ResourcesPractical guidance and standards for financial crime compliance practitioners

SUMMARY

Introduction

This publication from the Wolfsberg Group (the Group) is designed to provide guidance to the financial services industry on how to develop, implement, and maintain an effective Anti-Bribery & Corruption (ABC) Compliance Programme, and should be read in conjunction with applicable legislation, regulation, and guidance issued by authorities in the jurisdictions in which a financial institution (FI) conducts business. The overall objective of the Guidance is to promote a culture of ethical business practices and compliance with ABC legal and regulatory requirements. This Guidance replaces the 2017 Wolfsberg ABC Compliance Programme Guidance, which has been retired.¹

The terms set out in this publication are used as generic terms that are known across the industry, and there is no expectation for FIs to adopt this specific terminology in their frameworks.

Definition of Corruption and Bribery²

Corruption,³ considered in the context of this Guidance, is the abuse of entrusted power for improper personal advantage. Bribery is a form of corruption and is commonly described as involving the offer, promise, giving, request, receipt, acceptance, or transfer of anything of value, either directly or indirectly, to or by an individual, to induce, influence, or reward the performance of a function or an activity with improper intent, in a commercial or public office setting.

Risk-Based Approach

FIs should use a Risk-Based Approach (RBA) for the adequate development and implementation of programmes to prevent, detect, and report acts of Bribery and Corruption. In order to achieve that goal, FIs should periodically assess their business model including the locations in which they do business, their customer base, products and services, and the means by which they obtain and retain business such as through the use of Intermediaries (refer to section 5.1) and engagement with other third parties. Periodic assessments will enable FIs to identify inherent risks and adopt policies, procedures, and controls that are proportionate to the identified risks.

As highlighted in this Guidance, Bribery and Corruption risks generally are greater for FIs when pursuing business opportunities from, or providing benefits to, government or wholesale customer entities rather than customers in their individual capacity (e.g. a private wealth customer).

Overview of the Elements of an ABC Compliance Programme

While no ABC Compliance Programme (Programme) can prevent or protect against Bribery and Corruption risks completely, and there is no one-size-fits-all solution, this Guidance can help all FIs mitigate Bribery and Corruption risks across the following areas⁴:

• Firm-wide Policy: to capture key elements of a Programme, be applicable at a firm-wide level, set a no-tolerance appetite for Bribery and Corruption and prohibit facilitation payments (Section 1).
• Governance, Roles and Responsibility: the FI’s Programme should be overseen by senior management, administered by an individual with sufficient authority, expertise, and resources, with access to the Board or other governing authority (Section 2).
• Risk Assessment: each FI should periodically assess the nature and extent of the Bribery and Corruption risks to which it is exposed, and the effectiveness of controls designed to mitigate those risks (Section 3).
• Establishment of a Control Environment: risk-based controls should be aligned to the firm-wide Policy and be designed to mitigate Bribery and Corruption risks associated with:
  • Anything of Value: giving (including promising, offering, or authorising) or receiving anything of value, including gifts and hospitality, employment, work experience (paid or unpaid), donations and charitable contributions, corporate sponsorships, and political contributions (Section 4).
  • Third-Party Providers: engagement of third parties, including Intermediaries, can create varying degrees of Bribery and Corruption legal, regulatory, and reputational risk (Section 5).
  • Customer-Related Transaction Risks: certain customers, counterparties, or types of customer business activities may subject the FI to additional legal or reputational risks that should be considered and managed under an appropriate governance structure (Section 6).
  • Principal Investments and Controlled Fund Acquisitions, Investments, or Joint Ventures, i.e. the FI or a controlled fund acting on its own behalf (Section 7).
• Training and Awareness: The Programme should be communicated through policies, procedures, and guidance, with risk-based training of relevant employees and, as appropriate, certain third parties (Section 8). This includes the development of a framework to identify, analyse, and share lessons learned from internal and external events that are of relevance to the FI, in a timely manner, as part of the continuous evaluation of the Programme’s adequacy (Section 8.1).
• Monitoring and Testing for Compliance with Controls: The FI should have mechanisms to test compliance with policies and procedures and to identify third party or employee-related risk, where there is failure to act in a manner consistent with the FI’s business principles, policies, or codes of conduct, and applicable laws or regulations. Non-compliance should be investigated, remediated, and control improvements implemented, as appropriate (Section 9).

Please refer to the full version of the 2023 Wolfsberg Anti-Bribery and Corruption Compliance Programme Guidance for a more detailed account of the elements set out above.