Free Word download β’ Edit online β’ Save & share with Drive β’ Export to PDF
An Anti-Corruption Policy is a formal internal governance document that prohibits bribery, facilitation payments, kickbacks, and other corrupt conduct across an organization and its extended network of agents and business partners. It defines the prohibited behaviors in concrete terms, sets thresholds and approval processes for gifts and hospitality, establishes a mechanism for reporting suspected violations, and specifies the disciplinary consequences for non-compliance. Unlike a general code of ethics, an anti-corruption policy is operationally specific β it gives employees, contractors, and third-party intermediaries enough detail to recognize and avoid corrupt conduct in real-world situations, including the gray-area scenarios that arise most frequently in procurement, sales, and government relations.
Without a written anti-corruption policy, your organization has no documented standard to point to when a compliance question arises, no defensible basis for disciplinary action when a violation occurs, and no mitigating evidence to present if a regulator investigates. Under the UK Bribery Act 2010, the only defense available to a company charged with failing to prevent bribery is demonstrating that it had adequate procedures in place β a written, implemented policy is the foundation of that defense. Under the US FCPA, the Department of Justice explicitly considers the quality of a company's compliance program when deciding whether to prosecute and how to calculate penalties. Beyond regulatory exposure, a clear policy protects procurement and sales staff who face pressure from external parties by giving them documented company rules to cite. This template gives you a compliance-ready starting point that covers every key section β purpose, scope, prohibited conduct, gifts, conflicts, third-party due diligence, reporting, and training β so you can customize and distribute it in hours rather than weeks.
| If your situation is⦠| Use this template |
|---|---|
| Multinational company subject to US FCPA and UK Bribery Act | Anti-Corruption Policy (International) |
| Small business needing a lightweight anti-bribery statement | Anti-Bribery Policy Statement |
| Company formalizing how employees report suspected misconduct | Whistleblower Policy |
| Addressing conflicts of interest separately from broader corruption | Conflict of Interest Policy |
| Establishing a full compliance framework across multiple risk areas | Corporate Compliance Program |
| Setting rules for gifts, hospitality, and entertainment only | Gifts and Hospitality Policy |
| Vetting third-party agents, distributors, and partners | Third-Party Due Diligence Questionnaire |
Why it matters: Most corruption enforcement actions target conduct by agents, distributors, and joint-venture partners β not direct employees. An employee-only policy provides no protection against third-party liability.
Fix: Explicitly extend the policy to all persons acting on the company's behalf, including contractors, agents, and intermediaries, and require them to acknowledge it before engagement.
Why it matters: A threshold alone does not prevent employees from making multiple below-threshold gifts to the same recipient β a pattern courts treat as a de facto bribe.
Fix: Add an aggregate annual limit per recipient alongside the per-occasion threshold, and require pre-approval for any gift involving a government official regardless of value.
Why it matters: Regulators treat undocumented training as no training. In an enforcement action, the absence of training records eliminates the 'adequate procedures' defense.
Fix: Maintain a completion log with employee name, training date, and version of the policy covered. Retain records for at least five years.
Why it matters: Without explicit protection language, employees assume reports will have career consequences and stay silent β defeating the reporting mechanism entirely.
Fix: Include a clear, stand-alone non-retaliation clause that names the action as a policy violation in itself, separate from the reporting channel description.
Why it matters: Anti-corruption regulations evolve, enforcement priorities shift, and business activities change. A policy last reviewed three years ago may not cover new markets, products, or third-party relationships.
Fix: Assign a named owner, schedule an annual review, and trigger an out-of-cycle review whenever the business enters a new market, adds a new product line, or engages a new category of intermediary.
Why it matters: Vague terms like 'improper payments' leave employees unable to recognize violations in ambiguous day-to-day situations β especially in markets where informal payments are treated as normal.
Fix: Include concrete examples of prohibited conduct: paying a customs official to expedite a clearance, offering a client tickets to a sporting event contingent on a contract award, or accepting a vendor's offer to pay for a personal vacation.
Determine which anti-corruption laws govern your operations β US FCPA, UK Bribery Act, OECD Anti-Bribery Convention, or local equivalents. List them explicitly in the purpose section.
π‘ If you operate in more than one country, name each applicable law separately β a single generic reference to 'applicable laws' provides no guidance to employees.
List every category of person this policy covers: employees, contractors, agents, consultants, subsidiaries, and joint-venture partners. Be specific about whether it applies to board members and interns.
π‘ Expand scope to include any third party who can legally bind or act on behalf of your company β this is where most enforcement actions originate.
Specify a dollar limit per occasion and per year for gifts and entertainment, separate thresholds for government officials and private-sector counterparts, and a pre-approval process for anything above the threshold.
π‘ A $50 per-occasion threshold for government officials is a defensible standard aligned with common enforcement guidance β industry-specific norms may differ.
Create a Schedule A disclosure form and specify when employees must submit it β at hire, annually, and whenever a new conflict arises. Name the person who reviews and approves disclosures.
π‘ Separate the disclosure reviewer from the employee's direct manager so that disclosures involving the manager have an independent review path.
Create a Schedule B questionnaire covering ownership, PEP (politically exposed person) status, sanctions screening, and past corruption allegations. Define which risk levels require sign-off before engagement.
π‘ Use a free sanctions screening tool (OFAC, UN, EU lists) as a minimum check β document the date and result for every partner screened.
Add at least two reporting options β a named compliance contact and an anonymous channel. Include explicit, unambiguous non-retaliation language that mirrors the language in your jurisdiction's whistleblower protection statute.
π‘ An anonymous email alias costs nothing to set up and meaningfully increases the volume of good-faith reports from employees who fear visibility.
Name the specific role responsible for maintaining the policy, set an annual review date on the calendar, and document the version number and effective date on the cover page.
π‘ Version-control the policy with a version number and effective date in the footer β this makes it straightforward to show auditors which version was in force at any given time.
Distribute the policy to all covered personnel, collect signed or digital acknowledgment, and log training completion with dates. Store records for the period your applicable law requires β typically five years.
π‘ Link the acknowledgment to your onboarding workflow so no new hire reaches day 30 without a signed record on file.
An anti-corruption policy is a formal internal document that prohibits bribery, facilitation payments, kickbacks, and other corrupt practices across an organization. It defines who is covered, what conduct is prohibited, how violations should be reported, and what the consequences are. It also demonstrates to regulators, investors, and business partners that the organization has implemented active controls against corruption risk.
In most jurisdictions, no specific law mandates a written policy by that name. However, the UK Bribery Act 2010 creates a corporate offence of failing to prevent bribery, with a defense available only to companies that have 'adequate procedures' in place β a written policy is a core component of that defense. Under the US FCPA, a documented compliance program is the primary evidence regulators consider when assessing corporate culpability and calculating penalties.
The policy should cover all employees, officers, and board members, as well as contractors, agents, consultants, and any third party authorized to act on the company's behalf. Most enforcement actions target conduct by agents and intermediaries rather than direct employees β a policy that excludes third parties leaves the company's largest area of exposure unaddressed.
A code of conduct is a broad statement of values and behavioral expectations covering topics such as workplace respect, data privacy, and conflicts of interest. An anti-corruption policy is a specific, operational document focused exclusively on bribery and corruption risk β with defined thresholds, approval processes, reporting channels, and disciplinary consequences. Companies typically maintain both, with the code of conduct referencing the anti-corruption policy for detailed guidance.
There is no universal standard, but common practice is $50 per occasion for government officials and $100β$150 per occasion for private-sector counterparts, with an aggregate annual limit per recipient. Any gift involving a government official should require advance written approval regardless of value. Cash gifts and gifts that could be construed as contingent on a business outcome should be prohibited outright.
An annual review is the standard recommended by most compliance frameworks, including guidance from the US DOJ and UK SFO. An out-of-cycle review should be triggered whenever the company enters a new market, acquires a business, adds a new category of third-party intermediary, or experiences a significant regulatory development in its operating jurisdictions.
A facilitation payment is a small unofficial payment made to a government official to speed up or secure a routine administrative action β for example, paying a customs officer to process a clearance that should happen as a matter of course. These payments are prohibited under the UK Bribery Act regardless of size and are generally not permitted under US FCPA guidance. Even where locally common, they create criminal liability for the company and the individuals involved.
The policy should provide at least two reporting channels: a named compliance contact (typically the compliance officer or general counsel) and an anonymous option such as an ethics hotline or anonymous email address. Reports should be investigated promptly and confidentially, and the policy must explicitly prohibit retaliation against anyone who makes a good-faith report β including anonymous reporters.
A well-implemented policy is a significant mitigating factor, not a complete shield. Under the UK Bribery Act, adequate procedures are a full defense to the corporate failure-to-prevent offence. Under the US FCPA, a credible compliance program can reduce penalties and affect the decision to prosecute. The key word is 'implemented' β a policy that exists on paper but is not trained, enforced, or reviewed provides minimal protection.
A code of ethics is a broad values document covering honesty, respect, and professional conduct across many dimensions of organizational behavior. An anti-corruption policy is a focused operational document with specific prohibited conduct, dollar thresholds, approval processes, and disciplinary consequences. The code sets the culture; the anti-corruption policy sets the rules.
A whistleblower policy governs the reporting and investigation mechanism for any type of misconduct β financial fraud, safety violations, harassment, or corruption. An anti-corruption policy covers the substantive rules against bribery and corrupt practices. Most organizations maintain both, with the anti-corruption policy referencing the whistleblower policy for reporting procedures.
A conflict of interest policy addresses situations where an employee's personal interests could improperly influence their business decisions β investments, family relationships, or outside employment. An anti-corruption policy covers the broader range of corrupt conduct including bribery of external parties. Conflicts of interest are one category within anti-corruption risk but warrant their own detailed policy.
A corporate compliance program is a comprehensive framework covering all regulatory risk areas β anti-corruption, data privacy, antitrust, sanctions, and employment law. An anti-corruption policy is a single component within that framework focused exclusively on bribery and corruption. Small businesses typically start with the policy; larger organizations build it into a full compliance program.
Frequent interaction with government permitting authorities and public procurement creates elevated facilitation-payment risk that the policy must address explicitly.
Regulatory licensing requirements, politically exposed persons in the client base, and correspondent banking relationships require enhanced third-party due diligence provisions.
Concession agreements, extraction licenses, and joint ventures with state-owned enterprises are among the highest-risk transaction types covered by FCPA and UK Bribery Act enforcement history.
Consultancies and law firms acting as intermediaries on behalf of clients need clear guidance on when facilitated introductions or referral fees cross into prohibited conduct.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Small and mid-sized businesses establishing baseline anti-corruption controls for domestic operations or government contracting | Free | 2β4 hours to customize and distribute |
| Template + professional review | Companies operating in multiple countries, engaging government officials, or subject to FCPA or UK Bribery Act jurisdiction | $500β$2,000 for a compliance consultant or lawyer review | 3β5 business days |
| Custom drafted | Multinational enterprises, regulated industries (financial services, defense, energy), or companies responding to a regulatory inquiry | $3,000β$15,000+ for a specialist compliance or law firm engagement | 2β6 weeks |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Free Forever PlanΒ Β·Β No credit card required
