Regulatory Outlook | Anti-bribery, Corruption and Financial Crime | July 2019
Published on 17th Jul 2019
Current issues
SFO enforcement: direction of travel
The SFO has been under the directorship of Lisa Osofsky for nearly a year. She has a US law enforcement background, having previously worked for the FBI, and is intent on being a "new kind of Director".
This will inevitably see the adoption of US enforcement tactics. In public remarks, Ms. Osofsky has been clear that the SFO will rely more on international co-operation, covert intelligence and, in particular, "flipping" suspects to provide evidence against others in return for immunity.
Ms. Osofsky will be keen to show this commitment in action and reverse the trend of recent high-profile cases where prosecutions have failed.
Failure to prevent the facilitation of tax evasion
The second corporate failure to prevent offence, of failure to prevent the facilitation of tax evasion, has been in force since September 2017 and, like its predecessor under the Bribery Act, it does not have retrospective effect.
As a result, we are only now starting to see the first enforcement action: HMRC has a dedicated team in its Fraud Investigation Unit tasked with enforcing the new offence and the first investigations were announced in March 2019.
HMRC will want to demonstrate that the legislation has teeth, and we anticipate that prosecutions may be likely to follow in the next 12-18 months. As with the Bribery Act offence, a company will have to demonstrate that it had "reasonable procedures" in place to avoid conviction.
Brexit: effect on law enforcement
Much concern has been expressed as to the UK law enforcement and security relationship with the EU in the post-Brexit era. What is known is that EU-wide tools such as Europol and the European Arrest Warrant, that are heavily relied upon by UK law enforcement, will not survive. What is not known is what will replace them.
We anticipate that bilateral treaties will be entered into that will replicate much of the present system, but inevitably these may be less efficient and so may place UK enforcement agencies at a disadvantage.
In Focus | Regulatory powers and trends
Who are the regulators?
The main agencies regulating business crime are the following:
- Serious Fraud Office (SFO);
- City of London Police Economic Crime Unit (ECU);
- Her Majesty's Revenue and Customs (HMRC);
- The Financial Conduct Authority (FCA); and
- The Competition and Markets Authority (CMA).
Do they have powers to compel businesses to hand over documents?
Each agency listed above has the power to compel businesses to hand over documents, and if so must do so through prescribed written notices. The SFO's power, under section 2 of the Criminal Justice Act 1987, for example, renders it a criminal offence to fail to comply with a documents request. HMRC is able to compel the production of documents in relation to investigations for suspected tax-related criminal offences. In exercising its powers, the CMA must suspect a breach of competition law.
Do they conduct dawn raids?
All five agencies that regulate business crime conduct dawn raids.
- The SFO can conduct raids with or without notice, dependent on whether there is a risk that evidence may be destroyed. Any raid will be undertaken in conjunction with the police.
- FCA raids are also typically undertaken with the police, who will execute the warrant, accompanied by FCA staff.
- The CMA is able to conduct raids with or without a warrant, and is under no obligation to give advance notice if the occupier of the property is suspected of infringement. Where no infringement is suspected, two working days advance notice in writing is required.
Are they able to bring criminal prosecutions (and do they do so)?
Yes. Each of the authorities has the power to, and does regularly, bring prosecutions.
- The ECU is able to bring criminal prosecutions in relation to any type of financial crime.
- The SFO will limit its cases to the most serious and complex matters of fraud or bribery.
- HMRC's criminal investigations are dealt with by the Fraud Investigation Service, though ultimate decisions on prosecution rest with the Crown Prosecution Service (CPS).
- HMRC principally targets criminal tax evasion and is also the lead UK agency in relation to money laundering.
- The FCA can bring criminal prosecutions to tackle financial crime, including insider dealing, unauthorised business and money laundering.
- The CMA is the lead agency for "criminal cartel" offences.
Do they bring prosecutions against individuals?
Yes. Each agency frequently prosecutes individuals. Maximum penalties include imprisonment for up to 14 years in relation to money laundering and ten years in respect of offences of fraud and bribery. Individuals can also face fines, confiscation orders and disqualification from acting as company directors.
For the purposes of UK law, if an individual commits a crime in the course of working for a company, that company can also be prosecuted if the individual concerned is sufficiently senior to be viewed as representing the "controlling mind" of the company.
Is there a self-reporting / leniency regime?
The SFO has published guidance "Corporate self-reporting" which will be considered when determining whether or not to prosecute a company. The guidance makes it clear that self-reporting must form part of a genuinely proactive approach adopted by the corporate management team. Co-operation will be likely to include bearing the cost of an internal investigation under SFO guidance, waiving privilege and providing evidence with which to prosecute individuals.
In contrast to the US, there is no formal provision whereby a self-report will lead to a non-prosecution agreement. Since 2014, the UK has had a regime of Deferred Prosecution Agreements (DPA). These only apply to companies, not individuals. There have been four DPAs to date.
Other agencies have their own regimes. The CMA can deploy the statutory immunity provisions of the Enterprise Act 2002. This can afford full immunity to the party making the first report.
In its regulatory function, the FCA is able to offer reduced sanctions in return for early admission of liability.
Are there any plans to introduce new powers (or use existing powers differently)?
An on-going debate exists around extending the corporate offence of failure to prevent bribery and failure to prevent the facilitation of tax evasion, to all forms of economic crime.
The corporate offence is, in effect, a strict liability offence, which will arise unless the commercial organisation concerned can show that it had adequate or reasonable procedures in place to prevent the bribery or tax evasion.
The SFO, in particular, is keen for this offence to be extended to cover underlying crimes such as fraud, false accounting and money laundering.
We anticipate that the extended offence will be enacted, although the timescale for this is unclear and will depend on the availability of parliamentary time, which may largely be taken up with Brexit in the coming months.
Although there has been discussion around a possible wider reform of corporate criminal liability, which would remove the need to establish the "controlling mind" test, this, at the present time, appears unlikely.
Are there any areas of new technology that are a particular focus of regulatory attention?
One particular area of focus for the SFO is the use of cryptocurrency in relation to money laundering and organised crime. This is because cryptocurrency can be difficult or impossible to track in the way that traditional currency can be tracked.
How has digital transformation affected the regulators' own behaviours?
Artificial intelligence (AI) / machine-learning (ML) is now being employed by law enforcement agencies to assist with undertaking large data-heavy investigations. AI/ML enables the software to increase its ability to detect relevant material as the electronic search progresses, thus avoiding the significant time and cost of that exercise being conducted by people.
The most high-profile example of this to date is the SFO's investigation into Rolls-Royce plc. That investigation led to a DPA, which saw the company pay a total sanction of some £500m, although no individuals were subsequently prosecuted.
In public comments, the SFO has been clear as to the value of AI/ML in this case, and the use of these technologies will undoubtedly be an increasingly common feature of criminal investigation in the future.