The Bribery Act: Guidelines to assist public and private entities in the preparation of procedures for the prevention of bribery and corruption

The Attorney General, in consultation with the Ethics and Anti-Corruption Commission (EACC) recently published guidelines (Guidelines) in respect of the Bribery Act 47 of 2016 (Bribery Act). The Guidelines are intended to give effect to section 9 of the Bribery Act, which imposes a duty on public and private entities to establish corruption and bribery prevention procedures, according to their size, scale, and nature of operation (Procedures). Section 9 of the Bribery Act, read together with section 18, further provides that an entity which fails to formulate these Procedures commits an offence, liable to a fine of up to KES 5 million (approximately USD 44,500), or imprisonment for a term not exceeding 10 years, or both. We shall highlight the salient features of the Guidelines below.

17 Nov 2021 3 min read Corporate & Commercial Alert Article

At a glance

  • The Attorney General and Ethics and Anti-Corruption Commission of Kenya have published guidelines for the implementation of the Bribery Act.
  • Public and private entities are required to establish corruption and bribery prevention procedures, including risk assessment and mitigation plans.
  • The procedures should include an implementation structure, reporting mechanisms, protection for whistleblowers, communication and training, and measures for monitoring and reviewing the procedures.

The Guidelines introduce a duty for a public or private entity to assess and map out the risks associated with bribery and corruption within the entity and to develop a plan to mitigate these risks. This plan should be included in the Procedures. Additionally, the Guidelines require each entity to develop its Procedures in writing, in one of Kenya’s official languages, i.e. English or Kiswahili. However, where an entity operates internally in a language other than English or Kiswahili, for instance a foreign organisation that frequently communicates in its national language, then the Guidelines permit translation of the Procedures into the appropriate language, after they are first articulated in English or Kiswahili.

Furthermore, the Procedures must include an implementation structure that takes into account the entity’s size, scale and nature of operation, alongside the identified risks and methods of mitigation. In particular, the implementation structure must include a commitment from the entity’s leadership, it must involve all employees, and it must allocate and provide for the resources required for implementation, to name a few. Moreover, the Procedures must designate a person or people in authority to set up an enforcement structure that will provide for appropriate action for violations of the law, regulations, or the Procedures.

Notably, the Guidelines provide that the Procedures should create a reporting mechanism, both within the entity and outside the entity, to the EACC, should an instance of bribery or corruption occur. However, the Guidelines do not provide practical direction on how an entity can formulate these mechanisms and how this would vary based on the size of the entity, its organogram, and nature of work. This therefore leaves room for interpretation and implementation as an entity develops its Procedures, given that the practical aspects appear to be at the entity’s discretion. Nonetheless, what is clear is that the reporting mechanisms must provide for the receiving, recording, processing and dissemination of reports for feedback and appropriate action. It is key to note, that these reporting mechanisms are exempt from the provisions of the Data Protection Act 2019 (DPA), as section 51 of the DPA excludes the processing of personal data that is required to be disclosed under any written law from the scope of the DPA.

In addition to the above, the Guidelines state that an entity’s Procedure should include:

  • effective measures for the protection of whistle-blowers, informants and witnesses;
  • effective communication, training, awareness-creation and dissemination to internal and external stakeholders; and
  • appropriate measures for monitoring, evaluating, and reviewing of the Procedures, emerging risks, and improvements.

Notably, public and private entities are entitled to seek the EACC’s advice and may collaborate with other agencies within their sector or industry as they develop their Procedures.

We are happy to assist with advising and formulating Procedures in view of these recent Guidelines. Please get in touch with the authors if you so require.

The information and material published on this website is provided for general purposes only and does not constitute legal advice. We make every effort to ensure that the content is updated regularly and to offer the most current and accurate information. Please consult one of our lawyers on any specific legal problem or matter. We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages. Please refer to our full terms and conditions. Copyright © 2024 Cliffe Dekker Hofmeyr. All rights reserved. For permission to reproduce an article or publication, please contact us