HSE University Anti-Corruption Portal
Mitigation of penalties for corruption offences: the draft Russia’s Code of Administrative Offences in international perspective
Alexey Konov, Natalia Gorbacheva Download

The Russian Ministry of Justice has presented the draft new Code of Administrative Offences of the Russian Federation (hereinafter “the draft CAO”), which, among other things, provides for mitigation of liability for illegal remuneration on behalf or in the interests of an organization in case it has implemented anti-corruption measures.

Opinion
Opinion

The article "Illegal remuneration on behalf of a legal entity" (article 34.36 in the draft CAO, article 19.28 in the current CAO) is to be amended accordingly, and the following paragraph 7 is to be added to the notes:

"When imposing an administrative sanction for the commission of an administrative offence under this article, the existence of anti-corruption measures undertaken in accordance with paragraph 1 of article 13.3 of the Federal Law No. 273-FZ of 25 December 2008 “On Combating Corruption” by the legal entity on whose behalf or in whose interests the offence was committed, shall be the grounds mitigating administrative liability.

For the purpose of reducing administrative liability a review is to be performed by a judge, with due consideration of the methodology approved by the Government of the Russian Federation, examining the sufficiency of corruption prevention measures implemented by a legal entity on behalf of or in the interests of which a given offence has been committed.”

Practically the first in Russia’s legal history, an attempt is being made to incentivize organizations to introduce anti-corruption measures by explicitly providing for the possibility of mitigation of sanctions for corruption offences, subject to the offender complying with certain requirements.

So far, the possibility of not applying sanctions for illegal remuneration has been based mainly on the provisions of paragraph 2 of article 2.1 of the current CAO, where a legal entity is considered guilty of committing an administrative offense only if it had ample opportunity to abide with the law, but did not take all practicable measures to do so. Thus, it may be inferred that in case the organization has undertaken all possible anti-corruption efforts and a corruption offence was committed on behalf of or in the interests of the organization by associated persons acting in circumvention of the internal controls, the organization may be found not guilty of committing the offence under article 19.28 of the current CAO. Such decisions were indeed taken by the courts, although admittedly remaining exceedingly rare[1].

The draft COA provides that linking the severity of penalties applied to an organization to the existence of an effective system of anti-corruption measures will be more clearly defined - by incorporating relevant provisions directly into the text of the article on illegal remuneration, rather than a vague reference to the general definition of administrative offence. Such an approach appears preferable with all things being equal. However, it should be noted that the proposed model raises a number of questions. To discuss them, it would be useful to refer at least briefly to international experience.

1. Carrot and Stick

A number of foreign countries have long been applying various mechanisms to mitigate the liability for corruption offences of legal entities provided that they introduce an effective system of anti-corruption measures. Two basic models can be distinguished with a certain degree of conditionality.

I. The most lenient approach provides for the possibility of full exemption from liability - the so-called compliance defense. Thus, Section 7(2) of the UK Bribery Act (UKBA) states that an organization may be exempted from liability for wrongful acts of its employees and other associated persons if it is proved that the organization had in place adequate procedures designed to prevent those persons from undertaking such conduct[2].

However, it is important to bear in mind that the possibility of full impunity in the UK is 'counterbalanced' by the fact that failure to prevent bribery constitutes a separate offence under the very same Section 7 of the UKBA. And, unlike compliance defense[3], this norm is by no means "dormant": e.g., in 2020, Airbus settled with enforcement agencies of three countries – the United Kingdom, France and the United States – in a case connected to bribery of foreign officials, and consequently paid over $3.6 billion in financial sanctions (with approximately $1 billion going to the United Kingdom). In the UK, the company was accused specifically of breaching Section 7 of the UKBA.

II. A number of countries with a long history of applying anti-corruption laws to private sector organizations are consistently opposed to compliance defense. The best known case in point here is the United States. An organization that has committed violations of the Foreign Corrupt Practices Act (FCPA) can not be completely exempted from liability, even if it demonstrates an effective system of anti-corruption compliance. At the same time, taking measures to prevent corruption may help an accused organization to "alleviate guilt". In particular, a corporate anti-corruption program:

  • may be taken into account by law enforcement authorities when making decisions on whether to decline prosecution[4] or on the possibility of an NPA /DPA,

  • is one of the factors in determining the need and duration of independent monitoring,

  • is taken into account when calculating the culpability score of the organization and, consequently, the ultimate amount of the criminal fine.

However, this interdependency of financial sanctions to corporate anti-corruption measures should not be exaggerated. For instance, according to the United States Sentencing Guidelines, an organization's implementation of an effective anti-corruption program can reduce the value of only one of the key calculation indicators - the culpability score - and only by 3 points. By comparison, if the organization had 5,000 or more employees and an individual within high-level personnel of the organization participated in, condoned, or was willfully ignorant of the offense the culpability score increases by 5 points. Other factors, especially self-disclosure of company's illegal activities, full cooperation with the investigation and implementing appropriate remedial measures, have a significantly greater impact on the final fine.

The US has neither compliance defense, nor the explicit legal obligation for organizations to undertake anti-corruption measures and therefore no sanctions for failure to perform such actions. Nonetheless, there are a number of important features that need to be taken into account when analyzing the US approach.

First, the role of the "stick" here is reserved for very substantial financial sanctions: criminal fines for violation of the FCPA can reach twice the amount of gross gain received by the company as a result of corrupt conduct and are frequently in the hundreds of millions of dollars, at times exceeding the $1 billion mark. Criminal fines are supplemented by civil penalties, disgorgement of profits received as a result of the offense, other financial sanctions, as well as significant costs for internal investigations and other legal proceedings.

Second, shareholders are increasingly filing class action lawsuits against executives of companies accused of violating the FCPA, claiming damages related to mismanagement, including the lack of effective compliance programs, as well as false or misleading information in the company's financial statements. In recent years, such claims have often been satisfied by the courts and the amounts involved may also reach into hundreds of millions and billions of dollars[5].

Finally, although it is not an offence for an organization to fail to implement anti-corruption measures under the FCPA, it establishes liability for inaccurate books and records and, most importantly to the context of this discussion, for the lack of an effective internal accounting controls. Moreover, the companies are charged with violations of the two above-mentioned FCPA provisions more frequently than with the actual fact of foreign bribery. Accordingly, it can be said that in the United States it is also a crime not to take measures aimed at prevention and timely detection of wrongdoings, including corruption.

Thus, in foreign countries that most actively apply anti-corruption laws to private sector organizations, mitigation of liability for bribery-related offences, if any[6], goes hand in hand with significant risks of negative consequences for the company neglecting the implementation of effective anti-corruption measures. One of the two basic models directly imposes an obligation on the organization to take anti-corruption measures and sanctions are provided for non-compliance with this obligation, but in case the organization is investigated for bribery, the implementation of adequate anti-corruption measures may be a mitigating factor. Under another model, the duty to take anti-corruption measures is not imposed on the organization, but the company that has committed a corruption offence faces huge fines and other expenses, and the existence of an effective anti-corruption program is presented as one of the "straws" at which the organization can "clutch" in an attempt to ease the devastating effect of financial consequences[7].

The approach proposed in the draft CAO does not correspond to any of the models considered. On the one hand, despite the fact that article 13.3 of the Federal Law No. 273-FZ of 25 December 2008 "On Combating Corruption" (hereinafter referred to as the Federal Law "On Combating Corruption") obliged organizations to undertake anti-corruption measures, sanctions for non-compliance with this obligation has not been established. An organization can face a fine for failure to comply with the prosecutorial order (article 17.7 of the current CAO) in case the prosecutor has initially ordered the organization to take appropriate measures, but the organization ignored the instruction. However, the maximum fine is only 50 thousand roubles (approximately $270).

On the other hand, although the size of the penalty for illegal remuneration on behalf or in the interest of a legal entity provided for by the current CAO depends on illegal remuneration amount and can hypothetically reach substantial sums, the law enforcement experience shows that significant financial sanctions are not yet being applied in Russia, at least in any way comparable to sanctions for similar offences in countries actively implementing anti-corruption regulation in the private sector[8]. This is also facilitated by a very modest, as compared to the international practice, minimum amount of the penalty, which is directly specified in the law - and, accordingly, is perceived as a benchmark: even in case of illegal remuneration on a particularly large scale it is set at 100 million roubles ($1,4 million), and the draft bill proposes to further reduce it to 60 million roubles ($862,5 thousand). Such fines certainly appear serious and perhaps excessive for SME sector, but are hardly an effective means of preventing offences for large companies.

Accordingly, the draft CAO actually proposes to give organizations a "carrot" - mitigation of sanctions for illegal remuneration in case of undertaking anti-corruption measures - in almost complete absence of a "stick" - penalties for failure to undertake such measures and (or) really burdensome, especially for large companies, financial consequences of corruption activities. There is a paradoxical situation when the state, rather than implementing an imperative approach to the norms on the adoption of anti-corruption measures by organizations, "persuades" businesses to perform the duty already enacted in the law.

In our opinion, stimulating the introduction of anti-corruption compliance appears practicable and even useful, but only in case it is accompanied by the introduction of clear and meaningful sanctions for organizations' failure to undertake adequate anti-corruption measures. Various solutions are possible to improve the situation.

1) One of them is to establish sanctions in a separate article of the CAO for failure of organizations to comply with the requirements of article 13.3 of the Federal Law "On Combating Corruption" (hereinafter “the article 13.3”) and establish an appropriate system of penalties, with the possibility of reducing them in case the organization implements effective anti-corruption measures. Hence, any organization subject to the requirements of the article 13.3 may be held liable for failure to comply, even if it is not charged with illegal remuneration on its behalf or in its interest. Equally, an organization may receive a discount in penalty for illegal remuneration if it demonstrates that it has done its best to prevent corruption-related offences.

2) An alternative approach assumes that an organization's failure to comply with its duty to take corruption prevention measures will not be considered as a separate offence, but instead will be established as an aggravating factor for illegal remuneration on behalf or in the interest of the legal entity. In this case, the absence of anti-corruption compliance may negatively affect the company only if it is found guilty of a corruption offence. But while a company cannot be held liable simply for failing to take anti-corruption measures, an organization will not be able to mitigate its basic liability even if it demonstrates an effective anti-corruption compliance system.

3) As for "the U.S. approach", where the main incentive factor is extremely burdensome financial sanctions, and the implementation of an effective anti-corruption program is seen as one of several factors that can encourage law enforcement and the courts to reduce the amount of the fine, it certainly deserves attention and detailed discussion, but at the moment the possibility of its application in Russia is doubtful. This approach implies a regularly demonstrated willingness to apply sanctions to large companies in the first place, and thus exploit the full potential of the law by imposing truly high fines. The existing statistics on the enforcement of article 19.28 of the current CAO shows rather the opposite: fines are mainly imposed on small companies, and their average amount is by no means comparable to the average amount of financial sanctions for violation of the FCPA.

2. Adequacy of anti-corruption measures

Another question, to which a clear answer is required in order to recognize the anti-corruption program as a mitigating factor, is who exactly and in which way will assess the effectiveness of the organization's anti-corruption measures. There is a significant risk that such measures will be no more than window dressing and will have no impact on employees' attitudes and behavior in real life situations.

Therefore, all countries, in the cases reviewed above, regardless of availability of compliance defense or a statutory duty of organizations to take anti-corruption measures, are paying close attention to reviewing the adequacy and effectiveness of anti-corruption programs. Certain elements of the relevant international experience deserve a closer focus.

Firstly, the overwhelming majority of countries, when making decisions on the performance of an organization's duty to take anti-corruption measures and/or on the validity of mitigation of liability for corruption offences, are guided by the reviews implemented by government. Such reviews may be carried out as part of the investigation of corruption offences, as in the United Kingdom, the United States, Brazil, or as part of the oversight of the duty to take anti-corruption measures, as in the case of France. It may be carried out by law enforcement agencies (U.K. Serious Fraud Office, U.S. Department of Justice), anti-corruption authorities (Anti-Corruption Agency in France), or specially established commissions (Comissões de Processo Administrativo de Responsabilização in Brazil). Regardless of the procedure used, governments do not generally rely on "private" assessments and certification.

Moreover, when investigations are conducted by or with participation of the U.S. law enforcement agencies certificates and awards in the field of compliance received by companies are almost demonstratively ignored. For example, Airbus initiated an external audit of its compliance program in 2012 and received a certificate of compliance, which did not prevent the company from being held accountable in the UK precisely for its inability to prevent bribery by its associates (i.e., in fact, for the lack of adequate anti-bribery measures) that took place in 2011-2015. The Russian company Mobile TeleSystems PJSC (MTS) was prosecuted under FCPA, paid $850 million in financial sanctions, and was compelled to admit in the DPA that its compliance program was not effective enough. The company was unable to claim a reduction of the fine on the relevant grounds, despite the fact that its efforts to improve the compliance system, undertaken after the investigation began, on numerous occasions received high external recognition: in 2015, the Director of MTS Compliance Department won the ICA award in the nomination "For Promotion of Compliance Practice", and in 2017 - the Women in Compliance Award in the nomination "Chief Compliance Officer of the Year". In our viewpoint, such attitude of law enforcement to the external assessment, appears reasonable, taking into account a number of scandals related to insufficient depth of monitoring by private certification companies (see, e.g., the case of Unaoil)[9].

The opposite approach, in which the state to some extent recognizes private certification of compliance programs, is quite rare. One such example is provided by Chile where organizations are encouraged to implement a so-called "offence prevention model" that includes a set of measures outlined in legislation. An organization's "offence prevention model" is the basis for exemption from liability for corruption offences. The organization may request an external assessment of its "offence prevention model" and, if successful, obtain a certificate for a period not exceeding 2 years, confirming that the model meets the legal requirements. The certification is entrusted to private audit companies, rating agencies, etc., which have been registered with the Financial Market Commission. It should be noted that although the certification of compliance programs is gaining popularity among the Chilean business community for obvious reasons, local and international experts are actively criticizing this practice, pointing to the wide opportunities for superficial and often frankly unfair assessments[10].

Concerns have also been raised about a similar initiative in Brazil, where the bill was introduced providing for obligatory certification for corporate compliance programs by an internal or external “integrity systems manager” (gestor de sistema de integridade). As such a “manager” can be a specifically hired third party, some experts believe the law, should it be adopted, can “create a certifier market”, where a company can shop around for the agent who will sign off its compliance program with the least scrutiny”[11].

Secondly, procedures for assessing the effectiveness of anti-corruption programs are becoming more and more detailed, and compliance specialists with specific experience and knowledge are getting involved in their implementation. Thus, in the U.S., recommendations on assessing the efficiency of compliance programs of the organizations by public prosecutors have long existed in various documents. A separate guidance on this topic, "Evaluation of Corporate Compliance Programs", was published in 2017 and significantly expanded in 2019 and 2020. The current version of the guidance contains over 160 questions that prosecutors are urged to ask when conducting assessments[12].

However, the U.S. authorities did not limit themselves with simply detailing the criteria for assessing compliance programs in the guidelines: in 2015, the Department of Justice, for the first time in its history, hired a Compliance Counsel Expert, Hui Chen, who was responsible for training prosecutors on compliance assessment and assisting them in conducting specific investigations. Although she felt the need to leave in 2017 due to her disagreement with the policy of the U.S. President[13], the experience of attracting compliance experts has been considered a success and the relevant vacancy has been again announced recently on the DOJ website.

In addition, the introduction of detailed procedures to evaluate the organizations' compliance programs predictably requires sufficient time for implementation: for instance, the duration of abovementioned Brazilian commission’s work is 180 days.

Last but not least, guidance on assessment of anti-corruption programs originally developed for law enforcement agencies and lacking legal force, is increasingly being made publicly available. Thus, it can be perused by organizations as a reference point in developing their anti-corruption frameworks.

The draft CAO proposes that the courts should be empowered to assess the corruption prevention measures taken by organizations and be guided by the methodology approved by the Government of the Russian Federation. Such an approach seems highly controversial. At present, it is hardly possible to allocate sufficient time within the framework of court proceedings for an in-depth assessment of the effectiveness of anti-corruption compliance systems, and judges usually do not possess the knowledge and skills required to conduct such an assessment. This is also confirmed by the existing case law on implementation of the article 13.3: in the overwhelming majority of known cases, judges simply agreed with prosecutor's claims without going into a detailed study of their validity. This sometimes led to paradoxical decisions: e.g., organizations were obliged to undertake the measures they had already taken[14].

We are of the opinion, that it would be more appropriate to entrust the Prosecutor's Office with the task of assessing the anti-corruption programs of organizations. Such an assessment could be, and often is, carried out in the framework of both investigations of illegal remuneration on behalf or in the interest of a legal entity and monitoring of the implementation of anti-corruption legislation, including the article 13.3. Whether, as previously recommended, the legislation establishes some form of administrative liability for failure of an organization to comply with its obligation to take measures to prevent corruption, the assessment of anti-corruption programs would become a decisive element of relevant investigations.

Regular review of the anti-corruption programs of organizations by prosecutors should be paralleled with adequate methodological and educational support. In this connection, it is particularly important to develop, with the involvement of business community and experts, a detailed guidance on conducting such reviews[15]. Here the international experience can be of great use. New methodological materials, in our opinion, should be made publicly available.

As far private certification of anti-corruption programs is concerned, there have been such proposals in Russia. The draft federal law “On amendments to the Federal Law “On combating corruption” in order to improve the performance by the organizations of the duty to undertake anti-corruption measures” of 2017 (hereinafter “the draft law on amending the article 13.3”) provided that assessment of the adequacy of corruption prevention measures taken by organizations will be carried out by expert centers selected and accredited by the National Council for the Prevention of Corruption. Without going into further detail, it should be noted that any implementation of the "Chilean approach" – private certification under state supervision – is highly doubtful. Private certification always runs the risk of becoming a "sale of indulgences", in which the certification organizations, once paid for their services, will turn a blind eye to either the insufficient information provided by their clients or even the obvious shortcomings of their compliance programs. In light of this, the results of a private assessment of anti-corruption programs can not, in our view, serve as an officially recognized confirmation of the adequacy of corruption prevention measures both when making a decision on whether or not the organization complies with the requirements of the article 13.3 and when determining whether the sanctions for corruption offences should be mitigated.

3. Article 13.3

The Article 13.3 itself may become an additional obstacle to the successful application of the changes under consideration in the draft CAO. In our opinion, its current version (see Box 1) contains a number of critical shortcomings.

Box 1

Federal Law "On Combating Corruption"

Article 13.3 The duty of organizations to implement corruption prevention measures

1. Organizations have a duty to develop and implement corruption prevention measures.

2. The corruption prevention measures adopted by an organization may include:

1) identifying units or officers responsible for preventing corruption and other offences.

2) cooperating with law enforcement agencies.

3) developing and implementing standards and procedures aimed at ensuring the integrity of an organization;

4) adopting a code of ethics and official conduct for the employees of the organization;

5) preventing and resolving conflicts of interest;

6) preventing accounting fraud and falsification of documents.

On the one hand, this article is extremely unspecified: it only prescribes organizations to take any measures to prevent corruption and contains a list of possible but not compulsory measures as a reference point. When interpreting the article 13.3 literally, in order to comply with its requirements, it is quite sufficient for an organization to implement even the simplest and least effective tool, such as a single page code of conduct, and not invest in the creation of a complex anti-corruption compliance system. We believe that the performance of such a non-burdensome obligation can hardly be a reason to mitigate liability for quite specific corruption offences. At the same time, if the article 13.3 is retained in its current version, it is unlikely that the introduction of sanctions for non-compliance with its requirements, which we proposed earlier, can be effectively implemented, since the text of the law to a large extent encourages organizations to only formally adhere to its provisions and take the minimum possible anti-corruption efforts.

On the other hand, part 2 of the article 13.3 still contains a list of corruption prevention measures that organizations can take. However, in practice, prosecutors often ignore the non-imperative nature of these provisions, especially since this is almost the only dispositive norm in the entire Federal Law "On Combating Corruption". Over the past few years, thousands of lawsuits have been filed, where the prosecuting authorities have asked the court to order an organization to implement a specific anti-corruption measure or even the entire list of measures set out in part 2 of the article 13.3. The situation is aggravated by the fact that this article does not prescribe directly or even orientate in any way that anti-corruption requirements for organizations should differ depending on their relationship with the state, size, scope of activities and other characteristics. As a result, the claims (including against SMEs) often appear excessive[16].

The need for amending the article 13.3 has been discussed for a long time[17]. The key proposals are as follows: first, to define the categories of organizations that will be subject to the most stringent anti-corruption requirements; second, to establish a minimum set of mandatory anti-corruption measures in the law, expressly for these organizations; third, to oblige all other organizations to take measures to prevent corruption, without even specifying them as recommended or possible measures, but, on the contrary, supplementing the law with a clause that the content of such measures is to be determined by the organizations independently with respect to their business activities, size, availability of financial and other resources, etc.

One of the options for implementing this approach was proposed in the previously mentioned draft law on amending the article 13.3. This draft federal law proposed to make certain anti-corruption measures mandatory for the following types of organizations:

  • organizations established by the Russian Federation under federal laws or presidential decrees;

  • organizations in respect of which a state-owned corporation (company), state non-budgetary fund performs the functions of a founder and/or the rights of an owner of property, including on behalf of the Russian Federation;

  • economic companies in the authorized capital of which more than fifty per cent of shares are owned by state corporations (companies) or the Russian Federation and in respect of which the shareholder's powers are exercised by state-owned corporations (companies);

  • subsidiaries of economic companies in the authorized capital of which more than fifty per cent of shares are owned by the companies specified in paragraph 3;

  • subsidiaries of economic companies in the authorized capital of which more than fifty per cent of shares are owned by the subsidiaries of economic companies specified in paragraph 4;

  • companies in the authorized capital of which the share of state ownership is not less than fifty per cent and / or state unitary enterprises provided that such companies and state unitary enterprises have, in accordance with the accounting (financial) reports for the reporting year, a volume of revenue (income) or an amount of assets of 10 billion roubles ($144 million) or more or an average headcount of 4,000 and higher.

It was proposed that these organizations should be required to:

  1. identify units or officers responsible for preventing corruption offences;

  2. develop and approve by means of corporate regulatory acts the rules and procedures aimed at preventing corruption in all areas of the organization's activity;

  3. assess corruption risks at least once biannually in order to identify the areas within the organization most exposed to such risks;

  4. organize annual declaration of conflict of interest by employees who are filling certain positions included in the lists, established by corporate regulatory acts, pursuant to the employment contract;

  5. include into the employment contract the provisions on disciplinary responsibility for the violation of prohibitions, restrictions and obligations established for the purpose of combating corruption in cases stipulated by the Labor Code of the Russian Federation, other federal laws, decrees and regulatory legal acts of the President of the Russian Federation and the Government of the Russian Federation, as well as corporate regulatory acts;

  6. distribute to the employees information on the measures taken by the organization to prevent corruption, including notifying employees about the relevant corporate regulatory acts, with signed acknowledgement;

  7. ensure the receipt, review and confidentiality of notices to employees of the organization on the facts of inducement to commit corruption offences in accordance with the procedure determined by the corporate regulatory acts;

  8. ensure cooperation with supervisory (watchdog) government agencies and law enforcement authorities on anti-corruption issues.

Our point of view is that this proposed solution can be taken as a basis for further improvement of the legislation, although specific criteria for determining organizations subject to mandatory anti-corruption measures and the scope of such measures possibly require additional discussion. Taken broadly, we believe that this approach to amending the article 13.3 will help solve some of the existing problems with its implementation, in particular:

  • specify the requirements for taking anti-corruption measures, identify the anti-corruption tools the state expects the organizations to implement and thus establish clearer grounds, both for applying sanctions for non-compliance with the article 13.3, and for mitigating liability when the organization commits a corruption offence;

  • to differentiate the severity of anti-corruption requirements depending on the characteristics of organizations, assigning the most rigorous obligations to organizations exposed to significant corruption risks and, on the contrary, avoiding excessive burdening of organizations with the least likelihood of being involved in large-scale corrupt practices.

Findings

The provision in the draft CAO on mitigating of liability for illegal remuneration on behalf or in the interest of a legal entity in the case of sufficient anti-corruption measures being undertaken does appear rather useful. It is more in line with the objectives of encouraging organizations to introduce anti-corruption measures than the use of article 2.1 of the current CAO as a defense.

Nevertheless, it seems hardly advisable to introduce additional grounds for mitigating sanctions for corruption offences unless other important steps are also taken to build a coherent system of anti-corruption regulation in the private sector. We suggest that the following measures should be adopted prior to or alongside the proposed amendments:

  1. Clarify the provisions of the article 13.3, stipulating that certain types of organizations are obliged to adopt a specific set of anti-corruption measures and giving other organizations the freedom to choose anti-corruption tools;

  2. Introduce liability for non-compliance with the provisions of the article 13.3, either by supplementing the CAO with the corresponding separate article, or by stipulating that failure of an organization to comply with the obligation to take corruption prevention measures aggravates liability for illegal remuneration on behalf or in the interests of a legal entity;

  3. In case the sanctions for non-compliance of the organization with the article 13.3 are stipulated in a separate article of the CAO, recognize sufficient anti-corruption measures taken in accordance with the requirements of the article 13.3 as a factor mitigating liability of an organization for illegal remuneration on its behalf or in its interests;

  4. Proceed on the assumption that a thorough review of the adequacy of anti-corruption measures taken by the organization will be performed by the prosecution authorities in the course of either monitoring compliance with the requirements of anti-corruption legislation, or investigating cases of illegal remuneration on behalf or in the interests of the legal entity.

    Accordingly, it is reasonable to abstain from imposing on courts, expert centers or any other organizations the duty to assess the adequacy of anti-corruption measures

  5. Prepare, with the involvement of the business community and experts, comprehensive guidelines to use by prosecution authorities on reviewing the adequacy of corruption prevention measures taken by organizations, as well as recommendations on building a system of anti-corruption measures for legal entities.

    Such guidelines should be made publicly available so that they can be used by organizations as a benchmark in developing and implementing anti-corruption programs.


[1] We are aware of only 2 such decisions: Decision of 14 March, 2014 case No 12-235/2014 and Decision of 14 October, 2014 case No 12-1248/2014 (in Russian); both were taken by the same court more than five years ago, which hardly indicates common application of such an interpretation of article 2.1 of the CAO as a loophole for organizations to escape liability.

[2] Similar legislation is put in place in some other countries, such as Italy and Spain, compliance defense has also been recently introduced in Malaysia.

[3] To date, in the UK the possibility of exemption from liability under section 7(2) of the UKBA has been considered by the court only once. Notably, the company’s compliance system was not found to be adequate (see, e.g, the article of Global Compliance News UK: “Adequate procedures” and self reporting under the spotlight as jury rejects Section 7 defence).

[4] The US Department of Justice first publicly announced its declination-like decision in 2012. The case of Morgan Stanley, the quality of compliance program of which was emphasized by the prosecutors, was widely discussed and sparking mixed reactions. Though no financial sanctions were imposed on Morgan Stanley, over the recent years the trend has been to disgorge companies of ill-gotten gains following the termination of prosecution (the so called declination with disgorgement), i.e. the company, whose employees have committed corruption offences, still faces financial losses. For instance, in the case of CDM Smith Inc. despite the refusal to prosecute the company, it was required to pay over 4 million in disgorgement. In addition, DoJ’s declination does not mean that the company can not be sanctioned by other law enforcement agencies: e.g., in Cognizant case the DoJ declined to prosecute, however the company still had to settle with the Securities and Exchange Commission and paid more than $25 million in civil penalty, disgorgement, and prejudgment interest.

[5] For instance, in 2019 the court satisfied the securities class action lawsuit against Petroleo Brasileiro SA (Petrobras), which was prosecuted under the FCPA in 2018, and obliged to reimburse the owners of its securities acquired in the US - almost $3 billion, which was one of the largest settlements amounts paid in a securities class action lawsuits. It is worth noting that the fine paid by the company as part of the settlement on FCPA violations was about $850 million.

[6] Some countries use the “stick without carrot” approach: e.g., in France some organizations are obliged to introduce a number of anti-corruption measures, failure to comply with this duty triggers a fine; however the law does not provide for the mitigation of sanctions for companies that have committed corruption offences, if they implement the required anti-corruption measures.

[7] Variations, as well as different combinations of two basic models are possible. In Brazil, for example, the obligation to take measures to prevent corruption only applies to organizations that enter into certain types of contracts with public authorities, and organizations are liable to be fined up to 10% of the contract value for failure to comply. Other organizations do not face such a duty but their compliance programs are taken into account when prosecuting various types of offences, including corruption related. At the same time approach to applying financial sanctions is similar to that used by the United States: the size of fines for corruption offences depends on the amount of ill-gotten gain is potentially very high.

[8] E.g., Baker McKenzie’s report on the results of the study of application of article 19.28 of the current CAO of the Russian Federation (in Russian).

[9] Nevertheless, law enforcement agencies and courts in certain countries are sometimes more inclined to take external compliance certification into consideration. Thus, Alstom, brought to justice in the UK in November 2019 for foreign bribery, enjoyed a £6 million discount for having radically restructured its anti-corruption compliance system and obtained the AFAQ ISO 37001 certification.

[10] See, e.g., the position of the OECD Working Group on Bribery.

[11] See, e.g., the article of Global Investigations Review Brazil's proposed compliance certification law deemed inadequate.

[12] Similar guidelines are published in other countries, e.g. the U.K.

[13] It is worth noting, that following her resignation from the U.S. DOJ, Hui Chen was invited to perform similar functions in Brazil, thus having become the first foreign consultant to the country’s Prosecutor General Service where she provided support in assessments of compliance programs of organizations negotiating settlements.

[14] See, e.g., Decision of 1 December, 2005 in the case No 2-3002/2015 (in Russian).

[15] Methodological support may include not only the publication of relevant materials for prosecutors assessing the adequacy of anti-corruption measures. The development of recommendations for organizations subject to the relevant legislation also appears useful. Such documents should be aimed primarily at providing organizations with practical advice on how to build a system of anti-corruption measures and on the use of anti-corruption tools, taking into account their scope of activities, size and other characteristics, and should be supplemented by illustrative examples. In preparing such materials, the guidelines “Anti-Corruption Measures in Organizations” (in Russian) developed in 2019 by the Russian Ministry of Labour may be used as a baseline.

[16] E.g., on the Decision of 22 May, 2017 in the case No 2-773/2017 (in Russian), although the defendant invoked the fact that his organization was a microenterprise and therefore not required to introduce conflict-of-interest prevention and resolution measures, to appoint an official responsible for the prevention of corruption offences, to adopt standards and procedures aimed at ensuring anti-corruption activities, the court ruled that the duty of organizations to develop and implement anti-corruption measures did not depend on the type of said legal entity and its headcount. Consequently, the microenterprise was obliged to adopt almost all of the measures provided for in part 2 of the article 13.3 (except cooperation with law-enforcement agencies).

[17] E.g., see the Recommendations of the Conference on Organizations' Participation in Combating Corruption. (16-17 September 2019) (in Russian).

We use cookies in order to improve the quality and usability of the HSE website. More information about the use of cookies is available here, and the regulations on processing personal data can be found here. By continuing to use the site, you hereby confirm that you have been informed of the use of cookies by the HSE website and agree with our rules for processing personal data. You may disable cookies in your browser settings.