Firstly, it needs top management to state a clear commitment to integrity in everything it does.
Secondly, it needs to have a clear understanding of the bribery and corruption risks that it faces and must develop effective systems, procedures and controls for minimising or mitigating risk exposures.
Thirdly, employees, contractors and business associates, particularly those most exposed to corruption risks, must be trained on what to do if they encounter problems or have any concerns.
Next, the organisation must provide effective tools to employees and others to help them to conduct business with integrity, such as registers for recording: conflicts of interest; gifts, hospitality and entertainment; political and charitable donations or tools for managing third party due diligence; audits and training.
Finally, organisations need to have a robust framework for regularly monitoring the effectiveness of the anti-bribery and corruption compliance programme to assess whether it is adequate and proportionate; meaning, whether systems, procedures and controls have been designed in a way that are fit for purpose and have been implemented and are operating effectively.
The outputs of the Anti-bribery compliance programme review needs to be provided back to top management and a commitment made for tracking and implementing continual improvement to address any compliance gaps identified.