The Institute of Enterprise Risk Practitioners (IERP®) is the world’s first and leading certification institute for Enterprise Risk Management (ERM).

Image Alt

IERP® International Institute of Enterprise Risk Practitioners

  /  Thought Leadership   /  Corporate Liability: Is Your Company Prepared?

Corporate Liability: Is Your Company Prepared?

Malaysian Anti-Corruption Commission is cracking down on corruption in Malaysia.

The Malaysian Anti-Corruption Commission (MACC) will enforce a new provision in the MACC Act 2009 effective June 2020, to enable the prosecution of commercial organisations involved in corruption. Prior to this, the MACC Act only focused on the prosecution of individuals involved in corruption.

Under the new provision, a commercial organization commits an offence if a person associated with the commercial organization corruptly gives, agrees to give, promises or offers to any person any gratification whether for the benefit of that person or another person, with intent to obtain or retain business for the commercial organization or to obtain or retain an advantage in the conduct of business for the commercial organization.

A director or person concerned with management is deemed to have committed the offence unless it is proven that the offence was committed without his consent or connivance and that he exercised due diligence in preventing its commission. If found guilty, the organisation will be liable to a fine of not less than ten times the sum or value of the gratification; or RM1 million, whichever is higher, or imprisonment for a term not exceeding 20 years, or both.

Guilty until proven innocent
Currently, directors have a lot at stake as they could be indicted due a number of reasons. If one of them is caught offering a bribe to bring in sales for the company, the director can be charged under this new Act. When charged, directors will need to prove to the court that they implemented adequate procedures to prevent this matter from occurring.

Proving your innocence could be difficult as the Act lacks clarity. Moreover, the terms used in the Act, such as “adequate procedure” are open to interpretation with the ultimate determination made by and in a court of law..

So how do we know the controls that we have implemented are sufficient to mitigate this risk and prove that we are innocent of the charges?

The Act needs to be further defined, so that organisations will know exactly how to implement the right procedures and prevent corruption from occurring.

Pray hard
When asked what directors can do to protect themselves, Mr. Ramesh quipped, “Pray hard.” He reminded everybody about doing their gap analysis, adding, “If you have yet to start, you should start doing it now. The implementation deadline is 1 June 2020, which only leaves us another six months. The gap analysis takes a lot of time and energy to complete. And you should leave sufficient time to implement effective action plans to plug the gaps”

A good start is to use the ISO37001 as guide on what to do to protect yourself and the organisation.

Another method would be by starting to adopt a “No Tolerance” policy, organisation-wide. If a person is caught offering bribes or carrying out something similar, the company should act immediately and without hesitation. This shows the organisation’s commitment to eradicating corruption and may help you in the future.

In addition, it is worth the effort to include corporate liability discussions in Board meetings. This could help prove that your organisation is taking the matter seriously. The discussion could include where the highest risks are and what mitigating controls are being implemented.

Conclusion
Corporate liability will be the main focus of organisations and directors. Preparing for the new provision should be a priority for companies in Malaysia. Implementing proper procedures and the right tone from the top can be one of your strongest defences against the new corporate liability provisions.

    Name (required)

    Email Address (required, business email address only)

    Mobile Number (required)

    Company (required)

    Designation (required)

    Preferred Contact Method: (required)

    CallEmail

    What is the biggest challenge in your job/industry

    Which modules are you interested in? (required)

    Managing ESGMechanics of ESGEnterprise Risk Management

    Message

      Name (required)

      Email Address (required, business email address only)

      Mobile Number (required)

      Company (required)

      Designation (required)

      Preferred Contact Method: (required)

      CallEmail

      What is the biggest challenge in your job/industry

      Message

        Name (required)

        Email Address (required, business email address only)

        Mobile Number (required)

        Company (required)

        Designation (required)

        Preferred Contact Method: (required)

        CallEmail

        What is the biggest challenge in your job/industry

        Which modules are you interested in? (required)

        Evaluating Risk and Internal ControlCorporate GovernanceEstablishing a Cybersecurity FrameworkEnterprise Risk Management

        Message

          Name (required)

          Email Address (required, business email address only)

          Mobile Number (required)

          Company (required)

          Designation (required)

          Preferred Contact Method: (required)

          CallEmail

          What is the biggest challenge in your job/industry

          Message

            Name (required)

            Email Address (required, business email address only)

            Mobile Number (required)

            Company (required)

            Designation (required)

            Preferred Contact Method: (required)

            CallEmail

            What is the biggest challenge in your job/industry

            Which modules are you interested in? (required)

            Digital Risk Management and DisruptionMechanics of CyberSecurityEnterprise Risk Management

            Message

            User registration

            Reset Password