- Solicitors For Business
- Banking and Finance
- Business Crime
- Business Contract Solicitors
- Commercial Litigation
- Corporate Immigration Services
- Corporate Insolvency Solicitors
- Data Protection
- Intellectual Property
- HMRC Tax Investigation Services
- Corporate & Professional Regulation
- Real Estate Commercial
- Real Estate Finance
- Sports Law
- Solicitors For You
- Armed Forces Claims
- Clinical Negligence
- Court of Protection
- Criminal Defence
- Driving Offences
- Family Law
- Intellectual Property
- Media Law
- Personal Injury
- Personal Immigration Services
- Personal Insolvency
- Professional Regulation and Discipline
- Residential Real Estate
- Wills, Trusts & Estate Planning
- Will Disputes
- About Us
- News & Events
Is Self-Reporting Corporate Fraud a Good Idea?
Self-reporting bribery and corruption is an extremely important and sensitive step for any organisation or individual to take. Putting a toe in the water of disclosure is a difficult decision to make when you can't take your toe back out again. Even if the reported activity results in no significant action from the SFO or any of the referral authorities, the report itself can have a real impact on trading activity and confidence. Any report therefore needs to be made at the end of an enquiry dealing with a range of factors, which are:
- not always obvious and
- not always highlighted by the Serious Fraud Office (SFO)
The disclosure process we discuss here is not quite like a Suspicious Activity Report (SAR). A SAR will often arise where a corporation wishes to place a wall between itself and third party activity. However, the line between a SAR and self-reporting fraud/corruption is not always clear, especially if the activity occurs across different aspects of the business. In certain circumstances, an enquiry might reveal the need for a SAR and self-reporting. This discussion will, therefore, concentrate upon circumstances in which a corporation needs to seriously consider a report of fraud/corruption/bribery within its own organisation.
In general terms, a corporation will want to consider the following: How does one detect, investigate, quantify, particularise, isolate, mitigate and self-report relevant activity? Many corporations simply can't answer that question because this is not a process the board is comfortable with. It's a cultural thing as much as a compliance thing and that is why good governance has to start at the top. The decision to self-report will come from the top and they should understand their risk management procedures if they are going to stand a chance of making a quality decision.
Assuming that someone has brought cogent evidence of criminal activity to the attention of the relevant party (e.g. MLRO or the board), why would a corporation decide to investigate and report? Why not ignore it or fix it and move on? Commercial reality dictates that the answer depends upon:
- When the wrongdoing occurred
- Who receives the information?
- What has happened within the corporation since the relevant events?
- What the perceived consequences might be if the matter is not investigated and reported
In other words, is it really that bad, has the wrongdoing gone away since e.g. the appointment of the new board, can we get away with it or regard it as a SARS issue, what will a report do to the share price and will I go to jail (or can I keep my pension if I have to go to jail)?
Looking at the prosecution side of the equation:
- Is there enough money and political will to prosecute or impose a fine big enough to hurt us?
- Can we accurately predict the cost-benefit?
The rest of this article concentrates on answering those concerns.
The political background
I don't plan to spend much time on the politics, but recent years have seen a well-documented shift in the government's attitude to the collection of money in the criminal and civil recovery arena. Better use of the Proceeds of Crime Act 2002 (POCA) is not the whole story, but this has been an important piece of legislation, together with the Bribery Act and the guidance documents emanating from SFO / HMRC / FCA etc. stress how each criminal and civil enforcement remedy can be better targeted.
What they are really saying is: we don't necessarily have to prosecute you in order to take your money, so come and talk to us about what you or your predecessors have been up to and we will think about giving you a good deal if your report looks genuine. If you don't, we have more quality options in the toolkit than we ever did and our fighting fund for a prosecution isn't necessarily fixed if we can argue a good case to the treasury.
When Richard Alderman was the director of the SFO, his speeches were very much about engagement and cooperation. However, this was against the background of a very new Bribery Act and before the consultation on Deferred Prosecution Agreements. It was before the FSA became the FCA/PRA. It was before other aspects of the Crime and Courts Act 2013 were revealed and it was in a period of greater budgetary uncertainty. A certain tone was set but a number of important factors had not crystallised in persuading corporations that they should offer themselves up for scrutiny.
Back in August 2010, I said this in a JMW blog:
The new Economic Crime Agency (ECA), which the Chancellor has announced will investigate and prosecute all corporate crime, should have greater powers, according to the Serious Fraud Office (SFO). Director of the SFO Richard Alderman said, "It would be important to look at the tools the new ECA will need in order to maximise its effectiveness in countering serious economic crime." The SFO is believed to be pressing for an extension of corporate liability in the UK similar to that of the US so that it would apply to most of a company's employees as well as its senior executives. Heavier fines, longer jail sentences, deferred prosecutions and a new enforcement system to counter international white collar crime are among other proposals likely to be put forward. Corporate lawyers will be looking carefully at the proposed legislation to see how it will impact on aspects such as hospitality for clients and if it reflects Lord Justice Thomas' remarks when sentencing in the Innospec bribery case that the penalty options open to him were "wholly inadequate" when fining the company $12.7m.
Not all of those concerns are reflected in the regime now faced by entities considering a self-report, but the picture is much clearer than it was when Alderman was in control of the SFO. In the final analysis, many developments in criminal justice are led by the mathematics and it is estimated that the cost of fraud in the UK is £73 billion per annum. The SFO last year recovered around £50 million of ill-gotten assets from 20 cases, comprising 17 prosecutions and three civil settlements. The current annual budget of the SFO is £38.7 million, with an average case costing £669,000 and lasting between four and six years. By comparison, in the US where Deferred Prosecution Agreements are well established, around US$9 billion was recovered in 2012 through the use of 35 DPAs and Non-Prosecution Agreements (NPAs) alone. David Green, the present director of the SFO, is very conscious of the pressure placed upon him by ministers to make the SFO pay its way and it is significant that he has appointed former US MOJ staff at the SFO.
Deferred Prosecution Agreements (DPAs)
The DPA is a presentation in itself, but it needs to be mentioned in the context of self-reporting because it has received Royal Assent as part of the Crime and Courts Act 2013 (Schedule 17). Deferred Prosecution Agreements are defined as agreements between a designated prosecutor (which includes the Director of the Serious Fraud Office and the Director of Public Prosecutions) and a (i) body corporate, (ii) a partnership, or (iii) an unincorporated association. The prosecutor agrees to refrain from bringing criminal proceedings pending successful compliance of the entity with certain conditions. This can include the payment of fines, compliance requirements, restitution/compensation and disgorgement of profits among others. DPAs are only going to be available in respect of certain offences; primarily economic crimes such as fraud, bribery, large theft cases and money laundering related offences.
Self-reporting to the SFO in the David Green era
When David Green took the helm at the SFO on 23rd April 2012, the tone changed a little. He issued new guidance on matters such as hospitality and facilitation payments, the attitude to enforcement hardened and he set out ten fundamental changes at the SFO.
- Restated the role and purpose of the SFO
- Refocused the SFO's take-on criteria
- Reorganised and restructured the SFO
- An entirely new senior management team
- Reviewed the caseload we inherited and commenced new investigations and pre-investigation projects
- Issued new guidance, chiefly on self-reporting and facilitation payments
- Negotiated a return to "blockbuster" funding in discussion with the Treasury
- Inspection by HMCPSI and encourage a follow-up inspection
- Expanded our intelligence capability and will continue that effort
- Now occupy new premises, culturally different from Elm Street
Read David Green's speech to the Fraud Lawyers Association in March 2013 here.
What are the stages in a self-report?
Depending upon the nature and scope of the relevant activity, stages can include:
- Internal investigation (including surveillance and interview)
- Forensic evidence gathering (computers, telecommunications, accountancy)
- Due diligence (accountancy, governance and internal procedures)
- Risk assessment (identifying areas of exposure to bribery and corruption)
- Development of 'adequate measures' (to prevent bribery and corruption)
- Report on the consequences, benefits and risks of self-reporting
- Advice on exposure in related areas (employment, solvency, media, civil etc.)
Where a decision is made to self-report:
- Development of the SFO report
- Liaising with the SFO (especially regarding scope of disclosure requests)
- Attending and advising in SFO interviews (voluntary or under caution)
- Advising and assisting with further internal and external enquiries
- Advising on consequences and proposed sanctions
- Implementation of remedial measures, undertakings and sanctions
- Advice in related restraint, confiscation or civil asset recovery proceedings
Where a decision to prosecute is made:
- Representation at the lower and higher courts
- Where acquittal follows - advice on restitution, compensation and costs.
- Where admission / conviction follows - advice in ancillary proceedings
- Advice and representation on appeal
Will the SFO prosecute following a self-report?
We now know that according to David Green, whether or not the SFO will prosecute a corporate body in a given case will be governed by the Full Code Test in the Code for Crown Prosecutors, the joint prosecution Guidance on Corporate Prosecutions and, where relevant, the Joint Prosecution Guidance of the Director of the SFO and the Director of Public Prosecutions on the Bribery Act 2010.
If on the evidence there is a realistic prospect of conviction, the SFO will prosecute if it is in the public interest to do so. The fact that a corporate body has reported itself will be a relevant consideration to the extent set out in the Guidance on Corporate Prosecutions. That Guidance explains that, for a self-report to be taken into consideration as a public interest factor tending against prosecution, it must form part of a "genuinely proactive approach adopted by the corporate management team when the offending is brought to their notice". Self-reporting is no guarantee that a prosecution will not follow. Each case will turn on its own facts.
In appropriate cases the SFO may use its powers under proceeds of crime legislation as an alternative (or in addition) to prosecution; see the Attorney General's guidance to prosecuting bodies on their asset recovery powers under the Proceeds of Crime Act 2002. If the SFO uses its powers under proceeds of crime legislation, it will publish its reasons, the details of the illegal conduct and the details of the disposal.
In cases where the SFO does not prosecute a self-reporting corporate body, the SFO reserves the right (i) to prosecute it for any unreported violations of the law; and (ii) lawfully to provide information on the reported violation to other bodies (such as foreign police forces).
The SFO's restatement of policy on corporate self reporting explains that, in determining whether or not to prosecute, the fact that a corporate body has reported itself will be a relevant consideration to the extent set out in the Guidance on Corporate Prosecutions.
Prosecutors will also be mindful that a failure to report the wrongdoing within a reasonable time of the offending coming to light is a public interest factor in favour of a prosecution. It should be borne in mind that the SFO may have information about wrongdoing from sources other than the corporate body's own self-report. The timing of any self-report is therefore very important. A failure to report properly and fully the true extent of the wrongdoing a further public interest factor in favour of a prosecution.
What is the procedure for self-reporting?
The following is an outline of the process to be adopted by corporate bodies and/or their advisers when self-reporting to the Serious Fraud Office.
Initial contact, and all subsequent communication must be made through the SFO's Intelligence Unit (email@example.com). The Intelligence Unit is the only business area within the SFO authorised to handle self-reports.
Hard copy reports setting out the nature and scope of any internal investigation must be provided to the SFO's Intelligence Unit as part of the self-reporting process.
All supporting evidence including, but not limited to emails, banking evidence, and witness accounts, must be provided to the SFO's Intelligence Unit as part of the self-reporting process.
Further supporting evidence may be provided during the course of any on-going internal investigation.
Will the SFO give advice on the content of a report?
Apart from the information provided above, the SFO will not advise companies or their advisers on the format required for self-reports. Nor will the SFO give any advice on the likely outcome of a self-report until the completion of that process.
What kind of bribery and corruption activity is the SFO interested in?
The SFO is the lead prosecution agency in England Wales and N.Ireland for investigating and prosecuting cases of domestic and overseas corruption. The main areas of interest are:
- Bribery - giving or receiving something of value to influence a transaction
- Illegal gratuity - giving or receiving something of value after a transaction is completed in acknowledgement of some influence over the transaction
- Extortion - demanding a sum of money (or goods) with a threat of harm (physical or business) if not met
- Conflict of interest - where an employee has an economic or personal interest in a transaction
- Kickback - a portion of the value of the contract demanded as a bribe by an official for securing the contract
- Corporate espionage - theft of trade secrets, theft of intellectual property, or copyright piracy
- Commission / Fee - used by a UK company or individual to obtain the services of an agent / agency for assistance in securing a commercial contract
Does the corporate client need legal/accountancy advice?
Direct contact can be made with the SFO by anyone wishing to report bribery, corruption or any serious fraud within the relevant organisation. However, the SFO will not provide legal advice on matters which could be very important in determining outcome. The consequences of self-reporting are not always obvious. Issues to consider might include:
- Level of exposure to third party civil actions
- Scope of disclosure and consequences of failure to identify all relevant activity
- Level of financial penalty and how this might be limited
- Costs and consequences of prosecution
- Employment rights
- Corporate solvency
- Exposure to the risk of restraint orders
- Satellite prosecution by other agencies
- To whom should you report? UK or US?
What will self-reporting cost?
An initial enquiry will cost nothing and at JMW we are often able to reach a certain stage for a low fixed fee. Our rates are very competitive and some aspects may be covered by insurance (such as directors and officers policies or legal expenses insurance). Legal Aid may be available to individuals in certain cases and we are franchised by the Legal Services Commision (LSC) to apply for public funding. We are also contracted by the LSC to defend in very high cost cases.
The costs of investigation, settlement, financial penalties, prosecution and indirect costs are very particular to each case but we provide regular reports on exposure to those factors throughout the case.
Corporate criminal liability: When is a self-report not a self-report?
On the 26th March 2014, Alun Milford (SFO General Counsel) summarised SFO policy in bribery and corruption investigations. In a speech to the Employed Bar Conference, he reminded corporations of their responsibilities in reporting bribery and corruption. He highlighted the Code for Crown Prosecutors and the factors taken into consideration when deciding whether or not to prosecute. He gave no assurances that a deferred Prosecution Agreement would necessarily follow from a self-report. It is not entirely within the SFO's power to offer a DPA.
He continued by reminding counsel that a self-report does not involve telling the SFO something they already know. He also made the distinction between reports from corporations admitting liability and corporations telling the SFO about wrongdoing committed by others, thereby denying any corporate liability. He did not regard the latter as a self-report.
Interestingly, the usefulness of detailed internal corporate investigations was called into question. The SFO made it clear that they would prefer to receive an early report, so that the terms of any internal investigation (if appropriate) may be properly defined. They clearly want to maintain greater control of the investigation rather than have it handed to them on a plate. This encouragement comes as a result of previous problems with admissibility through bad evidence gathering. A corporation may self-report by reference to a detailed internal investigation but the report is of little use if the SFO cannot use the material or if, for example, various witnesses have been tipped off by inadequate investigative methodology. Alun Milford underlined this by stating: "We just want accurate and complete first accounts of witnesses, and we do not understand why a truly cooperative company would deny us them�.
When devising the speech, the SFO will have been mindful of the need to work within their budget, notwithstanding the availability of 'blockbuster funding' for investigations such as Libor. However, they also recognise the need to ensure that self-reports and internal investigations have a certain quality and this will require a good level of intervention at an early stage to ensure that they can actually use the material they are presented with.
Corporations will therefore wish to obtain advice from their lawyers on how a balance may be struck. How much work needs to be done before a self-reporting decision is made? How much corporate liability might result? How much information needs to be presented to the SFO and what form should it take? Answering these questions could make the difference between no action and a complex prosecution.
Finally, insurance companies offering Directors and Officers management liability policies will be interested in the SFO's guidance. It will certainly have implications for the amount of work required under the policy when managing an internal investigation and the point at which a self-report is made will be critical to an insurance company's costs. Where liability is admitted, it could make the difference between a civil recovery order, a deferred prosecution agreement or prosecution.
The need to undertake self-reporting with care
In a recent article on the first UK Deferred Prosecution agreement (ICBC Standard Bank), attention was focused on the importance of the self-reporting of wrongdoing within the organisation. The SFO made it clear that they expect companies to seriously consider self-reporting as part of exploring enforcement options short of criminal prosecution. Two recent events underline the need to undertake the self-reporting exercise with care.
Brand-Rex Ltd has agreed with Scotland’s Civil Recovery Unit that it will pay £212,800 for falling foul of section 7 UK Bribery Act - Failure of a commercial organisation to prevent bribery. It is the first such agreement in the UK and emphasises the need to develop ‘adequate procedures’ to prevent bribery, especially where an organisation operates through agents and subsidiaries. Brand-Rex operated an incentive programme called “Brand Breaks”. Distributors and installers could earn rewards by exceeding sales targets, including holidays abroad. An installer allegedly gave holidays to an end-user employee with the intent of inducing him to select Brand-Rex products. Even though the installer was independent and the scheme itself was not unlawful, Brand-Rex failed to prevent the potential for bribery and thereby contravened section 7 of the Bribery Act 2010. The background is less important than the fact that settlement was reached following a self-report to the Scottish Crown Office and the Procurator Fiscal. This was under an arrangement whereby companies may avoid prosecution in Scotland following a self-report and it is interesting that the first example in Scotland was concluded in this way.
The second event comes from across the Atlantic, where the Deferred Prosecution Agreement has been part of the US Securities and Exchange Commission (SEC) and Department of Justice (DOJ) enforcement toolkit for years. Keenly aware of how self-reporting can abbreviate costly investigations, the US Securities and Exchange Commission (SEC) announced on 17th November 2015 that companies subject to the Foreign Corrupt Practices Act (FCPA) enforcement actions will need to self-report their potential misconduct to be eligible for deferred prosecution agreements (DPAs) and non-prosecution agreements (NPAs).
However, SEC Enforcement Director Andrew Ceresney has made it clear that self-reporting will not guarantee a DPA / NPA. Much will depend upon evaluating the factors set out in their Seaboard report. This includes factors such as cooperation with law enforcement authorities, remediation and self-policing. These factors were at the forefront of David Green’s mind when he commented upon the first UK Deferred Prosecution Agreement at the beginning of December 2015. As head of the UK Serious Fraud Office, he claims to have received a growing ‘portfolio’ of self-reports and time will tell whether we follow our American cousins in requiring a self-report before a DPA can be considered.
There is little doubt that corporations are being encouraged to review their practices and arrangements with agents and subsidiaries. Section 7 Bribery Act provides the SFO with a very tidy way in which wrongdoing can be identified and attributed to the organisation. Good quality self-reporting will therefore become more important over time and will ultimately underpin the negotiations. It could be the most important commercial decision a company makes and a self-report will not always be appropriate. Directors need to understand what they risk in not taking certain steps. The decision matrix is complex and the DPA arrangement is in its infancy in the UK. Sensible advice is essential in understanding what may result from putting a toe in the DPA water.
Partner and Head of Department
Business Crime, Regulation & Driving Offences