Corporate Criminal Liability for Corruption Offences and the Due Diligence Defence A Comparison of the Dutch and English Legal Frameworks

Numerous international and regional conventions provide anti-corruption frameworks to tackle bribery. Most of these international conventions have been incorporated into national legislation and regulations. The battle against corruption has priority on the agendas of national and international policymakers and enforcers. In a number of countries, like the United Kingdom (UK), anti-corruption laws have recently been tightened. In addition, the British and American enforcers in particular have made combating corruption their express priority. A different and for the purposes of this contribution interesting development is that in an increasing number of jurisdictions legal entities can be held criminally liable, among other things for violating antibribery legislation. The result of these developments is that legal entities run an increasing risk of being held criminally liable for bribery.1 In order to minimise this risk, companies, particularly those with frequent foreign contacts, invest more money and time in setting up compliance schemes. To do so, they often call in the services of internal compliance officers and external consultants, such as lawyers. This contribution addresses the question to what extent companies (legal entities) can be held criminally liable for – active – bribery offences perpetrated by their employees. More specifically, we focus on the questions of to what extent companies have a duty of care to prevent bribery by employees and to what extent can a breach of such a duty of care cause criminal liability to ensue. This also raises the question whether a compliance scheme is of any benefit to a company if a violation occurs in spite of it. Phrased differently: if things go wrong nonetheless, how does having an anti-bribery compliance scheme protect a company against criminal liability for bribery offences? In this article we will set out to answer these questions by comparing the Dutch and the British legal systems. Following an introductory section (Section 2) on the international legal framework, the next two sections will address the role of the due diligence defence in the UK (Section 3) and the Dutch (Section 4) legal systems. For each system we will explain the legal framework under which bribery has been made an offence and the creation of corporate criminal liability. A separate section will identify the most striking resemblances and differences between the two systems (Section 5). Finally (Section 6) we


Introduction
Numerous international and regional conventions provide anti-corruption frameworks to tackle bribery.Most of these international conventions have been incorporated into national legislation and regulations.The battle against corruption has priority on the agendas of national and international policymakers and enforcers.In a number of countries, like the United Kingdom (UK), anti-corruption laws have recently been tightened.In addition, the British and American enforcers in particular have made combating corruption their express priority.
A different and for the purposes of this contribution interesting development is that in an increasing number of jurisdictions legal entities can be held criminally liable, among other things for violating antibribery legislation.
The result of these developments is that legal entities run an increasing risk of being held criminally liable for bribery. 1 In order to minimise this risk, companies, particularly those with frequent foreign contacts, invest more money and time in setting up compliance schemes.To do so, they often call in the services of internal compliance officers and external consultants, such as lawyers.
This contribution addresses the question to what extent companies (legal entities) can be held criminally liable for -active -bribery offences perpetrated by their employees.More specifically, we focus on the questions of to what extent companies have a duty of care to prevent bribery by employees and to what extent can a breach of such a duty of care cause criminal liability to ensue.This also raises the question whether a compliance scheme is of any benefit to a company if a violation occurs in spite of it.Phrased differently: if things go wrong nonetheless, how does having an anti-bribery compliance scheme protect a company against criminal liability for bribery offences?
In this article we will set out to answer these questions by comparing the Dutch and the British legal systems.Following an introductory section (Section 2) on the international legal framework, the next two sections will address the role of the due diligence defence in the UK (Section 3) and the Dutch (Section 4) legal systems.For each system we will explain the legal framework under which bribery has been made an offence and the creation of corporate criminal liability.A separate section will identify the most striking resemblances and differences between the two systems (Section 5).Finally (Section 6) we

Introduction
Since the 1990s global efforts in combating corruption have substantially increased.These efforts resulted in the introduction of several anti-corruption instruments.For this article the instruments of the Organisation for Economic Co-operation and Development (OECD), the United Nations (UN), the Council of Europe (CoE) and the European Union (EU) are of particular interest.In the context of this article it is important to realise that while these instruments call on Member States to collaborate with the private sector to promote self-regulation in the fight against corruption, they are also designed to hold legal entities liable for corruption.

The Organisation for Economic Co-operation and Development
The parties to the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (OECD Convention) have to establish the liability of legal entities for active bribery of a foreign public official, when a party's legal system provides for this possibility. 2rticle 8 of the OECD Convention requires State Parties to, in accordance with their legal principles, prevent the use of, for example, off-the-books accounts and false documents by companies for the purpose of bribing foreign public officials or for hiding such bribery.The implementation of these measures is considered to be important to the overall effectiveness of combating international bribery. 3he Recommendation of the Council for Further Combating Bribery of Foreign Public Officials in International Business Transactions emphasizes that State Parties 'periodically review their laws implementing the OECD Anti-Bribery Convention and their approach to enforcement in order to effectively combat international bribery of foreign public officials' . 4It is recommended that, for example, the State Parties (i) review their policies and approach on small facilitation payments; and (ii) prohibit or discourage the use of small facilitation payments in internal company controls, ethics and compliance programmes or measures, given the fact that these payments are often illegal in the countries where they were made. 5dditionally, the OECD Guidelines for Multinational Enterprises recommend companies to develop and adopt adequate internal controls, ethics and compliance mechanisms based upon a risk assessment addressing the company's individual situation, to prevent and detect bribery.6

The United Nations
Chapter II of the United Nations Convention Against Corruption (UNCAC) contains specific provisions with regard to the measures to be taken by the State Parties to prevent corruption.
Article 12 UNCAC contains measures to be taken with regard to the responsibility of the private sector to prevent corruption.In accordance with Article 12(1), State Parties must take measures to prevent corruption in the private sector; to enhance accounting and auditing standards in the private sector and to provide effective, proportionate and dissuasive civil, administrative or criminal penalties for failure to comply with such measures.The goal of the first measure of this paragraph is the prevention of corruption by corporations, while the two other measures in this paragraph are steps to achieve that goal. 7rticle 12(2) offers examples of measures to achieve those ends, for example promoting the development of standards and procedures, such as codes of conduct and good-practice guides, and ensuring that private enterprises have adequate internal auditing controls.According to Article 12(3) State Parties shall take measures to prohibit, for example, the establishment of off-the-books accounts and the intentional destruction of bookkeeping documents earlier than foreseen by the law.The measures stated in Article 12 UNCAC are to prevent corporations from committing bribery, which are linked to the proper and transparent functioning of private entities.However, this provision does not constitute a requirement to impose on companies a duty to prevent the occurrence of corruption itself.
Article 26 UNCAC prescribes that the State Parties shall adopt measures to establish corporate liability for participation in bribery.The choice of the type of liability -criminal, administrative or civilis up to the State Party itself. 8In accordance with Article 26(4) the provision requires that the legal person is subject to a proportionate, effective and dissuasive sanction.However, this provision still does not require the sanctioning of a legal entity for a failure to prevent the bribery as such, but requires solely the establishment of some form of liability for actions committed by legal persons.

The Council of Europe
Article 18 of the Council of Europe Criminal Law Convention on Corruption (COECCC) requires the Signatory States to adopt corporate liability for failure to take adequate due diligence, but only with respect to active bribery.Parties to the COECCC are required to impose liability provisions for companies that have lacked adequate prevention against the occurrence of corruption in their organisations.This provision does not impose an obligation to establish that legal persons will be held criminally liable for the offences mentioned in this provision. 9nder Article 18(1) of the COECCC it is required that in order for a legal person to be held liable active bribery must have been committed for the benefit or on behalf of the legal person by a natural person who has a leading position within the legal person.The third condition can be based on (a) a power of representation, or (b) an authority to take decisions, or (c) an authority to exercise control, as well as for the involvement of such a natural person as an accessory to or instigation in the bribery.
Article 18(2) COECCC calls on parties to take the 'necessary measures to ensure that a legal person can be held liable where the lack of supervision or control by a natural person referred to in paragraph 1 has made possible the commission of the criminal offences mentioned in paragraph 1 for the benefit of that legal person by a natural person under its authority'. 10The failure to take due diligence measures must have facilitated the bribery.In order to avoid liability, the legal entity must ascertain that the supervision and control exercised by its management over their subordinates is adequate to avoid any offer, gift or promise, which is considered to be undue and results in a breach of duty by an agent of another entity.Please note that according to Article 18(3) COECCC, proceedings against the corporation should not bar any criminal prosecution of the individuals who perpetrated the bribery on behalf of the corporation.

The European Union
Article 5 of the EU Council Framework Decision (Framework Decision) on combating corruption in the private sector 11 also requires the EU Member States to hold legal entities liable for failure to take due diligence to prevent bribery.The wording of this provision is exactly the same as that of Article 18(2) COECCC and, in that respect, much of what has been discussed in Section 2.4 applies here accordingly.However, the Framework Decision is limited to corruption among and within private entities only.According to Article 6 of the Framework Decision 'Each Member State shall take the necessary measures to ensure that a legal person held liable pursuant to Article 5(1) is punishable by effective, proportionate and dissuasive penalties, which shall include criminal or non-criminal fines and may include other penalties such as: (a) exclusion from entitlement to public benefits or aid; Regarding the liability of legal entities, the major difference is the role EU organs play in defining these 'adequate supervisions' .This relates to the aim of the Framework Decision, which is to safeguard society as a whole as well as fair competition, which would be impeded when the level of supervision differs.This was emphasised by the Commission after the ENRON and Parmalat cases.In its Communication, the Commission promised to develop a Directive on Statutory Auditing, 12 which was adopted in 2006. 13This Directive sets out a standard for accounting for a company's income and as such provides for a standard level of supervision.However, statutory auditing is only useful for detecting bribery after its occurrence.It is not intended to prevent bribery specifically.

Conclusion
These four international instruments exemplify the strong international interest in promoting corporate self-regulation to prevent corruptive practices.It obligates nations to provide for corporate liability in case failure to take adequate due diligence facilitates such practices by their employees or other associated persons.Such measures need to be proportionate, effective and dissuasive, but do not need to be criminal per se.The following sections illustrate how the UK and the Netherlands execute these obligations through their criminal legal system.This anti-bribery legislation was subjected to both domestic and international criticism.In 2008, the Law Commission published its recommendation to reform this legislation. 14The new Bribery Act15 aims to simplify and consolidate the previous criminal law of bribery.The Act received Royal Assent on 8 April 2010 and came into force on 1 July 2011.

Anti-corruption law
The Bribery Act applies to both the private and public sectors.The old law remains relevant to offences committed wholly or partly before 1 July 2011; from that date, those Acts are superseded by the Bribery Act.
Under the Bribery Act, there are two general offences.The first of the general offences concerns the conduct of the briber.A person will be guilty of bribery if, directly or indirectly, he or she offers, promises or gives a financial or other advantage to another person, intending to induce another person to improperly perform a relevant function or activity or to reward someone for doing so (Section 1).
The second of these offences concerns the conduct of the recipient of the bribe.A person will be guilty of bribery if, directly or indirectly, he or she requests, agrees to receive or accepts a financial or other advantage in exchange for or as a reward for improper performance of a relevant function or activity (Section 2).
It is also an offence, under Sections 1 and 2, where the briber knows or believes that the acceptance of the advantage would itself be an improper performance of a relevant function or activity.
Under Sections 1 and 2 of the Bribery Act, the offences of bribing another person and being bribed are linked to the 'improper performance' of a 'relevant function or activity' .The concept of a 'relevant function or activity' covers any function of a public nature, any business activity, any activity performed in the course of employment, and any activity performed by or on behalf of a body of persons, provided (in any case) that that function is expected to be performed in good faith or impartially, or that the function places the person performing it in a position of trust (Section 3).The Bribery Act provides that improper performance is performance (or non-performance) that breaches the expectation of good faith, impartiality, or a position of trust (Section 4).This is an objective test based on what a reasonable person in the UK would expect in relation to the performance of the type of function or activity concerned, regardless of where in the world the bribery takes place (Section 5).
The Bribery Act includes a separate offence of bribing a foreign public official (Section 6).The offence will be committed if the briber, directly or indirectly, offers, promises or gives any financial or other advantage to a foreign public official, or to another person with the foreign public official's assent or acquiescence.The briber must offer or give the advantage, (a) intending to influence the foreign public official in his or her capacity as a foreign public official, and (b) intending to obtain or retain business, or an advantage in the conduct of business.
There is an important difference between the two general offences and the Section 6 offence.For the Section 6 offence there is no need for the prosecution to show that the briber intended the foreign public official to perform his or her function 'improperly' as a result of the bribe.There is an exception if the official is permitted or obliged under local law to accept the advantage.The Section 6 offence only covers the offering, promising or giving of bribes, and not the acceptance thereof.
Section 7 of the Bribery Act also introduces a separate corporate offence of 'failing to prevent bribery' .A company, wherever incorporated, that carries on a business or part of a business in any part of the UK will commit the offence if an 'associated person' performing services on its behalf bribes another person intending to obtain or retain either business or a business advantage for it.That may be bribery under Section 1 (the general offence) or Section 6 (bribery of foreign public officials).The only statutory defence available for the company is to prove that it had 'adequate procedures' in place designed to prevent bribery (see Section 3.3.2infra).

Corporate criminal liability
In the UK, there are various bases on which corporate bodies may be criminally liable.In relation to the offences considered in this article, two of these are relevant.The first is the 'identification principle' , under which a company can be prosecuted for an offence committed by an individual who is identified as having been the company's 'directing mind and will' in the commission of the offence: this applies to offences under Sections 1 or 2 of the Bribery Act, and under the old law.The second is the corporate offence under Section 7 of the Bribery Act, under which the company can be prosecuted for an offence committed by a person who is 'associated' with the company.

Corporate offence
In its report, the Law Commission recognised that the current law governing corporate liability has encountered severe criticism.Due to this and other difficulties, the Law Commission reviewed several options to reform the law. 16One of these options involved the creation of a new offence that would criminalise legal persons for failing adequately to supervise their employees where that failure results in a bribery offence being committed for the benefit of the legal person -the so-called corporate offence.
The new corporate offence, as enacted in Section 7 of the Bribery Act, relates not only to employees, but to 'associated persons' more broadly; and the defence offered by the Act is that the organisation has put in place 'adequate procedures' to prevent bribery by such associated persons.Subject to that defence,

Corporate Criminal Liability for Corruption Offences and the Due Diligence Defence
A Comparison of the Dutch and English Legal Frameworks it is in essence an offence of strict liability -the commercial organisation is held liable for bribery committed by someone else associated with the organisation, whether or not the organisation itself had any criminal intent.The corporate offence has been created in the hope that it will 'deter companies from giving direct or indirect support to a practice or culture of bribe-taking on the part of those with whom they do business' . 17It is believed that companies are in the best position to ensure that the damage caused by bribery is reduced or even eliminated. 18he corporate offence can only be committed by relevant commercial organisations, namely companies and partnerships that are either: (a) incorporated or, in the case of partnerships, formed in the UK; or (b) incorporated or formed elsewhere, but carry on a business or part of their business in the UK.Note, though, that the Bribery Act is thus relevant to any commercial organisation which carries out part of its business in the UK, even if the bulk of its business is elsewhere.
The person who has given the bribe must be an associated person.Section 8 of the Act defines 'associated person' very broadly as anyone who performs services for the organisation (disregarding any bribe under consideration), e.g.employees, agents and subsidiaries.The capacity in which the services are performed is irrelevant and all circumstances will be considered, not just the nature of the relationship between the parties.
To be guilty of the Section 7 offence, the associated person must have committed an offence of bribing another person (Section 1) or an offence of bribing a foreign public official (Section 6), the standard of proof for which is the normal criminal standard -i.e.beyond reasonable doubt.If a Section 7 prosecution is brought against a company, it is not necessary for a prosecution also to be brought for the predicate offences against the individuals.

Identification principle
The identification doctrine applies to all corporate (economic) crimes other than Section 7 of the Bribery Act, which has its own statutory test for liability.This principle, which in effect means that a controlling officer must be shown to have approved of the criminal act, remains the greatest bar to prosecutions of large complex organisations beyond small limited companies.In small, owner-managed companies, it is easy to determine whether a senior manager has the requisite degree of fault.However, with larger companies, it becomes very difficult to prove a directing mind.The identification doctrine thus works inequitably between large and small corporations.Also, criticism has been voiced that the identification doctrine 'ignores the reality of modern corporate decision making, which is often the product of corporate policies and procedures rather than individual decisions' . 19n 2 July 2013, the Law Commission published a consultation on the reform of some areas of law, including corporate liability. 20The Law Commission asked the consultees to consider whether the question of liability should move away from the identification doctrine to focus on other models of holding corporations to account such as, for example, on the basis of the harm arising from a blameworthy corporate culture.The consultation closed on 31 October 2013.The Law Commission is currently reviewing the suggestions that have been made and expects to submit its proposals to the Lord Chancellor in the summer of 2014.If approved, they will make up the main part of the Commission's law reform work in the following three years. 21

Identification doctrine
The identification doctrine requires a controlling officer of the company him or herself to be proved to have had the fault element of the bribery offence.The presumption of fault commonly involves a presumption of subjective fault, such as intention, knowledge or recklessness.In other words, it requires Bram Meyer, Tessa van Roomen, Eelke Sikkema active awareness of the senior management.When companies are charged with bribery offences and active awareness by and/or the involvement of senior management can be proven, a due diligence or compliance defence would most likely not succeed at all.
In spite of this, the prosecutor must always consider whether or not a prosecution is in the public interest.The Code for Crown Prosecutors serves as a guideline. 22According to this code, the question of whether the company has a genuinely proactive and effective corporate compliance programme is relevant in deciding whether the prosecution of a company is required.

Corporate offence
The Bribery Act contains a statutory defence for the company.Once the prosecution has proved, according to the criminal standard, that a bribe has been paid (under Sections 1 or 6 of the Act), for the benefit of the company, 23 the burden of proof shifts to the company to demonstrate that it had in place 'adequate procedures' to prevent bribery.This will be according to the civil standard of proof -the balance of probabilities.According to settled case law this test requires the defendant to show that something is 'more probable than not' . 24This burden of proof is considered to be of a lesser degree than that of beyond reasonable doubt which is usually required by the prosecution. 25he Bribery Act does not define 'adequate procedures' , but Section 9 of the Act requires the Secretary of State for Justice to publish guidance about such procedures.In March 2011, the Ministry of Justice published a Guidance on procedures which relevant commercial organisations can put into place to prevent persons associated with them from bribing ('the MoJ Guidance'). 26The MoJ Guidance is formulated around six principles, each followed by a commentary and examples.Also, there are eleven case studies to help illustrate the sorts of procedures companies could put in place.Together, the principles boil down to the institution of a compliance scheme.The MoJ Guidance states the following: 'These principles are not prescriptive.They are intended to be flexible and outcome focussed, allowing for the huge variety of circumstances that commercial organisations find themselves in.Small organisations will, for example, face different challenges to those faced by large multinational enterprises.Accordingly, the detail of how organisations might apply these principles, taken as a whole, will vary, but the outcome should always be robust and effective anti-bribery procedures.' 27 The MoJ Guidance thus endorses a pragmatic approach to risk-based compliance.
The first principle requires the company to implement procedures to prevent bribery which are proportionate to the bribery risks it faces and to the nature, scale and complexity of the commercial organisation's activities.It is up to the company itself to measure that risk.This not only necessitates an adequate risk assessment of the company itself, but also that of its agents and those contracted by it. 28he second principle stipulates that there should be top-level commitment, i.e. commitment by the top-level management of the organisation, to prevent bribery committed by persons associated with it -this is also known as the 'tone from the top' .This at least includes communication of the organisation's anti-bribery stance, and an appropriate degree of involvement in developing bribery prevention procedures. 29he third principle states that the organisation should carry out a periodic, informed and documented assessment of the nature and extent of its exposure to potential external and internal risks of bribery on

Corporate Criminal Liability for Corruption Offences and the Due Diligence Defence
A Comparison of the Dutch and English Legal Frameworks its behalf by persons associated with it.The MoJ Guidance categorises the external risks into five broad groups, which are country, sectoral, transaction, business opportunity and business partnership risks. 30he fourth principle states that the commercial organisation should apply due diligence procedures, taking a proportionate and risk-based approach, in respect of persons who perform or will perform services for or on behalf of the organisation, in order to mitigate identified bribery risks. 31he fifth principle stipulates that the company communicates its bribery prevention policies and procedures throughout the organisation, both internally and externally; and that the company makes sure that these policies and procedures are embedded and understood by anyone, e.g. by training procedures. 32he last -sixth -principle provides that the organisation should periodically monitor and review procedures designed to prevent bribery by persons associated with it, and make improvements where necessary. 33n sum, and based upon the guidance given under it, the Bribery Act requires companies to demonstrate an explicit stance against bribery, to measure the risk they face of being exposed to bribery and to take adequate due diligence in accordance with that risk.The level of care required in each aspect of this procedure is based on a measure of proportionality.
Although the 'adequate procedures' defence has to be proven by the defendant based on the standards of a balance of probabilities, in practice any prosecution of a company needs to anticipate this defence.Even with these six principles this still requires a thorough testing of the adequacy of the organisation's procedures by the Serious Fraud Office. 34he English courts have yet to experience the adequate procedures defence, yet the text of the Bribery Act and the Code for Crown Prosecutors make it clear that -under certain circumstancesa solid compliance programme may form a bar against corporate criminal liability.

Anti-corruption law
The offence of active bribery of public officials is criminalised by virtue of Articles 177 to 178a of the Dutch Criminal Code (Wetboek van Strafrecht, hereinafter DCC).Article 177 DCC reads as follows: ' Article 177 1. Punishment in the form of a prison sentence of no more than four years or a fine in the fifth category will be imposed on: 1º whoever makes a gift or a promise to a civil servant or provides or offers him a service with a view to getting him to carry out or fail to carry out a service in violation of his duty (...).' 35 A distinction is made between bribery inducing an unlawful act or omission in return (Article 177 DCC), on the one hand, and bribery inducing a legitimate act or omission in return (Article 177a DCC) on the other.This distinction is relevant for the weight of the maximum punishment that can be imposed. 36ollowing an amendment of the Criminal Code in 2001, bribery of foreign public officials has been criminalised by making the general provisions on active bribery of public officials also applicable to foreign officials (Article 178a DCC). 37The elements of the offence of bribery of public officials thus apply accordingly to bribery of foreign public officials.The same is true of bribery of officials of international organisations. 38he Dutch provisions use the terms 'gift' , 'promise' and 'service' to describe the advantage that is offered by the briber.Case law indicates that a gift, promise and service involve both material and immaterial advantages. 39Although the gift (etc.) will need to have some sort of value for the recipient, nevertheless, this could be of a non-commercial nature and may be of value only to the person who receives it. 40It was expressly decided not to make a distinction between gifts according to their monetary value.This implies that customary gifts of little value (for example, representational gifts) also potentially fall within the scope of the provisions on bribery. 41This might include a bottle of wine, a cup of coffee or a cigar.Only something that could not possibly have any value at all to anyone and is completely worthless can in no circumstances be regarded as a gift.In addition, no distinction is made between 'undue' and 'due' advantages.One might wonder whether the scope of the provisions is too broad in this respect.Does this mean that the public official is not allowed to accept any gift at all, not even a pen?It should be observed that criminal liability is limited to situations in which the briber makes a gift 'with a view to' an act or omission in the public official's service.This mens rea requirement will not normally be met when he offers something of very little value or a customary representational gift. 42In other words, a gift which is given in order to induce the public official to act in his service will be 'undue' by default.Therefore, an explicit reference to 'undue' advantages in the provisions on bribery seems unnecessary.
Contrary to the UK (1906), the Netherlands has criminalised commercial bribery rather late.In 1967, the discussion about the criminalisation of commercial bribery led to the creation of a new article in the Dutch Criminal Code, Article 328ter. 43The second paragraph of this article criminalises active commercial bribery, reading: ' Article 328ter (…) 2. The same sentence 44 will be imposed on a person who gives a gift, makes a promise or provides a service to another person who, in a capacity other than that of a public official, is employed or acts as an agent, in relation to something that person has done or has refrained from doing or will do or will refrain from doing in his/her employment or in the exercise of his/her mandate, the gift, promise or service being of such nature or made under such circumstances that s/he might reasonably assume that the latter, in violation of the requirements of good faith, will conceal the acceptance of the gift, promise or service from his/her employer or principal.' 45 The concealment of the gift, promise or service constitutes the central element of the offence.The Parliamentary Commission that drafted the provision argued that it is the concealment that violates the integrity of labour relations.Because of that, this provision does not require that the recipient acts 'in breach of his duties' , but only that the gift, promise or service is rewarded for acts or omissions in relation to the recipient's occupational capacity.In a sense, the concealment of the gift could be regarded as a breach of an agent's' general duty of transparency towards its principal.The additional requirement that the agent must have concealed the gift (etc.) in violation of the requirements of good faith stresses this argument.This element was added to the provision to exclude minimis and customary business courtesies from falling within the scope of this duty. 46hile passive commercial bribery requires the agent to conceal the gift, promise or service from his principal, for active bribery (Article 328ter(2) DCC) the actual concealment is not required. 47Case law indicates that the element of 'concealment in violation of the requirements of good faith' is often assessed on the basis of codes of conduct (or equivalent contractual obligations) applicable to the agent. 48he briber should reasonably have known that the agent would conceal the gift from his principal.This indicates that an intention with respect to the concealment is not required, but also that negligence in ensuring that the gift would be disclosed could cause the offence.
In 2012, the Dutch Government launched a bill to reform financial and economic crime legislation.In this proposal the distinction between bribery of public officials inducing legitimate acts (Article 177a DCC) and inducing unlawful acts (Article 177 DCC) is abolished entirely.The maximum sentence that can be imposed will be increased to six years' imprisonment. 49The proposal also argues for a complete amendment of the definition of the commercial bribery offence.According to the Explanatory Memorandum (Memorie van Toelichting), the alteration of Article 328ter DCC aims at reconciling the definition of the Dutch commercial bribery offence with the definition of commercial bribery under the international instruments.According to the proposal, the element of concealment will be abolished.Instead, the offence requires that the briber must have reasonably assumed that the employee would act contrary to his duties. 50The penalty for commercial bribery will be increased to a maximum term of four years' imprisonment (up from two).The new legislation is expected to enter into force in 2014. 51

Corporate criminal liability
The Dutch Criminal Code does not contain a provision that explicitly provides for corporate criminal liability in case a lack of supervision or control caused an employee of that corporation to commit bribery for the benefit of that corporation.Instead, the criminal liability of legal persons is provided for under the general provisions of the Dutch Criminal Code.Article 51(1) DCC states, in broad terms, that offences may be committed by natural persons and legal persons.If an offence is committed by a legal person, criminal proceedings may be instituted and the punishments may be imposed (a) against the legal person; or (b) against those who ordered the commission of the offence; or (c) the persons mentioned under (a) and (b) together (Article 51(2) DCC). 52The public prosecutor has full discretionary powers to choose who to prosecute, depending on the circumstances of each case. 53he exact criteria under which a criminal offence can be attributed to a corporation have, for a long time, been heavily debated.Also, case law regarding corporate criminal liability has been very precarious. 54However, in a 2003 judgement, the Dutch Supreme Court (Hoge Raad) held that whether or not a legal person is criminally liable for an offence has to be assessed by having regard to the special circumstances of the case, as determined by the court.Whether or not criminal liability can be attributed to a corporation depends upon the question whether the offence can 'reasonably' be imputed to the legal entity.This may be the case if the (illegal) conduct took place within the 'sphere' ('scope') of the legal entity.Such conduct can be considered to have taken place in the sphere of the legal entity in one or more of the following circumstances: (1) the act was committed by someone who is employed by or works for the legal entity; (2) the act was part of the normal business activities of the legal entity; (3) the legal entity benefited from the act; and (4) the legal person had the power to decide whether or not the conduct took place and accepted such or similar behaviour. 55These criteria are considered to be neither cumulative nor exclusive, but are tools or factors to determine the liability of the legal entity.However, an assessment of lower case law shows that courts often assess all of these criteria together when determining the liability of the entity for the commission of an offence. 56s stated above, the last criterion that has been formulated by the Supreme Court stipulates that criminal liability can be attributed to the legal entity, if that entity has 'accepted' the occurrence of the offence.In turn, this could be established if the entity has not taken reasonable diligence to prevent it.'In other words, a legal person can be held liable if it did not prevent the act even though it was in its power to do so.' 57 In principle, this means that a company could escape liability if it has established effective internal controls, ethics and compliance rules and if it did everything in its power to prevent the act. 58t appears that the failure of the corporation to take adequate due diligence to prevent the offence is only one of the many criteria on which criminal liability can be attributed to the corporation.It is, nevertheless, still a criterion of significant importance.According to the literature, the existence of adequate supervision and control measures is often important to determine whether the offence was part of the normal business activities of the legal person and whether the corporation accepted the commission of the offence. 59Whether a corporation has taken adequate due care will be assessed based upon statutory obligations, requirements emanating from contractual obligations, but also upon the specific circumstantial situation of the criminal act. 60Lower case law regarding the liability of corporations for failure to take adequate preventive procedures also indicates that the adequacy of supervision and control by the corporation is not only assessed based upon statutory requirements, but also upon customary professional standards and other self-regulatory measures. 61A relevant question when assessing adequacy is whether the costs of taking adequate preventive measures would not have outweighed the risk of the occurrence of the offence and the harm caused by it.Case law seems to be quite strict in this respect; in many cases, measures have been considered to be inadequate to prevent criminal liability. 62ased upon the previous analysis of corporate criminal liability in the Netherlands, it can be concluded that the criteria for the attribution of this kind of liability depend to a great extent upon the specific circumstances of the case.The lack of adequate supervision and control is, however, in many cases an important criterion in this assessment.
The previously discussed due diligence requirement for the attribution of corporate criminal liability emanates from the case law.It is not based upon statutory provisions.However, some Dutch offences do contain such due diligence requirements, but in general, these provisions are reserved for regulatory, economic and environmental offences. 63An example of this is the duty of an aviation company to employ qualified personnel and equipment during a flight. 64Such provisions can be useful for the effective enforcement of the often detailed and complex rules and regulations in this field. 65 This raises the question of how these criteria for the attribution of criminal liability to a legal entity could be applied in cases of bribery.At this moment, no case law has been developed concerning this specific situation.According to the Explanatory Memorandum on the draft bill to reform financial and economic crime legislation (see Section 4.1, supra), the legislator has left dealing with potential cases of (commercial) bribery to a large extent to the business community itself. 66This indicates that in order to assess whether a company has taken adequate due diligence to prevent bribery by someone under its supervision, the court will need to take notice of the existing corporate standards within the specific trade or industry.While companies can voluntarily adopt a business code, it is likely that such a document will be of great importance in assessing the due diligence of a corporation.The same is true of the international standards that were discussed earlier in Section 2.

Due diligence defence
The lack of adequate supervision and control could lead to the criminal liability of a legal entity for bribery committed by one of its employees.However, the question whether or not the existence of adequate supervision or control measures could exempt legal entities from criminal liability for offences committed by their agents has been debated. 67The criteria developed by the Dutch Supreme Court (see Section 4.2, supra) are not formulated as cumulative requirements.The existence of one of the four situations (or criteria) mentioned above could indicate that it is reasonable to attribute actions committed by its associates to the legal entity.This means that the absence of one of the situations mentioned will not necessarily lead to the conclusion that the actions of the associates cannot be attributed to the legal entity.According to the fourth criterion, criminal liability can be established if the legal person accepted the occurrence of the offence, which may be the case if the legal person has not taken reasonable diligence to prevent it.Because of that, the general assumption is that showing that the legal entity did take adequate measures cannot be used to exempt liability based on (one of) the first three criteria. 68This is different as regards explicit due diligence provisions, which in some cases do contain provisions that exempt employers from criminal liability for a failure to take due diligence if they can establish that adequate preventive measures had been taken. 69hile the existence of adequate preventive measures cannot always be used to avoid the attribution of the offence to the entity, it can be considered as an indication of the absence of mens rea.Under the general doctrine of Dutch criminal law, every serious offence contains, either explicitly or implicitly, an element of guilt. 70For offences that contain an element of guilt, this guilt of the offender must be proven based upon the standards of that specific degree of guilt (for instance, negligence, gross negligence or intent).
Criminal liability is attributed to a corporation based upon the criteria of the Supreme Court as stated above.However, under some circumstances, even though a certain offence can, based upon these criteria, be attributed to the corporation, the existence of clear and effective corporate policies that were intended to prevent such an offence could be sufficient to acquit the corporation of the offence.This shows that even if the offence can, in general, be attributed to the corporation, by having taken enough precautionary measures to prevent the offence, the corporation can still be exculpated.This defence is based upon the doctrine of an absence of all guilt in which, although the offence can be attributed to the offender, the lack of any guilt on the part of the offender' still acquits him of the charges. 71Thus, the due diligence defence can be used to rebut an initial presumption -based on (one of) the Supreme Court's first three criteria -that the commission of the offence by the individual can be attributed to the corporation.

Introduction
Having addressed the national legal frameworks for the UK and the Netherlands in the preceding sections, in this section we will analyse the major differences and analogies between the two systems.The cardinal question will be to what extent companies (legal entities) can be held criminally liable for -active -bribery offences perpetrated by their employees.More specifically, we focus on the questions of to what extent companies have a duty of care to prevent bribery by employees and to what extent can a breach of such a duty of care cause criminal liability to ensue.As for the UK, we will concentrate on Section 7 of the Bribery Act, largely disregarding the traditional 'identification doctrine' .It is noted that the Law Commission has submitted a proposal to reform the criminal liability of companies in line with Section 7 of the Bribery Act as it reads at this moment (see Section 3.2.2,supra).

Criteria for liability
First and foremost, companies in the two countries may under certain circumstances be held criminally liable if any one of their employees has paid a bribe to a public official (public bribery) or to a person who is not a public official (private bribery).However, the legislators in the two countries have opted for materially divergent methods to give shape to this liability.In the UK, commercial organisations failing to prevent bribery are criminally liable on their own accord.Under Section 7 of the Bribery Act, a commercial organisation is guilty of an offence if an associated person bribes another person intending to obtain or retain an advantage in the conduct of the organisation's business.This is an offence of strict liability: the organisation is liable for the offence of bribery committed by a person under its control, irrespective of the question whether there was any 'criminal intent' on the part of the organisation (see Section 3.2.1,supra).However, it is a defence for a commercial organisation to prove that it had in place 'adequate procedures' designed to prevent employees from undertaking bribery.Thus, once the prosecutor has established that bribes were paid with a view to obtaining a business advantage, the onus of proof shifts to the commercial organisation, which has to prove that adequate measures were in place to prevent such conduct (see Section 3.3.2,supra).
The Dutch have opted for a different approach altogether.Dutch criminal law does not have explicit, specific provisions singling out companies which have failed to take 'adequate measures' designed to prevent bribery by their employees.As a consequence, any instance of bribery by an employee will trigger the applicability of the general rule of the criminal liability of legal entities (Article 51 DCC).The liability of the legal entity will then have to be assessed on the basis of the criteria developed by Supreme Court case law.Accordingly, a legal entity can be considered the perpetrator of an offence only if and insofar as the relevant conduct can, in all reasonableness, be attributed to that legal entity.This may be the case if one or more of the following circumstances occur: (1) the conduct was by a person employed by the legal entity; (2) the conduct is part of the ordinary course of business of the legal entity; (3) the conduct was advantageous to the legal entity; (4) the legal entity had influence over the commission of the conduct and 'accepted' the occurrence of such or similar behaviour.The term 'acceptance' includes the failure to exercise such care as the legal entity could reasonably be expected to exercise with a view to preventing such conduct (see Section 4.2, supra).The above comparison does show that the relevant criteria in the two systems do in fact -partiallyoverlap.Three out of the four criteria can be inferred in some way or another in the requirements of Section 7 of the Bribery Act, which are: the conduct of a person associated with the legal entity ('commercial organisation'), conduct designed to obtain a business advantage, and the acceptance of such conduct, which may involve the failure to exercise due care ('adequate procedures').The Dutch Supreme Court criteria are not cumulative preconditions for liability, however, as they are only used as factors in assessing the reasonableness of the attribution of liability (see Section 4.3, supra).The British system of the Bribery Act does formulate the requirements of an 'associated person' , a 'business advantage' and the lack of 'adequate procedures' on a cumulative basis.72

Mens rea
A second difference between the two countries derives from the circumstance, mentioned earlier, that the Dutch system -unlike Section 7 of the UK Bribery Act -does not make the failure to prevent bribery by employees an explicit, separate offence.As we commented earlier, the attribution of criminal liability to a legal person must be based on the general rule laid down in Article 51 DCC.Thus, the commission of the offence -the act of bribery -must be attributed to the legal entity itself, which means that the legal entity must fulfil all criteria for liability to attach to it.Unlike most lesser offences, serious offences require that the legal entity must have had mens rea in the commission (see Section 4.3, supra), whereas in the UK liability is strict, not requiring mens rea in relation to the offence of bribery.
The offence of bribing public officials (Articles 177 and 177a DCC) requires that the briber makes the gift with a view to inducing the public official to act or refrain from acting in the execution of his duties.That requirement is unlikely to have been met if a small gift not exceeding business custom is given (see Section 4.1, supra).Accordingly, not only will a legal entity have to be aware of the fact that a gift is being made, it will also have to be aware of the nature of the gift or the purpose for which it is given.Prosecution will in addition have to establish that the legal entity intended to obtain a consideration from the public official.If the legal entity makes a reasonable case that it had taken 'adequate measures' to prevent bribery by its employees, it is impossible -as it is under the identification doctrine in the UK (see Section 3.3.1,supra) -to prove intent, which means that the legal entity will be acquitted.The offence of private bribery (Article 328ter DCC) requires that the briber should reasonably assume that the recipient of the gift will conceal the acceptance of the gift from his employer in violation of the requirements of good faith.It follows that the legal entity need not intend for the gift to be concealed; failure to verify whether the gift is reported suffices (see Section 4.1, supra).Again, the legal entity will be acquitted if it presents a reasonable defence that it had adequate verification measures in place.
It does not follow, incidentally, that those at the 'top' of the organisations should be personally aware of the bribery.If it concerns a senior member of staff his intent may in some circumstances be attributed to the legal entity.If it concerns a low-ranking member of staff intent needs to be determined in a different manner, for instance by analysing the entity's psycho-social climate or by gathering the intent of the individuals involved. 73A factor may be whether senior management took adequate measures to prevent the criminally liable conduct, by conducting adequate supervision on the course of events within the organisation, for example.The conclusion is warranted that an -intentional -violation of a duty of care by the organisation in the Dutch system may be a key factor in determining intent or culpa (mens rea) on the part of the legal entity.It is up to the public prosecutor to establish such violation beyond reasonable doubt.

Due diligence defence
Thus, whether the legal entity violated its duty of care becomes an issue in the Dutch legal framework (a) when the question is posed whether an employee's conduct can be attributed to the legal entity (actus reus) and (b) when the intent or culpa (mens rea) of the legal entity is examined.Theoretically, there is a third possibility.If it has been established that the legal entity committed an offence, that entity may -in exceptional circumstances -rely on (c) the absence of all guilt, which constitutes a ground for exculpation.Case law and doctrine distinguish between several varieties of the absence of all guilt (avas), one being the 'maximum care or such care as can reasonably be demanded to prevent the commission of offences' . 74If the legal entity can make a reasonable case that adequate measures were taken to prevent offences, that defence may exculpate it (see Section 4.3, supra).In this situation the onus of proof -to a certain extent 75 -shifts to the suspect entity.This situation and the situation in the UK are clearly comparable, with UK companies also having to prove they have 'adequate measures' in place to prevent bribery (see Section 3.3.2,supra).
One requirement for reliance on the absence of all guilt to be successful is the demonstration that any culpa that may be of criminal relevance is absent.This is mostly a correction covering those exceptional circumstances in which no blame can be attached to the suspect at all.It follows that courts apply a strict review. 76In fact, the requirements for a defence of the 'absence of all guilt' to be successful appear to be more stringent than those set for the 'adequate measures' defence as meant in Section 7 of the Bribery Act.In that perspective, the measures set out in the MoJ Guidance -known as the 'six principles' -are relatively obvious and are therefore likely to be incorporated into most compliance programmes. 77t remains to be seen what practical value the 'absence of all guilt' doctrine will have for legal entities being prosecuted on charges of bribery by their employees.Earlier, we established that a violation of the duty of care to prevent the commission of the relevant offence is one of the -four -criteria on the basis of which the court determines whether the offence should reasonably be attributed to the legal entity (see Sections 4.2, 4.3 and 5.2, supra).If this specific criterion is applied, the court's acceptance of the 'due diligence' defence ensures that the prosecution has failed to prove that the offence can be attributed to the legal entity.In that case, the burden of proving a violation of the duty of care lies on the prosecution and the 'absence of all guilt' defence is out of reach.The situation may be different if the court applies any one or more of the remaining three criteria deriving from Supreme Court case law.The onus of proof then shifts to the suspect legal entity, which will then have to make a reasonable case that all guilt is absent (as in the 'absence of all guilt' defence). 78t should be noted, though, that the absence of all guilt defence is mainly relevant where lesser offences are concerned, as most of those do not require intent or culpa.It is argued that the need for the absence of all guilt defence diminishes as the number of requirements for liability increases, particularly in those instances where mens rea comes into play.In that situation, the absence of all guilt defence in effect comes down to a defence challenging the offender's intent. 79This is likely to apply to the Dutch bribery offences as formulated in the DCC as well.The requirement of intent (Articles 177 and 177a DCC) and of negligence (Article 328ter DCC) cannot be proved if it is established that the legal entity did everything it could reasonably be required to do in order to prevent bribery by its employees (see Section 5.3, supra).

Conclusion
The conclusion that can be drawn is that both in the UK and in the Netherlands exercising due care -which translates into a sound compliance programme -may under certain circumstances constitute a ground for exculpation from charges of bribery by a legal entity's employees.However, there are essential differences in the status and effect of this duty of care within the criteria for liability.In the UK, strict liability is applied.However, in the UK a corporation may rely on the defence of adequate due diligence; the burden of proving this rests on the suspected entity.The situation under Dutch law is much more Bram Meyer, Tessa van Roomen, Eelke Sikkema with this rule.Foreseeability in criminal law-making enables individuals to behave in accordance with the criminal norms.Thus, when they construe criminal liability, both the English and Dutch legislators are bound by the principle of lex certa.The principle is addressed to the legislator and demands high standards for the wording of statutory provisions and the structure and design of regulations.However, due to the fact that sharp boundaries of lex certa and incerta cannot be easily drawn, consequently, in many cases the concretisation of terms is left to the courts. 86iven the lack of relevant case law, British and Dutch courts still do not provide a clear answer to the question of to what extent companies (legal entities) have a duty of care to prevent bribery committed by employees.The fact that there is yet to be a prosecution against a corporation under the Bribery Act could in part be explained by the fact that investigations take a long time and that, because the Bribery Act is not retrospective, a prosecution under the Bribery Act can only be brought in relation to offences that have taken place since the Bribery Act entered into force on 1 July 2011.As for corporate prosecutions in the Netherlands, in most cases the Dutch prosecution concludes out-of-court settlements, e.g.transactions,87 with companies suspected of bribery.
Neither anti-corruption legislation nor case law88 provides clarity as to the scope of due diligence measures.Especially under Dutch law, it is not sufficiently clear and known what acts or omissions may be subject to sanctions.As a result, it is difficult for -especially Dutch -companies to guide their behaviour and to assess to what extent they have a duty of care to prevent bribery committed by employees.
This conclusion raises the question of in which way the Dutch legislator -in cooperation with the law enforcers -could and should increase the foreseeability of the scope of criminal liability in corruption cases.

A separate duty-of-care provision?
Would it be advisable for the Dutch legislator to take its cue from the Bribery Act and propose a dutyof-care provision subject to strict liability, the provision taking the form of a lesser offence not requiring proof of intent or culpa in relation to the bribery?
There are several ways to give shape to a separate duty-of-care provision in the Dutch Criminal Code, one of them being a provision comprising (i) duty-of-care conduct and (ii) an exculpation provision (in other words: the due diligence or compliance defence).The mere paying of a bribe by an employee suffices for making the conduct an offence: the duty of care has been violated as soon as the punishable situation occurs.In the event of a punishable situation as meant in Articles 177, 178, 178a and 328ter DCC the legal entity may invoke the exculpation scheme.This means that the legal entity will have to make a reasonable case that it exercised the required care.Such a defence may be compared to the adequate procedures defence used in the UK system.
In the past, the Dutch legislator regularly expressed its opinion on the advantages of using dutyof-care provisions.Various parliamentary documents89 note that using the duty of care may result in a more effective law enforcement.However, there are also objections to using duty-of-care provisions.It is argued, for instance, that a legal entity will be considered a criminal offender more quickly.Acts performed by natural persons on their own authority could, in principle, more easily be attributed to the legal entity, because proof of intent or culpa is no longer required.Such a widening of scope, however, does not necessarily have to be a change for the worse.In the Dutch legal system, guilt is generally presumed with respect to lesser offences and the suspect may only rely on the absence of all guilt.It is problematic, on the other hand, if the legal entity is 'automatically' held liable for serious offences by subordinates, which offences as such require intent and/or culpa.The basic assumption, in other words, is that a legal entity is only liable for serious offences -like bribery -by subordinates if intent and/or culpa with respect to that offence can be established.A separate duty-of-care provision would therefore be an odd legal concept differing from the normal liability conditions.We believe that there is not enough Until 2011, the criminal law of bribery in the UK consisted of one general common law offence and various statutory offences.The most important statutes were the Public Bodies Corrupt Practices Act 1889, the Prevention of Corruption Act 1906, and the Prevention of Corruption Act 1916.The extension of these statutes to include bribery of a foreign public official in a foreign jurisdiction was brought into force by the Anti-Terrorism, Crime and Security Act 2001.
Corporate Criminal Liability for Corruption Offences and the Due Diligence DefenceA Comparison of the Dutch and English Legal Frameworks However, the current Corporate Criminal Liability for Corruption Offences and the Due Diligence Defence A Comparison of the Dutch and English Legal Frameworks Dutch bribery provisions do not contain such an explicit requirement.Corporate criminal liability based upon inadequate due diligence can only be established on the basis of the general criteria for corporate criminal liability.