Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

First Published February 2022

Published by:

Transparency International Malaysia

319 Block A, Kelana Centre Point,
Jalan SS 7/19, Kelana Jaya,
47301 Petaling Jaya Selangor, Malaysia

Email:

[email protected]

Editorial Panel:

Dr Muhammad Mohan
Raymon Ram
Nurirdzuana Ismail

Writer:

Alissa Marianne Rode

Page 1
[email protected] | www.transparency.org.my 2022

01 Foreward

The Corporate Liability Provision or Section 17A, Malaysian Anti-Corruption Commission

(Amendment) Act 2018 which took effect on 1 June 2020 provides that “a commercial
organisation commits an offence if any person associated with the commercial
organisation commits a corrupt act (i.e gives, agrees to give, promises or offers to any
person any gratification) in order to obtain or retain business or advantage for the
commercial organisation”.

S17A (3) provides where an offence has been committed by a commercial organisation,
a person who is a Director, Controller, Officer or who is concerned in management of
the commercial organisation’s affairs at the time of commission of offence is deemed
to have committed that offence. The burden shifts to the commercial organisation,
its Directors, Partners and Management to demonstrate that they have put in place
“adequate procedures” to deter persons associated with the commercial organisation
from committing corrupt acts of gratification.

The Minister in the Prime Minister’s Department had, in December 2018, issued pertinent
Ministerial Guidelines on Adequate Procedures, covering five (5) key principles of
T.R.U.S.T, that is to be established as lines of defence for the commercial organisation
as well as those charged with governance and management of the organisation.

The penalties, upon conviction under S17A, may entail a fine of not less than (10)
times the value of the gratification or RM1 million, whichever is higher; AND/OR a
jail sentence not exceeding twenty (20) years. In view of the hefty penalties, it is
crucial for Directors, Partners and Management to have systems in place / adequate
procedures to prevent the commission of such offences.

Page 2
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

The key here is strong commitment from the top; assessment and management of
bribery/corruption risks; monitoring, reviewing and enforcing internal policies/
procedures; as well as training and communication to internal and external parties
associated with the organisation. Those in charge of integrity and compliance now play
a vital role in safeguarding the interests of shareholders by setting the organisation’s
anti-bribery objectives/strategies; ensuring regulatory compliance; endorsing related
policies; and reviewing and monitoring organisational activities in relation to those
established policies, processes and procedures.

Today, the roles of the Directors, Senior Management and those in charge of Integrity
and Compliance are further extended with the need for an eye for detail and knowledge/
expertise in the assessment and management of key bribery/corruption risks that
their organisation may face. This includes the call to drive/supervise an organisation’s
compliance function, establishing appropriate lines of authority and reporting,
setting anti-bribery objectives and supporting the allocation of resources to achieve
those objectives, questioning and communicating efforts taken by the organisation
to mitigate the bribery/corruption risks observed, ensuring that there is an easily
accessible whistleblower hotline, and systematically reviewing audit findings on the
effectiveness and efficiency of the organisation’s anti-bribery/corruption programme.

Transparency International Malaysia, with support from the Malaysia Reform Initiative
(MARI) and USAID, had conducted a series of workshops and roundtable discussions
with senior representatives from numerous private sector entities to devise a “Guidance
for Good Practice and Checklist on Adequate Procedures” to assist those in charge of
formulating an anti-corruption plan within their very own organisations and internal
or external auditors whom are tasked to look into matters concerning the same.

We would also like to thank the Malaysian Anti-Corruption Commission for their time
and efforts in attending our workshop as observers in this project.

Dr Muhammad Mohan Raymon Ram

President Secretary General
Transparency International Malaysia Transparency International Malaysia

Page 3
[email protected] | www.transparency.org.my 2022

Table of Contents

01 Foreward

02 Introduction

05 Overview

08 Using the Checklist

10 Guidance for SMEs

03 Checklist

13 Top Level Commitment

17 Risk Assessment

19 Undertake Control Measures

32 Systematic Review, Monitoring & Enforcement

36 Training & Communication

Page 4
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

02 Introduction

Overview
Section 17A of the MACC Act 2009 makes a commercial organisation strictly liable
for failing to prevent the giving or even promising of gratification for the advantage
of the organisation. If a person associated with the organisation is found to have
corruptly given, agreed to give, offered, or promised a gratification for the benefit
of the organisation, the provision presumes corporate liability on the part of the
organisation and its directors. The only defence for the organisation and its board is
to show that there were adequate procedures to prohibit, prevent, and detect such
conduct.

Thus, Transparency International Malaysia has developed a checklist to guide

commercial organisations on the implementation of a holistic anti-bribery and
corruption programme (ABC Programme) covering the actions of employees as well as
associates within the organisation’s stakeholder network.

This checklist was adapted for the Malaysian context from the 2010 UK Bribery Act
Adequate Procedures Guidance published by Transparency International UK (TI-UK).
Transparency International Malaysia conducted two workshops with stakeholders in
July 2021 to adapt the checklist, with subsequent editing and writing of additional points
by an editorial panel. The workshops were supported by a grant from Malaysia Reform
Initiative (MARI). TI Malaysia thanks the following organisations that contributed to
the discussion:

1. Boustead Holdings Berhad 7. Sime Darby Berhad

2. Cyberview Sdn Bhd 8. SME Corp. Malaysia
3. Duopharma Biotech Berhad 9. Suruhanjaya Syarikat Malaysia
4. Institut Integriti Malaysia 10. The Institute of Internal Auditors Malaysia
5. MAXIS Berhad 11. Top Glove Corporation Berhad
6. MIDF Berhad 12. Veritas Architects Sdn Bhd

The list has also been submitted to MACC as a reference document in investigations.

Page 5
[email protected] | www.transparency.org.my 2022

Scope of Section 17A in the MACC Act 2009

The organisation may be liable for the actions of subsidiaries or entities that it
controls, as well as that of associates. With regards to individuals, the section also
makes the organisation liable for the actions of any persons associated with the
organisation. Persons associated with the organisation as envisioned by Section 17A
covers not only employees, but also directors, partners, or persons who perform
services on behalf of the organisation. The nature of “services” is also open-ended in
Section 17A, which directs the court to consider “all the relevant circumstances” and
not merely to take the nature of the relationship at face value. Associated persons
thus could include business associates such as contractors and suppliers, agents and
intermediaries, and co-investors in joint ventures as well as joint venture entities
or special purpose vehicles, regardless of the level of operational control that the
commercial organisation has over the entity.

In setting up adequate procedures, the commercial organisation must therefore

assess all stakeholder relationships through which it gains benefits for compliance
and commitment to the ABC Programme.

Adequate Procedures

Every commercial organisation has its own operating model that generates a unique
risk profile when it comes to bribery and corruption. Thus, the depth of due diligence
procedures, the level of communication, documentation, review and disclosure that
are considered adequate may vary depending on factors such as the size of the
organisation, the nature of the risk, the level of risk exposure, and the complexity of
its business relationships.

The checklist therefore should not be considered a mere “ticking the box” exercise.
Instead, it serves as a benchmark list of best practices for organisations that are
implementing an ABC Programme for the first time or reviewing an existing programme.
A commercial organisation that is truly committed to promote integrity must implement
a holistic ABC Programme that responds to the level of corruption risk inherent in its
operations and stakeholder relationships.

Page 6
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Top-Level Commitment

T
The Board’s and Top Management’s commitment towards anti-corruption is visible and
translates consistently into implementation.

The Board endorses and oversees the development of a holistic ABC Programme. The primary
objective is to set the tone for zero tolerance of bribery and corruption.

Risk Assessment

R
The ABC Programme should include a periodic Risk Assessment to identify the CO’s risk exposure.
The assessment should cover all geographic locations where it operates and seeks new markets,
and all persons associated with the CO, including eg business partners, significant investments,
agents and intermediaries, suppliers, and joint ventures.

Undertake Control Measures

U
Informed by the risk assessment, Management develops or updates control measures to provide
reasonable assurance of preventing or detecting bribery. Control measures are adequate,
properly documented, and proportionate to the level of risk exposure

Systemic Review, Monitoring & Enforcement

S
The programme undergoes regular review to improve the efficacy of controls and keep up with
the changing risk environment.

This includes updating the risk assessment, revising policies, and improving procedures.

There is consistent internal enforcement of control measures which is overseen by the Board,
eg through internal audits, as well as independent assessment by external auditors.

Training & Communication

T
The CO ensures effective implementation of the ABC Programme by communicating the ABC
Programme and providing adequate training to all employees and stakeholders.

All employees and external stakeholders are made aware of the requirements of the
organisation’s ABC Programme, and the consequences of violating the programme.

Procedures Guidelines published by the Prime Minister’s Department:

Figure 1 The TRUST Principles for adequate procedures against corruption

Page 7
[email protected] | www.transparency.org.my 2022

Using the Checklist

The checklist is divided into the five TRUST Principles. Some of the principles are
further divided into multiple categories, to provide structure to the assessment:

TRUST Principle Category

TOP-LEVEL COMMITMENT -

RISK ASSESSMENT -

• Human Resources
• Facilitation Payments
• Gifts, Hospitality & Expenses
• Political Contributions
• Charitable Contributions
• Whistleblowing Channels & Advice Lines
UNDERTAKE CONTROL MEASURES • Internal Controls
• Accurate Books & Records
• Subsidiaries
• Significant Investments
• Contractors and suppliers
• Agents and other intermediaries
• Joint ventures and consortia

SYSTEMATIC REVIEW, MONITORING AND ENFORCEMENT -

• Training
TRAINING & COMMUNICATION
• Communication

Table 1 List of Categories for the TRUST Principles

Page 8
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

The checklist has different input fields to enable management to document the
process of reviewing, improving, and implementing adequate procedures. A sample
of a filled-up checklist is provided below:

Please use the editable/printable checklist to fill in notes, refer to page (x) for more information. IP: In Planning

Target
Plans for
No. . Item Yes No IP Implementation Evidence Reference
Implementation
Date

TOP-LEVEL COMMITMENT

The board of
• ABC Policy
directors or
• Employee
equivalent body has
Handbook – Ch.4:
formally approved Implemented
1 X X Maintaining a
the anti-bribery since dd/mm/yy
corruption-free
and corruption
culture
programme (ABC
Programme).
• 2 independent
• Draft terms of
directors are
reference:
functionally
A board sub- dd/mm/yy • Board meeting
designated to
committee or • Board minutes
oversee, but there is
2 specific directors approval and 1st • Terms of
no subcommittee
provide oversight of subcommittee reference
• Board to appoint
the ABC programme. meeting:
subcommittee with
dd/mm/yy
terms of reference

Anti-bribery and • dd/mm/yy

corruption is a Insert standing item (by next Board • Board meeting
3 X
standing item on on Board agenda meeting) minutes
the board agenda

Table 2 Example of a filled-up checklist

Page 9
[email protected] | www.transparency.org.my 2022

Guidance for SMEs

SMEs have the same duty to put in place adequate procedures against corruption,
and cannot use disadvantages in size, narrow profit margins, nor lack of resources
as excuses for a weak anti-corruption culture. At the same time, the standard for
adequate procedures would also take into account factors of proportionality and
reasonability. Smaller and less complex organisations could employ simple and cost-
effective procedures to implement an effective ABC Programme with a strong tone
from the top.

Guidance for adapting the checklist procedure for SMEs:

Tone From The Top

• SMEs can use a single Anti-corruption and anti-Bribery Policy (ABC Policy) document
to capture all its policies on acceptable and unacceptable Gifts, Hospitality and
Entertainment, Charitable and Political Contributions, and Sponsorships.

• For SMEs which are too small to have dedicated compliance officers, a director,
member of senior management, or a compliance taskforce or committee comprising
suitable senior and trusted personnel could be empowered to:

o Oversee the risk assessment process

o Implement adequate procedures
o Oversee the review and monitoring
o Provide in-house briefings on the ABC Programme

Risk Assessment

• Risk assessment should still cover all areas of the SME’s operations and all
stakeholders. An independent risk assessment exercise is encouraged.
• SMEs that are too small to engage consultants for independent assessment can
consider assigning a manager or committee to be trained in basic risk assessment.
• Self-assessment should minimally identify the risk exposure towards bribery and
corruption according to role and functions of employees, agents, intermediaries,
business partners, and other associates. Assessment should not be based on
subjective perceptions or personal relationships (a role such as sales and marketing
may be assessed to be at high risk of corruption even if the specific employee is
regarded as trustworthy).
• Resources for implementing control measures and training should be prioritized or
roles that are at higher risk of encountering bribery and corruption.

Page 10
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Undertake Control Measures

• Due diligence procedures could involve minimally a background or reference check,

a request to see the other party’s ABC Policy, and internet search for publicly
reported incidents or court cases involving corruption.

• Due diligence should be documented. A simple documentation process could

include a signed checklist to acknowledge the above mentioned, checks, and a
folder to save web searches and notes of reference checks that were done prior
to committing with the other party.

Systematic Review, Monitoring & Enforcement

• Ongoing review and monitoring could be undertaken by a manager or committee

with the oversight of independent directors of the Board or its equivalent.

• SMEs are encouraged to include assessment of adequate procedures within

the scope of work of external auditors to obtain independent review and
recommendations on the ABC Programme.

Training & Communication

• SMEs could source for suitable external training programmes for employees or
have a senior manager provide simple in-house briefings on the ABC Programme
for training & communication.

• SMEs that are vendors to MNCs or large local companies should actively participate
in the latter’s compliance programmes, if any, and should ensure attendance of
any relevant training or briefing that is made available. SMEs may wish to keep
attendance records of such training as a form of documentation of training.

• Often, the SME is not in a position to dictate contract clauses pertaining to

compliance to its ABC Programme. In these cases, communication to stakeholders
could be in the form of standard letters with the ABC Policy attached and an
acknowledgement of receipt, or through mutual declarations or pledges.

Page 11
[email protected] | www.transparency.org.my 2022

03 Checklist
Filling in the Checklist
Please use the QR codes below in order to access the printable or editable version of
the checklists for easier access.

Print Version Digital Version

By accessing these QR codes, you hereby agree to comply to NOT MODIFY the
pre-existing text in this document while assuring to only fill in the columns which
are permissible. Transparency International is not responsible for distributions of
altered samples of this document.

Print Version Instructions

Please scan the ‘Print Version’ of the QR code to access a print-friendly PDF of the
checklists. This file can be printed in multiple standard horizontal A4 sized sheets of
paper in either black and white or color.

Digital Version Instructions

Please scan the ‘Digital Version’ of the QR code to access an editable Excel file, which
can be easily filled in by using Microsoft Excel in a PC (Mac & Windows) or Mobile
Device (iOS & Android).

Page 12
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Top-Level Commitment
T
Under the leadership of the Board and top management, the commercial organisation
should publicly commit to a detailed ABC Programme. The organisation’s commitment
should be made formally through policies endorsed by the Board, periodically reviewed
by the audit committee or equivalent body, and implemented by top management
through clear lines of authority. The Board has the ultimate responsibility for
establishing a culture of zero tolerance for bribery and corruption.

Beyond a paper endorsement, the Board would show that it attaches strategic
importance to the effective implementation of the ABC Programme through:

1. Staying updated and knowledgeable – through briefings on the law and anti-
corruption measures.

2. Regular oversight – countering bribery should be a standing item on the board

agenda and the board should receive regular reviews on the implementation of
the programme, reports on any incidents or allegations of bribery and actions
taken to correct deficiencies.

3. Dedicating resources for implementation – assigning specific responsibility to

senior management for the development and implementation of a detailed ABC
Programme.

4. Clear and frequent communication – board members should frequently reinforce

the ABC Programme through communications in engagements with internal and
external stakeholders.

5. Setting the right priorities – it is clear that management and board will support
the refusal to pay bribes even if there is a loss of business opportunities.

6. The organisation’s Anti-bribery and Anti-corruption Policy (ABC Policy) is the

master policy of the ABC Programme, which guides the development of related
policies, guidelines and documented procedures. The ABC Policy should include
key objectives and value statements, as well as a clear definition of bribery and
corruption which is consistent with the MACC Act 2009 and other relevant laws.

Page 13
[email protected] | www.transparency.org.my 2022

In assessing the organisation’s top-level commitment through the checklist, the

following examples of evidence may be referred to:

Element Examples of Evidence

• Board resolutions, agenda and minutes

• Anti-bribery and anti-corruption policy (ABC Policy)
• Board and sub-committee terms of reference
includes oversight and review of the ABC
programme
• Related policy documents, eg Gifts,
Hospitality & Entertainment Policy, Political
Board-level commitment
Contributions Policy, Charitable Contributions
Policy, etc.
• Board members’ code of conduct, declaration of
interest, pledge, etc
• Chairman’s statement
• Townhall meetings (with integrity as key
agenda item)

• Directors’ onboarding / ABC Programme

briefing material
Board competencies and understanding
• Record of directors’ attendance at relevant
briefings

• Job descriptions, key performance

indicators, and organisational structure
Accountability and oversight for anti-corruption (shows that top management is responsible for
implementing the ABC programme, with clear lines
of authority)

Public disclosure of the ABC Programme and • Annual report / Consolidated Report / Ethics,
alignment with international benchmarks Sustainability & Governance Report

Table 3 Examples of evidence for top-level commitment

Page 14
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Checklist: Top-Level Commitment

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Top-Level Commitment

The Board of directors or equivalent body has

1 formally approved the anti-bribery and corruption

programme (ABC Programme).

A Board sub-committee or specific directors
2
provide oversight of the ABC Programme.
Anti-bribery and corruption is a standing item on
3
the Board agenda.
The Board of directors and top management

4 demonstrate visible and active commitment to

implementation of the ABC Programme

The Board and top management provide an

5 example for transparency and integrity through

their own behaviour.

The Board and top management promote a culture
6
of integrity within the organisation.
The Board of directors has oversight of the

7 implementation of the ABC Programme, including

providing instructions based on:

Regular review of reports on implementation,

a audit, risk assessment, control measures and

performance from top management

Recommendations from the regular review of the
b
ABC Programme
Independent assessment of the adequacy of the
c
ABC Programme through an audit committee.
There is a documented Anti-bribery and Corruption

8 policy (ABC Policy) that has been formally approved

by the Board of directors or equivalent body.

The Board encourages the use of any reporting

9 or whistleblowing channels in relation to any

suspected or real corruption incidents.

Board members receive regular training and

10 updates and are knowledgeable on relevant laws

and regulations.
The Chief Executive Officer or equivalent is

responsible for ensuring that the programme

11
is carried out consistently with clear lines of

authority.

Page 15
[email protected] | www.transparency.org.my 2022

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Top-Level Commitment

A competent person in a senior role is assigned

12 responsibility for implementing the ABC Programme

and is adequately resourced.

Clear lines of authority are assigned to managers
13
for carrying out the ABC Programme.
There is a policy for the CO to be consistent with all

14 relevant anti-bribery laws in all the jurisdictions in

which it transacts its business.

The CO or its legal adviser maintains a register of

15 anti-bribery laws and monitors changes in law and

court decisions.
The CO publicly discloses information about the

ABC Programme including the management systems

employed.

16 Explanation: For example, the list of policies under

the programme, and management systems or

certification in place as endorsed by the Board in

the Annual Report.

The CO reports on its ABC Programme aligned to

international guidance such as:

a. The Global Reporting Initiative Sustainability

17
Reporting Framework

b. The UN Global Compact – TI Reporting Guidance

on the 10th Principle Against Corruption.

18 The ABC policy includes:

A definition for bribery and corruption that is

consistent with the MACC Act 2009 and other

a
relevant laws, and a statement prohibiting acts

amounting to bribery and corruption.

A high-level public statement such as a Corporate

b Values statement which includes a commitment to

business integrity.
A definition for facilitation payments, prohibition of

c facilitation payments, and a policy for dealing with

demands for facilitation payments under duress.

There is a procedure for dealing with breaches of

d
the ABC Programme by Board members.

Page 16
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Risk Assessment
R
The risk assessment is necessary to provide an overview of the organisation’s exposure
to corruption and bribery risk. Management can then respond adequately to such
risks by implementing control measures that are proportionate to the likelihood and
impact of such risks to the organisation.

The scope of the risk assessment should cover all business activities in all locations
where the organisation has active operations, whether directly or through associated
persons. There should be a prior process of stakeholder mapping to identify all
associates through whom the organisation is exposed to corruption risk. Third-party
risk in all its forms should be included as part of the assessment. The assessment
should also consider corruption risks specific to local conditions and business
cultures, as well as inherent risk in the sector or activity.

The risk assessment can be integrated with the organisation’s existing risk assessment
process, or be conducted on its own. The board should have oversight of the risk
assessment process, and should delegate the responsibility for its implementation to
a senior manager.

The risk assessment process should be repeated periodically, and particularly when
significant changes have occurred in the business environment, eg routinely every
three years, or when a merger or acquisition occurs. A corruption and bribery risk
assessment can also be part of the due diligence procedure for business expansion
plans.

In assessing the organisation’s policies through the checklist, the following examples
of evidence may be referred to:

Element Examples of Evidence

• Minutes of board meeting and audit committee meeting - eg. instructions to
management to undertake risk assessment, comments and further instructions on findings
• Letter of Appointment or contract of services (for independent risk assessment consultant)
Risk • Risk Register and latest Risk Assessment Report - corruption and bribery risk
Assessment assessment which covers all operational functions, group entities, regions, and stakeholders.
• Documentation on risk control and mitigation measures undertaken - eg. periodic
reports to audit committee or the board, risk mitigation action plan, etc.
• Record of risk assessment procedure

Table 4 Examples of evidence for risk assessment

Page 17
[email protected] | www.transparency.org.my 2022

Checklist: Risk Assessment

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Risk Assessment

The Board or equivalent body has oversight of the

19
risk assessment process.
Responsibility for risk assessment for bribery and
20
corruption is assigned.
There is regular risk assessment for bribery and

21 corruption which includes all operations under the

CO’s effective control.

The risk assessment process identifies and

22 prioritises risks from bribery and corruption, and

covers these areas:

Opportunities for corruption due to weaknesses in
a
governance and internal procedures
Financial transactions that may disguise corrupt
b
payments
Risk exposure through business activities in
c
different countries and sectors, as applicable
Risk exposure through external parties that act on
d
behalf of the CO
Risk exposure through relationships with third
e
parties in the CO’s supply chain.
Detailed policies and procedures to counter bribery

23 and corruption are developed and improved based

on the assessed risks.

Page 18
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Undertake Control Measures

U
The risk assessment would reveal the risk exposure and any gaps in procedures
for the commercial organisation with regards to the ABC Programme. Thereafter,
the recommendations for risk mitigation would primarily involve implementing or
strengthening control measures. Control measures comprising policies, procedures,
and record-keeping form the core implementation of any ABC Programme.

A significant part of control measures is accurate and updated documentation. A

strong document trail combined with regular reporting and reviews provides reliable
evidence that a procedure is mandatory and systematically enforced. All policies
should be approved, signed and dated by the Board and the accompanying procedures
should likewise be documented by management.

The main areas for control measures can be summarised as:

a. Recruitment – ensuring a proper business case and due diligence for new hires,
particularly in roles with high exposure to the risk of bribery.

b. Marketing or hospitality expenditures and donations – due diligence and control

measures to ensure that these outflows are not used to disguise bribes.

c. Third party risk – ensuring a proper business case, due diligence, and continuous
compliance of third parties that are closely involved with the organisation’s
business.

The organisation should also view a secure whistleblower channel and helpline as a
line of defence, and encourage instead of deterring whistleblowing. Whistleblowing is
important as the possibility that an employee or associate would act inconsistently
with the ABC programme can never be fully eliminated. Organisations that self-report
and take early action in accordance with their stipulated policies when such incidents
do occur, would be practicing adequate procedures consistently and would have a
better chance at successfully putting up the defence. Organisations that attempt to
hide the issue, on the other hand, would be at higher risk of enforcement action for
corporate liability.

Page 19
[email protected] | www.transparency.org.my 2022

In assessing the organisation’s policies through the checklist, the following examples
of evidence may be referred to:

Element Examples of Evidence

• Recruitment policy & SOP – shows due diligence conducted is
proportionate to risk exposure of the role
• Criteria for performance evaluation and promotion –
• Human Resources includes indicators of integrity
• HR policies – no punitive action for refusal to pay bribes, mandatory
compliance to ABC Programme, consequence management framework (or
policy for disciplinary action)
• Policy and procedures for facilitation payments
• Facilitation Payments
• Record of when and how policy was communicated
• Gifts policy
• Limits of authority
• Budget limits and appropriate accounting entries for gifts, hospitality
• Gifts, Hospitality & Expenses and expenses
• Gift register
• Gift depository / share point (appropriate disposal of gifts that cannot
be returned)
• Political contributions policy – includes eg clear prohibitions and/
or criteria for contributions, due diligence requirement, declaration to
shareholders.
• Due diligence report – tracing of beneficial ownership, ensuring
• Political Contributions
contributions are not made to the interests of an individual politician or
in the interest of a public officer who is in the position to give a
business advantage.
• Appropriate accounting entries to reflect contributions.
• Charitable contributions policy / CSR Policy / ESG Policy – includes
guiding criteria for charitable contributions.
• Endorsement / Sponsorship policy.
• Independent approval committee or independent screening by third
party – Committee TOR, declarations of interest, meeting minutes.
• Charitable Contributions • Due diligence report – tracing of beneficial ownership, ensuring
contributions are not made in the interests of a public officer or their
nominees.
• Grant proposal and grant agreement.
• Recipient report – ensures contribution is spent as stipulated.
• Appropriate accounting entries to reflect contributions.

Page 20
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Element Examples of Evidence

• Whistleblowing Policy & Procedure.
• Communication of whistleblowing channels and advice lines – eg. in
website, contract clauses, employee handbook.
• Whistleblowing Channels & • Complaint logs – includes log of complaints, investigation, and actions
Advice Lines taken.
• Minutes of audit committee / Board meeting.
• ESG Report / Annual Report (disclosure on number and type of
enquiries, and follow-up action taken).
• Audit Committee terms of reference and meeting minutes.
• Internal and external auditors’ reports.
• Organisation chart and reporting lines.
• Chart of accounts – no unclear categorisation, dubious categories, off-
• Internal Controls
book or unreconciled expenses, or unexplained related party
• Accurate Books & Records
transactions.
• Limits of authority.
• Job description of personnel.
• Up-to-date, audited accounts.
• Policies and procedures for due diligence – due diligence should
be specific to the type of associated person and the nature of the risk
involved.
• Due diligence report – dated prior to decision to enter into agreement.
• Subsidiaries
• Contract clauses – requiring compliance to ABC Programme, option
• Significant Investments
to terminate if in breach, and requiring disclosure and cooperation in
• Contractors and suppliers
investigations related to programme.
• Agents and other intermediaries
• Third party notification of ABC Programme and compliance requirement.
• Joint ventures and consortia
• Investment policy – eg clear criteria for investments with business value
only, prohibition of co-investment with a public official or their
nominee.
• Procurement policy.
• Vendor / Contractor code of conduct, integrity pact or integrity pledge.

Table 5 Examples of evidence for control measures

Page 21
[email protected] | www.transparency.org.my 2022

Checklist: Undertake Control Measures

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

Human Resources

Human Resources (HR) practices including those

for recruitment, training, performance evaluation,

24 remuneration, recognition and promotion are

aligned with the CO‘s commitment to the ABC

Programme.
The recruitment process includes procedures to

25 ensure that it is fair and transparent and free from

bribery and corruption.

Appropriate due diligence is carried out on
26
recruiting Board members and employees.
The CO has a policy of no punitive action: no

employee will suffer demotion, penalty or other

27 adverse consequences for refusing to pay bribes

even if such refusal may result in the CO losing

business.
The CO clearly communicates the policy of no
28
punitive action for refusal to pay bribes.
Employees are required to read and sign annually
that they have read the ABC Policy / Code of
29
Conduct and other relevant policies of the ABC

Programme.
Employees are appraised on their commitment to

the ABC Programme.

30 Explanation: For example, through training

attendance, compliance, and pledge requirements

in appraisal.
There are procedures to apply appropriate

consequence management to employees in the

31
event of breach of the programme, including

termination in appropriate circumstances.

Facilitation Payments

Training and guidance are provided to employees

32 likely to encounter risks of facilitation payments on

how to deal with them

Page 22
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

There is a procedure to declare and accurately

record facilitation payments made under duress

33
- for example, extortion in dangerous or life-

threatening situations.
There are procedures to report demands for

34 facilitation payments to the appropriate channels/

authorities.

Gifts, Hospitality, Entertainment

The CO has written policies covering receiving and

35
providing gifts, hospitality and entertainment.

36 The gifts, hospitality and entertainment policy:

Prohibits the offer or receipt of gifts, hospitality or

a entertainment that could influence the outcome of

business transactions
Reflects the particular risks of gifts, hospitality

b and entertainment being used for bribery and

corruption
Requires controls, including thresholds and

c reporting procedures to ensure that the policies are

followed
Sets thresholds that emphasise limits, values,

and frequency to exclude gifts, hospitality or

entertainment that are not reasonable nor bona

d fide.

Explanation: Thresholds may be set according

to seniority level, country, or type of event, if

applicable.
Requires procedures to ensure that gifts,

hospitality, and entertainment overseas also comply

e to the laws of those countries where they are made

and received, for both private entities and public

bodies/FPOs.
There are procedures for ensuring proper handling
37
of gifts, hospitality and entertainment, including:
Communication to all employees of guidelines

a for giving and receiving of gifts, hospitality and

entertainment

Page 23
[email protected] | www.transparency.org.my 2022

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

Declaration and disposal of gifts that cannot be

b
returned
Tailored training on the rules for gifts, hospitality

and entertainment for employees in positions of

c
influence and critical functions which are perceived

as high risk
Communication to third parties of the guidelines
d
for gifts, hospitality and entertainment
Gifts, hospitality and entertainment given are
e
accurately recorded and accounted for
Management conducts a documented review

f of gifts, hospitality and entertainment given or

received to ensure compliance.

Political contributions

There is a written policy covering political

38 contributions whether made directly or indirectly

which defines political contributions.

If the policy prohibits political contributions, the CO

39 has procedures to prevent political contributions

being made, whether directly or indirectly.

If the policy allows political contributions, it

40 has clear guidelines and criteria to ensure

contributions are lawfully made, including:

Requiring proper controls and criteria / guiding

principles so that the contribution is not made

a
as gratification for an advantage in business

transactions
Requiring assessment of risks associated with
b
political contribution
Requiring due diligence procedures for contribution

- e.g., checking of beneficial ownership, ensuring

c the contribution is not channelled to the control

of a public officer, individual, or such person’s

nominees

Page 24
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

Prohibiting the promise of highly paid positions

to public officers as a form of gratification, or the

securing of influential positions within government

bodies for the CO’s executive (revolving door)

d Explanation: Hiring of former influential public

officers or nomination to the Board requires

a minuted decision at Board or Nominations

Committee level. Due diligence may be required for

hiring former influential public officers.

Ensuring goodwill contributions in other countries

e comply with laws on political contributions of those

countries.
There are procedures to ensure that agents and

41 intermediaries know and observe the CO’s policy on

contributions and responsible advocacy.

There is a procedure to ensure any political

42 contributions made are accurately recorded and

accounted for.
The CO discloses political contributions made by

43 itself and its subsidiaries or a statement that it has

made none.
The CO discloses contracts entered into with
44
government and public bodies.
The CO publishes details of the top issues on which
45
it practices advocacy with government bodies.

Charitable contributions

There is a written policy covering charitable

46
contributions for government and private sectors.
There are procedures and controls to ensure that
47 charitable contributions are not used for bribery
and corruption. The procedures should:
Prohibit contributions during the pre-, per- and

a post-bidding stages to beneficiaries connected to

the decision-maker in a bid

b Establish a clear custodian of the policy

Require due diligence on the beneficiary,

c particularly in identifying beneficial ownership and

links to public officials (whether local or foreign)

Page 25
[email protected] | www.transparency.org.my 2022

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

d Set designated levels of approval

Monitor charitable contributions to ensure that they

e
are not used deceptively for bribery and corruption
Ensure charitable contributions are accurately
f
recorded and accounted for.
The CO ensures independent approval and

equivalent controls to prevent contributions

through its foundation/trust from being used for

48 bribery and corruption.

Explanation: for COs that have established a

foundation / trust for charitable and philanthropic

activities.
The CO publishes details of all charitable
49
contributions made by the CO and its subsidiaries.

50 There is a written policy covering sponsorship.

There are procedures and controls to ensure

51 that sponsorships are not used for bribery and
corruption, including:
Approval and payment of sponsorships in line with
a
normal purchasing procedures.
Regular monitoring of sponsorships to ensure they

b are within guidelines and not used for bribery and

corruption
A procedure to ensure sponsorships are accurately
c
recorded and accounted for.

52 A list of sponsorships made is published publicly.

Whistleblowing Channels and Advice Lines

The CO has a whistleblowing policy and procedures

for employees and stakeholders to raise concerns

53
and report suspicious circumstances as early as

possible.

Page 26
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

There are secure and accessible channels through

which employees and stakeholders can:

- raise concerns and make disclosures (whistle-

54 blowing) in confidence and without risk of reprisal;

and

- seek advice on the application of the ABC

Programme.
There is full documentation of use and outcomes of

whistleblowing channels and advice lines.

55 Explanation: For example, the number of whistle-

blower reports with number of reports investigated,

closed or resulting in management action

The CO has in place whistleblowing channels and

56 advice lines in the languages used by employees

and stakeholders.
The Board and top management review reports on
57
use of whistleblowing channels and advice lines.
There is a procedure for dealing with incidents of
58
bribery and corruption.
There is a procedure for reviewing and deciding
59
whether to report incidents to the authorities.
The CO reports publicly a description of public

60 legal cases regarding bribery and corruption, if

applicable.

Internal Controls

The CO has a system of internal controls to counter

61
bribery and corruption.
The internal controls include financial and

organisational checks and balances over the CO’s

62
accounting and record keeping practices and other

business processes related to the ABC Programme.

There is an audit committee/oversight committee

that provides oversight of internal controls,

63
financial reporting processes and related functions

including countering bribery and corruption.

The CO ensures that there is appropriate separation
64
of duties for financial transactions.

Page 27
[email protected] | www.transparency.org.my 2022

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

Accurate Books and Records

There is a procedure to implement accountability

throughout the CO and its subsidiaries to enforce

65
internal controls and keeping of proper books and

records.
There is a procedure for ensuring that there is

66 an adequate audit trail to support all recorded

transactions.
There are procedures to ensure that there are no

67 ‘off-the-books’ accounts, inadequately defined

transactions, or false entries.

The CO maintains available for inspection accurate

68 books and records that properly and fairly

document all financial transactions.

There are cross-departmental meetings to review
69
the effectiveness of internal control systems.

Subsidiaries

The CO implements the ABC Programme in all

70
business entities over which it has effective control.
There is a procedure to carry out due diligence on

71 ‘legacy risks’ with regards to bribery and corruption

for mergers and acquisitions.

The CO reports publicly the extent to which the ABC

Programme is implemented in all the entities under

72 the CO’s effective control using measures such

as numbers or percentage of employees, value of

turnover, countries, business units.

Significant investments

The CO carries out due diligence on its significant

investments before entering into them.

73
Explanation: Entities where the CO is a substantial

minority shareholder are significant investments -

for example, Associate companies.
The CO conducts due diligence to counter bribery
74
and corruption risk in its business relationships.

Page 28
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

The CO has policies and procedures to encourage

the implementation of an ABC Programme

75
equivalent to its own in entities in which it has a

significant investment.
The CO monitors its significant investments

76 periodically to check that their ABC Programmes are

adequate and working.

The CO reports publicly on its policy for significant
77
investments and how it is implemented.

Contractors and Suppliers

The CO has a public statement of commitment to

78 conduct its contracting and procurement practices

in a fair and transparent manner.

The CO has procedures to carry out its commitment

79 to conduct contracting and purchasing in a fair and

transparent matter to counter the risk of bribery.

The CO undertakes due diligence in evaluating

80 prospective contractors and suppliers to ensure

that they have effective ABC Programmes.

The CO has a procedure to mitigate the risk when

dealing with contractors and suppliers reasonably

81
suspected to be paying bribes or to be acting in any

way inconsistent with the ABC Programme.

The CO has a policy and procedures to make known

82 its ABC Programme to contractors, subcontractors

and suppliers.
The CO has procedures to monitor significant

83 contractors and suppliers to ensure they have

effective ABC Programmes.

The CO ensures right of termination of contract

in the event that contractors and suppliers pay

84
bribes or act in a manner inconsistent with the ABC

Programme.
The CO reports publicly on measures of training
85
given to contractors and suppliers.
The CO reports publicly on the number of

86 contractors’ and suppliers’ contracts terminated for

non-conformance with the ABC Programme.

Page 29
[email protected] | www.transparency.org.my 2022

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

Agents and Other Intermediaries

In the appointment of agents and intermediaries,

87
the CO:
Verifies that there is a valid business case for
a
appointments
Undertakes and documents due diligence before
b
appointment
Requires all significant appointments to obtain
c
prior approval of top management
Reports publicly the number and/or percentage of

d agents and other intermediaries that have been

subjected to due diligence review.

In the payment to agents and intermediaries, the
88
CO has procedures to ensure that:
Compensation is appropriate and justifiable for
a
legitimate services rendered

b Compensation is paid through bona fide channels

c Payments to off-shore accounts are lawful.

In its contracts with agents and intermediaries,

89
the CO makes the following provisions:
Requires agents and other intermediaries to

a contractually agree to comply with the ABC

Programme
Ensures that there is contractual right of

termination in the event that agents and other

b
intermediaries pay bribes or act in a manner

inconsistent with the ABC Programme

Ensures there are provisions relating to the

c right of access to records and cooperation in

investigations related to the ABC Programme

Requires agents and other intermediaries to keep

d proper books and records available for inspection

by the CO, auditors or investigating authorities.

The CO communicates to agents and other

intermediaries the obligation to comply with the

90
ABC Programme, and the appropriate actions that

would be applied in the event of a violation.

Page 30
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Undertake Control Measures

The CO has a procedure to apply appropriate

actions on agents and intermediaries that pay

91
bribes or act in a manner inconsistent with the

ABC Programme.
The CO documents material aspects of the
92
relationship with agents and other intermediaries.
There is a procedure to monitor the conduct of
93
agents and other intermediaries.

Due diligence on Joint Ventures and Consortia

There is a procedure to conduct due diligence

94
before entering into a joint venture or consortium.
There is a policy to ensure that the joint ventures

and consortia over which the CO maintains

95
effective control have ABC Programmes consistent

with its own.

Where the CO does not have effective control of a

joint venture or consortium there is a procedure

to communicate its ABC Programme to the other

96
entities in the venture and encourage them to

adopt a programme for the venture consistent

with its own.

There is contract protection where due diligence

shows that a joint venture or consortium does not

97
have an ABC Programme consistent with that of

the CO.
The CO has a procedure to monitor the ABC

98 programmes and performance of its joint ventures

and consortia partners.

In the case of policies and practices that are

99 inconsistent with its own ABC Programme, there is

a procedure to take appropriate action.

The CO has a plan to exit from the arrangement

if bribery and corruption or any other

100
inconsistencies with the ABC Programme occurs or

may be reasonably thought to have occurred.

The CO reports publicly the joint ventures and

101 consortia terminated because of inconsistency

with the CO’s ABC Programme.

Page 31
[email protected] | www.transparency.org.my 2022

Systematic Review, Monitoring and Enforcement

S
Systematic monitoring and review ensure that the commercial organisation’s control
environment is continuously updated and improved to fully meet the requirements of
the law in relation to anti-bribery and corruption. Monitoring and review should not
be carried out as mere automatic drills, but should be guided by an intention to meet
the compliance objectives.

Control measures can become irrelevant over time, through changes in the internal or
external environment. In determining the overall framework and frequency of review,
the organisation should keep in mind the sources of change that may bring about new
compliance risks:

Internal Environment External Environment

• shift in business cycles • changes in anti-bribery and corruption laws
• expansion or consolidation • shifts in accepted business practice
• changes in employees and organisation structure • market developments
• change in leadership • political developments

The Board should require periodic reviews to be undertaken by management, with

oversight of the review process, including receiving reports of the reviews and
endorsing recommendations for improvement. The Board should take active interest
in identified gaps and recommended improvements in the ABC Programme. The review
function should operate independently from management, and can be conducted by
internal and external auditors.

The review does not end with a report, but with an implementation plan for the
recommendations made in the report. The continuous improvement process based on
the review should be overseen by a senior member of management and there should
be a requirement to report progress on implementation of recommendations to the
Board.

Smaller organisations should note that the function of internal audit is not to
develop or implement the ABC Programme, but to audit the programme in terms of
operational compliance and adequacy. The separation of functions is key to ensuring
the programme has proper monitoring, review, and enforcement.

Page 32
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

In assessing the organisation’s policies through the checklist, the following examples
of evidence may be referred to:

Element Examples of Evidence

• Audit committee terms of reference and meeting minutes.
• Internal audit plan.
• Internal and external audit reports.
• Ad hoc audits on critical functions and personnel.
• Dashboards and management reports on key performance indicators for
• Monitoring & Review
the ABC Programme.
• Employee and stakeholder surveys.
• Employee and stakeholder engagement minutes / reports.
• Self-evaluation checklists.
• Annual report – discloses monitoring and review mechanisms.

• Audit follow-up plans – corrective measures taken.

• Record of incidents – including record of corrective and improvement
• Enforcement actions taken.
• Annual report – discloses number of incidents and enforcement actions
taken.

Table 6 Examples of evidence for review, monitoring, and enforcement

Page 33
[email protected] | www.transparency.org.my 2022

Checklist: Systematic Review, Monitoring & Enforcement

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Systematic Review, Monitoring & Enforcement

Monitoring and Review

Continuing and/or discrete evaluations

102 are performed supporting the continuous

improvement of the ABC Programme.

The CO has key performance indicators to

103 encourage and measure progress in improvement

of the ABC Programme and its implementation.

There is regular review of procedures in all

operational functions identified in the risk

assessment, with implementation of appropriate

remedies.

104 Explanation: For example, the risk assessment may

require more frequent review in functions with

higher risk exposure such as:

- sales and marketing

- contracting and purchasing

Discussions are held with stakeholders, especially

105 suppliers and contractors, to obtain their views on

the ABC Programme.

The CO benchmarks its ABC Programme internally
106
and/or externally between business units.
There is a procedure to discuss the results of

107 internal audits of the ABC programme with relevant

operational personnel.
There is a procedure to address weaknesses

identified through internal audits with a

108
documented corrective action plan and a timetable

for action.
There is a procedure to use the experience from
109
incidents to improve the ABC Programme.

Page 34
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Systematic Review, Monitoring & Enforcement

Internal control systems, in particular the

accounting and record-keeping practices, are

subject to regular internal audits to provide

110
assurance that they are effective in countering

bribery and corruption as well as any other

inconsistencies identified with its ABC Programme.

Top management monitors the ABC Programme

and periodically reviews its suitability, adequacy

111
and effectiveness and implements improvements

as appropriate.
Top management periodically reports the results

of the ABC Programme reviews to the audit

112
committee, governance committee, Board or

equivalent body.
The audit committee reports regularly to the

113 Board on its independent assessment of the

adequacy of the ABC Programme.

The Board or equivalent body has considered

114 whether to commission external verification or

assurance of the ABC Programme.

External consultants are used to monitor and
115
advise on the ABC Programme.
The CO publishes details of public legal

116 cases of bribery and corruption or any other

inconsistencies involving itself.

Page 35
[email protected] | www.transparency.org.my 2022

Training & Communication

T
The best-laid plans and reams of documents are ineffective unless the directors,
management, and employees have sufficient understanding of the ABC Programme to
implement it. Training is fundamental for employees to develop the skills necessary
to manage situations such as solicitation of bribes.

Training in the ABC Programme should be part of onboarding for new directors,
employees, and agents. The organisation should also consider extending training to
core vendors and suppliers. There should be a continuous training programme for
existing managers and employees that is tailored to address the specific risk exposure
relating to their roles.

For effective communication of the ABC Programme, the organisation should consider
the languages, channels of communication, and types of messaging that are most
effective in reaching its stakeholders. Communication can also be encoded in websites,
codes of conduct or employee handbooks, and appointment letters. Communication
should spell out not only the required guidelines but the consequences of acting
inconsistently with the ABC Programme.

Figure 2 Factors to consider for effective communication of the ABC Programme

Page 36
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Finally, the organisation should take care to record instances of communication as

part of its documentation of adequate procedures, and also for the purposes of
review. This could include employee sign-offs on handbooks and policies, as well as
attendance of training and briefing meetings on the ABC Programme.

In assessing the organisation’s policies through the checklist, the following examples
of evidence may be referred to:

Element Examples of Evidence

• Tailored training plans.
• Employee training record / attendance records for training.
• Mandatory training requirement in performance and appraisal.
• Employee surveys and aptitude test results in relation to the ABC
• Training
Programme.
• Vendor / Contractor code of conduct, briefing or training record.
• Evaluation report.
• Trainer’s profiles.
• Employee guidelines / handbook / code of conduct, etc – in languages
that understood by all employees, and easily accessible.
• Communication • Third party notification of ABC Programme and compliance requirement.
• Annual report & other reports.
• Website.

Table 7 Examples of evidence for Training & Communication

Page 37
[email protected] | www.transparency.org.my 2022

Checklist: Training & Communication

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Training & Communication

Training

There are procedures to communicate the CO’s

117 ABC programme, expectations, and consequence
management measures to employees through:
Appropriate induction/orientation training for new
a
employees
Continuing appropriate training of managers and
b
employees.
The CO tailors its training for all functions based

on the risk assessment to ensure that everyone

118
has the knowledge, skills, and resources to adhere

to the ABC Programme.

Directors’ and employees’ records must have

119 documentation of training received in the ABC

Programme.
The CO assesses training activities on the ABC
120
Programme periodically for effectiveness.
There is regular training of third parties and
contract staff so that they clearly understand

121 the ABC Programme, the CO’s expectations for

compliance, and sanctions in the event of a

violation.

Page 38
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Please use the editable/printable checklist to fill in notes, refer to page 12 for more information. IP: In Planning

Plans for Target

Evidence
No. . Item Yes No IP Implementation
Implementation Reference
Date

Training & Communication

The CO reports publicly on the extent and quality

122
of its anti-bribery training.
The CO reports publicly on training given to third
123
parties.

Communication

The CO communicates its ABC Programme in

124 an accessible way to all its employees and

stakeholders including subsidiaries. This includes:

Guidelines which communicate the requirements
a
and prohibitions in the ABC policy.
All relevant ABC policies, procedures and

guidelines are documented in languages and

b
using vocabulary that is understood by all levels

of personnel.
The CO measures employees’ awareness and

understanding of its ABC Programme

125
Explanation: Employee awareness could be

measured through survey, feedback forms, etc.

Page 39
[email protected] | www.transparency.org.my 2022

Glossary

Term Meaning Source

means any person employed by or acting for another, and includes
an officer of a public body or an officer serving in or under any
public body, a trustee, an administrator or executor of the estate Section 3 MACC Act
Agent
of a deceased person, a subcontractor, and any person employed 2009
by or acting for such trustee, administrator or executor, or
subcontractor.
The whole of a commercial organisation’s anti-bribery
TI-UK, The 2010 UK
Anti-bribery efforts including values, code of conduct, detailed policies
and corruption Bribery Act Ade-
and procedures, risk management, internal and external
Programme (ABC quate Procedures
Programme) communication, training and guidance, internal controls, oversight,
Guidance.
monitoring and assurance.
“Associate”, in relation to a person, means—
(a) any person who is a nominee or an employee of such person;
(b) any person who manages the affairs of such person;
(c) any organisation of which such person, or any nominee of
his, is a partner, or a person in charge or in control of, or has a
controlling interest in, its business or affairs;
(d) any corporation within the meaning of the Companies Act 2016,
of which such person, or any nominee of his, is a director or is
in charge or in control of its business or affairs, or in which such
person, alone or together with any nominee of his, has or have a Section 3 MACC Act
Associate
controlling interest, or shares to the total value of not less than 2009
thirty per centum of the total issued capital of the corporation; or
(e) the trustee of any trust, where—
(i) the trust has been created by such person; or
(ii) the total value of the assets contributed by such person to the
trust at any time, whether before or after the creation of the trust,
amounts, at
any time, to not less than twenty per centum of the total value of
the assets of the trust;

Page 40
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Term Meaning Source

A beneficial owner is the natural person who directly or indirectly
ultimately owns, controls or benefits from a company or trust fund
and the income it generates. Whether he or she is the legal owner
is irrelevant, as beneficial ownership — in spite of its name —
refers to substantive control, not to formal ownership.
Transparency In-
Beneficial
ternational Policy
Ownership The term is used to contrast with the nominee company owners,
Brief #02/2014
who might be registered as legal owners of the asset without
any benefits. Nominees obscure the real company structure and
owners. Professional nominees are paid a fee for their services but
otherwise have no interest in the transactions. Nominees can also
be family members or friends.
Board of directors may be substituted with Executive Committee,
Board members /
Executive Council, Partners, Owners, or other equivalent
Board of directors /
persons/body that have oversight and control of the commercial
Directors
organisation, as the case may be.
(Section 16 & 17,
Accepting/Receiving/Soliciting/Demanding/ Attempting to obtain MACC Act 2009);
Bribery gratification; Giving/Offering gratification; (Section 165, Penal
Receiving/Obtaining Valuables without due consideration Code)

Charitable includes donations, projects for beneficiaries, and contributions in

contribution kind.
In this checklist, commercial organisation may stand for
an incorporated company, partnership, or any legal entity
Commercial Refer to Section
incorporated under the laws of Malaysia, as well as those that are
organisation (CO) 17A MACC Act 2009
incorporated under foreign laws and carrying on operations in
Malaysia, as the case may be.
A consequence management framework seeks to ensure that an
appropriate and proportionate action is consistently applied
in response to an incident where the policies, standards
Consequence and procedures of the CO were not adhered to. Consequence
management management for employees and Associates of the CO that are
involved in acts of corruption could involve disciplinary or
remedial actions, termination of the relationship, or reporting to
enforcement authorities for criminal investigations.

Page 41
[email protected] | www.transparency.org.my 2022

Term Meaning Source

Transparency Inter-
Corruption The abuse of entrusted power for private gain.
national
Due diligence is a set of reasonable steps taken for assurance
that a transaction such as entering into a partnership, hiring,
donations, or acquisitions, are in compliance with the law. In the
context of section 17A of the MACC Act, documented due diligence
provides assurance that the commercial organisation has in place
Due diligence adequate procedures to ensure that itself and Associated parties
are not involved in acts of bribery and corruption.

The depth and complexity of assessment and research required in

due diligence varies depending on the nature and risk exposure of
the transaction.
TI-UK, The 2010 UK
Small unofficial payments made to secure or expedite the
Facilitation Bribery Act Ade-
performance of a routine or necessary action to which the payer of
payments quate Procedures
the facilitation payment has legal or other entitlement.
Guidance
(a) any person who holds a legislative, executive, administrative or
judicial office of a foreign country whether appointed or elected;

(b) any person who exercises a public function for a foreign

Foreign public country, including a person employed by a Board, commission, Section 3, MACC Act
official (FPO) corporation, or other body or authority that is established to 2009
perform a duty or function on behalf of the foreign country; and

(c) any person who is authorised by a public international

organisation to act on behalf of that organisation;
Money, goods, services or loans given ostensibly as a mark of
friendship or appreciation. A gift is professedly given without
expectation of consideration or value in return. A gift may be used
TI-UK, The 2010 UK
to express a common purpose and the hope of future business
Bribery Act Ade-
Gift success and prosperity. It may be given in appreciation of a favour
quate Procedures
done or a favour to be carried out in the future. A gift has no role
Guidance
in the business process other than that of marking and enhancing
relations or promoting the giver’s enterprise by incorporating a
logo or message on a promotional item

Page 42
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Term Meaning Source

(a) money, donation, gift, loan, fee, reward, valuable security,
property or interest in property being property of any description
whether movable or immovable, financial benefit, or any other
similar advantage;

(b) any office, dignity, employment, contract of employment or

services, and agreement to give employment or render services in
any capacity;

(c) any payment, release, discharge or liquidation of any loan,

obligation or other liability, whether in whole or in part;

(d) any valuable consideration of any kind, any discount,

commission, rebate, bonus, deduction or percentage; Section 3 MACC Act
Gratification
2009
(e) any forbearance to demand any money or money’s worth or
valuable thing;

(f ) any other service or favour of any description, including

protection from any penalty or disability incurred or apprehended
or from any action or proceedings of a disciplinary, civil or criminal
nature, whether or not already instituted, and including the
exercise or the forbearance from the exercise of any right or any
official power or duty; and

(g) any offer, undertaking or promise, whether conditional or

unconditional, of any gratification within the meaning of any of the
preceding paragraphs (a) to (f );
Includes entertaining, meals, receptions, tickets to entertainment,
social or sports events, participation in sporting events, TI-UK, The 2010 UK
such activities being given or received to initiate or develop Bribery Act Ade-
Hospitality
relationships between business people. The distinction between quate Procedures
hospitality and gifts can blur, especially where the giver of the Guidance
hospitality does not attend and act as host.
Third parties that act through formal or informal arrangements on
behalf of the commercial organisation. Intermediaries may include
trustees holding offshore/foreign payment accounts, financiers,
Intermediaries
brokers, introducers, etc. Use of intermediaries may involve
high risk exposure for the facilitation of off-book, unauthorised
transactions such as bribery, kickbacks, and facilitation payments.

Page 43
[email protected] | www.transparency.org.my 2022

Term Meaning Source

TI-UK, The 2010 UK
A payment or in-kind bribe given by a person, such as a
Bribery Act Ade-
Kickback salesperson or a banking customer, as a reward for an improper
quate Procedures
action such as in awarding a contract or a loan
Guidance
Outdated policies, procedures, software or infrastructure that
results in complexity and lack of oversight. Legacy risk can result in
blind spots in procedures, or in too many overlapping procedures,
Legacy risks
such that the Board and management are unable to adequately
identify and manage other risks, such as the risk of bribery and
corruption.
A form of favouritism based on familiar relationships whereby TI-UK, The 2010 UK
someone in an official position exploits his or her power and Bribery Act Ade-
Nepotism
authority to provide a job or favour to a family member even quate Procedures
though the family member may not be qualified or deserving. Guidance
Divisions or departments of the commercial organisation that
Operational report to a specific management executive as defined by its
functions organisation structure - e.g sales & marketing, procurement,
corporate communications, etc.
Any contribution, made in cash or in kind, to support a political
cause. Contributions in kind can include gifts of property or
services, advertising or promotional activities endorsing a TI-UK, The 2010 UK
Political political party, the purchase of tickets to fundraising events and Bribery Act Ade-
contributions contributions to research organisations with close associations quate Procedures
with a political party. The release of employees without pay from Guidance
the employer to undertake political campaigning or to stand for
office could also be included in the definition.
A person who has been entrusted with a prominent public TI-UK, The 2010 UK
Politically exposed function, is a senior political aide, or is closely related to such Bribery Act Ade-
person (PEP) persons. By virtue of a public position and the influence it holds, a quate Procedures
PEP may present a higher risk for potential involvement in bribery Guidance
Means any person who is a member, an officer, an employee
or a servant of a public body, and includes a member of the
Public officer / administration, a member of Parliament, a member of a State
Section 3, MACC Act
officer of a public Legislative Assembly, a judge of the High Court, Court of Appeal
2009
body or Federal Court, and any person receiving any remuneration from
public funds, and, where the public body is a corporation sole,
includes the person who is incorporated as such;

Page 44
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Term Meaning Source

The promise of highly paid positions to public officers as a form
of gratification, or the securing of influential positions within
Revolving Door
government bodies for a commercial organisation’s executive by
means of gratification or quid pro quo schemes.
Major investors in the commercial organisation or in its
Significant business
subsidiaries could be examples of significant business
relationships
relationships
The CO has a significant investment when it would be considered
Section 136, Com-
Significant a substantial shareholder in the entity, ie when it holds not less
panies Act 2016
investments than five percent of the total number of voting shares or of that
(adapted)
particular class of shares of the entity.
TI-UK, The 2010 UK
The act of a person asking, ordering or enticing someone else to Bribery Act Ade-
Solicitation
commit bribery or another crime. quate Procedures
Guidance
A transaction where a company makes a payment, in cash or in
kind, to Associate its name with a rights holder and receives in
TI-UK, The 2010 UK
consideration for the sponsorship fee, rights and benefits such
Bribery Act Ade-
Sponsorship as the use of the rights holder’s name, advertising credits in
quate Procedures
media, events and publications, use of facilities and opportunities
Guidance
to promote its name, products and services. It is a business
transaction and part of promotion and advertising.
A company has a subsidiary if:
(i) it controls the composition of the subsidiary’s Board of
directors
(ii) it controls more than half of the voting power of the subsidiary
Section 4, Com-
(iii) it holds more than half the issued share capital of the
Subsidiary panies Act 2016
subsidiary (excluding preference shares)
(adapted)
(iv) it has a subsidiary that owns a subsidiary, then the latter is
also a subsidiary of the first-mentioned company (Explanation: If
C is a subsidiary of B, and B is a subsidiary of A, then C is also a
subsidiary of A).
Third parties could include (but are not limited to) Agents,
Third party
contractors, suppliers, dealers, service providers.
Top management in a commercial organisation refers to a person Guidelines on Ade-
a) who is its director, controller, officer or partner; quate Procedures,
Top management
or Prime Minister’s
b) who is concerned in the management of its affairs Department

Page 45
[email protected] | www.transparency.org.my 2022

References
Sources:

Malaysian Anti-Corruption Commission (Amendment) Act 2018. Kuala Lumpur:

Percetakan Nasional Malaysia Berhad, 2018.

https://www.sprm.gov.my/admin/files/sprm/assets/pdf/penguatkuasaan/akta-
A1567-bi.pdf

National Centre for Governance, Integrity, and Anti-Corruption (GIACC). Guidelines

on Adequate Procedures Pursuant to Subsection (5) of Section 17A under the
Malaysian Anti-Corruption Commission Act 2009. Putrajaya: Prime Minister’s
Department, 2018.

https://giacc.jpm.gov.my/garis-panduan-tatacara/

Peter Wilkinson. The 2010 UK Bribery Act Adequate Procedures. UK: Transparency
International UK, 2010.

https://www.transparency.org.uk/sites/default/files/pdf/publications/Adequate_
Procedures_-_Guidance_to_the_UK_Bribery_Act_2010.pdf

Page 46
Guidance on Good Practice and Checklist for Adequate Procedures Transparency International Malaysia

Funders

Page 47
[email protected] | www.transparency.org.my 2022

Notes

Page 48