Corporate Liability under Section 17A MACC 2009 – How to safeguard your company against corporate corruption?

While companies are in the midst of restructuring business to survive in the new normal led by COVID-19 outbreak, the Malaysian Anti-Corruption Commission (“MACC”) recently announced that the implementation of Section 17A of the Malaysian Anti-Corruption Commission Act 2009 (“Section 17A”) may be held in abeyance due to the lack of readiness among companies in view of the challenging time posed by the COVID-19 pandemic.

On the other hand, Malaysian Institute of Corporate Governance and Transparency International Malaysia have urged the MACC to enforce Section 17A for the betterment of business environment in Malaysia. While the tussle remains unresolved at the time of writing, we discuss the effect of Section 17A on companies and the relevant safeguards in the second article of our series.

What is Section 17A?

Section 17A imposes strict corporate liability on a commercial organisation for corrupt practices of its employees and/or associated persons where these acts are carried out for the organisation’s benefit or advantage. The commercial organisation includes Malaysia incorporated companies and companies incorporated outside Malaysia that carry on business or any part of a business in Malaysia. Once Section 17A is triggered, the director, controller, officer, partner or anyone who is concerned in the management of its affairs is deemed to have committed the offence, unless one can prove that the offence was committed without his consent or connivance and the due diligence exercise was conducted to deter corruption.

Upon conviction, the corporate liability offence carries the following penalties, where a commercial organisation will be:

  1. fined for a sum of not less than 10 times the value of the gratification, or RM1 million, whichever is the higher;
  2. imprisoned for a term of not more than 20 years; or
  3. liable to both.

What is meant by “adequate procedures”?

In order to avoid the grave repercussion, a company may raise the defence of adequate procedures, provided that there were adequate control mechanisms in place to deter corruption. The Prime Minister’s Department has published guidelines relating to adequate procedures1 to assist companies in understanding what adequate procedures are. In essence, the adequate procedures should encapsulate the TRUST principle:

T – Top Level Commitment The top level management of a company is primarily responsible for ensuring that his company is in full compliance with the law. For this purpose, the company should establish and maintain an anti-corruption compliance programme. It is necessary for the top level management to demonstrate a strong commitment to achieve legal compliance in the part of his company.

R – Risk Assessment The company is advised to conduct a periodic risk assessment once in three years. The risk assessment would enable the company to uncover the opportunities for corruption and fraud activities
resulting from weaknesses in the company’s governance system. For instance, a company performing complex and large-scale financial transactions, multiple layers of management may pose a high corruption risks. On the other hand, a company carrying out transactions without going through agents or intermediaries may pose a low corruption risks comparatively.

U – Undertake Control Measures In order to minimise the corruption risks, the company should implement appropriate controls and contingency measures that are reasonable and proportionate to the nature and size of the company. These control measures may include financial control – multiple signatories for transactions, non-financial control – separation of power, due diligence exercise, and reporting channel.

S – Systematic Review, Monitoring and Enforcement The review should form the basis of improvising the existing anti-corruption measures. Therefore, the company should regularly review the efficiency
and effectiveness of its anti-corruption compliance programme. For this purpose, the company may take steps to implement a monitoring programme, perform internal audit, and conduct disciplinary proceedings against the wrongdoers.

T – Training and Communication To develop and maintain a culture of compliance, the company’s anti-corruption policy should be properly communicated to the business associates, employees, and external
personnel (i.e.: independent contractors, agents, outsourced workers). Adequate training should be provided to the employees and external personnel to ensure that they are informed of the anti-corruption policy and they understand their parts of commitment.

Nonetheless, one should bear in mind that the guidelines are for general application and not intended to be prescriptive. Companies are advised to seek for consultation and apply these guidelines in proportion to the scale and complexity of the business operation, the nature and extent of the bribery risks involved in its business, and the industry of the company.

What should companies do?

In view of Section 17A, Bursa Malaysia has amended the listing requirements for Main Market and ACE Market whilst the Securities Commission has amended the Licensing Handbook to set out the new anti-corruption obligations.

The key amendments to the Bursa Malaysia listing requirements include, among others:

    • establish and maintain anti-corruption policies and procedures;
    • establish and maintain whistleblowing policies and procedures;
    • ensure that policies and procedures above are reviewed periodically, at least once in three years;
    • include corruption risk as part of the annual risk assessment; and
    • publish anti-corruption policies and whistleblowing policies on the company’s website.

The Licensing Handbook is to be referred together with Capital Markets and Services Act 2007. With the amendments to the Licensing Handbook, licensed intermediaries and registered persons are required to establish anti-corruption and whistleblowing policies and procedures.

The amendments to Listing Requirements and Licensing Handbook are scheduled to come into force on 1 June 2020. In light of MACC’s intention of postponing the implementation of Section 17A, listed entities and intermediaries should keep an eye on the implementation of these provisions by the respective regulators. Notwithstanding the above, the companies should formulate its anti-corruption controls for their benefits and prepare themselves for the implementation of the anti-corruption law.

Despite the possibility of deferring the implementation of Section 17A, the companies are advised to devise an anti-corruption compliance programme as soon as practicable to effectively identify and mitigate the immediate corruption risks. More importantly, advanced planning for the said programme would enable the companies to estimate the compliance costs required and deploy sufficient resources for an effective operation of anti-corruption management system in the organisation.


In a nutshell, the top level management (i.e.: directors, managers) bears the ultimate responsibility to ensure that the anti-corruption measures are implemented within and throughout every level of organisation. The companies are recommended to seek legal advice on the introduction of the adequate procedures under Section 17A, which acts as a defence to the corporate liabilities.

This article is authored by:

Gan Khong Aik
Gan Partnership


Lee Sze Ching (Ashley)
Gan Partnership


ACKNOWLEDGEMENT: The authors wish to express their appreciation to Lee Hui Wen, pupil-in-chambers for her contributions in the preparation of this article.

DISCLAIMER: This article is for general information only and should not be relied upon as legal advice. The position stated herein is as at the date of publication on 18th May 2020. For any enquiries on this article, please contact Gan Khong Aik (