of the law. The MACC has clustered the building blocks to having adequate procedures behind five principles:

T = Top Level Commitment

R = Risk Assessment

U = Undertake Control Measures

S = Systematic Review, Monitoring and Enforcement

T = Training and Communication

Principles Description Particulars
Principle 1: T Top Level Commitment This principle basically places the overall responsibility of practicing the highest level of integrity and ethics, complying with all applicable laws and regulations on corruption and effectively managing key corruption risks with commitment from top management;
Principle 2 : R Risk Assessment Risk Assessment This principle encourages the incorporation of corruption risk assessment where systems, processes and controls are periodically assessed to identify and address corruption risk and weaknesses; The Guidelines recommend a risk assessment to be conducted at least once every three years at the minimum.
Principle 3: U Undertake Control Measures

The Guidelines recommend introducing appropriate policies and procedures to prevent corruption. These measures should be proportionate and reasonable to the size and nature of the business. . Upon endorsement by the top-level management, these policies and procedures should be made available for access by the employees and the public; key criteria and methodology for due diligence measures; a reporting channel for corruption incidents and grievance mechanism with assurance of confidentiality.

through having a specific whistleblowing policy; a set of policies on gifts, entertainment, hospitality; an established protocol on financial controls and a conflict-of-interest policy.

Other control measures would be incorporating strict anti-bribery contract clauses and corresponding termination rights in its contracts with third parties to allow the Company to walk away from contracting with parties that breach such provisions or who are tainted with corrupt practices.

Operational safeguards such as a system to approve invoices and make payments, in order to detect attempts to pay bribes, would be another example of a financial control which could form one of the many building blocks on anti-bribery and anticorruption system.

Principle 4 : S Systematic Review Monitoring and Enforcement This principle expects audits to be carried out for the purposes of assessing the performance, efficiency, and effectiveness of the Company’s anti-corruption programme. This means the Company must allocate adequate resources and competent compliance officer/s which is proportionate to the scale of its business where it should direct its focus on areas identified to be of high risk.
Principle 5 : T Training and Communication This principle entails the dissemination of this Policy, relevant codes, policies, and regulations through training and other forms of communication.