How Your Anti-Bribery & Corruption Policy Can Support An Adequate Procedures Defence Under Section 17A

How Your Anti-Bribery & Corruption Policy Can Support An Adequate Procedures Defence Under Section 17A

Table of Contents

Under Section 17A of the MACC Act, one instance of bribery by a wilful employee is potentially all it takes to earn their employer a RM1,000,000 fine (or more).   

Fortunately, the law gives employers a defence: Prove the business has adequate procedures in place to prevent corruption.  

That’s where a clear and well-implemented Anti-Bribery & Corruption (ABC) Policy can be an invaluable contribution, and below, we break down what goes into an ABC policy that can act as your legal shield against charges under Section 17A. 

Understanding Section 17A of the MACC Act 

Section 17A of the MACC Act introduces the concept of “corporate liability”, under which a company can be held liable if an employee or associated person gives or offers a bribe (even if top management is unaware) with intent to:  

  • obtain or retain business for the company 
  • obtain or retain an advantage in the conduct of business for the company 

If found guilty, the company may face:  

  • a fine no less than 10 times the sum or value of the gratification or RM1 million (whichever is higher); and/or 
  • imprisonment up to 20 years for responsible individuals 

However, Section 17A(4) of the MACC Act provides businesses with a statutory defence

Section 17A(4) 

Under Section 17A(4) of the MACC Act, if a business can demonstrate it has adequate procedures that prevent corruption by employees and associated persons, it may avoid liability under Section 17A. 

Known as the “Adequate Procedures Defence”, it is based on specific guidelines by the Governance, Integrity and Anti-Corruption Centre (GIACC). 

The guideline introduces a framework based on five pillars called T.R.U.S.T. which stands for:  

  1. Top-level commitment – Top level management must demonstrate a stance against corrupt practices and assure stakeholders that the organisation operates in compliance with the law. 
  2. Risk assessment – Conduct regular risk assessments, especially when there are changes in law or business circumstances, to addresss internal and external corruption risks. 
  3. Undertake control measures – Implement appropriate controls and contingency measures that are reasonable and proportionate to the organisation’s nature and size. 
  4. Systematic review, monitoring and enforcement – Top level management must ensure that regular reviews are conducted to assess the performance, efficiency, and effectiveness of the anti-corruption program. 
  5. Training and communication – Develop and disseminate internal and external training and communications on their anti-corruption management, proportionate to their operation. 

As we explain below, robust ABC Policy is one of the essential contributors to pillar “U”. 

Breaking down the “U” in T.R.U.S.T.  

Pillar “U” under T.R.U.S.T. (Undertake Control Measures) requires businesses to implement appropriate controls to address corruption risks, including the establishment of policies and procedures covering a range of areas

  • a general anti-bribery and corruption (ABC) policy or statement
  • conflicts of interest  
  • gifts, entertainment, hospitality, and travel  
  • donations and sponsorships, including political donations  
  • facilitation payments  
  • financial controls, such as separation of duties and multiple signatories for transactions  
  • non-financial controls, such as pre-tendering processes  
  • managing and improving inadequacies in the anti-corruption monitoring framework, and 
  • record-keeping for anti-corruption documentation 

By setting rules for ethical conduct within the organisation, an ABC policy directly embodies the “U” pillar. 

How an ABC policy helps T.R.U.S.T. compliance 

Besides “U”, an ABC policy supports compliance with other T.R.U.S.T. pillars as well, for example: 

  • Risk Assessment (R): A policy on gifts and hospitality helps mitigate department-specific corruption risks in sales or marketing
  • Top-Level Commitment (T): A practical way for top management to show an organisation’s zero-tolerance stance on corruption

Ultimately, an ABC Policy is often the first, most visible step in demonstrating a company’s commitment.     

Elements of an effective ABC policy 

A well-crafted ABC Policy will typically include: 

  1. A zero-tolerance statement – A clear, unequivocal stance that the company does not tolerate any form of bribery or corruption, direct or indirect, from anyone acting on its behalf. 
  2. Definitions and scope – Clarifies what constitutes bribery, facilitation payments, kickbacks, donations and sponsorships, gifts and hospitality, conflict of interest, and other forms of corrupt behaviour. 
  3. Acceptable vs. prohibited conduct – Outlines what is and isn’t allowed when dealing with clients, vendors, regulators, and third parties. For example, thresholds or approval processes for giving/receiving corporate gifts or setting other financial and non-financial controls. 
  4. Due diligence procedures – Establishes screening and onboarding processes for agents, suppliers, contractors, and business partners to ensure they meet integrity standards. 
  5. Reporting mechanisms – Provides clear, safe channels for employees and stakeholders to report suspected misconduct, often linked to a separate Whistleblower Policy
  6. Enforcement and disciplinary measures – Details the consequences for violating the policy, including disciplinary action, termination, or reporting to relevant authority. 
  7. Training and awareness – Regular training sessions, onboarding briefings, and refresher campaigns to ensure that employees understand and apply the policy in their roles. 

              Organisation-wide policy implementation  

              Having an ABC Policy is an essential start, but to serve as a meaningful legal defence, it must be communicated and implemented at every level of the organisation. 

              SPRM has published a collection of case studies on how businesses can practice the T.R.U.S.T. principles in line with Section 17A, which we have summarised below: 

              IssueTakeaway
              Company A, a small supplier looking to expand nationally and internationally, and its concerns about corruption risks impacting reputation and stakeholder trust
              • establishing a zero-tolerance policy for corruption (e.g., No Gift Policy) by Top Level Management
              • conducting regular financial checks and referring to country-specific corruption risk reports as part of risk assessment
              • ensuring record-keeping and accessible reporting channels (e.g., a dedicated email) for control measures
              • monitoring personnel and business associates for compliance and reporting any irregularities
              • publicly communicating anti-corruption efforts (e.g., through website or email)
              Company B, a construction firm heavily reliant on third parties (contractors, suppliers, joint ventures) can be exposed to corruption risk if any third party behaves in an illegal, unsafe or unethical way.
              • communicating anti-corruption policies to both internal and external parties
              • performing risk assessment by evaluating third-party dealings and being alert to suspicious relationships
              • implementing due diligence for third parties (e.g., financial statements, audit reports, ethical reputation checks) as control measures
              • monitoring compliance of personnel and third parties, and extending anti-corruption training and communication to third parties where appropriate
              Company C, a medical product supplier, facing corruption risks due to its marketing agent’s unregulated provision of offering cash incentives and gifts to hospitals and clinics to encourage them to prescribe the medical products.
              • establishing clear policies on gifts and hospitality
              • conducting risk assessment to identify when gifts or hospitality can pose a corruption risk (e.g., secret, regular, or cash gifts)
              • setting control measures like a gift declaration register
              • conducting evaluations and improvements on the organisation’s policies and procedures in relation to gifts and hospitality
              Company D, an expanding service and retail company, concerns about the corruption risks associated with recruiting new personnel, particularly a department director for its new IT sector
              • setting a clear policy and criteria for selection and appointment of directors / employees
              • performing risk assessment to identify “red flags” like prior criminal convictions or falsified qualifications
              • establishing control measures such as detailed criteria, background checks, and document verification for key positions
              • incorporating integrity & accountability terms into appointment letter
              • monitoring personnel performance and conducting disciplinary proceedings for non-compliance

              A well-implemented ABC Policy should be part of a broader anti-corruption ecosystem, guided by T.R.U.S.T. pillars. 

              Beyond an organisation shielding itself from liability, this is about earning trust, safeguarding your reputation, and building a resilient business that people want to work with (and invest in). 

              Bulletproof your ABC Policy 

              If you would like guidance on drafting or reviewing an Anti-Bribery & Corruption Policy that fits your business needs, our team is here to help.  

              Let’s work together to protect your company’s integrity and long-term success. 

              Picture of Wong Shen Ming
              Wong Shen Ming
              Shen Ming is a corporate and commercial lawyer who is deeply committed to supporting her clients in achieving their business goals. Specialising in commercial and employment law, she demonstrates her expertise by crafting and reviewing various types of commercial agreements. View her full profile here.
              shen-ming-casual

              Wong Shen Ming

              Shen Ming is a corporate and commercial lawyer who is deeply committed to supporting her clients in achieving their business goals. Specialising in commercial and employment law, she demonstrates her expertise by crafting and reviewing various types of commercial agreements.

              View her full profile here.

              Linkedin

              Let us know how we can support your business

              Contact Us illustration
              Talk To Us
              Drop us a message and let us better understand your needs. Get your first consultation within 24-hours, absolutely free of charge.

              Leave a Comment

              Your email address will not be published. Required fields are marked *

              Share this article:
              Post might interest you:
              The Ultimate Business Guide To DPO Outsourcing In Malaysia

              The Business Guide To DPO Outsourcing In Malaysia

              Important note for businesses in Malaysia: Outsourcing the DPO role does not transfer legal responsibility. While tasks may be delegated to an external service provider, the organisation remains fully accountable

              Want more content like this?

              Drop us your email and be the first to know when we have more informative contents on the latest legal updates, just like this one.

              ELP_Logo_White_960x200

              A boutique corporate & commercial law firm in Kuala Lumpur.

              FREE Legal Updates

              Sign up for our newsletter to get the latest updates, happenings and goodies!
              We don't spam, promise.
              Global Chamber of Business Leaders logo - Light

               © Copyright 2025, Edwin Lee & Partners (Reg No.: 000020008633)

              Edwin Lee & Partners is a Malaysian law firm registered with the Malaysian Bar and is regulated under the Legal Profession Act 1976. 
              Click here to see our certificate of registration

              Responsibilities of Executor:

              • Apply for and extract the grant of probate.
              • Make arrangements for the funeral of the deceased.
              • Collect and make an accurate inventory of the deceased’s assets.
              • Settling the debts and obligations of the deceased.
              • Distributing the assets.

              Note for Digital Executor:
              If you wish to leave your digital assets to certain people in your Will, there are important steps that need to be taken to ensure that your wishes can be carried out:

              • Keep a note of specific instructions on how to access your username and password of your digital asset.
              • You are advised to store these private and confidential information in a USB stick, password management tool or write them down.
              • Please inform your executor or a trusted person of the whereabouts of the tools so that they will have access to your digital asset.