Skip to content
APAC Best Practices Employee Conflicts of Interest Insider Trading Regulations

APAC Regulation: Malaysia Ups The Anti-Corruption Ante

Better known of late in global finance circles for the 1MDB corruption mega-scandal, Malaysia may soon be equally well known for a mega-strict anti-corruption law. Here’s what you need to know about Section 17A of the MACC Act 2009

1MDB isn’t phrasing that exactly rolls off the tongue, or is very memorable in any sense. Yet the term has managed to transcend its linguistic limitations to become synonymous in the minds of even casual newsreaders with large-scale corporate and governmental financial corruption. 1MDB is short for 1Malaysia Development Berhad: a state-run, strategic development fund that—as it became clearer and clearer that many of its billions raised had disappeared into the pockets of government officials and financial dealmakers alike—brought down a prime minister and damaged the reputation of one of America’s most powerful investment banks.

Yet the country that has given finance the cautionary tale of all cautionary tales may also end up giving it an anti-corruption statute worthy of equal attention. Enforcement of Section 17A of the Malaysian Anti-Corruption Commission Act 2009 began last June, and it looks to be a serious effort to curb corruption in a key country in one of the world’s increasingly key regions. Following is an overview of Section 17A, a look at how it came to be, and how it connects to other anti-corruption statutes around the world.

The grandaddy of all anti-corruption acts is the Foreign Corrupt Practices Act, or FCPA. Passed in 1977, the FCPA is a US statute that targets corruption by prohibiting companies and individuals from bribing foreign officials in the hopes of securing business. It’s enforced by the Securities and Exchange Commission and the Department of Justice. Companies that violate the act face the possibility of large fines and sanctions, as well as oversight by an independent auditor to ensure future compliance. Individuals can also be found in violation of the FCPA, and face the possibility of five years in prison.

The UK passed its own anti-bribery law 33 years later, significantly upping the anti-corruption ante. The Bribery Act of 2010 wiped the UK’s slate of anti-bribery laws clean—replacing it with a set of new laws and consolidating them in one tidy, statutory location. Like the FCPA, the Bribery Act also prohibited the bribery of foreign officials in the hopes of securing business. But now, individuals could face up to ten years imprisonment versus five, fines were unlimited, property could be confiscated, and jurisdiction was near universal, i.e., it could be applied no matter where in the world the crime occurred. But maybe most importantly, the UK Bribery Act held commercial entities liable for the failure to prevent bribery.

In 2009 Malaysia passed its own anti-corruption law. The Malaysian Anti-Corruption Commission Act 2009 established the Malaysian Anti-Corruption Commission, which superseded the country’s Anti-Corruption Agency as the sole body in managing cases related to corruption. Offenses under the act include the accepting of gratification by any person, the bribery of a public official, the use of public office for gratification, and the holding or concealing of corrupt property. Prison terms can be 20 years, and while the fines aren’t unlimited they are considerable: not less than five times the sum or value of the gratification which is the subject matter of the offense.

In 2018, the MACC Act 2009 was amended to include corporate liability provisions, and this is what catches it up with the UK Bribery Act: already regarded as some of the toughest anti-corruption legislation in the world. The amendment renders commercial organizations liable for the actions of their employees. Specifically, the new provision stipulates a corporate liability principle, whereby a company can be considered guilty if any of its employees or associates commit a corrupt act for the benefit of the company. Notably, the company can be considered guilty whether or not upper management know about the corrupt acts.

The following defines what a commercial organization under Section 17A is:

  • A company incorporated under the Companies Act 2016 that conducts business in Malaysia or elsewhere.
  • A company, wherever incorporated, that conducts business or part of its business in Malaysia.
  • A partnership registered under the Partnership Act 1961 that conducts business in Malaysia or elsewhere.
  • A partnership registered under the Limited Liability Partnerships Act 2012 that conducts business in Malaysia or elsewhere.
  • A partnership, wherever formed, that conducts all or part of its business in Malaysia.

For companies found guilty under the MACC Act’s new Section 17A, the fine is not less than 10 times the value of the bribe or RM 1 million, whichever is higher. Imprisonment for up to 20 years remains a possibility, with the added possibility of both a fine being levied and a prison sentence being imposed. Companies can, however, defend themselves if they can show they had previously implemented adequate procedures to mitigate bad behavior. But what exactly are these adequate procedures?

Happily for the companies that now find themselves in the statutory sights of Section 17A, in 2018 the Prime Minister’s office issued a set of guidelines that can be can use to figure out and put in place the aforementioned adequate procedures. The guidelines take a similar approach to those issued in relation to Section 9(1) of the UK Bribery Act 2010., and propose that the adequate procedures should be based on the principle of TRUST:

“T” Is For Top-Level Commitment:

  • Top-level management must ensure that the highest level of integrity and ethics is practiced across the company. There should be full compliance with the applicable laws and regulatory requirements on anti-corruption, and key corruption risks must be effectively managed.
  • Top-level management must provide assurance to its internal and external stakeholders that the organization is operating in compliance with its own policies and with regulatory requirements.
  • Top-level management must establish, maintain, and review its anti-corruption compliance program as well as its strategies for communicating those policies, internally and externally.
  • Top-level management must encourage the use of any reporting—a.k.a., whistleblowing—channel. The results of any audit, reviews of risk assessment, control measures, and performance must be reported to senior leadership, including the board, and acted upon.

“R” Is For Risk Assessment:

  • Comprehensive risk assessments are advised to be conducted every three years, with intermittent assessments to be conducted whenever necessary.
  • Risk assessments should establish appropriate processes, systems, and controls to mitigate specific or potential corruption risks that the commercial organization may be exposed to.

“U” Is For Undertake Control Measures:

  • Appropriate controls and contingency measures—reasonable and proportionate to the nature and size of the commercial organization—should be implemented and enforced to address any corruption risks arising from weaknesses in the organization’s governance framework.
  • These controls and measures should include due diligence and reporting channels, and policies and procedures should be endorsed by leadership, kept up-to-date, and made easily available.

“S” Is For Systematic Review, Monitoring & Enforcement:

  • Top-level management should ensure regular reviews are conducted to assess the performance, efficiency, and effectiveness of the anti-corruption program to ensure it’s enforced effectively.
  • Reviews may take the form of an internal audit or an external audit. Reviews should form the basis of any efforts to improve the existing anti-corruption controls in place in the organization.

“T” Is For Training and Communication:

  • Commercial organizations should develop and disseminate internal and external training and communications relevant to their anti-corruption management system.
  • The commercial organization’s anti-corruption policy should be made publicly available and appropriately communicated to all personnel and business associates.
  • When planning relevant communications strategies, the organization should take into account what key points should be communicated, to whom they should be communicated, how they will be communicated, and the timeframe for conducting them.
  • Employees and business associates should be provided with adequate training to ensure a thorough understanding of the organization’s anti-corruption stance, especially in relation to their role within or outside the commercial organization.

At StarCompliance, we make compliance simple and easy. Star has been helping enterprise financial firms around the globe stay on the right side of regulators for more than 20 years. Our financial compliance software is scalable, configurable, and easy-to-use for both end users and administrators. Whether your compliance challenge is monitoring employee conflicts of interest, streamlining control room operations, staying on top of insider trading, or implementing adequate procedures for Section 17A of the MACC Act, Star software will help you increase firm efficiency while reducing firm risk.