The Serious Fraud Office (SFO) was established to investigate and prosecute cases involving serious or complex fraud, a mission that inevitably leads it to the corporate sector. In 2010, it was given two significant tools in dealing with companies: a simple route to corporate criminal liability for bribery cases in the Bribery Act 2010 (the stick); and a means of incentivising a company fixed with corporate criminal liability to co-operate with the SFO by entering into a deferred prosecution agreement (DPA) and so avoiding a conviction (the carrot).
Since April 2019, Lisa Osofsky, the SFO’s Director, has been publicly promising guidance on the kind of co-operation that the SFO expects to receive if it is to offer a DPA. The SFO has now published its corporate co-operation guidance.
Whether to report and when
The first issue for a company that uncovers suspicions of criminality within its business is whether and, if so when, to report those suspicions to the SFO. The SFO’s answer to the first part is that, of course, a company should report. Co-operation benefits the public and advances the interests of justice by enabling the SFO better to progress an investigation.
However, companies will have different priorities to consider, including the best interests of their shareholders. They will not be able to make an informed decision about that without understanding as much as they can about what sits behind the allegation or suspicion.
The SFO says that co-operation includes reporting suspicions to it within a reasonable period of them coming to light. There is a tension here: the more thoroughly a company looks into suspicions, the more informed its decision about whether to report will be. However, a detailed review may take more time than the SFO would consider reasonable and the more time is taken up by an internal review, the greater the chance of the SFO learning about the conduct from someone other than the company.
While the guidance does not require the company to be the first to report, it does not replace the statutory Deferred Prosecutions Agreement Code of Practice, which states that co-operation will constitute a genuinely proactive approach that involves, within a reasonable time of the offending coming to light, reporting the company’s otherwise unknown offending to the prosecutor and taking remedial actions.
No guarantee of a DPA
It is important to understand that the guidance is not a tick-box route to a DPA. The SFO states that the guidance creates no legally enforceable rights and that the specific actions it sets out constitute only indicators of good practice. More generally, in determining whether it has been offered true co-operation, the SFO will take into account not just the steps that the company took to offer assistance, but the nature and tone of the SFO’s interaction with the company and its legal advisers. It wants the company to approach its relationship with the SFO in a purposive way, asking itself how it can help the SFO to pursue its criminal investigation and acting accordingly.
External co-operation v internal investigation
Unlike the SFO, the company will have a string of priorities competing for attention: employment law issues arising from the conduct under investigation; civil litigation risks arising from that conduct; communication strategies with customers, shareholders and staff; and, of course, the criminal investigation itself, which may be taking place in different jurisdictions and involve a number of potential prosecuting
authorities. A decision to co-operate with the SFO is a decision to prioritise the criminal investigation over all of these other issues.
In some areas this should not carry particular risks to those other priorities. A sound data collection exercise that meets the SFO’s requirements may be complex to organise but it does not in itself adversely affect the ability to meet employment law requirements or to prepare properly for civil litigation. However, it is not as straightforward as the guidance suggests.
For example, the guidance states that providing relevant material where it is in the possession, or under the control, of the company is good general practice. It does not, however, address how a company should conduct itself where that proposed transfer of information is of personal data from an EU member state to a post-Brexit third-party state, particularly in the continued absence of a data protection adequacy decision by the EU. It is also silent on the question of how a company should conduct itself where the material is in a jurisdiction with a blocking statute that criminalises the transfer of the data that the SFO requires. No doubt these issues are the type that will be part of the constructive dialogue that the SFO seeks.
privilege in interview records
The hardest decisions need to be taken where the company wishes to interview its staff or contractors. The SFO expects a company not to conduct interviews without having first consulted with it. If the SFO decides that it wishes to speak first to those people, the company will have to either delay or cancel the interviews. That, in turn, will almost inevitably prejudice its position in dealing with HR issues or preparing for civil litigation.
If the company does conduct interviews, either with the SFO’s consent or as part of its initial investigations into the suspicions brought to its attention, the SFO’s view is clear: a co-operative company will ensure that those interviews are properly recorded and will waive privilege over the records, and a company that fails to do so is not co-operative. Granting access to interview records is therefore a prerequisite to securing a DPA.
The courts have chosen not to consider earlier versions of this policy, and the SFO plainly feels sufficiently confident in it to restate it in the guidance. Regardless of whether it is right to do so, its practical impact depends on the jurisdictions in which the company is exposed to the risk of civil litigation. The law of England and Wales
recognises limited waivers of privilege.
However, those waivers are unknown in US law and if a limited waiver of privilege is made over witness accounts in the UK, it is not clear how a company could persuade a US court where it faces a civil action that privilege had not been lost altogether. In those circumstances, a company may well consider avoiding the question of waiver by not
The SFO often finds itself working alongside overseas authorities. Those authorities may have their own expectations of co-operative companies and, in the absence of an agreement between the authorities over which authority deals with which aspect of the case, the company’s challenge will be to steer a path between potentially conflicting demands. No doubt establishing the kind of constructive relationship that the SFO advocates in the guidance will help. Ultimately, however, the company will need to take a global view of risks and rewards.
This article first appeared in the September 2019 issue of PLC Magazine.
For further information on the issues raised in this blog post, please contact a member of our criminal team.
About the authors
Louise Hodges is head of the criminal litigation team at Kingsley Napley and is particularly well known for representing individuals and companies or institutions subject to criminal investigations for financial crime, in particular bribery and corruption.
Alun Milford is a partner in the Criminal Litigation team and specialises in serious or complex financial crime, proceeds of crime litigation and corporate investigations. He has particular knowledge and experience of issues surrounding corporate crime and deferred prosecution agreements.
Partner and Head of Department